[Git][security-tracker-team/security-tracker][master] automatic update

Sat, 07 Oct 2023 01:12:07 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b4a2cea0 by security tracker role at 2023-10-07T08:11:40+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2023-5182 (Sensitive data could be exposed in logs of subiquity version 
23.09.1 a ...)
+       TODO: check
+CVE-2023-45322 (libxml2 through 2.11.5 has a use-after-free that can only 
occur after  ...)
+       TODO: check
+CVE-2023-45199 (Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow 
that can ...)
+       TODO: check
+CVE-2023-44860 (An issue in NETIS SYSTEMS N3Mv2 v.1.0.1.865 allows a remote 
attacker t ...)
+       TODO: check
+CVE-2023-44061 (File Upload vulnerability in Simple and Nice Shopping Cart 
Script v.1. ...)
+       TODO: check
+CVE-2023-43615 (Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer 
Overflow.)
+       TODO: check
+CVE-2023-36123 (Directory Traversal vulnerability in Hex-Dragon Plain Craft 
Launcher 2 ...)
+       TODO: check
 CVE-2023-5452 (Cross-site Scripting (XSS) - Stored in GitHub repository 
snipe/snipe-i ...)
        - snipe-it <itp> (bug #1005172)
 CVE-2023-5214 (In Puppet Bolt versions prior to 3.27.4, a path to escalate 
privileges ...)
@@ -91016,8 +91030,8 @@ CVE-2022-34357
        RESERVED
 CVE-2022-34356 (IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a 
non-privileged local ...)
        NOT-FOR-US: IBM
-CVE-2022-34355
-       RESERVED
+CVE-2022-34355 (IBM Jazz Foundation (IBM Engineering Lifecycle Management 
6.0.6, 6.0.6 ...)
+       TODO: check
 CVE-2022-34354 (IBM Sterling Partner Engagement Manager 2.0 allows encrypted 
storage o ...)
        NOT-FOR-US: IBM
 CVE-2022-34353
@@ -94035,8 +94049,8 @@ CVE-2022-33162
        RESERVED
 CVE-2022-33161
        RESERVED
-CVE-2022-33160
-       RESERVED
+CVE-2022-33160 (IBM Security Directory Suite 8.0.1 uses weaker than expected 
cryptogra ...)
+       TODO: check
 CVE-2022-33159 (IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 stores 
user cre ...)
        NOT-FOR-US: IBM
 CVE-2022-33158 (Trend Micro VPN Proxy Pro version 5.2.1026 and below contains 
a vulner ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4a2cea0eb8593dc6238fee855f64a8614f4cef2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4a2cea0eb8593dc6238fee855f64a8614f4cef2
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to