[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Apr 12 09:10:31 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
62616857 by security tracker role at 2023-04-12T08:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,39 @@
+CVE-2023-30512 (CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalat ...)
+ TODO: check
+CVE-2023-30511
+ RESERVED
+CVE-2023-30510
+ RESERVED
+CVE-2023-30509
+ RESERVED
+CVE-2023-30508
+ RESERVED
+CVE-2023-30507
+ RESERVED
+CVE-2023-30506
+ RESERVED
+CVE-2023-30505
+ RESERVED
+CVE-2023-30504
+ RESERVED
+CVE-2023-30503
+ RESERVED
+CVE-2023-30502
+ RESERVED
+CVE-2023-30501
+ RESERVED
+CVE-2023-1995
+ RESERVED
+CVE-2023-1994
+ RESERVED
+CVE-2023-1993
+ RESERVED
+CVE-2023-1992
+ RESERVED
+CVE-2023-1991
+ RESERVED
+CVE-2022-48437 (An issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1 ...)
+ TODO: check
CVE-2023-30500
RESERVED
CVE-2023-30499
@@ -62,8 +98,8 @@ CVE-2023-30470
RESERVED
CVE-2023-1990
RESERVED
-CVE-2023-1989
- RESERVED
+CVE-2023-1989 (A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\ ...)
+ TODO: check
CVE-2023-1988 (A vulnerability was found in SourceCodester Online Computer and Laptop ...)
NOT-FOR-US: SourceCodester Online Computer and Laptop Store
CVE-2023-1987 (A vulnerability has been found in SourceCodester Online Computer and L ...)
@@ -1915,8 +1951,8 @@ CVE-2023-29578
RESERVED
CVE-2023-29577
RESERVED
-CVE-2023-29576
- RESERVED
+CVE-2023-29576 (Bento4 v1.6.0-639 was discovered to contain a segmentation violation v ...)
+ TODO: check
CVE-2023-29575
RESERVED
CVE-2023-29574
@@ -4446,8 +4482,8 @@ CVE-2023-28810
RESERVED
CVE-2023-28809
RESERVED
-CVE-2023-28808
- RESERVED
+CVE-2023-28808 (Some Hikvision Hybrid SAN/Cluster Storage products have an access cont ...)
+ TODO: check
CVE-2023-1615
RESERVED
CVE-2023-1614
@@ -6204,68 +6240,68 @@ CVE-2023-28316
RESERVED
CVE-2023-28315
RESERVED
-CVE-2023-28314
- RESERVED
-CVE-2023-28313
- RESERVED
-CVE-2023-28312
- RESERVED
-CVE-2023-28311
- RESERVED
+CVE-2023-28314 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerabilit ...)
+ TODO: check
+CVE-2023-28313 (Microsoft Dynamics 365 Customer Voice Cross-Site Scripting Vulnerabili ...)
+ TODO: check
+CVE-2023-28312 (Azure Machine Learning Information Disclosure Vulnerability ...)
+ TODO: check
+CVE-2023-28311 (Microsoft Word Remote Code Execution Vulnerability ...)
+ TODO: check
CVE-2023-28310
RESERVED
-CVE-2023-28309
- RESERVED
-CVE-2023-28308
- RESERVED
-CVE-2023-28307
- RESERVED
-CVE-2023-28306
- RESERVED
-CVE-2023-28305
- RESERVED
-CVE-2023-28304
- RESERVED
+CVE-2023-28309 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerabilit ...)
+ TODO: check
+CVE-2023-28308 (Windows DNS Server Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2023-28307 (Windows DNS Server Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2023-28306 (Windows DNS Server Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2023-28305 (Windows DNS Server Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2023-28304 (Microsoft ODBC and OLE DB Remote Code Execution Vulnerability ...)
+ TODO: check
CVE-2023-28303
RESERVED
-CVE-2023-28302
- RESERVED
-CVE-2023-28301
- RESERVED
-CVE-2023-28300
- RESERVED
-CVE-2023-28299
- RESERVED
-CVE-2023-28298
- RESERVED
-CVE-2023-28297
- RESERVED
-CVE-2023-28296
- RESERVED
+CVE-2023-28302 (Microsoft Message Queuing Denial of Service Vulnerability ...)
+ TODO: check
+CVE-2023-28301 (Microsoft Edge (Chromium-based) Tampering Vulnerability ...)
+ TODO: check
+CVE-2023-28300 (Azure Service Connector Security Feature Bypass Vulnerability ...)
+ TODO: check
+CVE-2023-28299 (Visual Studio Spoofing Vulnerability ...)
+ TODO: check
+CVE-2023-28298 (Windows Kernel Denial of Service Vulnerability ...)
+ TODO: check
+CVE-2023-28297 (Windows Remote Procedure Call Service (RPCSS) Elevation of Privilege V ...)
+ TODO: check
+CVE-2023-28296 (Visual Studio Remote Code Execution Vulnerability ...)
+ TODO: check
CVE-2023-28295
RESERVED
CVE-2023-28294
RESERVED
-CVE-2023-28293
- RESERVED
-CVE-2023-28292
- RESERVED
-CVE-2023-28291
- RESERVED
+CVE-2023-28293 (Windows Kernel Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2023-28292 (Raw Image Extension Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2023-28291 (Raw Image Extension Remote Code Execution Vulnerability ...)
+ TODO: check
CVE-2023-28290
RESERVED
CVE-2023-28289
RESERVED
-CVE-2023-28288
- RESERVED
+CVE-2023-28288 (Microsoft SharePoint Server Spoofing Vulnerability ...)
+ TODO: check
CVE-2023-28287
RESERVED
CVE-2023-28286
RESERVED
-CVE-2023-28285
- RESERVED
-CVE-2023-28284
- RESERVED
+CVE-2023-28285 (Microsoft Office Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2023-28284 (Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability ...)
+ TODO: check
CVE-2023-28283
RESERVED
CVE-2023-28282
@@ -6276,132 +6312,132 @@ CVE-2023-28280
RESERVED
CVE-2023-28279
RESERVED
-CVE-2023-28278
- RESERVED
-CVE-2023-28277
- RESERVED
-CVE-2023-28276
- RESERVED
-CVE-2023-28275
- RESERVED
-CVE-2023-28274
- RESERVED
-CVE-2023-28273
- RESERVED
-CVE-2023-28272
- RESERVED
-CVE-2023-28271
- RESERVED
-CVE-2023-28270
- RESERVED
-CVE-2023-28269
- RESERVED
-CVE-2023-28268
- RESERVED
-CVE-2023-28267
- RESERVED
-CVE-2023-28266
- RESERVED
+CVE-2023-28278 (Windows DNS Server Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2023-28277 (Windows DNS Server Information Disclosure Vulnerability ...)
+ TODO: check
+CVE-2023-28276 (Windows Group Policy Security Feature Bypass Vulnerability ...)
+ TODO: check
+CVE-2023-28275 (Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vu ...)
+ TODO: check
+CVE-2023-28274 (Windows Win32k Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2023-28273 (Windows Clip Service Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2023-28272 (Windows Kernel Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2023-28271 (Windows Kernel Memory Information Disclosure Vulnerability ...)
+ TODO: check
+CVE-2023-28270 (Windows Lock Screen Security Feature Bypass Vulnerability ...)
+ TODO: check
+CVE-2023-28269 (Windows Boot Manager Security Feature Bypass Vulnerability ...)
+ TODO: check
+CVE-2023-28268 (Netlogon RPC Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2023-28267 (Remote Desktop Protocol Client Information Disclosure Vulnerability ...)
+ TODO: check
+CVE-2023-28266 (Windows Common Log File System Driver Information Disclosure Vulnerabi ...)
+ TODO: check
CVE-2023-28265
RESERVED
CVE-2023-28264
RESERVED
-CVE-2023-28263
- RESERVED
-CVE-2023-28262
- RESERVED
+CVE-2023-28263 (Visual Studio Information Disclosure Vulnerability ...)
+ TODO: check
+CVE-2023-28262 (Visual Studio Elevation of Privilege Vulnerability ...)
+ TODO: check
CVE-2023-28261
RESERVED
-CVE-2023-28260
- RESERVED
+CVE-2023-28260 (.NET DLL Hijacking Remote Code Execution Vulnerability ...)
+ TODO: check
CVE-2023-28259
RESERVED
CVE-2023-28258
RESERVED
CVE-2023-28257
RESERVED
-CVE-2023-28256
- RESERVED
-CVE-2023-28255
- RESERVED
-CVE-2023-28254
- RESERVED
-CVE-2023-28253
- RESERVED
-CVE-2023-28252
- RESERVED
+CVE-2023-28256 (Windows DNS Server Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2023-28255 (Windows DNS Server Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2023-28254 (Windows DNS Server Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2023-28253 (Windows Kernel Information Disclosure Vulnerability ...)
+ TODO: check
+CVE-2023-28252 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
+ TODO: check
CVE-2023-28251
RESERVED
-CVE-2023-28250
- RESERVED
-CVE-2023-28249
- RESERVED
-CVE-2023-28248
- RESERVED
-CVE-2023-28247
- RESERVED
-CVE-2023-28246
- RESERVED
+CVE-2023-28250 (Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulner ...)
+ TODO: check
+CVE-2023-28249 (Windows Boot Manager Security Feature Bypass Vulnerability ...)
+ TODO: check
+CVE-2023-28248 (Windows Kernel Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2023-28247 (Windows Network File System Information Disclosure Vulnerability ...)
+ TODO: check
+CVE-2023-28246 (Windows Registry Elevation of Privilege Vulnerability ...)
+ TODO: check
CVE-2023-28245
RESERVED
-CVE-2023-28244
- RESERVED
-CVE-2023-28243
- RESERVED
+CVE-2023-28244 (Windows Kerberos Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2023-28243 (Microsoft PostScript and PCL6 Class Printer Driver Remote Code Executi ...)
+ TODO: check
CVE-2023-28242
RESERVED
-CVE-2023-28241
- RESERVED
-CVE-2023-28240
- RESERVED
+CVE-2023-28241 (Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vuln ...)
+ TODO: check
+CVE-2023-28240 (Windows Network Load Balancing Remote Code Execution Vulnerability ...)
+ TODO: check
CVE-2023-28239
RESERVED
-CVE-2023-28238
- RESERVED
-CVE-2023-28237
- RESERVED
-CVE-2023-28236
- RESERVED
-CVE-2023-28235
- RESERVED
-CVE-2023-28234
- RESERVED
-CVE-2023-28233
- RESERVED
-CVE-2023-28232
- RESERVED
-CVE-2023-28231
- RESERVED
+CVE-2023-28238 (Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Ex ...)
+ TODO: check
+CVE-2023-28237 (Windows Kernel Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2023-28236 (Windows Kernel Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2023-28235 (Windows Lock Screen Security Feature Bypass Vulnerability ...)
+ TODO: check
+CVE-2023-28234 (Windows Secure Channel Denial of Service Vulnerability ...)
+ TODO: check
+CVE-2023-28233 (Windows Secure Channel Denial of Service Vulnerability ...)
+ TODO: check
+CVE-2023-28232 (Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulner ...)
+ TODO: check
+CVE-2023-28231 (DHCP Server Service Remote Code Execution Vulnerability ...)
+ TODO: check
CVE-2023-28230
RESERVED
-CVE-2023-28229
- RESERVED
-CVE-2023-28228
- RESERVED
-CVE-2023-28227
- RESERVED
-CVE-2023-28226
- RESERVED
-CVE-2023-28225
- RESERVED
-CVE-2023-28224
- RESERVED
-CVE-2023-28223
- RESERVED
-CVE-2023-28222
- RESERVED
-CVE-2023-28221
- RESERVED
-CVE-2023-28220
- RESERVED
-CVE-2023-28219
- RESERVED
-CVE-2023-28218
- RESERVED
-CVE-2023-28217
- RESERVED
-CVE-2023-28216
- RESERVED
+CVE-2023-28229 (Windows CNG Key Isolation Service Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2023-28228 (Windows Spoofing Vulnerability ...)
+ TODO: check
+CVE-2023-28227 (Windows Bluetooth Driver Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2023-28226 (Windows Enroll Engine Security Feature Bypass Vulnerability ...)
+ TODO: check
+CVE-2023-28225 (Windows NTLM Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2023-28224 (Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Exec ...)
+ TODO: check
+CVE-2023-28223 (Windows Domain Name Service Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2023-28222 (Windows Kernel Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2023-28221 (Windows Error Reporting Service Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2023-28220 (Layer 2 Tunneling Protocol Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2023-28219 (Layer 2 Tunneling Protocol Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2023-28218 (Windows Ancillary Function Driver for WinSock Elevation of Privilege V ...)
+ TODO: check
+CVE-2023-28217 (Windows Network Address Translation (NAT) Denial of Service Vulnerabil ...)
+ TODO: check
+CVE-2023-28216 (Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vu ...)
+ TODO: check
CVE-2023-27917 (OS command injection vulnerability in CONPROSYS IoT Gateway products a ...)
NOT-FOR-US: CONPROSYS IoT Gateway products
CVE-2023-27389 (Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway ...)
@@ -8737,7 +8773,7 @@ CVE-2023-27501 (SAP NetWeaver AS for ABAP and ABAP Platform - versions 700, 701,
NOT-FOR-US: SAP
CVE-2023-27500 (An attacker with non-administrative authorizations can exploit a direc ...)
NOT-FOR-US: SAP
-CVE-2023-27499 (SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.547.77, 7.81, 7.85, 7 ...)
+CVE-2023-27499 (SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, ...)
NOT-FOR-US: SAP
CVE-2023-27498 (SAP Host Agent (SAPOSCOL) - version 7.22, allows an unauthenticated at ...)
NOT-FOR-US: SAP
@@ -10953,16 +10989,16 @@ CVE-2023-26557
RESERVED
CVE-2023-26556
RESERVED
-CVE-2023-26555
- RESERVED
-CVE-2023-26554
- RESERVED
-CVE-2023-26553
- RESERVED
-CVE-2023-26552
- RESERVED
-CVE-2023-26551
- RESERVED
+CVE-2023-26555 (praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-o ...)
+ TODO: check
+CVE-2023-26554 (mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write ...)
+ TODO: check
+CVE-2023-26553 (mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write ...)
+ TODO: check
+CVE-2023-26552 (mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write ...)
+ TODO: check
+CVE-2023-26551 (mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write ...)
+ TODO: check
CVE-2023-26550 (A SQL injection vulnerability in BMC Control-M before 9.0.20.214 allow ...)
NOT-FOR-US: BMC Control-M
CVE-2023-26549 (The SystemUI module has a vulnerability of repeated app restart due to ...)
@@ -11906,8 +11942,8 @@ CVE-2023-26262 (An issue was discovered in Sitecore XP/XM 10.3. As an authentica
NOT-FOR-US: Sitecore
CVE-2023-26261 (In UBIKA WAAP Gateway/Cloud through 6.10, a blind XPath injection lead ...)
NOT-FOR-US: UBIKA WAAP Gateway/Cloud
-CVE-2023-26260
- RESERVED
+CVE-2023-26260 (OXID eShop 6.2.x before 6.4.4 and 6.5.x before 6.5.2 allows session hi ...)
+ TODO: check
CVE-2023-26259
RESERVED
CVE-2023-26258
@@ -14598,24 +14634,24 @@ CVE-2023-25417
RESERVED
CVE-2023-25416
RESERVED
-CVE-2023-25415
- RESERVED
-CVE-2023-25414
- RESERVED
-CVE-2023-25413
- RESERVED
+CVE-2023-25415 (Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. The dev ...)
+ TODO: check
+CVE-2023-25414 (Aten PE8108 2.4.232 is vulnerable to denial of service (DOS). ...)
+ TODO: check
+CVE-2023-25413 (Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. The dev ...)
+ TODO: check
CVE-2023-25412
RESERVED
-CVE-2023-25411
- RESERVED
+CVE-2023-25411 (Aten PE8108 2.4.232 is vulnerable to Cross Site Request Forgery (CSRF) ...)
+ TODO: check
CVE-2023-25410
RESERVED
-CVE-2023-25409
- RESERVED
+CVE-2023-25409 (Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. Restric ...)
+ TODO: check
CVE-2023-25408
RESERVED
-CVE-2023-25407
- RESERVED
+CVE-2023-25407 (Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. Restric ...)
+ TODO: check
CVE-2023-25406
RESERVED
CVE-2023-25405
@@ -15820,30 +15856,30 @@ CVE-2023-24937
RESERVED
CVE-2023-24936
RESERVED
-CVE-2023-24935
- RESERVED
+CVE-2023-24935 (Microsoft Edge (Chromium-based) Spoofing Vulnerability ...)
+ TODO: check
CVE-2023-24934
RESERVED
CVE-2023-24933
RESERVED
CVE-2023-24932
RESERVED
-CVE-2023-24931
- RESERVED
+CVE-2023-24931 (Windows Secure Channel Denial of Service Vulnerability ...)
+ TODO: check
CVE-2023-24930 (Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2023-24929
- RESERVED
-CVE-2023-24928
- RESERVED
-CVE-2023-24927
- RESERVED
-CVE-2023-24926
- RESERVED
-CVE-2023-24925
- RESERVED
-CVE-2023-24924
- RESERVED
+CVE-2023-24929 (Microsoft PostScript and PCL6 Class Printer Driver Remote Code Executi ...)
+ TODO: check
+CVE-2023-24928 (Microsoft PostScript and PCL6 Class Printer Driver Remote Code Executi ...)
+ TODO: check
+CVE-2023-24927 (Microsoft PostScript and PCL6 Class Printer Driver Remote Code Executi ...)
+ TODO: check
+CVE-2023-24926 (Microsoft PostScript and PCL6 Class Printer Driver Remote Code Executi ...)
+ TODO: check
+CVE-2023-24925 (Microsoft PostScript and PCL6 Class Printer Driver Remote Code Executi ...)
+ TODO: check
+CVE-2023-24924 (Microsoft PostScript and PCL6 Class Printer Driver Remote Code Executi ...)
+ TODO: check
CVE-2023-24923 (Microsoft OneDrive for Android Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2023-24922 (Microsoft Dynamics 365 Information Disclosure Vulnerability ...)
@@ -15862,12 +15898,12 @@ CVE-2023-24916
RESERVED
CVE-2023-24915
RESERVED
-CVE-2023-24914
- RESERVED
+CVE-2023-24914 (Win32k Elevation of Privilege Vulnerability ...)
+ TODO: check
CVE-2023-24913 (Microsoft PostScript and PCL6 Class Printer Driver Remote Code Executi ...)
NOT-FOR-US: Microsoft
-CVE-2023-24912
- RESERVED
+CVE-2023-24912 (Windows Graphics Component Elevation of Privilege Vulnerability ...)
+ TODO: check
CVE-2023-24911 (Microsoft PostScript and PCL6 Class Printer Driver Information Disclos ...)
NOT-FOR-US: Microsoft
CVE-2023-24910 (Windows Graphics Component Elevation of Privilege Vulnerability ...)
@@ -15904,8 +15940,8 @@ CVE-2023-24895
RESERVED
CVE-2023-24894
RESERVED
-CVE-2023-24893
- RESERVED
+CVE-2023-24893 (Visual Studio Code Remote Code Execution Vulnerability ...)
+ TODO: check
CVE-2023-24892 (Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2023-24891 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerabilit ...)
@@ -15916,16 +15952,16 @@ CVE-2023-24889
RESERVED
CVE-2023-24888
RESERVED
-CVE-2023-24887
- RESERVED
-CVE-2023-24886
- RESERVED
-CVE-2023-24885
- RESERVED
-CVE-2023-24884
- RESERVED
-CVE-2023-24883
- RESERVED
+CVE-2023-24887 (Microsoft PostScript and PCL6 Class Printer Driver Remote Code Executi ...)
+ TODO: check
+CVE-2023-24886 (Microsoft PostScript and PCL6 Class Printer Driver Remote Code Executi ...)
+ TODO: check
+CVE-2023-24885 (Microsoft PostScript and PCL6 Class Printer Driver Remote Code Executi ...)
+ TODO: check
+CVE-2023-24884 (Microsoft PostScript and PCL6 Class Printer Driver Remote Code Executi ...)
+ TODO: check
+CVE-2023-24883 (Microsoft PostScript and PCL6 Class Printer Driver Information Disclos ...)
+ TODO: check
CVE-2023-24882 (Microsoft OneDrive for Android Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2023-24881
@@ -15970,8 +16006,8 @@ CVE-2023-24862 (Windows Secure Channel Denial of Service Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2023-24861 (Windows Graphics Component Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2023-24860
- RESERVED
+CVE-2023-24860 (Microsoft Defender Denial of Service Vulnerability ...)
+ TODO: check
CVE-2023-24859 (Windows Internet Key Exchange (IKE) Extension Denial of Service Vulner ...)
NOT-FOR-US: Microsoft
CVE-2023-24858 (Microsoft PostScript and PCL6 Class Printer Driver Information Disclos ...)
@@ -20469,8 +20505,8 @@ CVE-2023-23386
RESERVED
CVE-2023-23385 (Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Pri ...)
NOT-FOR-US: Microsoft
-CVE-2023-23384
- RESERVED
+CVE-2023-23384 (Microsoft SQL Server Remote Code Execution Vulnerability ...)
+ TODO: check
CVE-2023-23383 (Service Fabric Explorer Spoofing Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2023-23382 (Azure Machine Learning Compute Instance Information Disclosure Vulnera ...)
@@ -20487,8 +20523,8 @@ CVE-2023-23377 (3D Builder Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2023-23376 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
NOT-FOR-US: Microsoft
-CVE-2023-23375
- RESERVED
+CVE-2023-23375 (Microsoft ODBC and OLE DB Remote Code Execution Vulnerability ...)
+ TODO: check
CVE-2023-23374 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2023-23373
@@ -22444,8 +22480,8 @@ CVE-2023-22809 (In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandle
NOTE: https://github.com/sudo-project/sudo/commit/0274a4f3b403162a37a10f199c989f3727ed3ad4
NOTE: https://www.synacktiv.com/sites/default/files/2023-01/sudo-CVE-2023-22809.pdf
NOTE: https://www.openwall.com/lists/oss-security/2023/01/19/1
-CVE-2023-22808
- RESERVED
+CVE-2023-22808 (An issue was discovered in the Arm Android Gralloc Module. A non-privi ...)
+ TODO: check
CVE-2023-22663
RESERVED
CVE-2023-22448
@@ -23121,14 +23157,14 @@ CVE-2023-22617 (A remote attacker might be able to cause infinite recursion in P
NOTE: https://github.com/PowerDNS/pdns/pull/12442
CVE-2023-22616
RESERVED
-CVE-2023-22615
- RESERVED
-CVE-2023-22614
- RESERVED
-CVE-2023-22613
- RESERVED
-CVE-2023-22612
- RESERVED
+CVE-2023-22615 (An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5. ...)
+ TODO: check
+CVE-2023-22614 (An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kern ...)
+ TODO: check
+CVE-2023-22613 (An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5. ...)
+ TODO: check
+CVE-2023-22612 (An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5. ...)
+ TODO: check
CVE-2023-22611 (A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor ...)
NOT-FOR-US: EcoStruxure Geo SCADA Expert
CVE-2023-22610 (A CWE-285: Improper Authorization vulnerability exists that could caus ...)
@@ -27819,8 +27855,8 @@ CVE-2023-21771 (Windows Local Session Manager (LSM) Elevation of Privilege Vulne
NOT-FOR-US: Microsoft
CVE-2023-21770
RESERVED
-CVE-2023-21769
- RESERVED
+CVE-2023-21769 (Microsoft Message Queuing Denial of Service Vulnerability ...)
+ TODO: check
CVE-2023-21768 (Windows Ancillary Function Driver for WinSock Elevation of Privilege V ...)
NOT-FOR-US: Microsoft
CVE-2023-21767 (Windows Overlay Filter Elevation of Privilege Vulnerability. ...)
@@ -27899,12 +27935,12 @@ CVE-2023-21731
RESERVED
CVE-2023-21730 (Microsoft Cryptographic Services Elevation of Privilege Vulnerability. ...)
NOT-FOR-US: Microsoft
-CVE-2023-21729
- RESERVED
+CVE-2023-21729 (Remote Procedure Call Runtime Information Disclosure Vulnerability ...)
+ TODO: check
CVE-2023-21728 (Windows Netlogon Denial of Service Vulnerability. ...)
NOT-FOR-US: Microsoft
-CVE-2023-21727
- RESERVED
+CVE-2023-21727 (Remote Procedure Call Runtime Remote Code Execution Vulnerability ...)
+ TODO: check
CVE-2023-21726 (Windows Credential Manager User Interface Elevation of Privilege Vulne ...)
NOT-FOR-US: Microsoft
CVE-2023-21725 (Windows Malicious Software Removal Tool Elevation of Privilege Vulnera ...)
@@ -30745,8 +30781,8 @@ CVE-2022-46398
RESERVED
CVE-2022-46397 (FP.io VPP (Vector Packet Processor) 22.10, 22.06, 22.02, 21.10, 21.06, ...)
NOT-FOR-US: FD.io VPP (Vector Packet Processor) IPSec
-CVE-2022-46396
- RESERVED
+CVE-2022-46396 (An issue was discovered in the Arm Mali Kernel Driver. A non-privilege ...)
+ TODO: check
CVE-2022-46395 (An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privi ...)
NOT-FOR-US: Arm Mali
CVE-2022-46394 (An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privi ...)
@@ -31011,8 +31047,8 @@ CVE-2023-21556 (Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution
NOT-FOR-US: Microsoft
CVE-2023-21555 (Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulner ...)
NOT-FOR-US: Microsoft
-CVE-2023-21554
- RESERVED
+CVE-2023-21554 (Microsoft Message Queuing Remote Code Execution Vulnerability ...)
+ TODO: check
CVE-2023-21553 (Azure DevOps Server Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2023-21552 (Windows GDI Elevation of Privilege Vulnerability. This CVE ID is uniqu ...)
@@ -48687,11 +48723,11 @@ CVE-2022-41108
RESERVED
CVE-2022-41107 (Microsoft Office Graphics Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-41106 (Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is un ...)
+CVE-2022-41106 (Microsoft Excel Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41105 (Microsoft Excel Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-41104 (Microsoft Excel Security Feature Bypass Vulnerability. ...)
+CVE-2022-41104 (Microsoft Excel Security Feature Bypass Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41103 (Microsoft Word Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
@@ -48773,7 +48809,7 @@ CVE-2022-41065
RESERVED
CVE-2022-41064 (.NET Framework Information Disclosure Vulnerability. ...)
NOT-FOR-US: Microsoft
-CVE-2022-41063 (Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is un ...)
+CVE-2022-41063 (Microsoft Excel Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41062 (Microsoft SharePoint Server Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
@@ -57025,7 +57061,7 @@ CVE-2022-38022 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID
NOT-FOR-US: Microsoft
CVE-2022-38021 (Connected User Experiences and Telemetry Elevation of Privilege Vulner ...)
NOT-FOR-US: Microsoft
-CVE-2022-38020 (Visual Studio Code Elevation of Privilege Vulnerability. ...)
+CVE-2022-38020 (Visual Studio Code Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-38019 (AV1 Video Extension Remote Code Execution Vulnerability. ...)
NOT-FOR-US: Microsoft
@@ -57041,23 +57077,23 @@ CVE-2022-38014 (Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege
NOT-FOR-US: Microsoft
CVE-2022-38013 (.NET Core and Visual Studio Denial of Service Vulnerability. ...)
NOT-FOR-US: Microsoft
-CVE-2022-38012 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. ...)
+CVE-2022-38012 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-38011 (Raw Image Extension Remote Code Execution Vulnerability. ...)
NOT-FOR-US: Microsoft
-CVE-2022-38010 (Microsoft Office Visio Remote Code Execution Vulnerability. This CVE I ...)
+CVE-2022-38010 (Microsoft Office Visio Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-38009 (Microsoft SharePoint Server Remote Code Execution Vulnerability. This ...)
+CVE-2022-38009 (Microsoft SharePoint Server Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-38008 (Microsoft SharePoint Server Remote Code Execution Vulnerability. This ...)
+CVE-2022-38008 (Microsoft SharePoint Server Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-38007 (Azure Guest Configuration and Azure Arc-enabled servers Elevation of P ...)
NOT-FOR-US: Microsoft
-CVE-2022-38006 (Windows Graphics Component Information Disclosure Vulnerability. This ...)
+CVE-2022-38006 (Windows Graphics Component Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-38005 (Windows Print Spooler Elevation of Privilege Vulnerability. ...)
+CVE-2022-38005 (Windows Print Spooler Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-38004 (Windows Fax Service Remote Code Execution Vulnerability. ...)
+CVE-2022-38004 (Windows Fax Service Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-38003 (Windows Resilient File System Elevation of Privilege. ...)
NOT-FOR-US: Microsoft
@@ -57139,27 +57175,27 @@ CVE-2022-37966 (Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability .
NOTE: https://www.samba.org/samba/security/CVE-2022-37966.html
CVE-2022-37965 (Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerabil ...)
NOT-FOR-US: Microsoft
-CVE-2022-37964 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
+CVE-2022-37964 (Windows Kernel Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-37963 (Microsoft Office Visio Remote Code Execution Vulnerability. This CVE I ...)
+CVE-2022-37963 (Microsoft Office Visio Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-37962 (Microsoft PowerPoint Remote Code Execution Vulnerability. ...)
+CVE-2022-37962 (Microsoft PowerPoint Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-37961 (Microsoft SharePoint Server Remote Code Execution Vulnerability. This ...)
+CVE-2022-37961 (Microsoft SharePoint Server Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-37960
RESERVED
CVE-2022-37959 (Network Device Enrollment Service (NDES) Security Feature Bypass Vulne ...)
NOT-FOR-US: Microsoft
-CVE-2022-37958 (SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Information Di ...)
+CVE-2022-37958 (SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Ex ...)
NOT-FOR-US: Microsoft
-CVE-2022-37957 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
+CVE-2022-37957 (Windows Kernel Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-37956 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
+CVE-2022-37956 (Windows Kernel Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-37955 (Windows Group Policy Elevation of Privilege Vulnerability. ...)
+CVE-2022-37955 (Windows Group Policy Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-37954 (DirectX Graphics Kernel Elevation of Privilege Vulnerability. ...)
+CVE-2022-37954 (DirectX Graphics Kernel Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-37953 (An HTTP response splitting vulnerability exists in the AM Gateway Chal ...)
NOT-FOR-US: GE Gas Power
@@ -62753,27 +62789,27 @@ CVE-2022-35842 (An exposure of sensitive information to an unauthorized actor vu
NOT-FOR-US: FortiGuard
CVE-2022-35841 (Windows Enterprise App Management Service Remote Code Execution Vulner ...)
NOT-FOR-US: Microsoft
-CVE-2022-35840 (Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnera ...)
+CVE-2022-35840 (Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vu ...)
NOT-FOR-US: Microsoft
CVE-2022-35839
RESERVED
-CVE-2022-35838 (HTTP V3 Denial of Service Vulnerability. ...)
+CVE-2022-35838 (HTTP V3 Denial of Service Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-35837 (Windows Graphics Component Information Disclosure Vulnerability. This ...)
+CVE-2022-35837 (Windows Graphics Component Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-35836 (Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnera ...)
+CVE-2022-35836 (Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vu ...)
NOT-FOR-US: Microsoft
-CVE-2022-35835 (Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnera ...)
+CVE-2022-35835 (Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vu ...)
NOT-FOR-US: Microsoft
-CVE-2022-35834 (Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnera ...)
+CVE-2022-35834 (Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vu ...)
NOT-FOR-US: Microsoft
-CVE-2022-35833 (Windows Secure Channel Denial of Service Vulnerability. This CVE ID is ...)
+CVE-2022-35833 (Windows Secure Channel Denial of Service Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-35832 (Windows Event Tracing Denial of Service Vulnerability. ...)
+CVE-2022-35832 (Windows Event Tracing Denial of Service Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-35831 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
NOT-FOR-US: Microsoft
-CVE-2022-35830 (Remote Procedure Call Runtime Remote Code Execution Vulnerability. ...)
+CVE-2022-35830 (Remote Procedure Call Runtime Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-35829 (Service Fabric Explorer Spoofing Vulnerability. ...)
NOT-FOR-US: Microsoft
@@ -62787,7 +62823,7 @@ CVE-2022-35825 (Visual Studio Remote Code Execution Vulnerability. This CVE ID i
NOT-FOR-US: Microsoft
CVE-2022-35824 (Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID i ...)
NOT-FOR-US: Microsoft
-CVE-2022-35823 (Microsoft SharePoint Remote Code Execution Vulnerability. ...)
+CVE-2022-35823 (Microsoft SharePoint Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-35822 (Windows Defender Credential Guard Security Feature Bypass Vulnerabilit ...)
NOT-FOR-US: Microsoft
@@ -65886,27 +65922,27 @@ CVE-2017-20123 (A vulnerability was found in Viscosity 1.6.7. It has been classi
NOT-FOR-US: Viscosity on Windows and macOS
CVE-2017-20122 (A vulnerability classified as problematic was found in Bitrix Site Man ...)
NOT-FOR-US: Bitrix Site Manager
-CVE-2022-34734 (Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID ...)
+CVE-2022-34734 (Microsoft ODBC Driver Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-34733 (Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnera ...)
+CVE-2022-34733 (Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vu ...)
NOT-FOR-US: Microsoft
-CVE-2022-34732 (Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID ...)
+CVE-2022-34732 (Microsoft ODBC Driver Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-34731 (Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnera ...)
+CVE-2022-34731 (Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vu ...)
NOT-FOR-US: Microsoft
-CVE-2022-34730 (Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID ...)
+CVE-2022-34730 (Microsoft ODBC Driver Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-34729 (Windows GDI Elevation of Privilege Vulnerability. ...)
+CVE-2022-34729 (Windows GDI Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-34728 (Windows Graphics Component Information Disclosure Vulnerability. This ...)
+CVE-2022-34728 (Windows Graphics Component Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-34727 (Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID ...)
+CVE-2022-34727 (Microsoft ODBC Driver Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-34726 (Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID ...)
+CVE-2022-34726 (Microsoft ODBC Driver Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-34725 (Windows ALPC Elevation of Privilege Vulnerability. ...)
+CVE-2022-34725 (Windows ALPC Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-34724 (Windows DNS Server Denial of Service Vulnerability. ...)
+CVE-2022-34724 (Windows DNS Server Denial of Service Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-34723 (Windows DPAPI (Data Protection Application Programming Interface) Info ...)
NOT-FOR-US: Microsoft
@@ -65918,7 +65954,7 @@ CVE-2022-34720 (Windows Internet Key Exchange (IKE) Extension Denial of Service
NOT-FOR-US: Microsoft
CVE-2022-34719 (Windows Distributed File System (DFS) Elevation of Privilege Vulnerabi ...)
NOT-FOR-US: Microsoft
-CVE-2022-34718 (Windows TCP/IP Remote Code Execution Vulnerability. ...)
+CVE-2022-34718 (Windows TCP/IP Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-34717 (Microsoft Office Remote Code Execution Vulnerability. ...)
NOT-FOR-US: Microsoft
@@ -68972,7 +69008,7 @@ CVE-2022-33681 (Delayed TLS hostname verification in the Pulsar Java Client and
NOT-FOR-US: Apache Pulsar
CVE-2022-33680 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. ...)
NOT-FOR-US: Microsoft
-CVE-2022-33679 (Windows Kerberos Elevation of Privilege Vulnerability. This CVE ID is ...)
+CVE-2022-33679 (Windows Kerberos Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-33678 (Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID i ...)
NOT-FOR-US: Microsoft
@@ -69036,7 +69072,7 @@ CVE-2022-33649 (Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerab
NOT-FOR-US: Microsoft
CVE-2022-33648 (Microsoft Excel Remote Code Execution Vulnerability. ...)
NOT-FOR-US: Microsoft
-CVE-2022-33647 (Windows Kerberos Elevation of Privilege Vulnerability. This CVE ID is ...)
+CVE-2022-33647 (Windows Kerberos Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-33646 (Azure Batch Node Agent Elevation of Privilege Vulnerability. ...)
NOT-FOR-US: Microsoft
@@ -78735,7 +78771,7 @@ CVE-2022-30198 (Windows Point-to-Point Tunneling Protocol Remote Code Execution
NOT-FOR-US: Microsoft
CVE-2022-30197 (Windows Kernel Information Disclosure Vulnerability. This CVE ID is un ...)
NOT-FOR-US: Microsoft
-CVE-2022-30196 (Windows Secure Channel Denial of Service Vulnerability. This CVE ID is ...)
+CVE-2022-30196 (Windows Secure Channel Denial of Service Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-30195
RESERVED
@@ -88424,7 +88460,7 @@ CVE-2022-26930 (Windows Remote Access Connection Manager Information Disclosure
NOT-FOR-US: Microsoft
CVE-2022-26929 (.NET Framework Remote Code Execution Vulnerability. ...)
NOT-FOR-US: Microsoft
-CVE-2022-26928 (Windows Photo Import API Elevation of Privilege Vulnerability. ...)
+CVE-2022-26928 (Windows Photo Import API Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-26927 (Windows Graphics Component Remote Code Execution Vulnerability. ...)
NOT-FOR-US: Microsoft
@@ -101294,7 +101330,7 @@ CVE-2022-22980 (A Spring Data MongoDB application is vulnerable to SpEL Injectio
NOT-FOR-US: Spring Data MongoDB
CVE-2022-22979 (In Spring Cloud Function versions prior to 3.2.6, it is possible for a ...)
NOT-FOR-US: Spring Cloud Function
-CVE-2022-22978 (In Spring Security versions 5.5.6 and 5.6.3 and older unsupported vers ...)
+CVE-2022-22978 (In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and olde ...)
- libspring-security-2.0-java <removed>
CVE-2022-22977 (VMware Tools for Windows(12.0.0, 11.x.y and 10.x.y) contains an XML Ex ...)
NOT-FOR-US: VMware
@@ -234914,8 +234950,8 @@ CVE-2020-9011
RESERVED
CVE-2020-9010
RESERVED
-CVE-2020-9009
- RESERVED
+CVE-2020-9009 (The ShipStation.com plugin 1.1 and earlier for CS-Cart allows remote a ...)
+ TODO: check
CVE-2020-9008 (Stored Cross-site scripting (XSS) vulnerability in Blackboard Learn/Pe ...)
NOT-FOR-US: Blackboard Learn/PeopleTool
CVE-2019-20473 (An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.865 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6261685710bc00d10ecce951646f207dfd7c9940
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6261685710bc00d10ecce951646f207dfd7c9940
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230412/05fe800c/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list