Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: e740c12a by security tracker role at 2023-08-09T08:12:16+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,63 @@ +CVE-2023-4243 (The FULL - Customer plugin for WordPress is vulnerable to Arbitrary Fi ...) + TODO: check +CVE-2023-4242 (The FULL - Customer plugin for WordPress is vulnerable to Information ...) + TODO: check +CVE-2023-4239 (The Real Estate Manager plugin for WordPress is vulnerable to privileg ...) + TODO: check +CVE-2023-3632 (Use of Hard-coded Cryptographic Key vulnerability in Sifir Bes Educati ...) + TODO: check +CVE-2023-39951 (OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrum ...) + TODO: check +CVE-2023-39910 (The cryptocurrency wallet entropy seeding mechanism used in Libbitcoin ...) + TODO: check +CVE-2023-39341 ("FFRI yarai", "FFRI yarai Home and Business Edition" and their OEM pro ...) + TODO: check +CVE-2023-39214 (Exposure of sensitive information in Zoom Client SDK's before 5.15.5 m ...) + TODO: check +CVE-2023-39213 (Improper neutralization of special elements in Zoom Desktop Client for ...) + TODO: check +CVE-2023-39212 (Untrusted search path in Zoom Rooms for Windows before version 5.15.5 ...) + TODO: check +CVE-2023-39211 (Improper privilege management in Zoom Desktop Client for Windows and Z ...) + TODO: check +CVE-2023-39210 (Cleartext storage of sensitive information in Zoom Client SDK for Wind ...) + TODO: check +CVE-2023-39209 (Improper input validation in Zoom Desktop Client for Windows before 5. ...) + TODO: check +CVE-2023-38752 (Improper authorization vulnerability in Special Interest Group Network ...) + TODO: check +CVE-2023-38751 (Improper authorization vulnerability in Special Interest Group Network ...) + TODO: check +CVE-2023-38209 (Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) ...) + TODO: check +CVE-2023-38208 (Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) ...) + TODO: check +CVE-2023-38207 (Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) ...) + TODO: check +CVE-2023-37864 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0 ...) + TODO: check +CVE-2023-37863 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0 ...) + TODO: check +CVE-2023-37862 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0 ...) + TODO: check +CVE-2023-37861 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0 ...) + TODO: check +CVE-2023-37860 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0 ...) + TODO: check +CVE-2023-37859 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0 ...) + TODO: check +CVE-2023-37858 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0 ...) + TODO: check +CVE-2023-37857 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0 ...) + TODO: check +CVE-2023-37856 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0 ...) + TODO: check +CVE-2023-37855 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0 ...) + TODO: check +CVE-2023-33934 (Improper Input Validation vulnerability in Apache Software Foundation ...) + TODO: check +CVE-2023-2905 (Due to a failure in validating the length of a provided MQTT_CMD_PUBLI ...) + TODO: check CVE-2023-4219 (A vulnerability was found in SourceCodester Doctors Appointment System ...) NOT-FOR-US: SourceCodester Doctors Appointment System CVE-2023-4203 (Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affect ...) @@ -5342,6 +5402,7 @@ CVE-2023-34487 (itsourcecode Online Hotel Management System Project In PHP v1.0. CVE-2023-34486 (itsourcecode Online Hotel Management System Project In PHP v1.0.0 is v ...) NOT-FOR-US: itsourcecode Online Hotel Management System Project CVE-2023-33466 (Orthanc before 1.12.0 allows authenticated users with access to the Or ...) + {DSA-5473-1} - orthanc 1.12.1+dfsg-1 (bug #1040597) [buster] - orthanc <no-dsa> (Requires new configuration variable) NOTE: https://discourse.orthanc-server.org/t/security-advisory-for-orthanc-deployments-running-versions-before-1-12-0/3568 @@ -26168,8 +26229,8 @@ CVE-2023-26312 RESERVED CVE-2023-26311 RESERVED -CVE-2023-26310 - RESERVED +CVE-2023-26310 (There is a command injection problem in the old version of the mobile ...) + TODO: check CVE-2023-26309 RESERVED CVE-2023-26308 @@ -31979,8 +32040,8 @@ CVE-2023-24483 (A vulnerability has been identified that, if exploited, could re NOT-FOR-US: Citrix CVE-2023-24482 (A vulnerability has been identified in COMOS V10.2 (All versions), COM ...) NOT-FOR-US: Siemens -CVE-2023-24477 - RESERVED +CVE-2023-24477 (In certain conditions, depending on timing and the usage of the Chrome ...) + TODO: check CVE-2023-24471 RESERVED CVE-2023-24015 @@ -31991,8 +32052,8 @@ CVE-2023-23574 RESERVED CVE-2023-22843 RESERVED -CVE-2023-22378 - RESERVED +CVE-2023-22378 (A blind SQL Injection vulnerability in Nozomi Networks Guardian and CM ...) + TODO: check CVE-2023-0479 RESERVED CVE-2023-0478 @@ -43423,8 +43484,8 @@ CVE-2022-47187 RESERVED CVE-2022-47186 RESERVED -CVE-2022-47185 - RESERVED +CVE-2022-47185 (Improper input validation vulnerability on the range header in Apache ...) + TODO: check CVE-2022-47184 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) {DSA-5435-1 DLA-3475-1} - trafficserver 9.2.1+ds-1 (bug #1038248) @@ -336552,6 +336613,7 @@ CVE-2018-17438 (A SIGFPE signal is raised in the function H5D__select_io() of H5 NOTE: fix in develop branch: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/7add52ff4f2443357648d53d52add274d1b18b5f NOTE: Negligible security impact CVE-2018-17437 (Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in ...) + {DLA-3522-1} - hdf5 1.10.6+repack-2 (low) [stretch] - hdf5 <no-dsa> (Minor issue) [jessie] - hdf5 <ignored> (Minor issue) @@ -336571,6 +336633,7 @@ CVE-2018-17435 (A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c NOTE: Negligible security impact NOTE: Fixed for 1.10.x in 1.10.7: https://forum.hdfgroup.org/t/release-of-hdf5-1-10-7-newsletter-175-the-hdf-group/7511 CVE-2018-17434 (A SIGFPE signal is raised in the function apply_filters() of h5repack_ ...) + {DLA-3522-1} - hdf5 1.10.6+repack-2 (low) [stretch] - hdf5 <no-dsa> (Minor issue) [jessie] - hdf5 <ignored> (Minor issue) @@ -337013,6 +337076,7 @@ CVE-2018-17239 CVE-2018-17238 RESERVED CVE-2018-17237 (A SIGFPE signal is raised in the function H5D__chunk_set_info_real() o ...) + {DLA-3522-1} - hdf5 1.10.6+repack-2 (low) [stretch] - hdf5 <no-dsa> (Minor issue) [jessie] - hdf5 <ignored> (Minor issue) @@ -337031,6 +337095,7 @@ CVE-2018-17235 (The function mp4v2::impl::MP4Track::FinishSdtp() in mp4track.cpp [jessie] - mp4v2 <ignored> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1629451 CVE-2018-17234 (Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in ...) + {DLA-3522-1} - hdf5 1.10.6+repack-2 (low) [stretch] - hdf5 <no-dsa> (Minor issue) [jessie] - hdf5 <ignored> (Minor issue) @@ -337039,6 +337104,7 @@ CVE-2018-17234 (Memory leak in the H5O__chunk_deserialize() function in H5Ocache NOTE: does not appear in 1.10.5 release notes, but fixed in NOTE: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/f4138013dbc6851e968ea3d37b32776538ef306b CVE-2018-17233 (A SIGFPE signal is raised in the function H5D__create_chunk_file_map_h ...) + {DLA-3522-1} - hdf5 1.10.6+repack-2 (low) [stretch] - hdf5 <no-dsa> (Minor issue) [jessie] - hdf5 <ignored> (Minor issue) @@ -353333,6 +353399,7 @@ CVE-2018-11207 (A division by zero was discovered in H5D__chunk_init in H5Dchunk NOTE: https://jira.hdfgroup.org/browse/HDFFV-10481 NOTE: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/d0362ce438aef8ad690d5b084d929403c9877107 CVE-2018-11206 (An out of bounds read was discovered in H5O_fill_new_decode and H5O_fi ...) + {DLA-3522-1} - hdf5 1.10.8+repack-1 (low) [bullseye] - hdf5 <no-dsa> (Minor issue) [stretch] - hdf5 <no-dsa> (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e740c12a4d5ea065987146692b5cbf376328185e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e740c12a4d5ea065987146692b5cbf376328185e You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits