Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5e97e19c by security tracker role at 2023-03-15T08:10:24+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,125 @@
+CVE-2023-28373
+ RESERVED
+CVE-2023-28372
+ RESERVED
+CVE-2023-28371 (In Stellarium through 1.2, attackers can write to files that
are typic ...)
+ TODO: check
+CVE-2023-28368
+ RESERVED
+CVE-2023-28366
+ RESERVED
+CVE-2023-28365
+ RESERVED
+CVE-2023-28364
+ RESERVED
+CVE-2023-28363
+ RESERVED
+CVE-2023-28362
+ RESERVED
+CVE-2023-28361
+ RESERVED
+CVE-2023-28360
+ RESERVED
+CVE-2023-28359
+ RESERVED
+CVE-2023-28358
+ RESERVED
+CVE-2023-28357
+ RESERVED
+CVE-2023-28356
+ RESERVED
+CVE-2023-28355
+ RESERVED
+CVE-2023-28354
+ RESERVED
+CVE-2023-28353
+ RESERVED
+CVE-2023-28352
+ RESERVED
+CVE-2023-28351
+ RESERVED
+CVE-2023-28350
+ RESERVED
+CVE-2023-28349
+ RESERVED
+CVE-2023-28348
+ RESERVED
+CVE-2023-28347
+ RESERVED
+CVE-2023-28346
+ RESERVED
+CVE-2023-28345
+ RESERVED
+CVE-2023-28344
+ RESERVED
+CVE-2023-28343 (OS command injection affects Altenergy Power Control Software
C1.2.5 v ...)
+ TODO: check
+CVE-2023-1408
+ RESERVED
+CVE-2023-1407 (A vulnerability classified as critical was found in
SourceCodester Stu ...)
+ TODO: check
+CVE-2023-1406
+ RESERVED
+CVE-2022-48420
+ RESERVED
+CVE-2022-48419
+ RESERVED
+CVE-2022-48418
+ RESERVED
+CVE-2022-48417
+ RESERVED
+CVE-2022-48416
+ RESERVED
+CVE-2022-48415
+ RESERVED
+CVE-2022-48414
+ RESERVED
+CVE-2022-48413
+ RESERVED
+CVE-2022-48412
+ RESERVED
+CVE-2022-48411
+ RESERVED
+CVE-2020-36690
+ RESERVED
+CVE-2020-36689
+ RESERVED
+CVE-2020-36688
+ RESERVED
+CVE-2020-36687
+ RESERVED
+CVE-2020-36686
+ RESERVED
+CVE-2020-36685
+ RESERVED
+CVE-2020-36684
+ RESERVED
+CVE-2020-36683
+ RESERVED
+CVE-2020-36682
+ RESERVED
+CVE-2020-36681
+ RESERVED
+CVE-2019-25125
+ RESERVED
+CVE-2019-25124
+ RESERVED
+CVE-2019-25123
+ RESERVED
+CVE-2019-25122
+ RESERVED
+CVE-2019-25121
+ RESERVED
+CVE-2019-25120
+ RESERVED
+CVE-2019-25119
+ RESERVED
+CVE-2019-25118
+ RESERVED
+CVE-2019-25117
+ RESERVED
+CVE-2019-25116
+ RESERVED
CVE-2023-28342
RESERVED
CVE-2023-28341
@@ -994,8 +1116,8 @@ CVE-2023-1329
RESERVED
CVE-2023-1328 (A vulnerability was found in Guizhou 115cms 4.2. It has been
classifie ...)
NOT-FOR-US: Guizhou 115cms
-CVE-2023-1327
- RESERVED
+CVE-2023-1327 (Netgear RAX30 (AX2400), prior to version 1.0.6.74, was affected
by an ...)
+ TODO: check
CVE-2023-1326
RESERVED
CVE-2023-1325
@@ -1076,8 +1198,8 @@ CVE-2023-28007
RESERVED
CVE-2023-28006
RESERVED
-CVE-2023-28005
- RESERVED
+CVE-2023-28005 (A vulnerability in Trend Micro Endpoint Encryption Full Disk
Encryptio ...)
+ TODO: check
CVE-2023-1307 (Authentication Bypass by Primary Weakness in GitHub repository
froxlor ...)
- froxlor <itp> (bug #581792)
CVE-2023-1306
@@ -1925,8 +2047,8 @@ CVE-2023-27759
RESERVED
CVE-2023-27758
RESERVED
-CVE-2023-27757
- RESERVED
+CVE-2023-27757 (An arbitrary file upload vulnerability in the
/admin/user/uploadImg co ...)
+ TODO: check
CVE-2023-27756
RESERVED
CVE-2023-27755
@@ -2310,8 +2432,8 @@ CVE-2023-27592
RESERVED
CVE-2023-27591
RESERVED
-CVE-2023-27590
- RESERVED
+CVE-2023-27590 (Rizin is a UNIX-like reverse engineering framework and
command-line to ...)
+ TODO: check
CVE-2023-27589 (Minio is a Multi-Cloud Object Storage framework. Starting with
RELEASE ...)
TODO: check
CVE-2023-27588 (Hasura is an open-source product that provides users GraphQL
or REST A ...)
@@ -3380,20 +3502,20 @@ CVE-2023-27242
RESERVED
CVE-2023-27241
RESERVED
-CVE-2023-27240
- RESERVED
-CVE-2023-27239
- RESERVED
+CVE-2023-27240 (Tenda AX3 V16.03.12.11 was discovered to contain a command
injection v ...)
+ TODO: check
+CVE-2023-27239 (Tenda AX3 V16.03.12.11 was discovered to contain a stack
overflow via ...)
+ TODO: check
CVE-2023-27238
RESERVED
CVE-2023-27237
RESERVED
CVE-2023-27236
RESERVED
-CVE-2023-27235
- RESERVED
-CVE-2023-27234
- RESERVED
+CVE-2023-27235 (An arbitrary file upload vulnerability in the
\admin\c\CommonControlle ...)
+ TODO: check
+CVE-2023-27234 (A Cross-Site Request Forgery (CSRF) in /Sys/index.html of
Jizhicms v2. ...)
+ TODO: check
CVE-2023-27233
RESERVED
CVE-2023-27232
@@ -5002,8 +5124,8 @@ CVE-2023-0998 (A vulnerability classified as critical has
been found in SourceCo
NOT-FOR-US: SourceCodester Alphaware Simple E-Commerce System
CVE-2023-0997 (A vulnerability was found in SourceCodester Moosikay E-Commerce
System ...)
NOT-FOR-US: SourceCodester Moosikay E-Commerce System
-CVE-2023-26511
- RESERVED
+CVE-2023-26511 (A Hard Coded Admin Credentials issue in the Web-UI Admin Panel
in Prop ...)
+ TODO: check
CVE-2023-26510 (Ghost 5.35.0 allows authorization bypass: contributors can
view draft ...)
NOT-FOR-US: Ghost CMS
CVE-2023-26509
@@ -5683,8 +5805,8 @@ CVE-2023-26264
RESERVED
CVE-2023-26263
RESERVED
-CVE-2023-26262
- RESERVED
+CVE-2023-26262 (An issue was discovered in Sitecore XP/XM 10.3. As an
authenticated Si ...)
+ TODO: check
CVE-2023-26261 (In UBIKA WAAP Gateway/Cloud through 6.10, a blind XPath
injection lead ...)
NOT-FOR-US: UBIKA WAAP Gateway/Cloud
CVE-2023-26260
@@ -35273,6 +35395,7 @@ CVE-2022-43445
RESERVED
CVE-2022-43441
RESERVED
+ {DSA-5373-1}
- node-sqlite3 5.1.5+ds1-1
NOTE:
https://github.com/TryGhost/node-sqlite3/security/advisories/GHSA-jqv5-7xpx-qj74
NOTE: Fixed by:
https://github.com/TryGhost/node-sqlite3/commit/edb1934dd222ae55632e120d8f64552d5191c781
(v5.1.5)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e97e19c822efff90e4bb2ee1d42010866df4f1f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e97e19c822efff90e4bb2ee1d42010866df4f1f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
