Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
71803f1d by security tracker role at 2023-10-14T20:12:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2023-5582 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2023-5581 (A vulnerability classified as problematic was found in
SourceCodester ...)
+ TODO: check
+CVE-2023-5580 (A vulnerability classified as critical has been found in
SourceCodeste ...)
+ TODO: check
+CVE-2023-5579 (A vulnerability was found in yhz66 Sandbox 6.1.0. It has been
rated as ...)
+ TODO: check
+CVE-2023-5578 (A vulnerability was found in Port\xe1bilis i-Educar up to
2.7.5. It ha ...)
+ TODO: check
+CVE-2023-45176 (IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23,
12.0.1.0 throug ...)
+ TODO: check
+CVE-2023-40367 (IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting.
This vuln ...)
+ TODO: check
+CVE-2023-35024 (IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2,
19.0.1, ...)
+ TODO: check
CVE-2023-41914
- slurm-wlm 23.02.6-1
- slurm-wlm-contrib 23.02.6-1
@@ -118,13 +134,13 @@ CVE-2023-32973 (A buffer copy without checking size of
input vulnerability has b
NOT-FOR-US: QNAP
CVE-2023-32970 (A NULL pointer dereference vulnerability has been reported to
affect s ...)
NOT-FOR-US: QNAP
-CVE-2023-42663
+CVE-2023-42663 (Apache Airflow, versions before 2.7.2, has a vulnerability
that allows ...)
- airflow <itp> (bug #819700)
-CVE-2023-42792
+CVE-2023-42792 (Apache Airflow, in versions prior to 2.7.2, contains a
security vulner ...)
- airflow <itp> (bug #819700)
-CVE-2023-45348
+CVE-2023-45348 (Apache Airflow, versions 2.7.0 and 2.7.1, is affected by a
vulnerabili ...)
- airflow <itp> (bug #819700)
-CVE-2023-42780
+CVE-2023-42780 (Apache Airflow, versions prior to 2.7.2, contains a security
vulnerabi ...)
- airflow <itp> (bug #819700)
CVE-2023-5564 (Cross-site Scripting (XSS) - Stored in GitHub repository
froxlor/froxl ...)
- froxlor <itp> (bug #581792)
@@ -21788,8 +21804,8 @@ CVE-2023-30996
RESERVED
CVE-2023-30995 (IBM Aspera Faspex 4.0 through 4.4.2 and 5.0 through 5.0.5
could allow ...)
NOT-FOR-US: IBM
-CVE-2023-30994
- RESERVED
+CVE-2023-30994 (IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic
algorith ...)
+ TODO: check
CVE-2023-30993 (IBM Cloud Pak for Security (CP4S) 1.9.0.0 through 1.9.2.0
could allow ...)
NOT-FOR-US: IBM
CVE-2023-30992
@@ -31782,8 +31798,8 @@ CVE-2023-1261 (Missing MAC layer security in Silicon
Labs Wi-SUN SDK v1.5.0 and
NOT-FOR-US: WI-SUN
CVE-2023-1260 (An authentication bypass vulnerability was discovered in
kube-apiserve ...)
NOT-FOR-US: OpenShift
-CVE-2023-1259
- RESERVED
+CVE-2023-1259 (The Hotjar plugin for WordPress is vulnerable to Stored
Cross-Site Scr ...)
+ TODO: check
CVE-2023-27905 (Jenkins update-center2 3.13 and 3.14 renders the required
Jenkins core ...)
- jenkins <removed>
CVE-2023-27904 (Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an
error sta ...)
@@ -66080,8 +66096,8 @@ CVE-2022-43870 (IBM Spectrum Virtualize 8.3, 8.4, and
8.5 could disclose SNMPv3
NOT-FOR-US: IBM
CVE-2022-43869 (IBM Spectrum Scale (5.1.0.0 through 5.1.2.8 and 5.1.3.0
through 5.1.5. ...)
NOT-FOR-US: IBM
-CVE-2022-43868
- RESERVED
+CVE-2022-43868 (IBM Security Verify Access OIDC Provider could disclose
directory info ...)
+ TODO: check
CVE-2022-43867 (IBM Spectrum Scale 5.1.0.1 through 5.1.4.1 could allow a local
attacke ...)
NOT-FOR-US: IBM
CVE-2022-43866 (IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable
to cross ...)
@@ -66400,8 +66416,8 @@ CVE-2022-43742
RESERVED
CVE-2022-43741
RESERVED
-CVE-2022-43740
- RESERVED
+CVE-2022-43740 (IBM Security Verify Access OIDC Provider could allow a remote
user to ...)
+ TODO: check
CVE-2022-43739
RESERVED
CVE-2022-43738
@@ -95500,16 +95516,16 @@ CVE-2022-33167
RESERVED
CVE-2022-33166 (IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could
allow a p ...)
NOT-FOR-US: IBM
-CVE-2022-33165
- RESERVED
+CVE-2022-33165 (IBM Security Directory Server 6.4.0 could allow a remote
attacker to t ...)
+ TODO: check
CVE-2022-33164 (IBM Security Directory Server 7.2.0 could allow a remote
attacker to t ...)
NOT-FOR-US: IBM
CVE-2022-33163 (IBM Security Directory Suite VA 8.0.1 specifies permissions
for a secu ...)
NOT-FOR-US: IBM
CVE-2022-33162
RESERVED
-CVE-2022-33161
- RESERVED
+CVE-2022-33161 (IBM Security Directory Server 6.4.0 could allow a remote
attacker to o ...)
+ TODO: check
CVE-2022-33160 (IBM Security Directory Suite 8.0.1 uses weaker than expected
cryptogra ...)
NOT-FOR-US: IBM
CVE-2022-33159 (IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 stores
user cre ...)
@@ -96522,8 +96538,8 @@ CVE-2022-32757 (IBM Security Directory Suite VA 8.0.1
through 8.0.1.19 uses an i
NOT-FOR-US: IBM
CVE-2022-32756
RESERVED
-CVE-2022-32755
- RESERVED
+CVE-2022-32755 (IBM Security Directory Server 6.4.0 is vulnerable to an XML
External E ...)
+ TODO: check
CVE-2022-32754
RESERVED
CVE-2022-32753
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/71803f1dcc0e14054a2f7a5f1755cef0f58498af
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/71803f1dcc0e14054a2f7a5f1755cef0f58498af
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
