Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 71803f1d by security tracker role at 2023-10-14T20:12:13+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,19 @@ +CVE-2023-5582 (A vulnerability, which was classified as problematic, has been found i ...) + TODO: check +CVE-2023-5581 (A vulnerability classified as problematic was found in SourceCodester ...) + TODO: check +CVE-2023-5580 (A vulnerability classified as critical has been found in SourceCodeste ...) + TODO: check +CVE-2023-5579 (A vulnerability was found in yhz66 Sandbox 6.1.0. It has been rated as ...) + TODO: check +CVE-2023-5578 (A vulnerability was found in Port\xe1bilis i-Educar up to 2.7.5. It ha ...) + TODO: check +CVE-2023-45176 (IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 throug ...) + TODO: check +CVE-2023-40367 (IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vuln ...) + TODO: check +CVE-2023-35024 (IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, ...) + TODO: check CVE-2023-41914 - slurm-wlm 23.02.6-1 - slurm-wlm-contrib 23.02.6-1 @@ -118,13 +134,13 @@ CVE-2023-32973 (A buffer copy without checking size of input vulnerability has b NOT-FOR-US: QNAP CVE-2023-32970 (A NULL pointer dereference vulnerability has been reported to affect s ...) NOT-FOR-US: QNAP -CVE-2023-42663 +CVE-2023-42663 (Apache Airflow, versions before 2.7.2, has a vulnerability that allows ...) - airflow <itp> (bug #819700) -CVE-2023-42792 +CVE-2023-42792 (Apache Airflow, in versions prior to 2.7.2, contains a security vulner ...) - airflow <itp> (bug #819700) -CVE-2023-45348 +CVE-2023-45348 (Apache Airflow, versions 2.7.0 and 2.7.1, is affected by a vulnerabili ...) - airflow <itp> (bug #819700) -CVE-2023-42780 +CVE-2023-42780 (Apache Airflow, versions prior to 2.7.2, contains a security vulnerabi ...) - airflow <itp> (bug #819700) CVE-2023-5564 (Cross-site Scripting (XSS) - Stored in GitHub repository froxlor/froxl ...) - froxlor <itp> (bug #581792) @@ -21788,8 +21804,8 @@ CVE-2023-30996 RESERVED CVE-2023-30995 (IBM Aspera Faspex 4.0 through 4.4.2 and 5.0 through 5.0.5 could allow ...) NOT-FOR-US: IBM -CVE-2023-30994 - RESERVED +CVE-2023-30994 (IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorith ...) + TODO: check CVE-2023-30993 (IBM Cloud Pak for Security (CP4S) 1.9.0.0 through 1.9.2.0 could allow ...) NOT-FOR-US: IBM CVE-2023-30992 @@ -31782,8 +31798,8 @@ CVE-2023-1261 (Missing MAC layer security in Silicon Labs Wi-SUN SDK v1.5.0 and NOT-FOR-US: WI-SUN CVE-2023-1260 (An authentication bypass vulnerability was discovered in kube-apiserve ...) NOT-FOR-US: OpenShift -CVE-2023-1259 - RESERVED +CVE-2023-1259 (The Hotjar plugin for WordPress is vulnerable to Stored Cross-Site Scr ...) + TODO: check CVE-2023-27905 (Jenkins update-center2 3.13 and 3.14 renders the required Jenkins core ...) - jenkins <removed> CVE-2023-27904 (Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error sta ...) @@ -66080,8 +66096,8 @@ CVE-2022-43870 (IBM Spectrum Virtualize 8.3, 8.4, and 8.5 could disclose SNMPv3 NOT-FOR-US: IBM CVE-2022-43869 (IBM Spectrum Scale (5.1.0.0 through 5.1.2.8 and 5.1.3.0 through 5.1.5. ...) NOT-FOR-US: IBM -CVE-2022-43868 - RESERVED +CVE-2022-43868 (IBM Security Verify Access OIDC Provider could disclose directory info ...) + TODO: check CVE-2022-43867 (IBM Spectrum Scale 5.1.0.1 through 5.1.4.1 could allow a local attacke ...) NOT-FOR-US: IBM CVE-2022-43866 (IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable to cross ...) @@ -66400,8 +66416,8 @@ CVE-2022-43742 RESERVED CVE-2022-43741 RESERVED -CVE-2022-43740 - RESERVED +CVE-2022-43740 (IBM Security Verify Access OIDC Provider could allow a remote user to ...) + TODO: check CVE-2022-43739 RESERVED CVE-2022-43738 @@ -95500,16 +95516,16 @@ CVE-2022-33167 RESERVED CVE-2022-33166 (IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could allow a p ...) NOT-FOR-US: IBM -CVE-2022-33165 - RESERVED +CVE-2022-33165 (IBM Security Directory Server 6.4.0 could allow a remote attacker to t ...) + TODO: check CVE-2022-33164 (IBM Security Directory Server 7.2.0 could allow a remote attacker to t ...) NOT-FOR-US: IBM CVE-2022-33163 (IBM Security Directory Suite VA 8.0.1 specifies permissions for a secu ...) NOT-FOR-US: IBM CVE-2022-33162 RESERVED -CVE-2022-33161 - RESERVED +CVE-2022-33161 (IBM Security Directory Server 6.4.0 could allow a remote attacker to o ...) + TODO: check CVE-2022-33160 (IBM Security Directory Suite 8.0.1 uses weaker than expected cryptogra ...) NOT-FOR-US: IBM CVE-2022-33159 (IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 stores user cre ...) @@ -96522,8 +96538,8 @@ CVE-2022-32757 (IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 uses an i NOT-FOR-US: IBM CVE-2022-32756 RESERVED -CVE-2022-32755 - RESERVED +CVE-2022-32755 (IBM Security Directory Server 6.4.0 is vulnerable to an XML External E ...) + TODO: check CVE-2022-32754 RESERVED CVE-2022-32753 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/71803f1dcc0e14054a2f7a5f1755cef0f58498af -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/71803f1dcc0e14054a2f7a5f1755cef0f58498af You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits