Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 5c41ccf0 by Moritz Muehlenhoff at 2024-05-08T09:52:50+02:00 more bluez issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1363,21 +1363,25 @@ CVE-2023-51598 (Hancom Office Word DOC File Parsing Use-After-Free Remote Code E CVE-2023-51597 (Kofax Power PDF U3D File Parsing Out-Of-Bounds Write Remote Code Execu ...) NOT-FOR-US: Kofax Power PDF CVE-2023-51596 (BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code ...) - TODO: check + - bluez <unfixed> + NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1902/ CVE-2023-51595 (Voltronic Power ViewPower Pro selectDeviceListBy SQL Injection Remote ...) NOT-FOR-US: Voltronic Power ViewPower Pro CVE-2023-51594 (BlueZ OBEX Library Out-Of-Bounds Read Information Disclosure Vulnerabi ...) - TODO: check + - bluez <unfixed> + NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1901/ CVE-2023-51593 (Voltronic Power ViewPower Pro Expression Language Injection Remote Cod ...) NOT-FOR-US: Voltronic Power ViewPower Pro CVE-2023-51592 (BlueZ Audio Profile AVRCP parse_media_folder Out-Of-Bounds Read Inform ...) - TODO: check + - bluez <unfixed> + NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1905/ CVE-2023-51591 (Voltronic Power ViewPower Pro doDocument XML External Entity Processin ...) NOT-FOR-US: Voltronic Power ViewPower Pro CVE-2023-51590 (Voltronic Power ViewPower Pro UpLoadAction Unrestricted File Upload Re ...) NOT-FOR-US: Voltronic Power ViewPower Pro CVE-2023-51589 (BlueZ Audio Profile AVRCP parse_media_element Out-Of-Bounds Read Infor ...) - TODO: check + - bluez <unfixed> + NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1904/ CVE-2023-51588 (Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Loca ...) NOT-FOR-US: Voltronic Power ViewPower Pro CVE-2023-51587 (Voltronic Power ViewPower getModbusPassword Missing Authentication Inf ...) @@ -1395,7 +1399,8 @@ CVE-2023-51582 (Voltronic Power ViewPower LinuxMonitorConsole Exposed Dangerous CVE-2023-51581 (Voltronic Power ViewPower MacMonitorConsole Exposed Dangerous Method R ...) NOT-FOR-US: Voltronic Power ViewPower CVE-2023-51580 (BlueZ Audio Profile AVRCP avrcp_parse_attribute_list Out-Of-Bounds Rea ...) - TODO: check + - bluez <unfixed> + NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1903/ CVE-2023-51579 (Voltronic Power ViewPower Incorrect Permission Assignment Local Privil ...) NOT-FOR-US: Voltronic Power ViewPower CVE-2023-51578 (Voltronic Power ViewPower MonitorConsole Exposed Dangerous Method Deni ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c41ccf09834b9411661a42c0f13fad3bf20ce6d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c41ccf09834b9411661a42c0f13fad3bf20ce6d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits