Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
67a6d475 by security tracker role at 2023-10-24T08:12:18+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,36 @@
-CVE-2023-5633
+CVE-2023-5746 (A vulnerability regarding use of externally-controlled format
string i ...)
+ TODO: check
+CVE-2023-46059 (Cross Site Scripting (XSS) vulnerability in Geeklog-Core
geeklog v.2.2 ...)
+ TODO: check
+CVE-2023-46058 (Cross Site Scripting (XSS) vulnerability in Geeklog-Core
geeklog v.2.2 ...)
+ TODO: check
+CVE-2023-45998 (kodbox 1.44 is vulnerable to Cross Site Scripting (XSS).
Customizing g ...)
+ TODO: check
+CVE-2023-45990 (Insecure Permissions vulnerability in WenwenaiCMS v.1.0 allows
a remot ...)
+ TODO: check
+CVE-2023-45966 (umputun remark42 version 1.12.1 and before has a Blind
Server-Side Req ...)
+ TODO: check
+CVE-2023-44760 (Multiple Cross Site Scripting (XSS) vulnerabilities in
Concrete CMS v. ...)
+ TODO: check
+CVE-2023-43358 (Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18
allows a ...)
+ TODO: check
+CVE-2023-43281 (Double Free vulnerability in Nothings Stb Image.h v.2.28
allows a remo ...)
+ TODO: check
+CVE-2023-39817
+ REJECTED
+CVE-2023-39816
+ REJECTED
+CVE-2023-39815
+ REJECTED
+CVE-2023-39814
+ REJECTED
+CVE-2023-37636 (A stored cross-site scripting (XSS) vulnerability in UVDesk
Community ...)
+ TODO: check
+CVE-2023-37635 (UVDesk Community Skeleton v1.1.1 allows unauthenticated
attackers to p ...)
+ TODO: check
+CVE-2023-33517 (carRental 1.0 is vulnerable to Incorrect Access Control
(Arbitrary Fil ...)
+ TODO: check
+CVE-2023-5633 (The reference count changes made as part of the CVE-2023-33951
and CVE ...)
- linux 6.5.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
@@ -45,7 +77,7 @@ CVE-2023-33837 (IBM Security Verify Governance 10.0 does not
encrypt sensitive o
NOT-FOR-US: IBM
CVE-2023-46288 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- airflow <itp> (bug #819700)
-CVE-2023-46316 [Fix command line parsing in wrappers]
+CVE-2023-46316 (In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the
wrapper scrip ...)
- traceroute 1:2.1.3-1
[bookworm] - traceroute <no-dsa> (Minor issue)
[bullseye] - traceroute <no-dsa> (Minor issue)
@@ -82342,10 +82374,10 @@ CVE-2022-2922 (Relative Path Traversal in GitHub
repository dnnsoftware/dnn.plat
NOT-FOR-US: DNNPlatform
CVE-2022-2921 (Exposure of Private Personal Information to an Unauthorized
Actor in G ...)
NOT-FOR-US: NotrinosERP
-CVE-2022-38485
- RESERVED
-CVE-2022-38484
- RESERVED
+CVE-2022-38485 (A directory traversal vulnerability exists in the AgeVolt
Portal prior ...)
+ TODO: check
+CVE-2022-38484 (An arbitrary file upload and directory traversal vulnerability
exist i ...)
+ TODO: check
CVE-2022-38483
RESERVED
CVE-2022-38482 (A link-manipulation issue was discovered in Mega HOPEX
15.2.0.6110 bef ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67a6d4757effac07d01bfe910089afb132a8d1f2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67a6d4757effac07d01bfe910089afb132a8d1f2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
