Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 28c68f97 by security tracker role at 2023-06-11T20:12:34+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,5 @@ +CVE-2023-3192 (Session Fixation in GitHub repository froxlor/froxlor prior to 2.1.0.) + TODO: check CVE-2023-3191 (Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassn ...) - teampass <itp> (bug #730180) CVE-2023-3190 (Improper Encoding or Escaping of Output in GitHub repository nilsteamp ...) @@ -583,7 +585,7 @@ CVE-2023-34417 - firefox 114.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-20/#CVE-2023-34417 CVE-2023-34416 - {DSA-5421-1 DLA-3448-1} + {DSA-5423-1 DSA-5421-1 DLA-3448-1} - firefox 114.0-1 - firefox-esr 102.12.0esr-1 - thunderbird 1:102.12.0-1 @@ -594,7 +596,7 @@ CVE-2023-34415 - firefox 114.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-20/#CVE-2023-34415 CVE-2023-34414 - {DSA-5421-1 DLA-3448-1} + {DSA-5423-1 DSA-5421-1 DLA-3448-1} - firefox 114.0-1 - firefox-esr 102.12.0esr-1 - thunderbird 1:102.12.0-1 @@ -19555,10 +19557,10 @@ CVE-2023-25914 RESERVED CVE-2023-25913 RESERVED -CVE-2023-25912 - RESERVED -CVE-2023-25911 - RESERVED +CVE-2023-25912 (The webreport generation feature in the Danfoss AK-EM100 allows an una ...) + TODO: check +CVE-2023-25911 (The Danfoss AK-EM100 web applications allow for OS command injection t ...) + TODO: check CVE-2023-25910 RESERVED CVE-2023-0872 @@ -30100,16 +30102,16 @@ CVE-2023-0042 (An issue has been discovered in GitLab CE/EE affecting all versio - gitlab <unfixed> CVE-2023-0041 (IBM Security Guardium 11.5 could allow a user to take over another use ...) NOT-FOR-US: IBM -CVE-2023-22586 - RESERVED -CVE-2023-22585 - RESERVED -CVE-2023-22584 - RESERVED -CVE-2023-22583 - RESERVED -CVE-2023-22582 - RESERVED +CVE-2023-22586 (The Danfoss AK-EM100 web applications allow for Local File Inclusion i ...) + TODO: check +CVE-2023-22585 (The Danfoss AK-EM100 web applications allow for Reflected Cross-Site S ...) + TODO: check +CVE-2023-22584 (The Danfoss AK-EM100 stores login credentials in cleartext.) + TODO: check +CVE-2023-22583 (The Danfoss AK-EM100 web forms allow for SQL injection in the login fo ...) + TODO: check +CVE-2023-22582 (The Danfoss AK-EM100 web applications allow for Reflected Cross-Site S ...) + TODO: check CVE-2023-22581 (White Rabbit Switch contains a vulnerability which makes it possible f ...) NOT-FOR-US: White Rabbit Switch CVE-2023-22580 (Due to improper input filtering in the sequalize js library, can malic ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28c68f9773f7d57a2c82f7e791c470ca23336424 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28c68f9773f7d57a2c82f7e791c470ca23336424 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits