Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6a1878f0 by security tracker role at 2023-09-20T08:12:21+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,39 @@
+CVE-2023-5063 (The Widget Responsive for Youtube plugin for WordPress is
vulnerable t ...)
+ TODO: check
+CVE-2023-5062 (The WordPress Charts plugin for WordPress is vulnerable to
Stored Cros ...)
+ TODO: check
+CVE-2023-4088 (Incorrect Default Permissions vulnerability due to incomplete
fix to a ...)
+ TODO: check
+CVE-2023-43621 (An issue was discovered in Croc through 9.6.5. The shared
secret, loca ...)
+ TODO: check
+CVE-2023-43620 (An issue was discovered in Croc through 9.6.5. A sender may
place ANSI ...)
+ TODO: check
+CVE-2023-43619 (An issue was discovered in Croc through 9.6.5. A sender may
send dange ...)
+ TODO: check
+CVE-2023-43618 (An issue was discovered in Croc through 9.6.5. The protocol
requires a ...)
+ TODO: check
+CVE-2023-43617 (An issue was discovered in Croc through 9.6.5. When a custom
shared se ...)
+ TODO: check
+CVE-2023-43616 (An issue was discovered in Croc through 9.6.5. A sender can
cause a re ...)
+ TODO: check
+CVE-2023-40934 (A SQL injection vulnerability in Nagios XI 5.11.1 and below
allows aut ...)
+ TODO: check
+CVE-2023-40933 (A SQL injection vulnerability in Nagios XI v5.11.1 and below
allows au ...)
+ TODO: check
+CVE-2023-40932 (A Cross-site scripting (XSS) vulnerability in Nagios XI
version 5.11.1 ...)
+ TODO: check
+CVE-2023-40931 (A SQL injection vulnerability in Nagios XI from version 5.11.0
up to a ...)
+ TODO: check
+CVE-2023-39575 (A reflected cross-site scripting (XSS) vulnerability in the
url_str UR ...)
+ TODO: check
+CVE-2023-38888 (Cross Site Scripting vulnerability in Dolibarr ERP CRM
v.17.0.1 and be ...)
+ TODO: check
+CVE-2023-38887 (File Upload vulnerability in Dolibarr ERP CRM v.17.0.1 and
before allo ...)
+ TODO: check
+CVE-2023-38886 (An issue in Dolibarr ERP CRM v.17.0.1 and before allows a
remote privi ...)
+ TODO: check
+CVE-2023-36319 (File Upload vulnerability in Openupload Stable v.0.4.3 allows
a remote ...)
+ TODO: check
CVE-2023-4376 (The Serial Codes Generator and Validator with WooCommerce
Support Word ...)
NOT-FOR-US: WordPress plugin
CVE-2023-4096 (Weak password recovery mechanism vulnerability in Fujitsu
Arconte \xc1 ...)
@@ -17525,22 +17561,22 @@ CVE-2023-31017
RESERVED
CVE-2023-31016
RESERVED
-CVE-2023-31015
- RESERVED
-CVE-2023-31014
- RESERVED
-CVE-2023-31013
- RESERVED
-CVE-2023-31012
- RESERVED
-CVE-2023-31011
- RESERVED
-CVE-2023-31010
- RESERVED
-CVE-2023-31009
- RESERVED
-CVE-2023-31008
- RESERVED
+CVE-2023-31015 (NVIDIA DGX H100 BMC contains a vulnerability in the REST
service where ...)
+ TODO: check
+CVE-2023-31014 (NVIDIA GeForce Now for Android contains a vulnerability in the
game la ...)
+ TODO: check
+CVE-2023-31013 (NVIDIA DGX H100 BMC contains a vulnerability in the REST
service, wher ...)
+ TODO: check
+CVE-2023-31012 (NVIDIA DGX H100 BMC contains a vulnerability in the REST
service where ...)
+ TODO: check
+CVE-2023-31011 (NVIDIA DGX H100 BMC contains a vulnerability in the REST
service where ...)
+ TODO: check
+CVE-2023-31010 (NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an
attacke ...)
+ TODO: check
+CVE-2023-31009 (NVIDIA DGX H100 BMC contains a vulnerability in the REST
service, wher ...)
+ TODO: check
+CVE-2023-31008 (NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an
attacke ...)
+ TODO: check
CVE-2023-31007 (Improper Authentication vulnerability in Apache Software
Foundation Ap ...)
NOT-FOR-US: Apache Pulsar
CVE-2023-31006
@@ -18166,8 +18202,7 @@ CVE-2023-2165
RESERVED
CVE-2023-2164 (An issue has been discovered in GitLab affecting all versions
starting ...)
- gitlab <unfixed>
-CVE-2023-2163 [bpf: Fix incorrect verifier pruning due to missing register
precision taints]
- RESERVED
+CVE-2023-2163 (Incorrect verifier pruningin BPF in Linux Kernel>=5.4leads to
unsafe c ...)
- linux 6.1.27-1
[bullseye] - linux 5.10.179-1
[buster] - linux <not-affected> (Vulnerable code not present)
@@ -32400,8 +32435,8 @@ CVE-2023-26146
RESERVED
CVE-2023-26145
RESERVED
-CVE-2023-26144
- RESERVED
+CVE-2023-26144 (Versions of the package graphql from 16.3.0 and before 16.8.1
are vuln ...)
+ TODO: check
CVE-2023-26143 (Versions of the package blamer before 1.0.4 are vulnerable to
Arbitrar ...)
TODO: check
CVE-2023-26142 (All versions of the package crow are vulnerable to HTTP
Response Split ...)
@@ -34637,26 +34672,26 @@ CVE-2023-XXXX [RUSTSEC-2023-0005]
[bullseye] - rust-tokio <not-affected> (Vulnerable code not present)
NOTE: https://rustsec.org/advisories/RUSTSEC-2023-0005.html
NOTE: https://github.com/tokio-rs/tokio/issues/5372
-CVE-2023-25534
- RESERVED
-CVE-2023-25533
- RESERVED
-CVE-2023-25532
- RESERVED
-CVE-2023-25531
- RESERVED
-CVE-2023-25530
- RESERVED
-CVE-2023-25529
- RESERVED
-CVE-2023-25528
- RESERVED
-CVE-2023-25527
- RESERVED
-CVE-2023-25526
- RESERVED
-CVE-2023-25525
- RESERVED
+CVE-2023-25534 (NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an
attacke ...)
+ TODO: check
+CVE-2023-25533 (NVIDIA DGX H100 BMC contains a vulnerability in the web UI,
where an a ...)
+ TODO: check
+CVE-2023-25532 (NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an
attacke ...)
+ TODO: check
+CVE-2023-25531 (NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an
attacke ...)
+ TODO: check
+CVE-2023-25530 (NVIDIA DGX H100 BMC contains a vulnerability in the KVM
service, where ...)
+ TODO: check
+CVE-2023-25529 (NVIDIA DGX H100 BMC contains a vulnerability in the host KVM
daemon, w ...)
+ TODO: check
+CVE-2023-25528 (NVIDIA DGX H100 baseboard management controller (BMC) contains
a vulne ...)
+ TODO: check
+CVE-2023-25527 (NVIDIA DGX H100 BMC contains a vulnerability in the host KVM
daemon, w ...)
+ TODO: check
+CVE-2023-25526 (NVIDIA Cumulus Linux contains a vulnerability in neighmgrd and
nlmanag ...)
+ TODO: check
+CVE-2023-25525 (NVIDIA Cumulus Linux contains a vulnerability in forwarding
where a Vx ...)
+ TODO: check
CVE-2023-25524 (NVIDIA Omniverse Workstation Launcher for Windows and Linux
contains a ...)
NOT-FOR-US: NVIDIA
CVE-2023-25523 (NVIDIA CUDA toolkit for Linux and Windows contains a
vulnerability in ...)
@@ -46797,12 +46832,12 @@ CVE-2022-47564
RESERVED
CVE-2022-47563
RESERVED
-CVE-2022-47562
- RESERVED
-CVE-2022-47561
- RESERVED
-CVE-2022-47560
- RESERVED
+CVE-2022-47562 (Vulnerability in the RCPbind service running on UDP port
(111), allowi ...)
+ TODO: check
+CVE-2022-47561 (The web application stores credentials in clear text in the
"admin.xml ...)
+ TODO: check
+CVE-2022-47560 (The lack of web request control on ekorCCP and ekorRCI devices
allows ...)
+ TODO: check
CVE-2022-47559 (Lack of device control over web requests in ekorCCP and
ekorRCI, allow ...)
TODO: check
CVE-2022-47558 (Devices ekorCCP and ekorRCI are vulnerable due to access to
the FTP se ...)
@@ -219242,8 +219277,8 @@ CVE-2020-24091
RESERVED
CVE-2020-24090
RESERVED
-CVE-2020-24089
- RESERVED
+CVE-2020-24089 (An issue was discovered in ImfHpRegFilter.sys in IOBit Malware
Fighter ...)
+ TODO: check
CVE-2020-24088 (An issue was discovered in MmMapIoSpace routine in Foxconn
Live Update ...)
NOT-FOR-US: Foxconn
CVE-2020-24087
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a1878f0cfdaf9e0741d067d02848cfc90e34724
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a1878f0cfdaf9e0741d067d02848cfc90e34724
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
