Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
13e52ecc by security tracker role at 2023-10-13T08:12:08+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,35 @@
+CVE-2023-5564 (Cross-site Scripting (XSS) - Stored in GitHub repository
froxlor/froxl ...)
+ TODO: check
+CVE-2023-5563 (The SJA1000 CAN controller driver backend automatically attempt
to rec ...)
+ TODO: check
+CVE-2023-5557 (A flaw was found in the tracker-miners package. A weakness in
the sand ...)
+ TODO: check
+CVE-2023-4562 (Improper Authentication vulnerability in Mitsubishi Electric
Corporati ...)
+ TODO: check
+CVE-2023-45511 (A memory leak in tsMuxer version git-2539d07 allows attackers
to cause ...)
+ TODO: check
+CVE-2023-45510 (tsMuxer version git-2539d07 was discovered to contain an
alloc-dealloc ...)
+ TODO: check
+CVE-2023-41263 (An issue was discovered in Plixer Scrutinizer before 19.3.1.
It expose ...)
+ TODO: check
+CVE-2023-41262 (An issue was discovered in /fcgi/scrut_fcgi.fcgi in Plixer
Scrutinizer ...)
+ TODO: check
+CVE-2023-41261 (An issue was discovered in /fcgi/scrut_fcgi.fcgi in Plixer
Scrutinizer ...)
+ TODO: check
+CVE-2023-38251 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2
(and earli ...)
+ TODO: check
+CVE-2023-38250 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2
(and earli ...)
+ TODO: check
+CVE-2023-38249 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2
(and earli ...)
+ TODO: check
+CVE-2023-38221 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2
(and earli ...)
+ TODO: check
+CVE-2023-38220 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2
(and earli ...)
+ TODO: check
+CVE-2023-38219 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2
(and earli ...)
+ TODO: check
+CVE-2023-38218 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2
(and earli ...)
+ TODO: check
CVE-2023-45365
NOT-FOR-US: MediaWiki extension Citoid
CVE-2023-45366
@@ -70,55 +102,55 @@ CVE-2023-31192 (An information disclosure vulnerability
exists in the ClientConn
NOT-FOR-US: SoftEther VPN
CVE-2023-27516 (An authentication bypass vulnerability exists in the
CiRpcAccepted() f ...)
NOT-FOR-US: SoftEther VPN
-CVE-2023-36839
+CVE-2023-36839 (An Improper Validation of Specified Quantity in Input
vulnerability in ...)
NOT-FOR-US: Juniper
-CVE-2023-44204
+CVE-2023-44204 (An Improper Validation of Syntactic Correctness of Input
vulnerability ...)
NOT-FOR-US: Juniper
-CVE-2023-44182
+CVE-2023-44182 (An Unchecked Return Value vulnerability in the user interfaces
to the ...)
NOT-FOR-US: Juniper
-CVE-2023-44203
+CVE-2023-44203 (An Improper Check or Handling of Exceptional Conditions
vulnerability ...)
NOT-FOR-US: Juniper
CVE-2023-44202
NOT-FOR-US: Juniper
-CVE-2023-44198
+CVE-2023-44198 (An Improper Check for Unusual or Exceptional Conditions
vulnerability ...)
NOT-FOR-US: Juniper
-CVE-2023-44197
+CVE-2023-44197 (An Out-of-Bounds Write vulnerability in the Routing Protocol
Daemon (r ...)
NOT-FOR-US: Juniper
-CVE-2023-44196
+CVE-2023-44196 (An Improper Check for Unusual or Exceptional Conditions in the
Packet ...)
NOT-FOR-US: Juniper
-CVE-2023-44195
+CVE-2023-44195 (An Improper Restriction of Communication Channel to Intended
Endpoints ...)
NOT-FOR-US: Juniper
-CVE-2023-44201
+CVE-2023-44201 (An Incorrect Permission Assignment for Critical Resource
vulnerability ...)
NOT-FOR-US: Juniper
-CVE-2023-44199
+CVE-2023-44199 (An Improper Check for Unusual or Exceptional Conditions
vulnerability ...)
NOT-FOR-US: Juniper
-CVE-2023-44184
+CVE-2023-44184 (An Improper Restriction of Operations within the Bounds of a
Memory Bu ...)
NOT-FOR-US: Juniper
-CVE-2023-44181
+CVE-2023-44181 (An Improperly Implemented Security Check for Standard
vulnerability in ...)
NOT-FOR-US: Juniper
-CVE-2023-44191
+CVE-2023-44191 (An Allocation of Resources Without Limits or Throttling
vulnerability ...)
NOT-FOR-US: Juniper
-CVE-2023-44192
+CVE-2023-44192 (An Improper Input Validation vulnerability in the Packet
Forwarding En ...)
NOT-FOR-US: Juniper
-CVE-2023-44175
+CVE-2023-44175 (A Reachable Assertion vulnerability in the routing protocol
daemon (rp ...)
NOT-FOR-US: Juniper
-CVE-2023-44178
+CVE-2023-44178 (A Stack-based Buffer Overflow vulnerability in the CLI command
of Juni ...)
NOT-FOR-US: Juniper
-CVE-2023-44177
+CVE-2023-44177 (A Stack-based Buffer Overflow vulnerability in the CLI command
of Juni ...)
NOT-FOR-US: Juniper
-CVE-2023-44176
+CVE-2023-44176 (A Stack-based Buffer Overflow vulnerability in the CLI command
of Juni ...)
NOT-FOR-US: Juniper
-CVE-2023-36841
+CVE-2023-36841 (An Improper Check for Unusual or Exceptional Conditions
vulnerability ...)
NOT-FOR-US: Juniper
-CVE-2023-36843
+CVE-2023-36843 (An Improper Handling of Inconsistent Special Elements
vulnerability in ...)
NOT-FOR-US: Juniper
-CVE-2023-44194
+CVE-2023-44194 (An Incorrect Default Permissions vulnerability in Juniper
Networks Jun ...)
NOT-FOR-US: Juniper
-CVE-2023-44193
+CVE-2023-44193 (An Improper Release of Memory Before Removing Last Reference
vulnerabi ...)
NOT-FOR-US: Juniper
-CVE-2023-44183
+CVE-2023-44183 (An Improper Input Validation vulnerability in the VxLAN packet
forward ...)
NOT-FOR-US: Juniper
-CVE-2023-44185
+CVE-2023-44185 (An Improper Input Validation vulnerability in the routing
protocol dae ...)
NOT-FOR-US: Juniper
CVE-2023-5531 (The Thumbnail Slider With Lightbox plugin for WordPress is
vulnerable ...)
NOT-FOR-US: WordPress plugin
@@ -4034,7 +4066,7 @@ CVE-2023-42753 (An array indexing vulnerability was found
in the netfilter subsy
[bullseye] - linux 5.10.197-1
NOTE: https://www.openwall.com/lists/oss-security/2023/09/22/10
NOTE:
https://git.kernel.org/linus/050d91c03b28ca479df13dfb02bcd2c60dd6a878 (6.6-rc1)
-CVE-2023-42752 [integer overflows in kmalloc_reserve()]
+CVE-2023-42752 (An integer overflow flaw was found in the Linux kernel. This
issue lea ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -33403,8 +33435,8 @@ CVE-2023-27318
RESERVED
CVE-2023-27317
RESERVED
-CVE-2023-27316
- RESERVED
+CVE-2023-27316 (SnapCenter versions 4.8 through 4.9 are susceptible to a
vulnerabilit ...)
+ TODO: check
CVE-2023-27315 (SnapGathers versions prior to 4.9 are susceptible to a
vulnerability ...)
TODO: check
CVE-2023-27314 (ONTAP 9 versions prior to 9.8P19, 9.9.1P16, 9.10.1P12,
9.11.1P8, 9.12 ...)
@@ -35802,10 +35834,10 @@ CVE-2023-26369 (Acrobat Reader versions 23.003.20284
(and earlier), 20.005.30516
NOT-FOR-US: Adobe
CVE-2023-26368
RESERVED
-CVE-2023-26367
- RESERVED
-CVE-2023-26366
- RESERVED
+CVE-2023-26367 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2
(and earli ...)
+ TODO: check
+CVE-2023-26366 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2
(and earli ...)
+ TODO: check
CVE-2023-26365
RESERVED
CVE-2023-26364
@@ -49317,8 +49349,7 @@ CVE-2023-22394 (An Improper Handling of Unexpected Data
Type vulnerability in th
NOT-FOR-US: Juniper
CVE-2023-22393 (An Improper Check for Unusual or Exceptional Conditions
vulnerability ...)
NOT-FOR-US: Juniper
-CVE-2023-22392
- RESERVED
+CVE-2023-22392 (A Missing Release of Memory after Effective Lifetime
vulnerability in ...)
NOT-FOR-US: Juniper
CVE-2023-22391 (A vulnerability in class-of-service (CoS) queue management in
Juniper ...)
NOT-FOR-US: Juniper
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13e52ecc069b26ba6927c3dbad9549f7b2296a44
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13e52ecc069b26ba6927c3dbad9549f7b2296a44
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
