Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c71995cb by security tracker role at 2023-12-25T20:12:07+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2023-49337 (Concrete CMS before 9.2.3 allows Stored XSS on the Admin
Dashboard via ...)
+ TODO: check
+CVE-2023-48653 (Concrete CMS before 8.5.14 and 9 before 9.2.3 allows Cross
Site Reques ...)
+ TODO: check
+CVE-2023-48651 (Concrete CMS 9 before 9.2.3 is vulnerable to Cross Site
Request Forger ...)
+ TODO: check
+CVE-2023-48650 (Concrete CMS before 8.5.14 and 9 before 9.2.3 is vulnerable to
an admi ...)
+ TODO: check
+CVE-2023-41165 (An issue was discovered in Stormshield Network Security (SNS)
3.7.0 th ...)
+ TODO: check
+CVE-2023-38321 (OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and
other p ...)
+ TODO: check
+CVE-2023-34198 (In Stormshield Network Security (SNS) 1.0.0 through 3.7.36
before 3.7. ...)
+ TODO: check
CVE-2023-7102 (Use of a Third Party library produced a vulnerability in
Barracuda Net ...)
NOT-FOR-US: Barracuda (its use of Spreadsheet::ParseExcel, cf.
CVE-2023-7102)
CVE-2023-7101 (Spreadsheet::ParseExcel version 0.65 is a Perl module used for
parsing ...)
@@ -47187,8 +47201,8 @@ CVE-2023-27153
RESERVED
CVE-2023-27152 (DECISO OPNsense 23.1 does not impose rate limits for
authentication, a ...)
NOT-FOR-US: DECISO OPNsense
-CVE-2023-27151
- RESERVED
+CVE-2023-27151 (openCRX 5.2.0 was discovered to contain an HTML injection
vulnerabilit ...)
+ TODO: check
CVE-2023-27150
RESERVED
CVE-2023-27149 (A stored cross-site scripting (XSS) vulnerability in
Enhancesoft osTic ...)
@@ -105958,10 +105972,10 @@ CVE-2022-2168 (The Download Manager WordPress
plugin before 3.2.44 does not esca
NOT-FOR-US: WordPress plugin
CVE-2022-2167 (The Newspaper WordPress theme before 12 does not sanitise a
parameter ...)
NOT-FOR-US: WordPress theme
-CVE-2022-34270
- RESERVED
-CVE-2022-34269
- RESERVED
+CVE-2022-34270 (An issue was discovered in RWS WorldServer before 11.7.3.
Regular user ...)
+ TODO: check
+CVE-2022-34269 (An issue was discovered in RWS WorldServer before 11.7.3. An
authentic ...)
+ TODO: check
CVE-2022-34268 (An issue was discovered in RWS WorldServer before 11.7.3.
/clientLogin ...)
NOT-FOR-US: RWS WorldServer
CVE-2022-34267 (An issue was discovered in RWS WorldServer before 11.7.3.
Adding a tok ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c71995cbd345786efadeb35939dbb14a12b47f6f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c71995cbd345786efadeb35939dbb14a12b47f6f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
