[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Mon, 16 Oct 2023 01:12:38 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
1fd95aab by security tracker role at 2023-10-16T08:12:07+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,71 @@
+CVE-2023-5591 (SQL Injection in GitHub repository librenms/librenms prior to 
23.10.0.)
+       TODO: check
+CVE-2023-5590 (NULL Pointer Dereference in GitHub repository 
seleniumhq/selenium prio ...)
+       TODO: check
+CVE-2023-5589 (A vulnerability was found in SourceCodester Judging Management 
System  ...)
+       TODO: check
+CVE-2023-5588 (A vulnerability was found in kphrx pleroma. It has been 
classified as  ...)
+       TODO: check
+CVE-2023-5587 (A vulnerability was found in SourceCodester Free Hospital 
Management S ...)
+       TODO: check
+CVE-2023-45898 (The Linux kernel before 6.5.4 has an es1 use-after-free in 
fs/ext4/ext ...)
+       TODO: check
+CVE-2023-45757 (Security vulnerability in Apache bRPC <=1.6.0 on all platforms 
allows  ...)
+       TODO: check
+CVE-2023-45580 (Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 
and before ...)
+       TODO: check
+CVE-2023-45579 (Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 
and before ...)
+       TODO: check
+CVE-2023-45578 (Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 
and before ...)
+       TODO: check
+CVE-2023-45577 (An issue in DI-7003GV2.D1 v.23.08.25D1 and before, 
DI-7100G+V2.D1 v.23 ...)
+       TODO: check
+CVE-2023-45576 (Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 
and before ...)
+       TODO: check
+CVE-2023-45575 (Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 
and before ...)
+       TODO: check
+CVE-2023-45574 (Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 
and before ...)
+       TODO: check
+CVE-2023-45573 (Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 
and before ...)
+       TODO: check
+CVE-2023-45572 (Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 
and before ...)
+       TODO: check
+CVE-2023-45158 (An OS command injection vulnerability exists in web2py 2.24.1 
and earl ...)
+       TODO: check
+CVE-2023-44809 (D-Link device DIR-820L 1.05B03 is vulnerable to Insecure 
Permissions.)
+       TODO: check
+CVE-2023-44808 (D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in 
the sub_ ...)
+       TODO: check
+CVE-2023-40791 (extract_user_to_sg in lib/scatterlist.c in the Linux kernel 
before 6.4 ...)
+       TODO: check
+CVE-2023-40790
+       REJECTED
+CVE-2023-40377 (Backup, Recovery, and Media Services (BRMS) for IBM i 7.2, 
7.3, and 7. ...)
+       TODO: check
+CVE-2023-38280 (IBM HMC (Hardware Management Console) 10.1.1010.0 and 
10.2.1030.0 coul ...)
+       TODO: check
+CVE-2023-36955 (TOTOLINK CP300+ <=V5.2cu.7594_B20200910 was discovered to 
contain a st ...)
+       TODO: check
+CVE-2023-36954 (TOTOLINK CP300+ V5.2cu.7594_B20200910 and before is vulnerable 
to comm ...)
+       TODO: check
+CVE-2023-36953 (TOTOLINK CP300+ V5.2cu.7594_B20200910 and before is vulnerable 
to comm ...)
+       TODO: check
+CVE-2023-36952 (TOTOLINK CP300+ V5.2cu.7594_B20200910 was discovered to 
contain a stac ...)
+       TODO: check
+CVE-2023-36950 (TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R 
V9.1.0u.611 ...)
+       TODO: check
+CVE-2023-36947 (TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R 
V9.1.0u.611 ...)
+       TODO: check
+CVE-2023-36340 (TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to 
contain a st ...)
+       TODO: check
+CVE-2023-35018 (IBM Security Verify Governance 10.0 could allow a privileged 
use to up ...)
+       TODO: check
+CVE-2023-35013 (IBM Security Verify Governance 10.0, Identity Manager could 
allow a lo ...)
+       TODO: check
+CVE-2023-33836 (IBM Security Verify Governance 10.0 contains hard-coded 
credentials, s ...)
+       TODO: check
+CVE-2022-48612 (A Universal Cross Site Scripting (UXSS) vulnerability in 
ClassLink One ...)
+       TODO: check
 CVE-2023-38312 (A directory traversal vulnerability in Valve Counter-Strike 
8684 allow ...)
        TODO: check
 CVE-2018-25091 (urllib3 before 1.24.2 does not remove the authorization HTTP 
header wh ...)
@@ -60997,12 +61065,12 @@ CVE-2023-21417
        RESERVED
 CVE-2023-21416
        RESERVED
-CVE-2023-21415
-       RESERVED
-CVE-2023-21414
-       RESERVED
-CVE-2023-21413
-       RESERVED
+CVE-2023-21415 (Sandro Poppi, member of the AXIS OS Bug Bounty Program, has 
found that ...)
+       TODO: check
+CVE-2023-21414 (NCC Group has found a flaw during the annual internal 
penetration test ...)
+       TODO: check
+CVE-2023-21413 (GoSecure on behalf of Genetec Inc. has found a flaw that 
allows for a  ...)
+       TODO: check
 CVE-2023-21412 (User provided input is not sanitized on the AXIS License Plate 
Verifie ...)
        NOT-FOR-US: AXIS License Plate Verifier
 CVE-2023-21411 (User provided input is not sanitized in the \u201cSettings > 
Access Co ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1fd95aab3396af934cfaa6c4bfec7c15b3aebdb0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1fd95aab3396af934cfaa6c4bfec7c15b3aebdb0
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to