[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Fri, 08 Dec 2023 00:11:55 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
e868bde3 by security tracker role at 2023-12-08T08:11:31+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,50 @@
-CVE-2023-45866 [unauthorized HID device connections allows keystroke injection 
and arbitrary commands execution]
+CVE-2023-6599 (Missing Standardized Error Handling Mechanism in GitHub 
repository mic ...)
+       TODO: check
+CVE-2023-6581 (A vulnerability has been found in D-Link DAR-7000 up to 
20231126 and c ...)
+       TODO: check
+CVE-2023-6580 (A vulnerability, which was classified as critical, was found in 
D-Link ...)
+       TODO: check
+CVE-2023-6579 (A vulnerability, which was classified as critical, has been 
found in o ...)
+       TODO: check
+CVE-2023-6578 (A vulnerability classified as critical has been found in 
Software AG W ...)
+       TODO: check
+CVE-2023-6577 (A vulnerability was found in Beijing Baichuo PatrolFlow 2530Pro 
up to  ...)
+       TODO: check
+CVE-2023-6576 (A vulnerability was found in Beijing Baichuo S210 up to 
20231123. It h ...)
+       TODO: check
+CVE-2023-6061 (Multiple components of Iconics SCADA Suite are prone to a 
Phantom DLL  ...)
+       TODO: check
+CVE-2023-5058 (Improper Input Validation in the processing of user-supplied 
splash sc ...)
+       TODO: check
+CVE-2023-5008 (Student Information System v1.0 is vulnerable to an 
unauthenticated SQ ...)
+       TODO: check
+CVE-2023-4122 (Student Information System v1.0 is vulnerable to an Insecure 
File Uplo ...)
+       TODO: check
+CVE-2023-48929 (Franklin Fueling Systems System Sentinel AnyWare (SSA) version 
1.6.24. ...)
+       TODO: check
+CVE-2023-48928 (Franklin Fueling Systems System Sentinel AnyWare (SSA) version 
1.6.24. ...)
+       TODO: check
+CVE-2023-48122 (An issue in microweber v.2.0.1 and fixed in v.2.0.4 allows a 
remote at ...)
+       TODO: check
+CVE-2023-46693 (Cross Site Scripting (XSS) vulnerability in FormaLMS before 
4.0.5 allo ...)
+       TODO: check
+CVE-2023-43744 (An OS command injection vulnerability in Zultys MX-SE, MX-SE 
II, MX-E, ...)
+       TODO: check
+CVE-2023-43743 (A SQL injection vulnerability in Zultys MX-SE, MX-SE II, MX-E, 
MX-Virt ...)
+       TODO: check
+CVE-2023-43742 (An authentication bypass in Zultys MX-SE, MX-SE II, MX-E, 
MX-Virtual,  ...)
+       TODO: check
+CVE-2023-43305 (An issue in studio kent mini-app on Line v13.6.1 allows 
attackers to s ...)
+       TODO: check
+CVE-2023-38174 (Microsoft Edge (Chromium-based) Information Disclosure 
Vulnerability)
+       TODO: check
+CVE-2023-36880 (Microsoft Edge (Chromium-based) Information Disclosure 
Vulnerability)
+       TODO: check
+CVE-2023-35618 (Microsoft Edge (Chromium-based) Elevation of Privilege 
Vulnerability)
+       TODO: check
+CVE-2023-32460 (Dell PowerEdge BIOS contains an improper privilege management 
security ...)
+       TODO: check
+CVE-2023-45866 (Bluetooth HID Hosts in BlueZ may permit an unauthenticated 
Peripheral  ...)
        - bluez <unfixed>
        NOTE: 
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=25a471a83e02e1effb15d5a488b3f0085eaeb675
 CVE-2023-6588 (Offline mode is always enabled, even if permission disallows 
it, in  D ...)
@@ -537,7 +583,7 @@ CVE-2023-5874 (The Popup box WordPress plugin before 3.8.6 
does not sanitise and
        NOT-FOR-US: WordPress plugin
 CVE-2023-5809 (The Popup box WordPress plugin before 3.8.6 does not sanitise 
and esca ...)
        NOT-FOR-US: WordPress plugin
-CVE-2023-5808 (Information disclosure in SMU in Hitachi Vantara HNAS 
14.8.7825.01 on  ...)
+CVE-2023-5808 (SMU versions prior to 14.8.7825.01 are susceptible to 
unintended infor ...)
        NOT-FOR-US: Hitachi
 CVE-2023-5762 (The Filr WordPress plugin before 1.2.3.6 is vulnerable from an 
RCE (Re ...)
        NOT-FOR-US: WordPress plugin
@@ -2198,7 +2244,7 @@ CVE-2023-48707 (CodeIgniter Shield is an authentication 
and authorization provid
        NOT-FOR-US: CodeIgniter Shield
 CVE-2023-48312 (capsule-proxy is a reverse proxy for the capsule operator 
project. Aff ...)
        NOT-FOR-US: capsule-proxy (reverse proxy for Capsule)
-CVE-2023-46575 (A SQL injection vulnerability in Meshery before 0.6.179 allows 
a remot ...)
+CVE-2023-46575 (A SQL injection vulnerability exists in Meshery prior to 
version v0.6. ...)
        NOT-FOR-US: Meshery
 CVE-2023-38914
        REJECTED
@@ -45990,8 +46036,8 @@ CVE-2023-26160
        RESERVED
 CVE-2023-26159
        RESERVED
-CVE-2023-26158
-       RESERVED
+CVE-2023-26158 (All versions of the package mockjs are vulnerable to Prototype 
Polluti ...)
+       TODO: check
 CVE-2023-26157
        RESERVED
 CVE-2023-26156 (Versions of the package chromedriver before 119.0.1 are 
vulnerable to  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e868bde364509a09eacb9df019a497ace5f6e201

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e868bde364509a09eacb9df019a497ace5f6e201
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to