[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sun, 11 Jun 2023 13:12:56 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
28c68f97 by security tracker role at 2023-06-11T20:12:34+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2023-3192 (Session Fixation in GitHub repository froxlor/froxlor prior to 
2.1.0.)
+       TODO: check
 CVE-2023-3191 (Cross-site Scripting (XSS) - Stored in GitHub repository 
nilsteampassn ...)
        - teampass <itp> (bug #730180)
 CVE-2023-3190 (Improper Encoding or Escaping of Output in GitHub repository 
nilsteamp ...)
@@ -583,7 +585,7 @@ CVE-2023-34417
        - firefox 114.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-20/#CVE-2023-34417
 CVE-2023-34416
-       {DSA-5421-1 DLA-3448-1}
+       {DSA-5423-1 DSA-5421-1 DLA-3448-1}
        - firefox 114.0-1
        - firefox-esr 102.12.0esr-1
        - thunderbird 1:102.12.0-1
@@ -594,7 +596,7 @@ CVE-2023-34415
        - firefox 114.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-20/#CVE-2023-34415
 CVE-2023-34414
-       {DSA-5421-1 DLA-3448-1}
+       {DSA-5423-1 DSA-5421-1 DLA-3448-1}
        - firefox 114.0-1
        - firefox-esr 102.12.0esr-1
        - thunderbird 1:102.12.0-1
@@ -19555,10 +19557,10 @@ CVE-2023-25914
        RESERVED
 CVE-2023-25913
        RESERVED
-CVE-2023-25912
-       RESERVED
-CVE-2023-25911
-       RESERVED
+CVE-2023-25912 (The webreport generation feature in the Danfoss AK-EM100 
allows an una ...)
+       TODO: check
+CVE-2023-25911 (The Danfoss AK-EM100 web applications allow for OS command 
injection t ...)
+       TODO: check
 CVE-2023-25910
        RESERVED
 CVE-2023-0872
@@ -30100,16 +30102,16 @@ CVE-2023-0042 (An issue has been discovered in GitLab 
CE/EE affecting all versio
        - gitlab <unfixed>
 CVE-2023-0041 (IBM Security Guardium 11.5 could allow a user to take over 
another use ...)
        NOT-FOR-US: IBM
-CVE-2023-22586
-       RESERVED
-CVE-2023-22585
-       RESERVED
-CVE-2023-22584
-       RESERVED
-CVE-2023-22583
-       RESERVED
-CVE-2023-22582
-       RESERVED
+CVE-2023-22586 (The Danfoss AK-EM100 web applications allow for Local File 
Inclusion i ...)
+       TODO: check
+CVE-2023-22585 (The Danfoss AK-EM100 web applications allow for Reflected 
Cross-Site S ...)
+       TODO: check
+CVE-2023-22584 (The Danfoss AK-EM100 stores login credentials in cleartext.)
+       TODO: check
+CVE-2023-22583 (The Danfoss AK-EM100 web forms allow for SQL injection in the 
login fo ...)
+       TODO: check
+CVE-2023-22582 (The Danfoss AK-EM100 web applications allow for Reflected 
Cross-Site S ...)
+       TODO: check
 CVE-2023-22581 (White Rabbit Switch contains a vulnerability which makes it 
possible f ...)
        NOT-FOR-US: White Rabbit Switch
 CVE-2023-22580 (Due to improper input filtering in the sequalize js library, 
can malic ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28c68f9773f7d57a2c82f7e791c470ca23336424

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28c68f9773f7d57a2c82f7e791c470ca23336424
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to