Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 4cfe46ef by Moritz Muehlenhoff at 2023-07-12T08:34:30+02:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,5 @@ +CVE-2023-37579 + NOT-FOR-US: Apache Pulsar CVE-2023-3627 (Cross-Site Request Forgery (CSRF) in GitHub repository salesagility/su ...) NOT-FOR-US: SuiteCRM core CVE-2023-3626 (A vulnerability, which was classified as critical, has been found in S ...) @@ -5,29 +7,29 @@ CVE-2023-3626 (A vulnerability, which was classified as critical, has been found CVE-2023-3625 (A vulnerability classified as critical was found in Suncreate Mountain ...) NOT-FOR-US: Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System CVE-2023-3624 (A vulnerability classified as critical has been found in Nesote Inout ...) - TODO: check + NOT-FOR-US: Nesote Inout Blockchain FiatExchanger CVE-2023-3623 (A vulnerability was found in Suncreate Mountain Flood Disaster Prevent ...) NOT-FOR-US: Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System CVE-2023-3621 (A vulnerability was found in IBOS OA 4.5.5. It has been classified as ...) NOT-FOR-US: IBOS OA CVE-2023-3620 (Cross-site Scripting (XSS) - Stored in GitHub repository amauric/tarte ...) - TODO: check + NOT-FOR-US: amauric/tarteaucitron.js CVE-2023-3619 (A vulnerability was found in SourceCodester AC Repair and Services Sys ...) NOT-FOR-US: SourceCodester AC Repair and Services System CVE-2023-3617 (A vulnerability was found in SourceCodester Best POS Management System ...) NOT-FOR-US: SourceCodester Best POS Management System CVE-2023-37659 (xalpha v0.11.4 is vulnerable to Remote Command Execution (RCE).) - TODO: check + NOT-FOR-US: xalpha CVE-2023-37658 (fast-poster v2.15.0 is vulnerable to Cross Site Scripting (XSS). File ...) - TODO: check + NOT-FOR-US: fast-poster CVE-2023-37657 (TwoNav v2.0.28-20230624 is vulnerable to Cross Site Scripting (XSS).) NOT-FOR-US: TwoNav CVE-2023-37656 (WebsiteGuide v0.2 is vulnerable to Remote Command Execution (RCE) via ...) NOT-FOR-US: WebsiteGuide CVE-2023-37597 (Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0 ...) - TODO: check + NOT-FOR-US: issabel-pbx CVE-2023-37596 (Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0 ...) - TODO: check + NOT-FOR-US: issabel-pbx CVE-2023-37391 (Cross-Site Request Forgery (CSRF) vulnerability in WPMobilePack.Com Wo ...) NOT-FOR-US: WordPress plugin CVE-2023-37376 (A vulnerability has been identified in Tecnomatix Plant Simulation V22 ...) @@ -59,7 +61,7 @@ CVE-2023-36868 (Azure Service Fabric on Windows Information Disclosure Vulnerabi CVE-2023-36867 (Visual Studio Code GitHub Pull Requests and Issues Extension Remote Co ...) NOT-FOR-US: Microsoft CVE-2023-36825 (Decidim is a participatory democracy framework, written in Ruby on Rai ...) - TODO: check + NOT-FOR-US: Decidim CVE-2023-36824 (Redis is an in-memory database that persists on disk. In Redit 7.0 pri ...) - redis <unfixed> (bug #1040879) [bullseye] - redis <not-affected> (Vulnerable code introduced later) @@ -104,13 +106,13 @@ CVE-2023-36389 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All CVE-2023-36386 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...) NOT-FOR-US: Siemens CVE-2023-36293 (SQL injection vulnerability in wmanager v.1.0.7 and before allows a re ...) - TODO: check + NOT-FOR-US: wmanager CVE-2023-36167 (An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute a ...) NOT-FOR-US: AVG Anti-Spyware CVE-2023-36164 (An issue in MiniTool Partition Wizard ShadowMaker v.12.7 allows an att ...) - TODO: check + NOT-FOR-US: MiniTool Partition Wizard ShadowMaker CVE-2023-36163 (Cross Site Scripting vulnerability in IP-DOT BuildaGate v.BuildaGate5 ...) - TODO: check + NOT-FOR-US: BuildaGate CVE-2023-35921 (A vulnerability has been identified in SIMATIC MV540 H (All versions < ...) NOT-FOR-US: Siemens CVE-2023-35920 (A vulnerability has been identified in SIMATIC MV540 H (All versions < ...) @@ -124,9 +126,9 @@ CVE-2023-35778 (Cross-Site Request Forgery (CSRF) vulnerability in Neha Goel Rec CVE-2023-35773 (Cross-Site Request Forgery (CSRF) vulnerability in Danny Hearnah - Chu ...) NOT-FOR-US: WordPress plugin CVE-2023-35374 (Paint 3D Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35373 (Mono Authenticode Validation Spoofing Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35367 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...) NOT-FOR-US: Microsoft CVE-2023-35366 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...) @@ -188,213 +190,213 @@ CVE-2023-35335 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulner CVE-2023-35333 (MediaWiki PandocUpload Extension Remote Code Execution Vulnerability) TODO: check CVE-2023-35332 (Windows Remote Desktop Protocol Security Feature Bypass) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35331 (Windows Local Security Authority (LSA) Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35330 (Windows Extended Negotiation Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35329 (Windows Authentication Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35328 (Windows Transaction Manager Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35326 (Windows CDP User Components Information Disclosure Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35325 (Windows Print Spooler Information Disclosure Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35324 (Microsoft PostScript and PCL6 Class Printer Driver Information Disclos ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35323 (Windows OLE Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35322 (Windows Deployment Services Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35321 (Windows Deployment Services Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35320 (Connected User Experiences and Telemetry Elevation of Privilege Vulner ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35319 (Remote Procedure Call Runtime Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35318 (Remote Procedure Call Runtime Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35317 (Windows Server Update Service (WSUS) Elevation of Privilege Vulnerabil ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35316 (Remote Procedure Call Runtime Information Disclosure Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35315 (Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerabil ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35314 (Remote Procedure Call Runtime Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35313 (Windows Online Certificate Status Protocol (OCSP) SnapIn Remote Code E ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35312 (Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35311 (Microsoft Outlook Security Feature Bypass Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35310 (Windows DNS Server Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35309 (Microsoft Message Queuing Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35308 (Windows MSHTML Platform Security Feature Bypass Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35306 (Microsoft PostScript and PCL6 Class Printer Driver Information Disclos ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35305 (Windows Kernel Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35304 (Windows Kernel Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35303 (USB Audio Class System Driver Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35302 (Microsoft PostScript and PCL6 Class Printer Driver Remote Code Executi ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35300 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35299 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35298 (HTTP.sys Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35297 (Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulner ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35296 (Microsoft PostScript and PCL6 Class Printer Driver Information Disclos ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35091 (Cross-Site Request Forgery (CSRF) vulnerability in StoreApps Stock Man ...) - TODO: check + NOT-FOR-US: WooCommerce addon CVE-2023-35047 (Cross-Site Request Forgery (CSRF) vulnerability in AREOI All Bootstrap ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-35044 (Cross-Site Request Forgery (CSRF) vulnerability in Drew Phillips Secur ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-34561 (A buffer overflow in the level parsing code of RobTop Games AB Geometr ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-34185 (Cross-Site Request Forgery (CSRF) vulnerability in John Brien WordPres ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-34119 (Insecure temporary file in the installer for Zoom Rooms before version ...) - TODO: check + NOT-FOR-US: Zoom CVE-2023-34118 (Improper privilege management in Zoom Rooms before version 5.14.5 may ...) - TODO: check + NOT-FOR-US: Zoom CVE-2023-34117 (Relative path traversal in the Zoom Client SDK before version 5.15.0 m ...) - TODO: check + NOT-FOR-US: Zoom CVE-2023-34116 (Improper input validation in the Zoom Desktop Client for Windows befor ...) - TODO: check + NOT-FOR-US: Zoom CVE-2023-34090 (Decidim is a participatory democracy framework, written in Ruby on Rai ...) - TODO: check + NOT-FOR-US: Decidim CVE-2023-34089 (Decidim is a participatory democracy framework, written in Ruby on Rai ...) - TODO: check + NOT-FOR-US: Decidim CVE-2023-34029 (Cross-Site Request Forgery (CSRF) vulnerability in Prem Tiwari Disable ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-34015 (Cross-Site Request Forgery (CSRF) vulnerability in PI Websolution Cond ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-33174 (Windows Cryptographic Information Disclosure Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33173 (Remote Procedure Call Runtime Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33172 (Remote Procedure Call Runtime Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33171 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerabilit ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33170 (ASP.NET and Visual Studio Security Feature Bypass Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33169 (Remote Procedure Call Runtime Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33168 (Remote Procedure Call Runtime Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33167 (Remote Procedure Call Runtime Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33166 (Remote Procedure Call Runtime Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33165 (Microsoft SharePoint Server Security Feature Bypass Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33164 (Remote Procedure Call Runtime Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33163 (Windows Network Load Balancing Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33162 (Microsoft Excel Information Disclosure Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33161 (Microsoft Excel Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33160 (Microsoft SharePoint Server Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33159 (Microsoft SharePoint Server Spoofing Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33158 (Microsoft Excel Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33157 (Microsoft SharePoint Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33156 (Microsoft Defender Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33155 (Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerab ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33154 (Windows Partition Management Driver Elevation of Privilege Vulnerabili ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33153 (Microsoft Outlook Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33152 (Microsoft ActiveX Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33151 (Microsoft Outlook Spoofing Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33150 (Microsoft Office Security Feature Bypass Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33149 (Microsoft Office Graphics Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33148 (Microsoft Office Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33134 (Microsoft SharePoint Server Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-33127 (.NET and Visual Studio Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32693 (Decidim is a participatory democracy framework, written in Ruby on Rai ...) - TODO: check + NOT-FOR-US: Decidim CVE-2023-32104 (Cross-Site Request Forgery (CSRF) vulnerability in Mark Tilly MyCurato ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-32085 (Microsoft PostScript and PCL6 Class Printer Driver Information Disclos ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32084 (HTTP.sys Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32083 (Microsoft Failover Cluster Information Disclosure Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32057 (Microsoft Message Queuing Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32056 (Windows Server Update Service (WSUS) Elevation of Privilege Vulnerabil ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32055 (Active Template Library Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32054 (Volume Shadow Copy Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32053 (Windows Installer Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32052 (Microsoft Power Apps Spoofing Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32051 (Raw Image Extension Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32050 (Windows Installer Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32049 (Windows SmartScreen Security Feature Bypass Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32047 (Paint 3D Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32046 (Windows MSHTML Platform Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32045 (Microsoft Message Queuing Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32044 (Microsoft Message Queuing Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32043 (Windows Remote Desktop Security Feature Bypass Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32042 (OLE Automation Information Disclosure Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32041 (Windows Update Orchestrator Service Information Disclosure Vulnerabili ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32040 (Microsoft PostScript and PCL6 Class Printer Driver Information Disclos ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32039 (Microsoft PostScript and PCL6 Class Printer Driver Information Disclos ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32038 (Microsoft ODBC Driver Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32037 (Windows Layer-2 Bridge Network Driver Information Disclosure Vulnerabi ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32035 (Remote Procedure Call Runtime Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32034 (Remote Procedure Call Runtime Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-32033 (Microsoft Failover Cluster Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-31818 (An issue found in Marukyu Line v.13.4.1 allows a remote attacker to ga ...) TODO: check CVE-2023-31191 (DroneScout ds230 Remote ID receiver from BlueMark Innovations is affec ...) @@ -8081,6 +8083,7 @@ CVE-2023-31008 RESERVED CVE-2023-31007 RESERVED + NOT-FOR-US: Apache Pulsar CVE-2023-31006 RESERVED CVE-2023-31005 @@ -10139,8 +10142,10 @@ CVE-2009-10004 (A vulnerability was found in Turante Sandbox Theme up to 1.5.2. NOT-FOR-US: Turante Sandbox Theme CVE-2023-30429 RESERVED + NOT-FOR-US: Apache Pulsar CVE-2023-30428 RESERVED + NOT-FOR-US: Apache Pulsar CVE-2023-30427 RESERVED CVE-2023-30426 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4cfe46ef4bc072e8424808bd4903273112ad2f78 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4cfe46ef4bc072e8424808bd4903273112ad2f78 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits