Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fef2175a by security tracker role at 2023-07-18T20:12:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,85 @@
+CVE-2023-3743 (Ap Page Builder, in versions lower than 1.7.8.2, could allow a
remote ...)
+ TODO: check
+CVE-2023-38326
+ REJECTED
+CVE-2023-38257 (Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to
an insec ...)
+ TODO: check
+CVE-2023-37973 (Cross-Site Request Forgery (CSRF) vulnerability in David
Pokorny Repla ...)
+ TODO: check
+CVE-2023-37892 (Cross-Site Request Forgery (CSRF) vulnerability in Kemal
YAZICI - Plug ...)
+ TODO: check
+CVE-2023-37889 (Cross-Site Request Forgery (CSRF) vulnerability in WPAdmin
WPAdmin AWS ...)
+ TODO: check
+CVE-2023-37788 (goproxy v1.1 was discovered to contain an issue which can lead
to a De ...)
+ TODO: check
+CVE-2023-37758 (D-LINK DIR-815 v1.01 was discovered to contain a buffer
overflow via t ...)
+ TODO: check
+CVE-2023-37481 (Fides is an open-source privacy engineering platform for
managing data ...)
+ TODO: check
+CVE-2023-37480 (Fides is an open-source privacy engineering platform for
managing data ...)
+ TODO: check
+CVE-2023-37477 (1Panel is an open source Linux server operation and
maintenance manage ...)
+ TODO: check
+CVE-2023-37387 (Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme
Classif ...)
+ TODO: check
+CVE-2023-37386 (Cross-Site Request Forgery (CSRF) vulnerability in Media
Library Helpe ...)
+ TODO: check
+CVE-2023-37259 (matrix-react-sdk is a react-based SDK for inserting a Matrix
chat/voip ...)
+ TODO: check
+CVE-2023-37143 (ChakraCore branch master cbb9b was discovered to contain a
segmentatio ...)
+ TODO: check
+CVE-2023-37142 (ChakraCore branch master cbb9b was discovered to contain a
segmentatio ...)
+ TODO: check
+CVE-2023-37141 (ChakraCore branch master cbb9b was discovered to contain a
segmentatio ...)
+ TODO: check
+CVE-2023-37140 (ChakraCore branch master cbb9b was discovered to contain a
segmentatio ...)
+ TODO: check
+CVE-2023-37139 (ChakraCore branch master cbb9b was discovered to contain a
stack overf ...)
+ TODO: check
+CVE-2023-36670 (A remotely exploitable command injection vulnerability was
found on th ...)
+ TODO: check
+CVE-2023-36669 (Missing Authentication for a Critical Function within the
Kratos NGC I ...)
+ TODO: check
+CVE-2023-36384 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
CodePeop ...)
+ TODO: check
+CVE-2023-36383 (Auth. (editor+) Stored Cross-Site Scripting (XSS)
vulnerability in Mag ...)
+ TODO: check
+CVE-2023-36120
+ REJECTED
+CVE-2023-35763 (Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to
a crypto ...)
+ TODO: check
+CVE-2023-35189 (Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to
a remote ...)
+ TODO: check
+CVE-2023-34330 (AMI SPx contains a vulnerability in the BMC where a User may
cause a i ...)
+ TODO: check
+CVE-2023-34329 (AMI SPx contains a vulnerability in BMC where a User may cause
an auth ...)
+ TODO: check
+CVE-2023-34035 (Spring Security versions 5.8prior to 5.8.5, 6.0prior to
6.0.5,and 6.1p ...)
+ TODO: check
+CVE-2023-33871 (Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to
a direct ...)
+ TODO: check
+CVE-2023-33329 (Auth. (admin+) Reflected Cross-Site Scripting (XSS)
vulnerability in H ...)
+ TODO: check
+CVE-2023-33312 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
wppal Ea ...)
+ TODO: check
+CVE-2023-33265 (In Hazelcast through 5.0.4, 5.1 through 5.1.6, and 5.2 through
5.2.3, ...)
+ TODO: check
+CVE-2023-33231 (XSS attack was possible in DPA 2023.2 due to insufficient
input valida ...)
+ TODO: check
+CVE-2023-32965 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
CRUDLab ...)
+ TODO: check
+CVE-2023-31441 (In NATO Communications and Information Agency anet (aka
Advisor Networ ...)
+ TODO: check
+CVE-2023-2913 (An executable used in Rockwell Automation ThinManager
ThinServer can b ...)
+ TODO: check
+CVE-2023-2433 (The YARPP plugin for WordPress is vulnerable to Stored
Cross-Site Scri ...)
+ TODO: check
+CVE-2021-4428 (A vulnerability has been found in what3words Autosuggest Plugin
up to ...)
+ TODO: check
+CVE-2020-36762 (A vulnerability was found in ONS Digital RAS Collection
Instrument up ...)
+ TODO: check
+CVE-2018-25088 (A vulnerability, which was classified as critical, was found
in Blue Y ...)
+ TODO: check
CVE-2023-3724 (If a TLS 1.3 client gets neither a PSK (pre shared key)
extension nor ...)
- wolfssl <unfixed>
NOTE: https://github.com/wolfSSL/wolfssl/pull/6412
@@ -1059,7 +1141,7 @@ CVE-2023-36868 (Azure Service Fabric on Windows
Information Disclosure Vulnerabi
NOT-FOR-US: Microsoft
CVE-2023-36867 (Visual Studio Code GitHub Pull Requests and Issues Extension
Remote Co ...)
NOT-FOR-US: Microsoft
-CVE-2023-36825 (Decidim is a participatory democracy framework, written in
Ruby on Rai ...)
+CVE-2023-36825 (Orchid is a Laravel package that allows application
development of bac ...)
NOT-FOR-US: Decidim
CVE-2023-36824 (Redis is an in-memory database that persists on disk. In Redit
7.0 pri ...)
- redis 5:7.0.12-1 (bug #1040879)
@@ -3510,7 +3592,7 @@ CVE-2023-2911 (If the `recursive-clients` quota is
reached on a BIND 9 resolver
NOTE:
https://downloads.isc.org/isc/bind9/9.18.16/patches/0003-CVE-2023-2911.patch
NOTE:
https://downloads.isc.org/isc/bind9/9.16.42/patches/0003-CVE-2023-2911.patch
CVE-2023-2828 (Every `named` instance configured to run as a recursive
resolver maint ...)
- {DSA-5439-1}
+ {DSA-5439-1 DLA-3498-1}
- bind9 1:9.18.16-1
NOTE: https://kb.isc.org/docs/cve-2023-2828
NOTE:
https://downloads.isc.org/isc/bind9/9.18.16/patches/0001-CVE-2023-2828.patch
@@ -8777,8 +8859,8 @@ CVE-2023-2265
RESERVED
CVE-2023-2264
RESERVED
-CVE-2023-2263
- RESERVED
+CVE-2023-2263 (The Rockwell Automation Kinetix 5700 DC Bus Power Supply Series
A is v ...)
+ TODO: check
CVE-2023-2262
RESERVED
CVE-2023-2261 (The WP Activity Log plugin for WordPress is vulnerable to
authorizatio ...)
@@ -9389,8 +9471,8 @@ CVE-2023-30908
RESERVED
CVE-2023-30907
RESERVED
-CVE-2023-30906
- RESERVED
+CVE-2023-30906 (The vulnerability could be locally exploited to allow
escalation of pr ...)
+ TODO: check
CVE-2023-30905 (The MC990 X and UV300 RMC component has and inadequate default
configu ...)
NOT-FOR-US: HPE
CVE-2023-30904 (A security vulnerability in HPE Insight Remote Support may
result in t ...)
@@ -11256,8 +11338,8 @@ CVE-2023-30385
RESERVED
CVE-2023-30384
RESERVED
-CVE-2023-30383
- RESERVED
+CVE-2023-30383 (TP-LINK Archer C50v2 Archer C50(US)_V2_160801, TP-LINK Archer
C20v1 Ar ...)
+ TODO: check
CVE-2023-30382 (A buffer overflow in the component hl.exe of Valve Half-Life
up to 543 ...)
NOT-FOR-US: hl.exe of Valve Half-Life
CVE-2023-30381
@@ -11730,8 +11812,8 @@ CVE-2023-30155
RESERVED
CVE-2023-30154
RESERVED
-CVE-2023-30153
- RESERVED
+CVE-2023-30153 (An SQL injection vulnerability in the Payplug (payplug) module
for Pre ...)
+ TODO: check
CVE-2023-30152
RESERVED
CVE-2023-30151 (A SQL injection vulnerability in the Boxtal (envoimoinscher)
module fo ...)
@@ -18581,16 +18663,16 @@ CVE-2023-28025
RESERVED
CVE-2023-28024
RESERVED
-CVE-2023-28023
- RESERVED
+CVE-2023-28023 (A cross site request forgery vulnerability in the BigFix WebUI
Softwar ...)
+ TODO: check
CVE-2023-28022
RESERVED
-CVE-2023-28021
- RESERVED
-CVE-2023-28020
- RESERVED
-CVE-2023-28019
- RESERVED
+CVE-2023-28021 (The BigFix WebUI uses weak cipher suites.)
+ TODO: check
+CVE-2023-28020 (URL redirection in Login page in HCL BigFix WebUI allows
malicious use ...)
+ TODO: check
+CVE-2023-28019 (Insufficient validation in Bigfix WebUI API App site version <
14 allo ...)
+ TODO: check
CVE-2023-28018
RESERVED
CVE-2023-28017
@@ -26144,8 +26226,8 @@ CVE-2023-25484 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-25483
RESERVED
-CVE-2023-25482
- RESERVED
+CVE-2023-25482 (Cross-Site Request Forgery (CSRF) vulnerability in Mike Martel
WP Tile ...)
+ TODO: check
CVE-2023-25481 (Cross-Site Request Forgery (CSRF) vulnerability in Podlove
Podlove Sub ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25480
@@ -26158,12 +26240,12 @@ CVE-2023-25477
RESERVED
CVE-2023-25476
RESERVED
-CVE-2023-25475
- RESERVED
+CVE-2023-25475 (Cross-Site Request Forgery (CSRF) vulnerability in Vladimir
Prelovac S ...)
+ TODO: check
CVE-2023-25474 (Cross-Site Request Forgery (CSRF) vulnerability in Csaba Kissi
About M ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-25473
- RESERVED
+CVE-2023-25473 (Cross-Site Request Forgery (CSRF) vulnerability in Miro
Mannino Flickr ...)
+ TODO: check
CVE-2023-25472 (Cross-Site Request Forgery (CSRF) vulnerability in Podlove
Podlove Pod ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25471
@@ -27230,8 +27312,8 @@ CVE-2023-25038 (Cross-Site Request Forgery (CSRF)
vulnerability in 984.Ru For th
NOT-FOR-US: WordPress plugin
CVE-2023-25037
RESERVED
-CVE-2023-25036
- RESERVED
+CVE-2023-25036 (Cross-Site Request Forgery (CSRF) vulnerability in
akhlesh-nagar, a.An ...)
+ TODO: check
CVE-2023-25035
RESERVED
CVE-2023-25034 (Cross-Site Request Forgery (CSRF) vulnerability in BoLiQuan WP
Clean U ...)
@@ -29334,8 +29416,8 @@ CVE-2023-24392 (Unauth. Reflected Cross-Site Scripting
(XSS) vulnerability in I
NOT-FOR-US: WordPress plugin
CVE-2023-24391
RESERVED
-CVE-2023-24390
- RESERVED
+CVE-2023-24390 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in WeSe ...)
+ TODO: check
CVE-2023-24389
RESERVED
CVE-2023-24388 (Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt
Booking ca ...)
@@ -31328,8 +31410,8 @@ CVE-2023-23662
RESERVED
CVE-2023-23661
RESERVED
-CVE-2023-23660
- RESERVED
+CVE-2023-23660 (Auth. (subscriber+) SQL Injection (SQLi) vulnerability in
MainWP MainW ...)
+ TODO: check
CVE-2023-23659 (Cross-Site Request Forgery (CSRF) vulnerability in MainWP
Matomo Exten ...)
NOT-FOR-US: MainWP Matomo Extension
CVE-2023-23658
@@ -33789,8 +33871,7 @@ CVE-2023-0162 (The CPO Companion plugin for WordPress
is vulnerable to Stored Cr
NOT-FOR-US: CPO Companion plugin for WordPress
CVE-2023-0161
REJECTED
-CVE-2023-0160
- RESERVED
+CVE-2023-0160 (A deadlock flaw was found in the Linux kernel\u2019s BPF
subsystem. Th ...)
- linux <unfixed>
NOTE:
https://lore.kernel.org/all/CABcoxUayum5oOqFMMqAeWuS8+EzojquSOSyDA3J_2omY=2e...@mail.gmail.com/
CVE-2023-0159 (The Extensive VC Addons for WPBakery page builder WordPress
plugin bef ...)
@@ -36211,7 +36292,7 @@ CVE-2022-4813 (Insufficient Granularity of Access
Control in GitHub repository u
NOT-FOR-US: usememos
CVE-2022-4812 (Authorization Bypass Through User-Controlled Key in GitHub
repository ...)
NOT-FOR-US: usememos
-CVE-2022-4811 (Incorrect Authorization in GitHub repository usememos/memos
prior to 0 ...)
+CVE-2022-4811 (Authorization Bypass Through User-Controlled Key vulnerability
in usem ...)
NOT-FOR-US: usememos
CVE-2022-4810 (Improper Access Control in GitHub repository usememos/memos
prior to 0 ...)
NOT-FOR-US: usememos
@@ -36715,7 +36796,7 @@ CVE-2022-47948
RESERVED
CVE-2022-47947
RESERVED
-CVE-2022-4734 (Exposure of Sensitive Information to an Unauthorized Actor in
GitHub r ...)
+CVE-2022-4734 (Improper Removal of Sensitive Information Before Storage or
Transfer i ...)
NOT-FOR-US: usememos
CVE-2022-4733 (Cross-site Scripting (XSS) - Stored in GitHub repository
openemr/opene ...)
NOT-FOR-US: OpenEMR
@@ -39630,8 +39711,8 @@ CVE-2022-47423 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2022-47422 (Cross-Site Request Forgery (CSRF) vulnerability in HM Plugin
Accept St ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-47421
- RESERVED
+CVE-2022-47421 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Repu ...)
+ TODO: check
CVE-2022-47420
RESERVED
CVE-2022-47419 (An XSS vulnerability was discovered in the Mayan EDMS DMS.
Successful ...)
@@ -40521,8 +40602,8 @@ CVE-2022-47171 (Improper Neutralization of Input During
Web Page Generation ('Cr
NOT-FOR-US: WordPress plugin
CVE-2022-47170 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Unli ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-47169
- RESERVED
+CVE-2022-47169 (Cross-Site Request Forgery (CSRF) vulnerability in StaxWP
Visibility L ...)
+ TODO: check
CVE-2022-47168
RESERVED
CVE-2022-47167 (Cross-Site Request Forgery (CSRF) vulnerability in Aram
Kocharyan Cray ...)
@@ -40734,8 +40815,8 @@ CVE-2022-47086 (GPAC MP4Box v2.1-DEV-rev574-g9d5bb184b
contains a segmentation v
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://github.com/gpac/gpac/issues/2337
NOTE:
https://github.com/gpac/gpac/commit/15e3aece44f24a1c4e8cc0622c59008b1b9ab683
(v2.2.0)
-CVE-2022-47085
- RESERVED
+CVE-2022-47085 (An issue was discovered in ostree before 2022.7 allows
attackers to ca ...)
+ TODO: check
CVE-2022-47084
RESERVED
CVE-2022-47083 (Spitfire CMS 1.0.475 is vulnerable to PHP Object Injection.)
@@ -41383,8 +41464,8 @@ CVE-2022-46859
RESERVED
CVE-2022-46858 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Amin A.R ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-46857
- RESERVED
+CVE-2022-46857 (Cross-Site Request Forgery (CSRF) vulnerability in SiteAlert
plugin <= ...)
+ TODO: check
CVE-2022-46856 (Cross-Site Request Forgery (CSRF) vulnerability in ORION
Woocommerce P ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46855 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
@@ -44565,8 +44646,8 @@ CVE-2022-45830
RESERVED
CVE-2022-45829 (Auth. Path Traversal vulnerability inEasy WP SMTP plugin <=
1.5.1 atWo ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-45828
- RESERVED
+CVE-2022-45828 (Cross-Site Request Forgery (CSRF) vulnerability in NooTheme
Noo Timeta ...)
+ TODO: check
CVE-2022-45827 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Gall ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45826
@@ -59902,8 +59983,8 @@ CVE-2022-41411
RESERVED
CVE-2022-41410
RESERVED
-CVE-2022-41409
- RESERVED
+CVE-2022-41409 (Integer overflow vulnerability in pcre2test before 10.41
allows attack ...)
+ TODO: check
CVE-2022-41408 (Online Pet Shop We App v1.0 was discovered to contain a SQL
injection ...)
NOT-FOR-US: Online Pet Shop
CVE-2022-41407 (Online Pet Shop We App v1.0 was discovered to contain a SQL
injection ...)
@@ -77571,8 +77652,8 @@ CVE-2022-34487 (Unauthenticated Arbitrary Option Update
vulnerability in biplob0
NOT-FOR-US: WordPress plugin
CVE-2022-34347 (Cross-Site Request Forgery (CSRF) vulnerability in W3 Eden
Download Ma ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-34155
- RESERVED
+CVE-2022-34155 (Improper Authentication vulnerability in miniOrange OAuth
Single Sign ...)
+ TODO: check
CVE-2022-34149 (Authentication Bypass vulnerability in miniOrange WP OAuth
Server plug ...)
NOT-FOR-US: WordPress plugin
CVE-2022-34148 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
@@ -82373,10 +82454,10 @@ CVE-2022-33067 (Lrzip v0.651 was discovered to
contain multiple invalid arithmet
NOTE: Crash in CLI tool, no security impact
CVE-2022-33066
RESERVED
-CVE-2022-33065
- RESERVED
-CVE-2022-33064
- RESERVED
+CVE-2022-33065 (Multiple signed integers overflow in function au_read_header
in src/au ...)
+ TODO: check
+CVE-2022-33064 (An off-by-one error in function wav_read_header in src/wav.c
in Libsnd ...)
+ TODO: check
CVE-2022-33063
RESERVED
CVE-2022-33062
@@ -101548,8 +101629,8 @@ CVE-2022-26564 (HotelDruid Hotel Management Software
v3.0.3 contains a cross-sit
[bullseye] - hoteldruid <no-dsa> (Minor issue)
[buster] - hoteldruid <no-dsa> (Minor issue)
[stretch] - hoteldruid <no-dsa> (Minor issue)
-CVE-2022-26563
- RESERVED
+CVE-2022-26563 (An issue was discovered in Tildeslash Monit before 5.31.0,
allows remo ...)
+ TODO: check
CVE-2022-26562 (An issue in provider/libserver/ECKrbAuth.cpp of Kopano Core <=
v11.0.2 ...)
{DLA-3354-1}
- kopanocore <removed> (bug #1016973)
@@ -144091,8 +144172,8 @@ CVE-2021-37524 (Cross Site Scripting (XSS)
vulnerability in FusionPBX 4.5.26 all
NOT-FOR-US: FusionPBX
CVE-2021-37523
RESERVED
-CVE-2021-37522
- RESERVED
+CVE-2021-37522 (SQL injection vulnerability in HKing2802 Locke-Bot 2.0.2
allows remote ...)
+ TODO: check
CVE-2021-37521
RESERVED
CVE-2021-37520
@@ -145498,7 +145579,7 @@ CVE-2021-36910 (Authenticated (admin user role)
Stored Cross-Site Scripting (XSS
NOT-FOR-US: WordPress plugin
CVE-2021-36909 (Authenticated Database Reset vulnerability in WordPress WP
Reset PRO P ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-36908 (Cross-Site Request Forgery (CSRF) vulnerability leading to
Database Re ...)
+CVE-2021-36908 (Cross-Site Request Forgery (CSRF) vulnerability in WebFactory
Ltd. WP ...)
NOT-FOR-US: WordPress plugin
CVE-2021-36907
RESERVED
@@ -152197,16 +152278,16 @@ CVE-2021-34125 (An issue discovered in Yuneec
Mantis Q and PX4-Autopilot v 1.11.
NOT-FOR-US: Yuneec Mantis
CVE-2021-34124
RESERVED
-CVE-2021-34123
- RESERVED
+CVE-2021-34123 (An issue was discovered on atasm, version 1.09. A
stack-buffer-overflo ...)
+ TODO: check
CVE-2021-34122 (The function bitstr_tell at bitstr.c in ffjpeg commit 4ab404e
has a NU ...)
NOT-FOR-US: ffjpeg
-CVE-2021-34121
- RESERVED
+CVE-2021-34121 (An Out of Bounds flaw was discovered in htmodoc 1.9.12 in
function par ...)
+ TODO: check
CVE-2021-34120
RESERVED
-CVE-2021-34119
- RESERVED
+CVE-2021-34119 (A flaw was discovered in htmodoc 1.9.12 in function
parse_paragraph in ...)
+ TODO: check
CVE-2021-34118
RESERVED
CVE-2021-34117 (SQL Injection vulnerability in SEO Panel 4.9.0 in
api/user.api.php in ...)
@@ -154341,8 +154422,8 @@ CVE-2021-33296
RESERVED
CVE-2021-33295 (Cross Site Scripting (XSS) vulnerability in Joplin Desktop App
before ...)
NOT-FOR-US: Joplin Desktop App
-CVE-2021-33294
- RESERVED
+CVE-2021-33294 (In elfutils 0.183, an infinite loop was found in the function
handle_s ...)
+ TODO: check
CVE-2021-33293 (Panorama Tools libpano13 v2.9.20 was discovered to contain an
out-of-b ...)
{DLA-2957-1}
[experimental] - libpano13 2.9.21~rc1+dfsg-1
@@ -157117,8 +157198,8 @@ CVE-2021-32258
RESERVED
CVE-2021-32257
RESERVED
-CVE-2021-32256
- RESERVED
+CVE-2021-32256 (An issue was discovered in GNU libiberty, as distributed in
GNU Binuti ...)
+ TODO: check
CVE-2021-32255
RESERVED
CVE-2021-32254
@@ -210305,12 +210386,12 @@ CVE-2020-23913
RESERVED
CVE-2020-23912 (An issue was discovered in Bento4 through v1.6.0-637. A NULL
pointer d ...)
NOT-FOR-US: Bento4
-CVE-2020-23911
- RESERVED
-CVE-2020-23910
- RESERVED
-CVE-2020-23909
- RESERVED
+CVE-2020-23911 (An issue was discovered in asn1c through v0.9.28. A NULL
pointer deref ...)
+ TODO: check
+CVE-2020-23910 (Stack-based buffer overflow vulnerability in asn1c through
v0.9.28 via ...)
+ TODO: check
+CVE-2020-23909 (Heap-based buffer over-read in function png_convert_4 in file
pngex.cc ...)
+ TODO: check
CVE-2020-23908
RESERVED
CVE-2020-23907 (An issue was discovered in retdec v3.3. In function
canSplitFunctionOn ...)
@@ -213983,8 +214064,8 @@ CVE-2020-22161
RESERVED
CVE-2020-22160
RESERVED
-CVE-2020-22159
- RESERVED
+CVE-2020-22159 (EVERTZ devices 3080IPX exe-guest-v1.2-r26125, 7801FC 1.3 Build
27, and ...)
+ TODO: check
CVE-2020-22158 (MediaKind (formerly Ericsson) RX8200 5.13.3 devices are
vulnerable to ...)
NOT-FOR-US: Ericsson RX8200 5.13.3 devices
CVE-2020-22157
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fef2175ab46cd92077380ef57fdf6bbdbf9b295f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fef2175ab46cd92077380ef57fdf6bbdbf9b295f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
