[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sat, 21 Oct 2023 01:12:27 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
5f829ba2 by security tracker role at 2023-10-21T08:12:04+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,79 @@
+CVE-2023-5684 (A vulnerability was found in Beijing Baichuo Smart S85F 
Management Pla ...)
+       TODO: check
+CVE-2023-5683 (A vulnerability was found in Beijing Baichuo Smart S85F 
Management Pla ...)
+       TODO: check
+CVE-2023-5682 (A vulnerability has been found in Tongda OA 2017 and classified 
as cri ...)
+       TODO: check
+CVE-2023-5681 (A vulnerability, which was classified as critical, was found in 
Netent ...)
+       TODO: check
+CVE-2023-5205 (The Add Custom Body Class plugin for WordPress is vulnerable to 
Stored ...)
+       TODO: check
+CVE-2023-5132 (The Soisy Pagamento Rateale plugin for WordPress is vulnerable 
to unau ...)
+       TODO: check
+CVE-2023-4939 (The SALESmanago plugin for WordPress is vulnerable to Log 
Injection in ...)
+       TODO: check
+CVE-2023-4635 (The EventON plugin for WordPress is vulnerable to Reflected 
Cross-Site ...)
+       TODO: check
+CVE-2023-46055 (An issue in ThingNario Photon v.1.0 allows a remote attacker 
to execut ...)
+       TODO: check
+CVE-2023-46054 (Cross Site Scripting (XSS) vulnerability in WBCE CMS v.1.6.1 
and befor ...)
+       TODO: check
+CVE-2023-46003 (I-doit pro 25 and below is vulnerable to Cross Site Scripting 
(XSS) vi ...)
+       TODO: check
+CVE-2023-45682 (stb_vorbis is a single file MIT licensed library for 
processing ogg vo ...)
+       TODO: check
+CVE-2023-45681 (stb_vorbis is a single file MIT licensed library for 
processing ogg vo ...)
+       TODO: check
+CVE-2023-45680 (stb_vorbis is a single file MIT licensed library for 
processing ogg vo ...)
+       TODO: check
+CVE-2023-45679 (stb_vorbis is a single file MIT licensed library for 
processing ogg vo ...)
+       TODO: check
+CVE-2023-45678 (stb_vorbis is a single file MIT licensed library for 
processing ogg vo ...)
+       TODO: check
+CVE-2023-45677 (stb_vorbis is a single file MIT licensed library for 
processing ogg vo ...)
+       TODO: check
+CVE-2023-45676 (stb_vorbis is a single file MIT licensed library for 
processing ogg vo ...)
+       TODO: check
+CVE-2023-45675 (stb_vorbis is a single file MIT licensed library for 
processing ogg vo ...)
+       TODO: check
+CVE-2023-45667 (stb_image is a single file MIT licensed library for processing 
images. ...)
+       TODO: check
+CVE-2023-45666 (stb_image is a single file MIT licensed library for processing 
images. ...)
+       TODO: check
+CVE-2023-45664 (stb_image is a single file MIT licensed library for processing 
images. ...)
+       TODO: check
+CVE-2023-45663 (stb_image is a single file MIT licensed library for processing 
images. ...)
+       TODO: check
+CVE-2023-45662 (stb_image is a single file MIT licensed library for processing 
images. ...)
+       TODO: check
+CVE-2023-45661 (stb_image is a single file MIT licensed library for processing 
images. ...)
+       TODO: check
+CVE-2023-43357 (Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 
allows a  ...)
+       TODO: check
+CVE-2023-43356 (Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 
allows a  ...)
+       TODO: check
+CVE-2023-43355 (Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 
allows a  ...)
+       TODO: check
+CVE-2023-43354 (Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 
allows a  ...)
+       TODO: check
+CVE-2023-43353 (Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 
allows a  ...)
+       TODO: check
+CVE-2023-43346 (Cross-site scripting (XSS) vulnerability in opensolution Quick 
CMS v.6 ...)
+       TODO: check
+CVE-2023-38194 (An issue was discovered in SuperWebMailer 9.00.0.01710. It 
allows keep ...)
+       TODO: check
+CVE-2023-38193 (An issue was discovered in SuperWebMailer 9.00.0.01710. It 
allows Remo ...)
+       TODO: check
+CVE-2023-38192 (An issue was discovered in SuperWebMailer 9.00.0.01710. It 
allows supe ...)
+       TODO: check
+CVE-2023-38191 (An issue was discovered in SuperWebMailer 9.00.0.01710. It 
allows spam ...)
+       TODO: check
+CVE-2023-38190 (An issue was discovered in SuperWebMailer 9.00.0.01710. It 
allows Expo ...)
+       TODO: check
+CVE-2023-32786 (In Langchain through 0.0.155, prompt injection allows an 
attacker to f ...)
+       TODO: check
+CVE-2023-32785 (In Langchain through 0.0.155, prompt injection allows 
execution of arb ...)
+       TODO: check
 CVE-2023-5690 (Cross-Site Request Forgery (CSRF) in GitHub repository 
modoboa/modoboa ...)
        NOT-FOR-US: Modoboa
 CVE-2023-5689 (Cross-site Scripting (XSS) - DOM in GitHub repository 
modoboa/modoboa  ...)
@@ -577,7 +653,7 @@ CVE-2023-39276 (SonicOS post-authentication stack-based 
buffer overflow vulnerab
        NOT-FOR-US: SonicOS
 CVE-2023-38552 (When the Node.js policy feature checks the integrity of a 
resource aga ...)
        TODO: check
-CVE-2023-36321 (Connected Vehicle Systems Alliance (COVESA) up to v2.18.8 wwas 
discove ...)
+CVE-2023-36321 (Connected Vehicle Systems Alliance (COVESA) up to v2.18.8 was 
discover ...)
        TODO: check
 CVE-2023-35084 (Unsafe Deserialization of User Input could lead to Execution 
of Unauth ...)
        NOT-FOR-US: Ivanti
@@ -34036,7 +34112,7 @@ CVE-2023-27540 (IBM Watson CP4D Data Stores 4.6.0 does 
not properly allocate res
        NOT-FOR-US: IBM
 CVE-2023-1165 (A vulnerability was found in Zhong Bang CRMEB Java 1.3.4. It 
has been  ...)
        NOT-FOR-US: Zhong Bang CRMEB Java
-CVE-2023-1164 (A vulnerability was found in KylinSoft kylin-activation and 
classified ...)
+CVE-2023-1164 (A vulnerability was found in KylinSoft kylin-activation on 
KylinOS and ...)
        NOT-FOR-US: KylinSoft
 CVE-2023-1163 (A vulnerability has been found in DrayTek Vigor 2960 1.5.1.4 
and class ...)
        NOT-FOR-US: DrayTek Vigor 2960
@@ -36705,7 +36781,7 @@ CVE-2023-1006 (A vulnerability was found in 
SourceCodester Medical Certificate G
        NOT-FOR-US: SourceCodester Medical Certificate Generator App
 CVE-2023-1005 (A vulnerability was found in JP1016 Markdown-Electron and 
classified a ...)
        NOT-FOR-US: JP1016 Markdown-Electron
-CVE-2023-1004 (A vulnerability has been found in MarkText up to 0.17.1 and 
classified ...)
+CVE-2023-1004 (A vulnerability has been found in MarkText up to 0.17.1 on 
Windows and ...)
        NOT-FOR-US: MarkText
 CVE-2023-1003 (A vulnerability, which was classified as critical, was found in 
Typora ...)
        NOT-FOR-US: Typora



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5f829ba2de81801d3065f037db3f2e3062ec757a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5f829ba2de81801d3065f037db3f2e3062ec757a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to