[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Mon, 05 Jun 2023 01:12:47 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
df7315a7 by security tracker role at 2023-06-05T08:12:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2023-3100 (A vulnerability, which was classified as critical, has been 
found in I ...)
+       TODO: check
+CVE-2023-3099 (A vulnerability classified as critical was found in KylinSoft 
youker-a ...)
+       TODO: check
+CVE-2023-3098 (A vulnerability classified as critical has been found in 
KylinSoft you ...)
+       TODO: check
+CVE-2023-3097 (A vulnerability was found in KylinSoft 
kylin-software-properties on Ky ...)
+       TODO: check
+CVE-2023-3096 (A vulnerability was found in KylinSoft 
kylin-software-properties on Ky ...)
+       TODO: check
+CVE-2023-34411 (The xml-rs crate before 0.8.14 for Rust and Crab allows a 
denial of se ...)
+       TODO: check
+CVE-2023-34410 (An issue was discovered in Qt before 5.15.15, 6.x before 
6.2.9, and 6. ...)
+       TODO: check
+CVE-2023-34407 (OfflinePlayerService.exe in Harbinger Offline Player 4.0.6.0.2 
allows  ...)
+       TODO: check
+CVE-2023-32334 (IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 and IBM Maximo 
Applicatio ...)
+       TODO: check
+CVE-2015-10112 (A vulnerability classified as problematic has been found in 
WooFramewo ...)
+       TODO: check
+CVE-2014-125105 (A vulnerability was found in Broken Link Checker Plugin up to 
1.10.1 o ...)
+       TODO: check
 CVE-2023-3095 (Improper Access Control in GitHub repository 
nilsteampassnet/teampass  ...)
        - teampass <itp> (bug #730180)
 CVE-2023-3094 (A vulnerability classified as critical has been found in 
code-projects ...)
@@ -1438,7 +1460,7 @@ CVE-2023-32762 (An issue was discovered in Qt before 
5.15.14, 6.x before 6.2.9,
        - qtbase-opensource-src 5.15.8+dfsg-10
        - qtbase-opensource-src-gles <not-affected> (Not built in GLES variant)
        NOTE: 
https://github.com/qt/qtbase/commit/1b736a815be0222f4b24289cf17575fc15707305
-CVE-2023-34408 [XSS in RSS syntax]
+CVE-2023-34408 (DokuWiki before 2023-04-04a allows XSS via RSS titles.)
        - dokuwiki 0.0.20220731.a-2 (bug #1036279)
        [bullseye] - dokuwiki <no-dsa> (Minor issue)
        NOTE: https://github.com/dokuwiki/dokuwiki/pull/3967
@@ -13383,8 +13405,8 @@ CVE-2023-27863 (IBM Spectrum Protect Plus Server 
10.1.13, under specific configu
        NOT-FOR-US: IBM
 CVE-2023-27862
        RESERVED
-CVE-2023-27861
-       RESERVED
+CVE-2023-27861 (IBM Maximo Application Suite - Manage Component 8.8.0 and 
8.9.0 transm ...)
+       TODO: check
 CVE-2023-27860 (IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could disclose 
sensiti ...)
        NOT-FOR-US: IBM
 CVE-2023-27859
@@ -15154,8 +15176,8 @@ CVE-2023-27287
        RESERVED
 CVE-2023-27286 (IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are 
vulnerable to  ...)
        NOT-FOR-US: IBM
-CVE-2023-27285
-       RESERVED
+CVE-2023-27285 (IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 is 
vulnerable to a ...)
+       TODO: check
 CVE-2023-27284 (IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are 
vulnerable to  ...)
        NOT-FOR-US: IBM
 CVE-2023-27283
@@ -21490,10 +21512,10 @@ CVE-2023-0638 (A vulnerability has been found in 
TRENDnet TEW-811DRU 1.0.10.0 an
        NOT-FOR-US: TRENDnet
 CVE-2023-0637 (A vulnerability, which was classified as critical, was found in 
TRENDn ...)
        NOT-FOR-US: TRENDnet
-CVE-2023-0636
-       RESERVED
-CVE-2023-0635
-       RESERVED
+CVE-2023-0636 (Improper Input Validation vulnerability in ABB Ltd. 
ASPECT\xae-Enterpr ...)
+       TODO: check
+CVE-2023-0635 (Improper Privilege Management vulnerability in ABB Ltd. 
ASPECT\xae-Ent ...)
+       TODO: check
 CVE-2023-25136 (OpenSSH server (sshd) 9.1 introduced a double-free 
vulnerability durin ...)
        - openssh 1:9.2p1-1
        [bullseye] - openssh <not-affected> (Vulnerable code not present)
@@ -28172,8 +28194,8 @@ CVE-2023-22864
        RESERVED
 CVE-2023-22863 (IBM Robotic Process Automation 20.12.0 through 21.0.2 defaults 
to HTTP ...)
        NOT-FOR-US: IBM
-CVE-2023-22862
-       RESERVED
+CVE-2023-22862 (IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits 
authenti ...)
+       TODO: check
 CVE-2023-22861
        RESERVED
 CVE-2023-22860 (IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 
19.0.1,  ...)
@@ -29281,8 +29303,8 @@ CVE-2023-0043 (The Custom Add User WordPress plugin 
through 2.0.2 does not sanit
        NOT-FOR-US: WordPress plugin
 CVE-2023-0042 (An issue has been discovered in GitLab CE/EE affecting all 
versions st ...)
        - gitlab <unfixed>
-CVE-2023-0041
-       RESERVED
+CVE-2023-0041 (IBM Security Guardium 11.5 could allow a user to take over 
another use ...)
+       TODO: check
 CVE-2023-22586
        RESERVED
 CVE-2023-22585



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df7315a78095979d023a6b629e87b04051481f51

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df7315a78095979d023a6b629e87b04051481f51
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to