[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Thu, 21 Sep 2023 13:12:45 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
df85e09a by security tracker role at 2023-09-21T20:12:14+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,71 @@
+CVE-2023-5104 (Improper Input Validation in GitHub repository nocodb/nocodb 
prior to  ...)
+       TODO: check
+CVE-2023-4753 (OpenHarmony v3.2.1 and prior version has a liteos-a kernel may 
crash c ...)
+       TODO: check
+CVE-2023-43637 (Due to the implementation of "deriveVaultKey", prior to 
version 7.10,  ...)
+       TODO: check
+CVE-2023-43634 (When sealing/unsealing the \u201cvault\u201d key, a list of 
PCRs is us ...)
+       TODO: check
+CVE-2023-43633 (On boot, the Pillar eve container checks for the existence and 
content ...)
+       TODO: check
+CVE-2023-43632 (As noted in the \u201cVTPM.md\u201d file in the eve 
documentation, \u2 ...)
+       TODO: check
+CVE-2023-43631 (On boot, the Pillar eve container checks for the existence and 
content ...)
+       TODO: check
+CVE-2023-43309 (There is a stored cross-site scripting (XSS) vulnerability in 
Webmin 2 ...)
+       TODO: check
+CVE-2023-43274 (Phpjabbers PHP Shopping Cart 4.2 is vulnerable to SQL 
Injection via th ...)
+       TODO: check
+CVE-2023-43242 (D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack 
overflo ...)
+       TODO: check
+CVE-2023-43241 (D-Link DIR-823G v1.0.2B05 was discovered to contain a stack 
overflow v ...)
+       TODO: check
+CVE-2023-43240 (D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack 
overflo ...)
+       TODO: check
+CVE-2023-43239 (D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack 
overflo ...)
+       TODO: check
+CVE-2023-43238 (D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack 
overflo ...)
+       TODO: check
+CVE-2023-43237 (D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack 
overflo ...)
+       TODO: check
+CVE-2023-43236 (D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack 
overflo ...)
+       TODO: check
+CVE-2023-43235 (D-Link DIR-823G v1.0.2B05 was discovered to contain a stack 
overflow v ...)
+       TODO: check
+CVE-2023-42810 (systeminformation is a System Information Library for Node.JS. 
Version ...)
+       TODO: check
+CVE-2023-42807 (Frappe LMS is an open source learning management system. In 
versions 1 ...)
+       TODO: check
+CVE-2023-42806 (Hydra is the layer-two scalability solution for Cardano. Prior 
to vers ...)
+       TODO: check
+CVE-2023-42805 (quinn-proto is a state machine for the QUIC transport 
protocol. Prior  ...)
+       TODO: check
+CVE-2023-42482 (Samsung Mobile Processor Exynos 2200 allows a GPU Use After 
Free.)
+       TODO: check
+CVE-2023-42458 (Zope is an open-source web application server. Prior to 
versions 4.8.1 ...)
+       TODO: check
+CVE-2023-42457 (plone.rest allows users to use HTTP verbs such as GET, POST, 
PUT, DELE ...)
+       TODO: check
+CVE-2023-42456 (Sudo-rs, a memory safe implementation of sudo and su, allows 
users to  ...)
+       TODO: check
+CVE-2023-42280 (mee-admin 1.5 is vulnerable to Directory Traversal. The 
download metho ...)
+       TODO: check
+CVE-2023-42279 (Dreamer CMS 4.1.3 is vulnerable to SQL Injection.)
+       TODO: check
+CVE-2023-41993 (The issue was addressed with improved checks. This issue is 
fixed in S ...)
+       TODO: check
+CVE-2023-41992 (The issue was addressed with improved checks. This issue is 
fixed in i ...)
+       TODO: check
+CVE-2023-41991 (A certificate validation issue was addressed. This issue is 
fixed in i ...)
+       TODO: check
+CVE-2023-41048 (plone.namedfile allows users to handle `File` and `Image` 
fields targe ...)
+       TODO: check
+CVE-2023-40183 (DataEase is an open source data visualization and analysis 
tool. Prior ...)
+       TODO: check
+CVE-2023-34577 (SQL injection vulnerability in Prestashop opartplannedpopup 
1.4.11 and ...)
+       TODO: check
+CVE-2023-34576 (SQL injection vulnerability in updatepos.php in PrestaShop 
opartfaq th ...)
+       TODO: check
 CVE-2023-4760 (In Eclipse RAP versions from 3.0.0 up to and including 3.25.0, 
Remote  ...)
        TODO: check
 CVE-2023-4292 (Frauscher Sensortechnik GmbH FDS101 for FAdC/FAdCi v1.4.24 and 
all pre ...)
@@ -199778,6 +199846,7 @@ CVE-2020-35360
 CVE-2020-35359 (Pure-FTPd 1.0.48 allows remote attackers to prevent legitimate 
server  ...)
        NOTE: Bogus issue, can be configured using MaxClientsPerIP in 
pure-ftpd.conf configuration file
 CVE-2020-35357 (A buffer overflow can occur when calculating the quantile 
value using  ...)
+       {DLA-3576-1}
        - gsl <unfixed>
        [bookworm] - gsl <no-dsa> (Minor issue)
        [bullseye] - gsl <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df85e09afb493474d0ac70262b8d74b37b6623e8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df85e09afb493474d0ac70262b8d74b37b6623e8
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to