Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b835b1fd by security tracker role at 2023-10-29T08:11:52+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2023-5840 (Weak Password Recovery Mechanism for Forgotten Password in
GitHub repo ...)
+ TODO: check
+CVE-2023-5839 (Privilege Chaining in GitHub repository hestiacp/hestiacp prior
to 1.8 ...)
+ TODO: check
+CVE-2023-5838 (Insufficient Session Expiration in GitHub repository
linkstackorg/link ...)
+ TODO: check
+CVE-2023-5837 (A vulnerability classified as problematic was found in
AlexanderLivano ...)
+ TODO: check
+CVE-2023-5836 (A vulnerability was found in SourceCodester Task Reminder
System 1.0. ...)
+ TODO: check
+CVE-2023-46862 (An issue was discovered in the Linux kernel through 6.5.9.
During a ra ...)
+ TODO: check
+CVE-2023-46858 (Moodle 4.3 allows /grade/report/grader/index.php?searchvalue=
reflecte ...)
+ TODO: check
+CVE-2023-46854 (Proxmox proxmox-widget-toolkit before 4.0.9, as used in
multiple Proxm ...)
+ TODO: check
+CVE-2023-45897 (exfatprogs before 1.2.2 allows out-of-bounds memory access,
such as in ...)
+ TODO: check
+CVE-2023-43041 (IBM QRadar SIEM 7.5 is vulnerable to information exposure
allowing a d ...)
+ TODO: check
+CVE-2023-40686 (Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5
Navigator c ...)
+ TODO: check
+CVE-2023-40685 (Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5
Navigator c ...)
+ TODO: check
CVE-2023-5835 (A vulnerability classified as problematic was found in hu60t
hu60wap6. ...)
TODO: check
CVE-2023-5426 (The Post Meta Data Manager plugin for WordPress is vulnerable
to unaut ...)
@@ -330,6 +354,7 @@ CVE-2023-46435 (Sourcecodester Packers and Movers
Management System v1.0 is vuln
CVE-2023-46238 (ZITADEL is an identity infrastructure management system.
ZITADEL users ...)
NOT-FOR-US: ZITADEL
CVE-2023-46234 (browserify-sign is a package to duplicate the functionality of
node's ...)
+ {DLA-3635-1}
- node-browserify-sign 4.2.2-1 (bug #1054667)
NOTE:
https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw
NOTE:
https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30
(v4.2.2)
@@ -169560,16 +169585,16 @@ CVE-2021-33640 (After tar_close(), libtar.c
releases the memory pointed to by po
NOT-FOR-US: OpenEuler
CVE-2021-33639 (REMAP cmd of SVM driver can be used to remap read only memory
as read- ...)
NOT-FOR-US: OpenEuler
-CVE-2021-33638
- RESERVED
-CVE-2021-33637
- RESERVED
-CVE-2021-33636
- RESERVED
-CVE-2021-33635
- RESERVED
-CVE-2021-33634
- RESERVED
+CVE-2021-33638 (When the isula cp command is used to copy files from a
container to a ...)
+ TODO: check
+CVE-2021-33637 (When the isula export command is used to export a container to
an imag ...)
+ TODO: check
+CVE-2021-33636 (When the isula load command is used to load malicious images,
attacker ...)
+ TODO: check
+CVE-2021-33635 (When malicious images are pulled by isula pull, attackers can
execute ...)
+ TODO: check
+CVE-2021-33634 (iSulad uses the lcr+lxc runtime (default) to run malicious
images, whi ...)
+ TODO: check
CVE-2021-33633
RESERVED
CVE-2021-33632
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b835b1fdc41bd58af6cc62ac842dc688edd3dfc1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b835b1fdc41bd58af6cc62ac842dc688edd3dfc1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
