Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: f512bb00 by security tracker role at 2023-08-24T20:12:07+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,75 @@ +CVE-2023-4420 (A remote unprivileged attacker can intercept the communication via e.g ...) + TODO: check +CVE-2023-4419 (The LMS5xx uses hard-coded credentials, which potentially allow low-sk ...) + TODO: check +CVE-2023-4418 (A remote unprivileged attacker can sent multiple packages to the LMS5x ...) + TODO: check +CVE-2023-40904 (Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain ...) + TODO: check +CVE-2023-40902 (Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain ...) + TODO: check +CVE-2023-40901 (Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain ...) + TODO: check +CVE-2023-40900 (Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a ...) + TODO: check +CVE-2023-40899 (Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a ...) + TODO: check +CVE-2023-40898 (Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a ...) + TODO: check +CVE-2023-40897 (Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a ...) + TODO: check +CVE-2023-40896 (Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a ...) + TODO: check +CVE-2023-40895 (Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a ...) + TODO: check +CVE-2023-40894 (Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a ...) + TODO: check +CVE-2023-40893 (Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a ...) + TODO: check +CVE-2023-40892 (Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a ...) + TODO: check +CVE-2023-40891 (Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a ...) + TODO: check +CVE-2023-40877 (DedeCMS up to and including 5.7.110 was discovered to contain a cross- ...) + TODO: check +CVE-2023-40876 (DedeCMS up to and including 5.7.110 was discovered to contain a cross- ...) + TODO: check +CVE-2023-40875 (DedeCMS up to and including 5.7.110 was discovered to contain multiple ...) + TODO: check +CVE-2023-40874 (DedeCMS up to and including 5.7.110 was discovered to contain multiple ...) + TODO: check +CVE-2023-40710 (An adversary could cause a continuous restart loop to the entire devic ...) + TODO: check +CVE-2023-40709 (An adversary could crash the entire device by sending a large quantity ...) + TODO: check +CVE-2023-40708 (The File Transfer Protocol (FTP) port is open by default in the SNAP P ...) + TODO: check +CVE-2023-40707 (There are no requirements for setting a complex password in the built- ...) + TODO: check +CVE-2023-40706 (There is no limit on the number of login attempts in the web server fo ...) + TODO: check +CVE-2023-40371 (IBM AIX 7.2, 7.3, VIOS 3.1's OpenSSH implementation could allow a non- ...) + TODO: check +CVE-2023-39834 (PbootCMS below v3.2.0 was discovered to contain a command injection vu ...) + TODO: check +CVE-2023-39801 (A lack of exception handling in the Renault Easy Link Multimedia Syste ...) + TODO: check +CVE-2023-34973 (An insufficient entropy vulnerability has been reported to affect QNAP ...) + TODO: check +CVE-2023-34972 (A cleartext transmission of sensitive information vulnerability has be ...) + TODO: check +CVE-2023-34971 (An inadequate encryption strength vulnerability has been reported to a ...) + TODO: check +CVE-2023-34040 (In Spring for Apache Kafka 3.0.9 and earlier and versions 2.9.10 and e ...) + TODO: check +CVE-2023-32516 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GloriaFo ...) + TODO: check +CVE-2023-32511 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Booking ...) + TODO: check +CVE-2023-32510 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rolf van ...) + TODO: check +CVE-2023-31412 (The LMS5xx uses weak hash generation methods, resulting in the creatio ...) + TODO: check CVE-2023-XXXX [tryton-server lack of record validation] - tryton-server 6.0.34-1 [bookworm] - tryton-server 6.0.29-2+deb12u1 @@ -3987,11 +4059,13 @@ CVE-2023-32232 (An issue was discovered in Vasion PrinterLogic Client for Window CVE-2023-32231 (An issue was discovered in Vasion PrinterLogic Client for Windows befo ...) NOT-FOR-US: Vasion CVE-2023-38289 [libtiff: potential integer overflow in raw2tiff.c] + REJECTED {DLA-3513-1} - tiff 4.5.1+git230720-1 NOTE: https://gitlab.com/libtiff/libtiff/-/issues/592 NOTE: https://gitlab.com/libtiff/libtiff/-/commit/6e2dac5f904496d127c92ddc4e56eccfca25c2ee CVE-2023-38288 [libtiff: integer overflow in tiffcp.c] + REJECTED {DLA-3513-1} - tiff 4.5.1+git230720-1 NOTE: https://gitlab.com/libtiff/libtiff/-/commit/4fc16f649fa2875d5c388cf2edc295510a247ee5 @@ -46277,8 +46351,8 @@ CVE-2022-46886 (There exists an open redirect within the response list update fu CVE-2022-46885 (Mozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzin ...) - firefox 106.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-44/#CVE-2022-46885 -CVE-2022-46884 - RESERVED +CVE-2022-46884 (A potential use-after-free vulnerability existed in SVG Images if the ...) + TODO: check CVE-2022-46883 (Mozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight a ...) - firefox 107.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-47/#CVE-2022-46883 @@ -73658,6 +73732,7 @@ CVE-2022-38225 CVE-2022-38224 RESERVED CVE-2022-38223 (There is an out-of-bounds write in checkType located in etc.c in w3m 0 ...) + {DLA-3541-1} - w3m 0.5.3+git20230121-1 (bug #1019599) [bullseye] - w3m 0.5.3+git20210102-6+deb11u1 NOTE: https://github.com/tats/w3m/issues/242 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f512bb00e1f936d769d7a563f2b9fba6df488ad7 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f512bb00e1f936d769d7a563f2b9fba6df488ad7 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits