Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 85359fdd by Moritz Muehlenhoff at 2023-06-26T17:32:32+02:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -106,13 +106,13 @@ CVE-2023-36272 (LibreDWG v0.12.5 was discovered to contain a heap buffer overflo CVE-2023-36271 (LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via ...) - libredwg <itp> (bug #595191) CVE-2023-35931 (Shescape is a simple shell escape library for JavaScript. An attacker ...) - TODO: check + NOT-FOR-US: Shescape CVE-2023-35925 (FastAsyncWorldEdit (FAWE) is designed for efficient world editing. Thi ...) - TODO: check + NOT-FOR-US: FastAsyncWorldEdit CVE-2023-35759 (In Progress WhatsUp Gold before 23.0.0, an SNMP-related application en ...) NOT-FOR-US: Progress WhatsUp Gold CVE-2023-35167 (Remult is a CRUD framework for full-stack TypeScript. If you used the ...) - TODO: check + NOT-FOR-US: Remult CVE-2023-35162 (XWiki Platform is a generic wiki platform offering runtime services fo ...) NOT-FOR-US: XWiki CVE-2023-35161 (XWiki Platform is a generic wiki platform offering runtime services fo ...) @@ -154,127 +154,128 @@ CVE-2023-34465 (XWiki Platform is a generic wiki platform. Starting in version 1 CVE-2023-34464 (XWiki Platform is a generic wiki platform offering runtime services fo ...) NOT-FOR-US: XWiki CVE-2023-34460 (Tauri is a framework for building binaries for all major desktop platf ...) - TODO: check + NOT-FOR-US: Tauri CVE-2023-34203 (In Progress OpenEdge OEM (OpenEdge Management) and OEE (OpenEdge Explo ...) - TODO: check + NOT-FOR-US: Progress OpenEdge OEM CVE-2023-34188 (The HTTP server in Mongoose before 7.10 accepts requests containing ne ...) - TODO: check + NOT-FOR-US: Cesanta Mongoose + NOTE: smplayer embeds a copy, which is unused in any released version and disabled since 18.5.0~ds1-1 CVE-2023-34021 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Andy Moy ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-34012 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Premium ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-33565 (ROS2 (Robot Operating System 2) Foxy Fitzroy ROS_VERSION=2 and ROS_PYT ...) TODO: check CVE-2023-32580 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPEx ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-32480 (Dell BIOS contains an Improper Input Validation vulnerability. An unau ...) - TODO: check + NOT-FOR-US: Dell CVE-2023-32439 (A type confusion issue was addressed with improved checks. This issue ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32435 (A memory corruption issue was addressed with improved state management ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32434 (An integer overflow was addressed with improved input validation. This ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32423 (A buffer overflow issue was addressed with improved memory handling. T ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32422 (This issue was addressed by adding additional SQLite logging restricti ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32420 (An out-of-bounds read was addressed with improved input validation. Th ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32419 (The issue was addressed with improved bounds checks. This issue is fix ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32417 (This issue was addressed by restricting options offered on a locked de ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32415 (This issue was addressed with improved redaction of sensitive informat ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32414 (The issue was addressed with improved checks. This issue is fixed in m ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32413 (A race condition was addressed with improved state handling. This issu ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32412 (A use-after-free issue was addressed with improved memory management. ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32411 (This issue was addressed with improved entitlements. This issue is fix ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32410 (An out-of-bounds read was addressed with improved input validation. Th ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32408 (The issue was addressed with improved handling of caches. This issue i ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32407 (A logic issue was addressed with improved state management. This issue ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32405 (A logic issue was addressed with improved checks. This issue is fixed ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32404 (This issue was addressed with improved entitlements. This issue is fix ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32403 (This issue was addressed with improved redaction of sensitive informat ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32402 (An out-of-bounds read was addressed with improved input validation. Th ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32400 (This issue was addressed with improved checks. This issue is fixed in ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32399 (The issue was addressed with improved handling of caches. This issue i ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32398 (A use-after-free issue was addressed with improved memory management. ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32397 (A logic issue was addressed with improved state management. This issue ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32395 (A logic issue was addressed with improved state management. This issue ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32394 (The issue was addressed with improved checks. This issue is fixed in i ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32392 (A privacy issue was addressed with improved private data redaction for ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32391 (The issue was addressed with improved checks. This issue is fixed in i ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32390 (The issue was addressed with improved checks. This issue is fixed in i ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32389 (This issue was addressed with improved redaction of sensitive informat ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32388 (A privacy issue was addressed with improved private data redaction for ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32387 (A use-after-free issue was addressed with improved memory management. ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32386 (A privacy issue was addressed with improved handling of temporary file ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32385 (A denial-of-service issue was addressed with improved memory handling. ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32384 (A buffer overflow was addressed with improved bounds checking. This is ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32382 (An out-of-bounds read was addressed with improved input validation. Th ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32380 (An out-of-bounds write issue was addressed with improved bounds checki ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32376 (This issue was addressed with improved entitlements. This issue is fix ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32375 (An out-of-bounds read was addressed with improved input validation. Th ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32372 (An out-of-bounds read was addressed with improved input validation. Th ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32371 (The issue was addressed with improved checks. This issue is fixed in i ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32369 (A logic issue was addressed with improved state management. This issue ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32368 (An out-of-bounds read was addressed with improved input validation. Th ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32367 (This issue was addressed with improved entitlements. This issue is fix ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32365 (The issue was addressed with improved checks. This issue is fixed in i ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32363 (A permissions issue was addressed by removing vulnerable code and addi ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32360 (An authentication issue was addressed with improved state management. ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32357 (An authorization issue was addressed with improved state management. T ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32355 (A logic issue was addressed with improved state management. This issue ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32354 (An out-of-bounds read was addressed with improved input validation. Th ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32353 (A logic issue was addressed with improved checks. This issue is fixed ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32352 (A logic issue was addressed with improved checks. This issue is fixed ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-32351 (A logic issue was addressed with improved checks. This issue is fixed ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-3128 (Grafana is validating Azure AD accounts based on the email claim. On ...) - grafana <removed> CVE-2023-3114 (Terraform Enterprise since v202207-1 did not properly implement author ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85359fddc562eb70780cdefa60b851fe2d0a4058 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85359fddc562eb70780cdefa60b851fe2d0a4058 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits