Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: e868bde3 by security tracker role at 2023-12-08T08:11:31+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,4 +1,50 @@ -CVE-2023-45866 [unauthorized HID device connections allows keystroke injection and arbitrary commands execution] +CVE-2023-6599 (Missing Standardized Error Handling Mechanism in GitHub repository mic ...) + TODO: check +CVE-2023-6581 (A vulnerability has been found in D-Link DAR-7000 up to 20231126 and c ...) + TODO: check +CVE-2023-6580 (A vulnerability, which was classified as critical, was found in D-Link ...) + TODO: check +CVE-2023-6579 (A vulnerability, which was classified as critical, has been found in o ...) + TODO: check +CVE-2023-6578 (A vulnerability classified as critical has been found in Software AG W ...) + TODO: check +CVE-2023-6577 (A vulnerability was found in Beijing Baichuo PatrolFlow 2530Pro up to ...) + TODO: check +CVE-2023-6576 (A vulnerability was found in Beijing Baichuo S210 up to 20231123. It h ...) + TODO: check +CVE-2023-6061 (Multiple components of Iconics SCADA Suite are prone to a Phantom DLL ...) + TODO: check +CVE-2023-5058 (Improper Input Validation in the processing of user-supplied splash sc ...) + TODO: check +CVE-2023-5008 (Student Information System v1.0 is vulnerable to an unauthenticated SQ ...) + TODO: check +CVE-2023-4122 (Student Information System v1.0 is vulnerable to an Insecure File Uplo ...) + TODO: check +CVE-2023-48929 (Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24. ...) + TODO: check +CVE-2023-48928 (Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24. ...) + TODO: check +CVE-2023-48122 (An issue in microweber v.2.0.1 and fixed in v.2.0.4 allows a remote at ...) + TODO: check +CVE-2023-46693 (Cross Site Scripting (XSS) vulnerability in FormaLMS before 4.0.5 allo ...) + TODO: check +CVE-2023-43744 (An OS command injection vulnerability in Zultys MX-SE, MX-SE II, MX-E, ...) + TODO: check +CVE-2023-43743 (A SQL injection vulnerability in Zultys MX-SE, MX-SE II, MX-E, MX-Virt ...) + TODO: check +CVE-2023-43742 (An authentication bypass in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, ...) + TODO: check +CVE-2023-43305 (An issue in studio kent mini-app on Line v13.6.1 allows attackers to s ...) + TODO: check +CVE-2023-38174 (Microsoft Edge (Chromium-based) Information Disclosure Vulnerability) + TODO: check +CVE-2023-36880 (Microsoft Edge (Chromium-based) Information Disclosure Vulnerability) + TODO: check +CVE-2023-35618 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability) + TODO: check +CVE-2023-32460 (Dell PowerEdge BIOS contains an improper privilege management security ...) + TODO: check +CVE-2023-45866 (Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral ...) - bluez <unfixed> NOTE: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=25a471a83e02e1effb15d5a488b3f0085eaeb675 CVE-2023-6588 (Offline mode is always enabled, even if permission disallows it, in D ...) @@ -537,7 +583,7 @@ CVE-2023-5874 (The Popup box WordPress plugin before 3.8.6 does not sanitise and NOT-FOR-US: WordPress plugin CVE-2023-5809 (The Popup box WordPress plugin before 3.8.6 does not sanitise and esca ...) NOT-FOR-US: WordPress plugin -CVE-2023-5808 (Information disclosure in SMU in Hitachi Vantara HNAS 14.8.7825.01 on ...) +CVE-2023-5808 (SMU versions prior to 14.8.7825.01 are susceptible to unintended infor ...) NOT-FOR-US: Hitachi CVE-2023-5762 (The Filr WordPress plugin before 1.2.3.6 is vulnerable from an RCE (Re ...) NOT-FOR-US: WordPress plugin @@ -2198,7 +2244,7 @@ CVE-2023-48707 (CodeIgniter Shield is an authentication and authorization provid NOT-FOR-US: CodeIgniter Shield CVE-2023-48312 (capsule-proxy is a reverse proxy for the capsule operator project. Aff ...) NOT-FOR-US: capsule-proxy (reverse proxy for Capsule) -CVE-2023-46575 (A SQL injection vulnerability in Meshery before 0.6.179 allows a remot ...) +CVE-2023-46575 (A SQL injection vulnerability exists in Meshery prior to version v0.6. ...) NOT-FOR-US: Meshery CVE-2023-38914 REJECTED @@ -45990,8 +46036,8 @@ CVE-2023-26160 RESERVED CVE-2023-26159 RESERVED -CVE-2023-26158 - RESERVED +CVE-2023-26158 (All versions of the package mockjs are vulnerable to Prototype Polluti ...) + TODO: check CVE-2023-26157 RESERVED CVE-2023-26156 (Versions of the package chromedriver before 119.0.1 are vulnerable to ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e868bde364509a09eacb9df019a497ace5f6e201 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e868bde364509a09eacb9df019a497ace5f6e201 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits