Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7f0846a9 by security tracker role at 2023-09-26T20:12:34+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,71 @@
+CVE-2023-5197 (A use-after-free vulnerability in the Linux kernel's netfilter:
nf_tab ...)
+ TODO: check
+CVE-2023-5157 (A vulnerability was found in MariaDB. An OpenVAS port scan on
ports 33 ...)
+ TODO: check
+CVE-2023-4264 (Potential buffer overflow vulnerabilities n the Zephyr
Bluetooth subsy ...)
+ TODO: check
+CVE-2023-4262 (Possible buffer overflow in Zephyr mgmt subsystem when asserts
are dis ...)
+ TODO: check
+CVE-2023-4260 (Potential off-by-one buffer overflow vulnerability in the
Zephyr fuse ...)
+ TODO: check
+CVE-2023-4065 (A flaw was found in Red Hat AMQ Broker Operator, where it
displayed a ...)
+ TODO: check
+CVE-2023-44172 (SeaCMS V12.9 was discovered to contain an arbitrary file write
vulnera ...)
+ TODO: check
+CVE-2023-44171 (SeaCMS V12.9 was discovered to contain an arbitrary file write
vulnera ...)
+ TODO: check
+CVE-2023-44170 (SeaCMS V12.9 was discovered to contain an arbitrary file write
vulnera ...)
+ TODO: check
+CVE-2023-44169 (SeaCMS V12.9 was discovered to contain an arbitrary file write
vulnera ...)
+ TODO: check
+CVE-2023-43857 (Dreamer CMS v4.1.3 was discovered to contain a stored
cross-site scrip ...)
+ TODO: check
+CVE-2023-43856 (Dreamer CMS v4.1.3 was discovered to contain an arbitrary file
read vu ...)
+ TODO: check
+CVE-2023-43775 (Denial-of-service vulnerability in the web server of the Eaton
SMP SG- ...)
+ TODO: check
+CVE-2023-43646 (get-func-name is a module to retrieve a function's name
securely and c ...)
+ TODO: check
+CVE-2023-43614 (Cross-site scripting vulnerability in Order Data Edit page of
Welcart ...)
+ TODO: check
+CVE-2023-43610 (SQL injection vulnerability in Order Data Edit page of Welcart
e-Comme ...)
+ TODO: check
+CVE-2023-43493 (SQL injection vulnerability in Item List page of Welcart
e-Commerce ve ...)
+ TODO: check
+CVE-2023-43484 (Cross-site scripting vulnerability in Item List page of
Welcart e-Comm ...)
+ TODO: check
+CVE-2023-43234 (DedeBIZ v6.2.11 was discovered to contain multiple remote code
executi ...)
+ TODO: check
+CVE-2023-43222 (SeaCMS v12.8 has an arbitrary code writing vulnerability in
the /jxz7g ...)
+ TODO: check
+CVE-2023-43216 (SeaCMS V12.9 was discovered to contain an arbitrary file write
vulnera ...)
+ TODO: check
+CVE-2023-42460 (Vyper is a Pythonic Smart Contract Language for the EVM. The
`_abi_dec ...)
+ TODO: check
+CVE-2023-41962 (Cross-site scripting vulnerability in Credit Card Payment
Setup page o ...)
+ TODO: check
+CVE-2023-41904 (Zoho ManageEngine ADManager Plus before 7203 allows 2FA bypass
(for Au ...)
+ TODO: check
+CVE-2023-41233 (Cross-site scripting vulnerability in Item List page
registration proc ...)
+ TODO: check
+CVE-2023-40532 (Path traversal vulnerability in Welcart e-Commerce versions
2.7 to 2.8 ...)
+ TODO: check
+CVE-2023-40219 (Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with
editor or ...)
+ TODO: check
+CVE-2023-39378 (SiberianCMS - CWE-89: Improper Neutralization of Special
Elements used ...)
+ TODO: check
+CVE-2023-39377 (SiberianCMS - CWE-434: Unrestricted Upload of File with
Dangerous Type ...)
+ TODO: check
+CVE-2023-39376 (SiberianCMS - CWE-284 Improper Access Control Authorized user
may disa ...)
+ TODO: check
+CVE-2023-39375 (SiberianCMS - CWE-274: Improper Handling of Insufficient
Privileges)
+ TODO: check
+CVE-2023-39347 (Cilium is a networking, observability, and security solution
with an e ...)
+ TODO: check
+CVE-2023-34043 (VMware Aria Operations contains a local privilege escalation
vulnerabi ...)
+ TODO: check
+CVE-2023-32541 (A use-after-free vulnerability exists in the footerr
functionality of ...)
+ TODO: check
CVE-2023-5176
- firefox <unfixed>
- firefox-esr <unfixed>
@@ -2338,7 +2406,7 @@ CVE-2023-32162 (Wacom Drivers for Windows Incorrect
Permission Assignment Local
NOT-FOR-US: Wacom
CVE-2023-29166 (A logic issue was addressed with improved state management.
This issue ...)
NOT-FOR-US: Apple
-CVE-2023-36851
+CVE-2023-36851 (A Missing Authentication for Critical Function vulnerability
in Junipe ...)
NOT-FOR-US: Juniper
CVE-2023-4781 (Heap-based Buffer Overflow in GitHub repository vim/vim prior
to 9.0.1 ...)
- vim 2:9.0.1894-1
@@ -18350,12 +18418,12 @@ CVE-2023-30963 (A security defect was discovered in
Foundry Frontend which enabl
NOT-FOR-US: Palantir
CVE-2023-30962 (The Gotham Cerberus service was found to have a stored
cross-site scri ...)
NOT-FOR-US: Gotham Cerberus
-CVE-2023-30961
- RESERVED
+CVE-2023-30961 (Palantir Gotham was found to be vulnerable to a bug where
under certai ...)
+ TODO: check
CVE-2023-30960 (A security defect was discovered in Foundry job-tracker that
enabled u ...)
NOT-FOR-US: Palantir
-CVE-2023-30959
- RESERVED
+CVE-2023-30959 (In Apollo change requests, comments added by users could
contain a ja ...)
+ TODO: check
CVE-2023-30958 (A security defect was identified in Foundry Frontend that
enabled user ...)
NOT-FOR-US: Palantir
CVE-2023-30957
@@ -27748,8 +27816,8 @@ CVE-2023-28057
RESERVED
CVE-2023-28056 (Dell BIOS contains an improper input validation vulnerability.
A local ...)
NOT-FOR-US: Dell
-CVE-2023-28055
- RESERVED
+CVE-2023-28055 (Dell NetWorker, Version 19.7 has an improper authorization
vulnerabili ...)
+ TODO: check
CVE-2023-28054 (Dell BIOS contains an improper input validation vulnerability.
A local ...)
NOT-FOR-US: Dell
CVE-2023-28053
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f0846a9a73cf0159644c76641f2e472b1d8ab5e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f0846a9a73cf0159644c76641f2e472b1d8ab5e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
