[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Apr 7 09:10:38 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9e8d5dfc by security tracker role at 2023-04-07T08:10:27+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,123 @@
+CVE-2023-29493
+ RESERVED
+CVE-2023-29492
+ RESERVED
+CVE-2023-29491
+ RESERVED
+CVE-2023-29490
+ RESERVED
+CVE-2023-29489
+ RESERVED
+CVE-2023-29488
+ RESERVED
+CVE-2023-29487
+ RESERVED
+CVE-2023-29486
+ RESERVED
+CVE-2023-29485
+ RESERVED
+CVE-2023-29484
+ RESERVED
+CVE-2023-29483
+ RESERVED
+CVE-2023-29482
+ RESERVED
+CVE-2023-29481
+ RESERVED
+CVE-2023-29480
+ RESERVED
+CVE-2023-29479
+ RESERVED
+CVE-2023-29478 (BiblioCraft before 2.4.6 does not sanitize path-traversal characters i ...)
+ TODO: check
+CVE-2023-29477
+ RESERVED
+CVE-2023-29476
+ RESERVED
+CVE-2023-29475 (inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Man ...)
+ TODO: check
+CVE-2023-29474 (inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Man ...)
+ TODO: check
+CVE-2023-29473 (webservice in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Ma ...)
+ TODO: check
+CVE-2023-29472
+ RESERVED
+CVE-2023-29471
+ RESERVED
+CVE-2023-29470
+ RESERVED
+CVE-2023-29469
+ RESERVED
+CVE-2023-29468
+ RESERVED
+CVE-2023-29467
+ RESERVED
+CVE-2023-29466
+ RESERVED
+CVE-2023-29465 (SageMath FlintQS 1.0 relies on pathnames under TMPDIR (typically world ...)
+ TODO: check
+CVE-2023-29244
+ RESERVED
+CVE-2023-29165
+ RESERVED
+CVE-2023-28823
+ RESERVED
+CVE-2023-28741
+ RESERVED
+CVE-2023-28715
+ RESERVED
+CVE-2023-28397
+ RESERVED
+CVE-2023-28396
+ RESERVED
+CVE-2023-27391
+ RESERVED
+CVE-2023-22313
+ RESERVED
+CVE-2023-22310
+ RESERVED
+CVE-2023-1936
+ RESERVED
+CVE-2023-1935
+ RESERVED
+CVE-2023-1934
+ RESERVED
+CVE-2023-1933
+ RESERVED
+CVE-2023-1932
+ RESERVED
+CVE-2023-1931 ([PUSHED PREMATURELY] Information temporarily redacted until it should ...)
+ TODO: check
+CVE-2023-1930 ([PUSHED PREMATURELY] Information temporarily redacted until it should ...)
+ TODO: check
+CVE-2023-1929 ([PUSHED PREMATURELY] Information temporarily redacted until it should ...)
+ TODO: check
+CVE-2023-1928 ([PUSHED PREMATURELY] Information temporarily redacted until it should ...)
+ TODO: check
+CVE-2023-1927 ([PUSHED PREMATURELY] Information temporarily redacted until it should ...)
+ TODO: check
+CVE-2023-1926 ([PUSHED PREMATURELY] Information temporarily redacted until it should ...)
+ TODO: check
+CVE-2023-1925 ([PUSHED PREMATURELY] Information temporarily redacted until it should ...)
+ TODO: check
+CVE-2023-1924 ([PUSHED PREMATURELY] Information temporarily redacted until it should ...)
+ TODO: check
+CVE-2023-1923 ([PUSHED PREMATURELY] Information temporarily redacted until it should ...)
+ TODO: check
+CVE-2023-1922 ([PUSHED PREMATURELY] Information temporarily redacted until it should ...)
+ TODO: check
+CVE-2023-1921 ([PUSHED PREMATURELY] Information temporarily redacted until it should ...)
+ TODO: check
+CVE-2023-1920 ([PUSHED PREMATURELY] Information temporarily redacted until it should ...)
+ TODO: check
+CVE-2023-1919 ([PUSHED PREMATURELY] Information temporarily redacted until it should ...)
+ TODO: check
+CVE-2023-1918 ([PUSHED PREMATURELY] Information temporarily redacted until it should ...)
+ TODO: check
+CVE-2023-1917
+ RESERVED
+CVE-2022-48436
+ RESERVED
CVE-2023-29464
RESERVED
CVE-2023-29463
@@ -85,6 +205,7 @@ CVE-2023-29423
CVE-2023-29422
RESERVED
CVE-2023-1916 [out-of-bounds read in extractImageSection() in tools/tiffcrop.c]
+ RESERVED
- tiff <unfixed>
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/536
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/537
@@ -322,8 +443,8 @@ CVE-2021-4335
RESERVED
CVE-2021-4334
RESERVED
-CVE-2014-125094
- RESERVED
+CVE-2014-125094 (A vulnerability classified as problematic was found in phpMiniAdmin up ...)
+ TODO: check
CVE-2023-29383
RESERVED
CVE-2023-29382
@@ -1376,8 +1497,8 @@ CVE-2023-29019
RESERVED
CVE-2023-29018
RESERVED
-CVE-2023-29017
- RESERVED
+CVE-2023-29017 (vm2 is a sandbox that can run untrusted code with whitelisted Node's b ...)
+ TODO: check
CVE-2023-29016 (The Goobi viewer is a web application that allows digitised material t ...)
NOT-FOR-US: Goobi viewer
CVE-2023-29015 (The Goobi viewer is a web application that allows digitised material t ...)
@@ -3078,8 +3199,8 @@ CVE-2023-28502 (Rocket Software UniData versions prior to 8.2.4 build 3003 and U
NOT-FOR-US: Rocket Software UniData
CVE-2023-28501 (Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVers ...)
NOT-FOR-US: Rocket Software UniData
-CVE-2023-28500
- RESERVED
+CVE-2023-28500 (** UNSUPPORTED WHEN ASSIGNED ** A Java insecure deserialization vulner ...)
+ TODO: check
CVE-2023-28499
RESERVED
CVE-2023-28498
@@ -7643,26 +7764,26 @@ CVE-2023-27023
RESERVED
CVE-2023-27022
RESERVED
-CVE-2023-27021
- RESERVED
-CVE-2023-27020
- RESERVED
-CVE-2023-27019
- RESERVED
-CVE-2023-27018
- RESERVED
-CVE-2023-27017
- RESERVED
-CVE-2023-27016
- RESERVED
-CVE-2023-27015
- RESERVED
-CVE-2023-27014
- RESERVED
-CVE-2023-27013
- RESERVED
-CVE-2023-27012
- RESERVED
+CVE-2023-27021 (Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a s ...)
+ TODO: check
+CVE-2023-27020 (Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a s ...)
+ TODO: check
+CVE-2023-27019 (Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a s ...)
+ TODO: check
+CVE-2023-27018 (Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a s ...)
+ TODO: check
+CVE-2023-27017 (Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a s ...)
+ TODO: check
+CVE-2023-27016 (Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a s ...)
+ TODO: check
+CVE-2023-27015 (Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a s ...)
+ TODO: check
+CVE-2023-27014 (Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a s ...)
+ TODO: check
+CVE-2023-27013 (Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a s ...)
+ TODO: check
+CVE-2023-27012 (Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a s ...)
+ TODO: check
CVE-2023-27011
RESERVED
CVE-2023-27010 (Wondershare Dr.Fone v12.9.6 was discovered to contain weak permissions ...)
@@ -7731,8 +7852,8 @@ CVE-2023-26980
RESERVED
CVE-2023-26979
RESERVED
-CVE-2023-26978
- RESERVED
+CVE-2023-26978 (TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a com ...)
+ TODO: check
CVE-2023-26977
RESERVED
CVE-2023-26976 (Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflo ...)
@@ -7997,8 +8118,8 @@ CVE-2023-26850
RESERVED
CVE-2023-26849
RESERVED
-CVE-2023-26848
- RESERVED
+CVE-2023-26848 (TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a co ...)
+ TODO: check
CVE-2023-26847
RESERVED
CVE-2023-26846
@@ -8053,14 +8174,14 @@ CVE-2023-26822 (D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a comm
NOT-FOR-US: D-Link
CVE-2023-26821
RESERVED
-CVE-2023-26820
- RESERVED
+CVE-2023-26820 (siteproxy v1.0 was discovered to contain a path traversal vulnerabilit ...)
+ TODO: check
CVE-2023-26819
RESERVED
CVE-2023-26818
RESERVED
-CVE-2023-26817
- RESERVED
+CVE-2023-26817 (codefever before 2023.2.7-commit-b1c2e7f was discovered to contain a r ...)
+ TODO: check
CVE-2023-26816
RESERVED
CVE-2023-26815
@@ -12626,28 +12747,28 @@ CVE-2023-25221 (Libde265 v1.0.10 was discovered to contain a heap-buffer-overflo
- libde265 1.0.11-1
NOTE: https://github.com/strukturag/libde265/issues/388
NOTE: https://github.com/strukturag/libde265/commit/857290982330e82d9e25d9d39527c6737021aa7d (v1.0.11)
-CVE-2023-25220
- RESERVED
-CVE-2023-25219
- RESERVED
-CVE-2023-25218
- RESERVED
-CVE-2023-25217
- RESERVED
-CVE-2023-25216
- RESERVED
-CVE-2023-25215
- RESERVED
-CVE-2023-25214
- RESERVED
-CVE-2023-25213
- RESERVED
-CVE-2023-25212
- RESERVED
-CVE-2023-25211
- RESERVED
-CVE-2023-25210
- RESERVED
+CVE-2023-25220 (Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack ...)
+ TODO: check
+CVE-2023-25219 (Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack ...)
+ TODO: check
+CVE-2023-25218 (Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack ...)
+ TODO: check
+CVE-2023-25217 (Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack ...)
+ TODO: check
+CVE-2023-25216 (Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack ...)
+ TODO: check
+CVE-2023-25215 (Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack ...)
+ TODO: check
+CVE-2023-25214 (Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack ...)
+ TODO: check
+CVE-2023-25213 (Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack ...)
+ TODO: check
+CVE-2023-25212 (Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack ...)
+ TODO: check
+CVE-2023-25211 (Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack ...)
+ TODO: check
+CVE-2023-25210 (Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack ...)
+ TODO: check
CVE-2023-25209
RESERVED
CVE-2023-25208
@@ -13824,14 +13945,14 @@ CVE-2023-24802
RESERVED
CVE-2023-24801
RESERVED
-CVE-2023-24800
- RESERVED
-CVE-2023-24799
- RESERVED
-CVE-2023-24798
- RESERVED
-CVE-2023-24797
- RESERVED
+CVE-2023-24800 (D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overf ...)
+ TODO: check
+CVE-2023-24799 (D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overf ...)
+ TODO: check
+CVE-2023-24798 (D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overf ...)
+ TODO: check
+CVE-2023-24797 (D-Link DIR882 DIR882A1_FW110B02 was discovered to contain a stack over ...)
+ TODO: check
CVE-2023-24796
RESERVED
CVE-2023-24795 (Command execution vulnerability was discovered in JHR-N916R router fir ...)
@@ -223550,8 +223671,7 @@ CVE-2020-11937 (In whoopsie, parse_report() from whoopsie.c allows a local attac
NOT-FOR-US: Whoopsie
CVE-2020-11936
RESERVED
-CVE-2020-11935
- RESERVED
+CVE-2020-11935 (It was discovered that aufs improperly managed inode reference counts ...)
- aufs <unfixed> (bug #964748)
[buster] - aufs <no-dsa> (Minor issue; CONFIG_IMA not enabled in kernel; can be fixed via point release)
[stretch] - aufs <ignored> (Minor issue; too many other aufs issues open)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e8d5dfcce632bed53440e713f7c8985e426cad3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e8d5dfcce632bed53440e713f7c8985e426cad3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230407/64778505/attachment.htm>
More information about the debian-security-tracker-commits
mailing list