Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 5e97e19c by security tracker role at 2023-03-15T08:10:24+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,125 @@ +CVE-2023-28373 + RESERVED +CVE-2023-28372 + RESERVED +CVE-2023-28371 (In Stellarium through 1.2, attackers can write to files that are typic ...) + TODO: check +CVE-2023-28368 + RESERVED +CVE-2023-28366 + RESERVED +CVE-2023-28365 + RESERVED +CVE-2023-28364 + RESERVED +CVE-2023-28363 + RESERVED +CVE-2023-28362 + RESERVED +CVE-2023-28361 + RESERVED +CVE-2023-28360 + RESERVED +CVE-2023-28359 + RESERVED +CVE-2023-28358 + RESERVED +CVE-2023-28357 + RESERVED +CVE-2023-28356 + RESERVED +CVE-2023-28355 + RESERVED +CVE-2023-28354 + RESERVED +CVE-2023-28353 + RESERVED +CVE-2023-28352 + RESERVED +CVE-2023-28351 + RESERVED +CVE-2023-28350 + RESERVED +CVE-2023-28349 + RESERVED +CVE-2023-28348 + RESERVED +CVE-2023-28347 + RESERVED +CVE-2023-28346 + RESERVED +CVE-2023-28345 + RESERVED +CVE-2023-28344 + RESERVED +CVE-2023-28343 (OS command injection affects Altenergy Power Control Software C1.2.5 v ...) + TODO: check +CVE-2023-1408 + RESERVED +CVE-2023-1407 (A vulnerability classified as critical was found in SourceCodester Stu ...) + TODO: check +CVE-2023-1406 + RESERVED +CVE-2022-48420 + RESERVED +CVE-2022-48419 + RESERVED +CVE-2022-48418 + RESERVED +CVE-2022-48417 + RESERVED +CVE-2022-48416 + RESERVED +CVE-2022-48415 + RESERVED +CVE-2022-48414 + RESERVED +CVE-2022-48413 + RESERVED +CVE-2022-48412 + RESERVED +CVE-2022-48411 + RESERVED +CVE-2020-36690 + RESERVED +CVE-2020-36689 + RESERVED +CVE-2020-36688 + RESERVED +CVE-2020-36687 + RESERVED +CVE-2020-36686 + RESERVED +CVE-2020-36685 + RESERVED +CVE-2020-36684 + RESERVED +CVE-2020-36683 + RESERVED +CVE-2020-36682 + RESERVED +CVE-2020-36681 + RESERVED +CVE-2019-25125 + RESERVED +CVE-2019-25124 + RESERVED +CVE-2019-25123 + RESERVED +CVE-2019-25122 + RESERVED +CVE-2019-25121 + RESERVED +CVE-2019-25120 + RESERVED +CVE-2019-25119 + RESERVED +CVE-2019-25118 + RESERVED +CVE-2019-25117 + RESERVED +CVE-2019-25116 + RESERVED CVE-2023-28342 RESERVED CVE-2023-28341 @@ -994,8 +1116,8 @@ CVE-2023-1329 RESERVED CVE-2023-1328 (A vulnerability was found in Guizhou 115cms 4.2. It has been classifie ...) NOT-FOR-US: Guizhou 115cms -CVE-2023-1327 - RESERVED +CVE-2023-1327 (Netgear RAX30 (AX2400), prior to version 1.0.6.74, was affected by an ...) + TODO: check CVE-2023-1326 RESERVED CVE-2023-1325 @@ -1076,8 +1198,8 @@ CVE-2023-28007 RESERVED CVE-2023-28006 RESERVED -CVE-2023-28005 - RESERVED +CVE-2023-28005 (A vulnerability in Trend Micro Endpoint Encryption Full Disk Encryptio ...) + TODO: check CVE-2023-1307 (Authentication Bypass by Primary Weakness in GitHub repository froxlor ...) - froxlor <itp> (bug #581792) CVE-2023-1306 @@ -1925,8 +2047,8 @@ CVE-2023-27759 RESERVED CVE-2023-27758 RESERVED -CVE-2023-27757 - RESERVED +CVE-2023-27757 (An arbitrary file upload vulnerability in the /admin/user/uploadImg co ...) + TODO: check CVE-2023-27756 RESERVED CVE-2023-27755 @@ -2310,8 +2432,8 @@ CVE-2023-27592 RESERVED CVE-2023-27591 RESERVED -CVE-2023-27590 - RESERVED +CVE-2023-27590 (Rizin is a UNIX-like reverse engineering framework and command-line to ...) + TODO: check CVE-2023-27589 (Minio is a Multi-Cloud Object Storage framework. Starting with RELEASE ...) TODO: check CVE-2023-27588 (Hasura is an open-source product that provides users GraphQL or REST A ...) @@ -3380,20 +3502,20 @@ CVE-2023-27242 RESERVED CVE-2023-27241 RESERVED -CVE-2023-27240 - RESERVED -CVE-2023-27239 - RESERVED +CVE-2023-27240 (Tenda AX3 V16.03.12.11 was discovered to contain a command injection v ...) + TODO: check +CVE-2023-27239 (Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via ...) + TODO: check CVE-2023-27238 RESERVED CVE-2023-27237 RESERVED CVE-2023-27236 RESERVED -CVE-2023-27235 - RESERVED -CVE-2023-27234 - RESERVED +CVE-2023-27235 (An arbitrary file upload vulnerability in the \admin\c\CommonControlle ...) + TODO: check +CVE-2023-27234 (A Cross-Site Request Forgery (CSRF) in /Sys/index.html of Jizhicms v2. ...) + TODO: check CVE-2023-27233 RESERVED CVE-2023-27232 @@ -5002,8 +5124,8 @@ CVE-2023-0998 (A vulnerability classified as critical has been found in SourceCo NOT-FOR-US: SourceCodester Alphaware Simple E-Commerce System CVE-2023-0997 (A vulnerability was found in SourceCodester Moosikay E-Commerce System ...) NOT-FOR-US: SourceCodester Moosikay E-Commerce System -CVE-2023-26511 - RESERVED +CVE-2023-26511 (A Hard Coded Admin Credentials issue in the Web-UI Admin Panel in Prop ...) + TODO: check CVE-2023-26510 (Ghost 5.35.0 allows authorization bypass: contributors can view draft ...) NOT-FOR-US: Ghost CMS CVE-2023-26509 @@ -5683,8 +5805,8 @@ CVE-2023-26264 RESERVED CVE-2023-26263 RESERVED -CVE-2023-26262 - RESERVED +CVE-2023-26262 (An issue was discovered in Sitecore XP/XM 10.3. As an authenticated Si ...) + TODO: check CVE-2023-26261 (In UBIKA WAAP Gateway/Cloud through 6.10, a blind XPath injection lead ...) NOT-FOR-US: UBIKA WAAP Gateway/Cloud CVE-2023-26260 @@ -35273,6 +35395,7 @@ CVE-2022-43445 RESERVED CVE-2022-43441 RESERVED + {DSA-5373-1} - node-sqlite3 5.1.5+ds1-1 NOTE: https://github.com/TryGhost/node-sqlite3/security/advisories/GHSA-jqv5-7xpx-qj74 NOTE: Fixed by: https://github.com/TryGhost/node-sqlite3/commit/edb1934dd222ae55632e120d8f64552d5191c781 (v5.1.5) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e97e19c822efff90e4bb2ee1d42010866df4f1f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e97e19c822efff90e4bb2ee1d42010866df4f1f You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits