[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Wed, 27 Sep 2023 13:13:08 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
3df0b338 by security tracker role at 2023-09-27T20:12:42+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,139 @@
+CVE-2023-5223 (A vulnerability, which was classified as critical, has been 
found in H ...)
+       TODO: check
+CVE-2023-5222 (A vulnerability classified as critical was found in Viessmann 
Vitogate ...)
+       TODO: check
+CVE-2023-5221 (A vulnerability classified as critical has been found in ForU 
CMS. Thi ...)
+       TODO: check
+CVE-2023-5184 (Two potential signed to unsigned conversion errors and buffer 
overflow ...)
+       TODO: check
+CVE-2023-4523 (Real Time Automation 460 Series products with versions prior to 
v8.9.8 ...)
+       TODO: check
+CVE-2023-4129 (Dell Data Protection Central, version 19.9, contains an 
Inadequate Enc ...)
+       TODO: check
+CVE-2023-4003 (One Identity Password Manager version 5.9.7.1 -An 
unauthenticated atta ...)
+       TODO: check
+CVE-2023-44207 (Stored cross-site scripting (XSS) vulnerability in protection 
plan nam ...)
+       TODO: check
+CVE-2023-44206 (Sensitive information disclosure and manipulation due to 
improper auth ...)
+       TODO: check
+CVE-2023-44205 (Sensitive information disclosure due to improper 
authorization. The fo ...)
+       TODO: check
+CVE-2023-44161 (Sensitive information manipulation due to cross-site request 
forgery.  ...)
+       TODO: check
+CVE-2023-44160 (Sensitive information manipulation due to cross-site request 
forgery.  ...)
+       TODO: check
+CVE-2023-44159 (Sensitive information disclosure due to cleartext storage of 
sensitive ...)
+       TODO: check
+CVE-2023-44158 (Sensitive information disclosure due to insufficient token 
field maski ...)
+       TODO: check
+CVE-2023-44157 (Local privilege escalation due to insecure folder permissions. 
The fol ...)
+       TODO: check
+CVE-2023-44156 (Sensitive information disclosure due to spell-jacking. The 
following p ...)
+       TODO: check
+CVE-2023-44155 (Sensitive information leak through log files. The following 
products a ...)
+       TODO: check
+CVE-2023-44154 (Sensitive information disclosure and manipulation due to 
improper auth ...)
+       TODO: check
+CVE-2023-44153 (Sensitive information disclosure due to cleartext storage of 
sensitive ...)
+       TODO: check
+CVE-2023-44152 (Sensitive information disclosure and manipulation due to 
improper auth ...)
+       TODO: check
+CVE-2023-44129 (The vulnerability is that the Messaging ("com.android.mms") 
app patche ...)
+       TODO: check
+CVE-2023-44128 (he vulnerability is to delete arbitrary files in 
LGInstallService ("co ...)
+       TODO: check
+CVE-2023-44127 (he vulnerability is that the Call management 
("com.android.server.tele ...)
+       TODO: check
+CVE-2023-44126 (The vulnerability is that the Call management 
("com.android.server.tel ...)
+       TODO: check
+CVE-2023-44125 (The vulnerability is the use of implicit PendingIntents 
without the Pe ...)
+       TODO: check
+CVE-2023-44124 (The vulnerability is to theft of arbitrary files with system 
privilege ...)
+       TODO: check
+CVE-2023-44123 (The vulnerability is the use of implicit PendingIntents with 
the Pendi ...)
+       TODO: check
+CVE-2023-44122 (The vulnerability is to theft of arbitrary files with system 
privilege ...)
+       TODO: check
+CVE-2023-44121 (The vulnerability is an intent redirection in LG ThinQ Service 
("com.l ...)
+       TODO: check
+CVE-2023-44048 (Sourcecodester Expense Tracker App v1 is vulnerable to Cross 
Site Scri ...)
+       TODO: check
+CVE-2023-44047 (Sourcecodester Toll Tax Management System v1 is vulnerable to 
SQL Inje ...)
+       TODO: check
+CVE-2023-44023 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was 
discover ...)
+       TODO: check
+CVE-2023-44022 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was 
discover ...)
+       TODO: check
+CVE-2023-44021 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was 
discover ...)
+       TODO: check
+CVE-2023-44020 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was 
discover ...)
+       TODO: check
+CVE-2023-44019 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was 
discover ...)
+       TODO: check
+CVE-2023-44018 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was 
discover ...)
+       TODO: check
+CVE-2023-44017 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was 
discover ...)
+       TODO: check
+CVE-2023-44016 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was 
discover ...)
+       TODO: check
+CVE-2023-44015 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was 
discover ...)
+       TODO: check
+CVE-2023-44014 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was 
discover ...)
+       TODO: check
+CVE-2023-44013 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was 
discover ...)
+       TODO: check
+CVE-2023-43830 (A Cross-site scripting (XSS) vulnerability in 
/panel/configuration/fin ...)
+       TODO: check
+CVE-2023-43828 (A Cross-site scripting (XSS) vulnerability in 
/panel/languages/ of Sub ...)
+       TODO: check
+CVE-2023-43652 (JumpServer is an open source bastion host. As an 
unauthenticated user, ...)
+       TODO: check
+CVE-2023-43650 (JumpServer is an open source bastion host. The verification 
code for r ...)
+       TODO: check
+CVE-2023-43125 (BIG-IP APM clients may send IP traffic outside of the VPN 
tunnel. Note ...)
+       TODO: check
+CVE-2023-43124 (BIG-IP APM clients may send IP traffic outside of the VPN 
tunnel.Note: ...)
+       TODO: check
+CVE-2023-42822 (xrdp is an open source remote desktop protocol server. Access 
to the f ...)
+       TODO: check
+CVE-2023-42657 (In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a 
directory traver ...)
+       TODO: check
+CVE-2023-42487 (Soundminer \u2013 CWE-22: Improper Limitation of a Pathname to 
a Restr ...)
+       TODO: check
+CVE-2023-42486 (Fortect - CWE-428: Unquoted Search Path or Element, may be 
used by loc ...)
+       TODO: check
+CVE-2023-41653 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Beplus S ...)
+       TODO: check
+CVE-2023-41242 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Hass ...)
+       TODO: check
+CVE-2023-41241 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Sure ...)
+       TODO: check
+CVE-2023-41238 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Ultimate ...)
+       TODO: check
+CVE-2023-41237 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Everest  ...)
+       TODO: check
+CVE-2023-41236 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Happy ad ...)
+       TODO: check
+CVE-2023-41235 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Everest  ...)
+       TODO: check
+CVE-2023-40333 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Qode Int ...)
+       TODO: check
+CVE-2023-40049 (In WS_FTP Server version prior to 8.8.2,   an unauthenticated 
user cou ...)
+       TODO: check
+CVE-2023-40048 (In WS_FTP Server version prior to 8.8.2,   the WS_FTP Server 
Manager i ...)
+       TODO: check
+CVE-2023-40047 (In WS_FTP Server version prior to 8.8.2,a stored cross-site 
scripting  ...)
+       TODO: check
+CVE-2023-40046 (In WS_FTP Server versions prior to 8.7.4 and 8.8.2,   a SQL 
injection  ...)
+       TODO: check
+CVE-2023-40045 (In WS_FTP Server versions prior to 8.7.4 and 8.8.2,   a 
reflected cros ...)
+       TODO: check
+CVE-2023-40044 (In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a 
pre-authenticate ...)
+       TODO: check
+CVE-2023-33972 (Scylladb is a NoSQL data store using the seastar framework, 
compatible ...)
+       TODO: check
+CVE-2023-32458 (Dell AppSync, versions 4.4.0.0 to 4.6.0.0 including Service 
Pack relea ...)
+       TODO: check
 CVE-2023-XXXX [code execution via malformed XTGETTCAP]
        - foot 1.15.3-2 (bug #1053115)
        [bookworm] - foot <no-dsa> (Minor issue)
@@ -5,7 +141,7 @@ CVE-2023-XXXX [code execution via malformed XTGETTCAP]
        NOTE: 
https://codeberg.org/dnkl/foot/commit/8a5f2915e9d327d1517d1da49ce7e2303fe61d36
 CVE-2023-5183 (Unsafe deserialization of untrusted JSON allows execution of 
arbitrary ...)
        NOT-FOR-US: Illumio
-CVE-2023-4934 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
+CVE-2023-4934 (Authorization Bypass Through User-Controlled Key vulnerability 
in Usta ...)
        NOT-FOR-US: Usta" AYBS
 CVE-2023-4737 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
        NOT-FOR-US: Hedef Tracking Admin Panel
@@ -351,39 +487,39 @@ CVE-2023-34043 (VMware Aria Operations contains a local 
privilege escalation vul
        NOT-FOR-US: VMware
 CVE-2023-32541 (A use-after-free vulnerability exists in the footerr 
functionality of  ...)
        NOT-FOR-US: Hancom Office 2020 HWord
-CVE-2023-5176
+CVE-2023-5176 (Memory safety bugs present in Firefox 117, Firefox ESR 115.2, 
and Thun ...)
        - firefox 118.0-1
        - firefox-esr 115.3.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/#CVE-2023-5176
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-42/#CVE-2023-5176
-CVE-2023-5175
+CVE-2023-5175 (During process shutdown, it was possible that an `ImageBitmap` 
was cre ...)
        - firefox 118.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/#CVE-2023-5175
-CVE-2023-5174
+CVE-2023-5174 (If Windows failed to duplicate a handle during process 
creation, the s ...)
        - firefox <not-affected> (Only affects Firefox on Windows)
        - firefox-esr <not-affected> (Only affects Firefox ESR on Windows)
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/#CVE-2023-5174
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-42/#CVE-2023-5174
-CVE-2023-5173
+CVE-2023-5173 (In a non-standard configuration of Firefox, an integer overflow 
could  ...)
        - firefox 118.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/#CVE-2023-5173
-CVE-2023-5172
+CVE-2023-5172 (A hashtable  in the Ion Engine could have been mutated while 
there was ...)
        - firefox 118.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/#CVE-2023-5172
-CVE-2023-5171
+CVE-2023-5171 (During Ion compilation, a Garbage Collection could have 
resulted in a  ...)
        - firefox 118.0-1
        - firefox-esr 115.3.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/#CVE-2023-5171
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-42/#CVE-2023-5171
-CVE-2023-5170
+CVE-2023-5170 (In canvas rendering, a compromised content process could have 
caused a ...)
        - firefox 118.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/#CVE-2023-5170
-CVE-2023-5169
+CVE-2023-5169 (A compromised content process could have provided malicious 
data in a  ...)
        - firefox 118.0-1
        - firefox-esr 115.3.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/#CVE-2023-5169
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-42/#CVE-2023-5169
-CVE-2023-5168
+CVE-2023-5168 (A compromised content process could have provided malicious 
data to `F ...)
        - firefox 118.0-1
        - firefox-esr 115.3.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/#CVE-2023-5168
@@ -2049,7 +2185,7 @@ CVE-2023-4900 (Inappropriate implementation in Custom 
Tabs in Google Chrome on A
        {DSA-5499-1}
        - chromium 117.0.5938.62-1
        [buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-4863 (Heap buffer overflow in WebP in Google Chrome prior to 
116.0.5845.187  ...)
+CVE-2023-4863 (Heap buffer overflow in libwebp in Google Chrome prior to 
116.0.5845.1 ...)
        {DSA-5497-2 DSA-5498-1 DSA-5497-1 DSA-5496-1 DLA-3570-1 DLA-3569-1 
DLA-3568-1}
        - chromium 117.0.5938.62-1 (unimportant)
        [buster] - chromium <end-of-life> (see DSA 5046)
@@ -6559,7 +6695,7 @@ CVE-2023-33934 (Improper Input Validation vulnerability 
in Apache Software Found
        NOTE: https://lists.apache.org/thread/jsl6dfdgs1mjjo1mbtyflyjr7xftswhc
 CVE-2023-2905 (Due to a failure in validating the length of a provided 
MQTT_CMD_PUBLI ...)
        NOT-FOR-US: Cesanta Mongoose
-CVE-2023-3223
+CVE-2023-3223 (A flaw was found in undertow. Servlets annotated with 
@MultipartConfig ...)
        - undertow <unfixed>
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2209689
 CVE-2023-4219 (A vulnerability was found in SourceCodester Doctors Appointment 
System ...)
@@ -20487,8 +20623,8 @@ CVE-2023-30495
        RESERVED
 CVE-2023-30494 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
ImageRec ...)
        NOT-FOR-US: WordPress plugin
-CVE-2023-30493
-       RESERVED
+CVE-2023-30493 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Themefic ...)
+       TODO: check
 CVE-2023-30492
        RESERVED
 CVE-2023-30491 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
CodeBard ...)
@@ -20529,8 +20665,8 @@ CVE-2023-30474 (Cross-Site Request Forgery (CSRF) 
vulnerability in Kilian Evang
        NOT-FOR-US: Kilian Evang Ultimate Noindex Nofollow
 CVE-2023-30473 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Maxim Gl ...)
        NOT-FOR-US: WordPress Plugin
-CVE-2023-30472
-       RESERVED
+CVE-2023-30472 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
MyThemeS ...)
+       TODO: check
 CVE-2023-30471 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Cornel R ...)
        TODO: check
 CVE-2023-30470 (A use-after-free related to unsound inference in the bytecode 
generati ...)
@@ -34610,8 +34746,8 @@ CVE-2023-0834 (Incorrect Permission Assignment for 
Critical Resource vulnerabili
        NOT-FOR-US: HYPR Workforce Access on MacOS
 CVE-2023-25181
        RESERVED
-CVE-2023-0833
-       RESERVED
+CVE-2023-0833 (A flaw was found in Red Hat's AMQ-Streams, which ships a 
version of th ...)
+       TODO: check
 CVE-2023-0832 (The Under Construction plugin for WordPress is vulnerable to 
Cross-Sit ...)
        NOT-FOR-US: Under Construction plugin for WordPress
 CVE-2023-0831 (The Under Construction plugin for WordPress is vulnerable to 
Cross-Sit ...)
@@ -38990,8 +39126,7 @@ CVE-2023-22371 (An os command injection vulnerability 
exists in the liburvpn.so
        NOT-FOR-US: MilesightVPN
 CVE-2023-22315 (Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use 
a propri ...)
        NOT-FOR-US: Snap One Wattbox WB-300-IP-3
-CVE-2023-0456
-       RESERVED
+CVE-2023-0456 (A flaw was found in APICast, when 3Scale's OIDC module does not 
proper ...)
        NOT-FOR-US: Red Hat 3scale API gateway
 CVE-2023-0455 (Unrestricted Upload of File with Dangerous Type in GitHub 
repository u ...)
        NOT-FOR-US: unilogies/bumsys
@@ -62082,8 +62217,8 @@ CVE-2023-20270
        RESERVED
 CVE-2023-20269 (A vulnerability in the remote access VPN feature of Cisco 
Adaptive Sec ...)
        NOT-FOR-US: Cisco
-CVE-2023-20268
-       RESERVED
+CVE-2023-20268 (A vulnerability in the packet processing functionality of 
Cisco access ...)
+       TODO: check
 CVE-2023-20267
        RESERVED
 CVE-2023-20266 (A vulnerability in Cisco Emergency Responder, Cisco Unified 
Communicat ...)
@@ -62094,8 +62229,8 @@ CVE-2023-20264
        RESERVED
 CVE-2023-20263 (A vulnerability in the web-based management interface of Cisco 
HyperFl ...)
        NOT-FOR-US: Cisco
-CVE-2023-20262
-       RESERVED
+CVE-2023-20262 (A vulnerability in the SSH service of Cisco Catalyst SD-WAN 
Manager co ...)
+       TODO: check
 CVE-2023-20261
        RESERVED
 CVE-2023-20260
@@ -62110,14 +62245,14 @@ CVE-2023-20256
        RESERVED
 CVE-2023-20255
        RESERVED
-CVE-2023-20254
-       RESERVED
-CVE-2023-20253
-       RESERVED
-CVE-2023-20252
-       RESERVED
-CVE-2023-20251
-       RESERVED
+CVE-2023-20254 (A vulnerability in the session management system of the Cisco 
Catalyst ...)
+       TODO: check
+CVE-2023-20253 (A vulnerability in the command line interface (cli) management 
interfa ...)
+       TODO: check
+CVE-2023-20252 (A vulnerability in the Security Assertion Markup Language 
(SAML) APIs  ...)
+       TODO: check
+CVE-2023-20251 (A vulnerability in the memory buffer of Cisco Wireless LAN 
Controller  ...)
+       TODO: check
 CVE-2023-20250 (A vulnerability in the web-based management interface of Cisco 
Small B ...)
        NOT-FOR-US: Cisco
 CVE-2023-20249
@@ -62156,24 +62291,24 @@ CVE-2023-20233 (A vulnerability in the Connectivity 
Fault Management (CFM) featu
        NOT-FOR-US: Cisco
 CVE-2023-20232 (A vulnerability in the Tomcat implementation for Cisco Unified 
Contact ...)
        NOT-FOR-US: Cisco
-CVE-2023-20231
-       RESERVED
+CVE-2023-20231 (A vulnerability in the web UI of Cisco IOS XE Software could 
allow an  ...)
+       TODO: check
 CVE-2023-20230 (A vulnerability in the restricted security domain 
implementation of Ci ...)
        NOT-FOR-US: Cisco
 CVE-2023-20229 (A vulnerability in the CryptoService function of Cisco Duo 
Device Heal ...)
        NOT-FOR-US: Cisco
 CVE-2023-20228 (A vulnerability in the web-based management interface of Cisco 
Integra ...)
        NOT-FOR-US: Cisco
-CVE-2023-20227
-       RESERVED
-CVE-2023-20226
-       RESERVED
+CVE-2023-20227 (A vulnerability in the Layer 2 Tunneling Protocol (L2TP) 
feature of Ci ...)
+       TODO: check
+CVE-2023-20226 (A vulnerability in Application Quality of Experience (AppQoE) 
and Unif ...)
+       TODO: check
 CVE-2023-20225
        RESERVED
 CVE-2023-20224 (A vulnerability in the CLI of Cisco ThousandEyes Enterprise 
Agent, Vir ...)
        NOT-FOR-US: Cisco
-CVE-2023-20223
-       RESERVED
+CVE-2023-20223 (A vulnerability in Cisco DNA Center could allow an 
unauthenticated, re ...)
+       TODO: check
 CVE-2023-20222 (A vulnerability in the web-based management interface of Cisco 
Prime I ...)
        NOT-FOR-US: Cisco
 CVE-2023-20221 (A vulnerability in the web-based management interface of Cisco 
IP Phon ...)
@@ -62218,8 +62353,8 @@ CVE-2023-20204 (A vulnerability in the web-based 
management interface of Cisco B
        NOT-FOR-US: Cisco
 CVE-2023-20203 (Multiple vulnerabilities in the web-based management interface 
of Cisc ...)
        NOT-FOR-US: Cisco
-CVE-2023-20202
-       RESERVED
+CVE-2023-20202 (A vulnerability in the Wireless Network Control daemon (wncd) 
of Cisco ...)
+       TODO: check
 CVE-2023-20201 (Multiple vulnerabilities in the web-based management interface 
of Cisc ...)
        NOT-FOR-US: Cisco
 CVE-2023-20200 (A vulnerability in the Simple Network Management Protocol 
(SNMP) servi ...)
@@ -62252,10 +62387,10 @@ CVE-2023-20189 (Multiple vulnerabilities in the 
web-based user interface of cert
        NOT-FOR-US: Cisco
 CVE-2023-20188 (A vulnerability in the web-based management interface of Cisco 
Small B ...)
        NOT-FOR-US: Cisco
-CVE-2023-20187
-       RESERVED
-CVE-2023-20186
-       RESERVED
+CVE-2023-20187 (A vulnerability in the Multicast Leaf Recycle Elimination 
(mLRE) featu ...)
+       TODO: check
+CVE-2023-20186 (A vulnerability in the Authentication, Authorization, and 
Accounting ( ...)
+       TODO: check
 CVE-2023-20185 (A vulnerability in the Cisco ACI Multi-Site CloudSec 
encryption featur ...)
        NOT-FOR-US: Cisco
 CVE-2023-20184 (Multiple vulnerabilities in the API of Cisco DNA Center 
Software could ...)
@@ -62268,14 +62403,14 @@ CVE-2023-20181 (A vulnerability in the web-based 
management interface of Cisco S
        NOT-FOR-US: Cisco
 CVE-2023-20180 (A vulnerability in the web interface of Cisco Webex Meetings 
could all ...)
        NOT-FOR-US: Cisco
-CVE-2023-20179
-       RESERVED
+CVE-2023-20179 (A vulnerability in the web-based management interface of Cisco 
Catalys ...)
+       TODO: check
 CVE-2023-20178 (A vulnerability in the client update process of Cisco 
AnyConnect Secur ...)
        NOT-FOR-US: Cisco
 CVE-2023-20177
        RESERVED
-CVE-2023-20176
-       RESERVED
+CVE-2023-20176 (A vulnerability in the networking component of Cisco access 
point (AP) ...)
+       TODO: check
 CVE-2023-20175
        RESERVED
 CVE-2023-20174 (Multiple vulnerabilities in the web-based management interface 
of Cisc ...)
@@ -62408,8 +62543,8 @@ CVE-2023-20111 (A vulnerability in the web-based 
management interface of Cisco I
        NOT-FOR-US: Cisco
 CVE-2023-20110 (A vulnerability in the web-based management interface of Cisco 
Smart S ...)
        NOT-FOR-US: Cisco
-CVE-2023-20109
-       RESERVED
+CVE-2023-20109 (A vulnerability in the Cisco Group Encrypted Transport VPN 
(GET VPN) f ...)
+       TODO: check
 CVE-2023-20108 (A vulnerability in the XCP Authentication Service of the Cisco 
Unified ...)
        NOT-FOR-US: Cisco
 CVE-2023-20107 (A vulnerability in the deterministic random bit generator 
(DRBG), also ...)
@@ -62561,10 +62696,10 @@ CVE-2023-20036
        RESERVED
 CVE-2023-20035 (A vulnerability in the CLI of Cisco IOS XE SD-WAN Software 
could allow ...)
        NOT-FOR-US: Cisco
-CVE-2023-20034
-       RESERVED
-CVE-2023-20033
-       RESERVED
+CVE-2023-20034 (Vulnerability in the Elasticsearch database used in the of 
Cisco SD-WA ...)
+       TODO: check
+CVE-2023-20033 (A vulnerability in Cisco IOS XE Software for Cisco Catalyst 
3650 and C ...)
+       TODO: check
 CVE-2023-20032 (On Feb 15, 2023, the following vulnerability in the ClamAV 
scanning li ...)
        {DLA-3328-1}
        - clamav 1.0.1+dfsg-1 (bug #1031509)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3df0b338641fa8904cf20dd9252b2e3b8d195370

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3df0b338641fa8904cf20dd9252b2e3b8d195370
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to