Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c044e7c8 by security tracker role at 2023-10-10T08:12:05+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,55 @@
+CVE-2023-5471 (A vulnerability, which was classified as critical, was found in
codepr ...)
+ TODO: check
+CVE-2023-5468 (The Slick Contact Forms plugin for WordPress is vulnerable to
Stored C ...)
+ TODO: check
+CVE-2023-5467 (The GEO my WordPress plugin for WordPress is vulnerable to
Stored Cros ...)
+ TODO: check
+CVE-2023-5463 (A vulnerability was found in XINJE XDPPro up to 3.7.17a. It has
been r ...)
+ TODO: check
+CVE-2023-5462 (A vulnerability was found in XINJE XD5E-30R-E 3.5.3b. It has
been decl ...)
+ TODO: check
+CVE-2023-45208 (A command injection in the parsing_xml_stasurvey function
inside libcg ...)
+ TODO: check
+CVE-2023-44959 (An issue found in D-Link DSL-3782 v.1.03 and before allows
remote auth ...)
+ TODO: check
+CVE-2023-44848 (An issue in SeaCMS v.12.8 allows an attacker to execute
arbitrary code ...)
+ TODO: check
+CVE-2023-44847 (An issue in SeaCMS v.12.8 allows an attacker to execute
arbitrary code ...)
+ TODO: check
+CVE-2023-44846 (An issue in SeaCMS v.12.8 allows an attacker to execute
arbitrary code ...)
+ TODO: check
+CVE-2023-44827 (An issue in ZenTao Community Edition v.18.6 and before, ZenTao
Biz v.8 ...)
+ TODO: check
+CVE-2023-44826 (Cross Site Scripting vulnerability in ZenTaoPMS v.18.6 allows
a local ...)
+ TODO: check
+CVE-2023-44813 (Cross Site Scripting (XSS) vulnerability in mooSocial v.3.1.8
allows a ...)
+ TODO: check
+CVE-2023-43899 (hansun CMS v1.0 was discovered to contain a SQL injection
vulnerabilit ...)
+ TODO: check
+CVE-2023-43271 (Incorrect access control in 70mai a500s v1.2.119 allows
attackers to d ...)
+ TODO: check
+CVE-2023-42477 (SAP NetWeaver AS Java (GRMG Heartbeat application) - version
7.50,allo ...)
+ TODO: check
+CVE-2023-42475 (The Statutory Reporting application has a vulnerable file
storage loca ...)
+ TODO: check
+CVE-2023-42474 (SAP BusinessObjects Web Intelligence - version 420, has a URL
with par ...)
+ TODO: check
+CVE-2023-42473 (S/4HANA Manage (Withholding Tax Items) - version 106,does not
perform ...)
+ TODO: check
+CVE-2023-42189 (Insecure Permissions vulnerability in Connectivity Standards
Alliance ...)
+ TODO: check
+CVE-2023-41730 (Cross-Site Request Forgery (CSRF) vulnerability in SendPress
Newslette ...)
+ TODO: check
+CVE-2023-41697 (Cross-Site Request Forgery (CSRF) vulnerability in Nikunj Soni
Easy WP ...)
+ TODO: check
+CVE-2023-41694 (Cross-Site Request Forgery (CSRF) vulnerability in Realbig
Team Realbi ...)
+ TODO: check
+CVE-2023-41684 (Cross-Site Request Forgery (CSRF) vulnerability in Felix
Welberg SIS H ...)
+ TODO: check
+CVE-2023-41365 (SAP Business One (B1i) - version 10.0, allows an authorized
attacker t ...)
+ TODO: check
+CVE-2023-40310 (SAP PowerDesignerClient- version 16.7, does not sufficiently
validate ...)
+ TODO: check
CVE-2023-45360
- mediawiki 1:1.39.5-1
NOTE: https://phabricator.wikimedia.org/T340221
@@ -115,7 +167,7 @@ CVE-2023-39189 (A flaw was found in the Netfilter subsystem
in the Linux kernel.
NOTE:
https://git.kernel.org/linus/f4f8a7803119005e87b716874bec07c751efafec (6.6-rc1)
CVE-2023-36820 (Micronaut Security is a security solution for applications.
Prior to v ...)
NOT-FOR-US: Micronaut Security
-CVE-2023-43641
+CVE-2023-43641 (libcue provides an API for parsing and extracting data from
CUE sheets ...)
- libcue <unfixed>
NOTE:
https://github.com/lipnitsk/libcue/security/advisories/GHSA-5982-x7hv-r9cj
NOTE: https://www.openwall.com/lists/oss-security/2023/10/09/3
@@ -47513,10 +47565,10 @@ CVE-2022-48185
RESERVED
CVE-2022-48184
RESERVED
-CVE-2022-48183
- RESERVED
-CVE-2022-48182
- RESERVED
+CVE-2022-48183 (A vulnerability was reported in ThinkPad T14s Gen 3 and X13
Gen3 that ...)
+ TODO: check
+CVE-2022-48182 (A vulnerability was reported in ThinkPad T14s Gen 3 and X13
Gen3 that ...)
+ TODO: check
CVE-2022-48181 (An ErrorMessage driver stack-based buffer overflow
vulnerability in BI ...)
NOT-FOR-US: Lenovo
CVE-2022-48180
@@ -63365,8 +63417,8 @@ CVE-2022-3730 (A vulnerability, which was classified as
critical, was found in s
NOT-FOR-US: seccome Ehoney
CVE-2022-3729 (A vulnerability, which was classified as critical, has been
found in s ...)
NOT-FOR-US: seccome Ehoney
-CVE-2022-3728
- RESERVED
+CVE-2022-3728 (A vulnerability was reported in ThinkPad T14s Gen 3 and X13
Gen3 that ...)
+ TODO: check
CVE-2023-20601
RESERVED
CVE-2023-20600
@@ -85945,8 +85997,8 @@ CVE-2022-36230
RESERVED
CVE-2022-36229
RESERVED
-CVE-2022-36228
- RESERVED
+CVE-2022-36228 (Nokelock Smart padlock O1 Version 5.3.0 is vulnerable to
Insecure Perm ...)
+ TODO: check
CVE-2022-36227 (In libarchive before 3.6.2, the software does not check for an
error a ...)
{DLA-3294-1}
- libarchive 3.6.2-1 (bug #1024669)
@@ -234728,8 +234780,8 @@ CVE-2020-18338
RESERVED
CVE-2020-18337
RESERVED
-CVE-2020-18336
- RESERVED
+CVE-2020-18336 (Cross Site Scripting (XSS) vulnerability found in Typora
v.0.9.65 allo ...)
+ TODO: check
CVE-2020-18335
RESERVED
CVE-2020-18334
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c044e7c8b37b59c3617593fbe33a3b91a54d6484
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c044e7c8b37b59c3617593fbe33a3b91a54d6484
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
