[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Apr 19 09:10:36 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
aacf588f by security tracker role at 2023-04-19T08:10:24+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,21 @@
+CVE-2023-2175
+ RESERVED
+CVE-2023-2174
+ RESERVED
+CVE-2023-2173
+ RESERVED
+CVE-2023-2172
+ RESERVED
+CVE-2023-2171
+ RESERVED
+CVE-2023-2170
+ RESERVED
+CVE-2023-2169
+ RESERVED
+CVE-2023-2168
+ RESERVED
+CVE-2023-2167
+ RESERVED
CVE-2023-30861
RESERVED
CVE-2023-30860
@@ -218,24 +236,19 @@ CVE-2023-30793
RESERVED
CVE-2023-2138 (Use of Hard-coded Credentials in GitHub repository nuxtlabs/github-mod ...)
TODO: check
-CVE-2023-2137
- RESERVED
+CVE-2023-2137 (Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.13 ...)
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-2136
- RESERVED
+CVE-2023-2136 (Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allo ...)
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-2135
- RESERVED
+CVE-2023-2135 (Use after free in DevTools in Google Chrome prior to 112.0.5615.137 al ...)
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-2134
- RESERVED
+CVE-2023-2134 (Out of bounds memory access in Service Worker API in Google Chrome pri ...)
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-2133
- RESERVED
+CVE-2023-2133 (Out of bounds memory access in Service Worker API in Google Chrome pri ...)
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2023-2132
@@ -738,14 +751,14 @@ CVE-2023-30610
RESERVED
CVE-2023-30609
RESERVED
-CVE-2023-30608
- RESERVED
+CVE-2023-30608 (sqlparse is a non-validating SQL parser module for Python. In affected ...)
+ TODO: check
CVE-2023-30607
RESERVED
-CVE-2023-30606
- RESERVED
-CVE-2023-30605
- RESERVED
+CVE-2023-30606 (Discourse is an open source platform for community discussion. In affe ...)
+ TODO: check
+CVE-2023-30605 (Archery is an open source SQL audit platform. The Archery project cont ...)
+ TODO: check
CVE-2023-30604
RESERVED
CVE-2023-30603
@@ -1062,20 +1075,20 @@ CVE-2023-30560
RESERVED
CVE-2023-30559
RESERVED
-CVE-2023-30558
- RESERVED
-CVE-2023-30557
- RESERVED
-CVE-2023-30556
- RESERVED
-CVE-2023-30555
- RESERVED
-CVE-2023-30554
- RESERVED
-CVE-2023-30553
- RESERVED
-CVE-2023-30552
- RESERVED
+CVE-2023-30558 (Archery is an open source SQL audit platform. The Archery project cont ...)
+ TODO: check
+CVE-2023-30557 (Archery is an open source SQL audit platform. The Archery project cont ...)
+ TODO: check
+CVE-2023-30556 (Archery is an open source SQL audit platform. The Archery project cont ...)
+ TODO: check
+CVE-2023-30555 (Archery is an open source SQL audit platform. The Archery project cont ...)
+ TODO: check
+CVE-2023-30554 (Archery is an open source SQL audit platform. The Archery project cont ...)
+ TODO: check
+CVE-2023-30553 (Archery is an open source SQL audit platform. The Archery project cont ...)
+ TODO: check
+CVE-2023-30552 (Archery is an open source SQL audit platform. The Archery project cont ...)
+ TODO: check
CVE-2023-30551
RESERVED
CVE-2023-30550
@@ -1102,8 +1115,8 @@ CVE-2023-30540 (Nextcloud Talk is a chat, video & audio call extension for N
TODO: check
CVE-2023-30539 (Nextcloud is a personal home server system. Depending on the set up ta ...)
- nextcloud-server <itp> (bug #941708)
-CVE-2023-30538
- RESERVED
+CVE-2023-30538 (Discourse is an open source platform for community discussion. Due to ...)
+ TODO: check
CVE-2023-30537 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
NOT-FOR-US: XWiki
CVE-2023-30536 (slim/psr7 is a PSR-7 implementation for use with Slim 4. In versions p ...)
@@ -2551,8 +2564,8 @@ CVE-2023-29889
RESERVED
CVE-2023-29888
RESERVED
-CVE-2023-29887
- RESERVED
+CVE-2023-29887 (A Local File inclusion vulnerability in test.php in spreadsheet-reader ...)
+ TODO: check
CVE-2023-29886
RESERVED
CVE-2023-29885
@@ -3418,42 +3431,42 @@ CVE-2023-29529 (matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and
NOT-FOR-US: matrix-js-sdk
CVE-2023-29528
RESERVED
-CVE-2023-29527
- RESERVED
-CVE-2023-29526
- RESERVED
-CVE-2023-29525
- RESERVED
-CVE-2023-29524
- RESERVED
-CVE-2023-29523
- RESERVED
-CVE-2023-29522
- RESERVED
-CVE-2023-29521
- RESERVED
-CVE-2023-29520
- RESERVED
-CVE-2023-29519
- RESERVED
-CVE-2023-29518
- RESERVED
-CVE-2023-29517
- RESERVED
-CVE-2023-29516
- RESERVED
-CVE-2023-29515
- RESERVED
-CVE-2023-29514
- RESERVED
-CVE-2023-29513
- RESERVED
-CVE-2023-29512
- RESERVED
+CVE-2023-29527 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+ TODO: check
+CVE-2023-29526 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+ TODO: check
+CVE-2023-29525 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+ TODO: check
+CVE-2023-29524 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+ TODO: check
+CVE-2023-29523 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+ TODO: check
+CVE-2023-29522 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+ TODO: check
+CVE-2023-29521 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+ TODO: check
+CVE-2023-29520 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+ TODO: check
+CVE-2023-29519 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+ TODO: check
+CVE-2023-29518 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+ TODO: check
+CVE-2023-29517 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+ TODO: check
+CVE-2023-29516 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+ TODO: check
+CVE-2023-29515 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+ TODO: check
+CVE-2023-29514 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+ TODO: check
+CVE-2023-29513 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+ TODO: check
+CVE-2023-29512 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+ TODO: check
CVE-2023-29511 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
NOT-FOR-US: XWiki
-CVE-2023-29510
- RESERVED
+CVE-2023-29510 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+ TODO: check
CVE-2023-29509 (XWiki Commons are technical libraries common to several other top leve ...)
NOT-FOR-US: XWiki
CVE-2023-29508 (XWiki Commons are technical libraries common to several other top leve ...)
@@ -3780,14 +3793,14 @@ CVE-2023-29415 (An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A d
NOTE: https://github.com/kspalaiologos/bzip3/commit/56c24ca1f8f25e648d42154369b6962600f76465 (1.3.0)
CVE-2023-29414
RESERVED
-CVE-2023-29413
- RESERVED
-CVE-2023-29412
- RESERVED
-CVE-2023-29411
- RESERVED
-CVE-2023-29410
- RESERVED
+CVE-2023-29413 (A CWE-306: Missing Authentication for Critical Function vulnerability ...)
+ TODO: check
+CVE-2023-29412 (A CWE-78: Improper Handling of Case Sensitivity vulnerability exists t ...)
+ TODO: check
+CVE-2023-29411 (A CWE-306: Missing Authentication for Critical Function vulnerability ...)
+ TODO: check
+CVE-2023-29410 (A CWE-20: Improper Input Validation vulnerability exists that could al ...)
+ TODO: check
CVE-2023-29409
RESERVED
CVE-2023-29408
@@ -4484,8 +4497,8 @@ CVE-2023-29197 (guzzlehttp/psr7 is a PSR-7 HTTP message library implementation i
NOTE: https://github.com/guzzle/psr7/commit/0454e12ef0cd597ccd2adb036f7bda4e7fface66 (2.4.5)
NOTE: https://github.com/Nyholm/psr7/security/advisories/GHSA-wjfc-pgfp-pv9c
NOTE: https://github.com/Nyholm/psr7/commit/1029a2671cbdd3e075a21952082c2be7c8018426 (1.6.1)
-CVE-2023-29196
- RESERVED
+CVE-2023-29196 (Discourse is an open source platform for community discussion. This vu ...)
+ TODO: check
CVE-2023-29195
RESERVED
CVE-2023-29194 (Vitess is a database clustering system for horizontal scaling of MySQL ...)
@@ -5070,8 +5083,8 @@ CVE-2023-29004 (hap-wi/roxy-wi is a web interface for managing Haproxy, Nginx, A
TODO: check
CVE-2023-29003 (SvelteKit is a web development framework. The SvelteKit framework offe ...)
NOT-FOR-US: SvelteKit
-CVE-2023-29002
- RESERVED
+CVE-2023-29002 (Cilium is a networking, observability, and security solution with an e ...)
+ TODO: check
CVE-2023-29001
RESERVED
CVE-2023-29000 (The Nextcloud Desktop Client is a tool to synchronize files from Nextc ...)
@@ -5626,8 +5639,7 @@ CVE-2023-1626 (A vulnerability was found in Jianming Antivirus 16.2.2022.418. It
NOT-FOR-US: Jianming Antivirus
CVE-2023-28857
RESERVED
-CVE-2023-28856
- RESERVED
+CVE-2023-28856 (Redis is an open source, in-memory database that persists on disk. Aut ...)
- redis <unfixed>
NOTE: https://github.com/redis/redis/security/advisories/GHSA-hjv8-vjf6-wcr6
NOTE: https://github.com/redis/redis/commit/1c1bd618c95e26a8ff5c12e70cbf0117233ef073 (7.0.11)
@@ -5676,8 +5688,8 @@ CVE-2023-28840 (Moby is an open source container framework developed by Docker I
NOTE: https://github.com/moby/libnetwork/security/advisories/GHSA-gvm4-2qqg-m333
NOTE: https://github.com/moby/moby/issues/43382
NOTE: https://github.com/moby/moby/pull/45118
-CVE-2023-28839
- RESERVED
+CVE-2023-28839 (Shoppingfeed PrestaShop is an add-on to the PrestaShop ecommerce platf ...)
+ TODO: check
CVE-2023-28838 (GLPI is a free asset and IT management software package. Starting in v ...)
- glpi <removed> (unimportant)
NOTE: Only supported behind an authenticated HTTP zone
@@ -7052,8 +7064,8 @@ CVE-2023-28442 (GeoNode is an open source platform that facilitates the creation
NOT-FOR-US: GeoNode
CVE-2023-28441 (smartCARS 3 is flight tracking software. In version 0.5.8 and prior, a ...)
NOT-FOR-US: smartCARS
-CVE-2023-28440
- RESERVED
+CVE-2023-28440 (Discourse is an open source platform for community discussion. In affe ...)
+ TODO: check
CVE-2023-28439 (CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. ...)
- ckeditor <unfixed> (bug #1034481)
- ckeditor3 <unfixed>
@@ -8536,10 +8548,10 @@ CVE-2023-1299 (HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter
NOTE: https://discuss.hashicorp.com/t/hcsec-2023-08-nomad-job-submitter-privilege-escalation-using-workload-identity/51389
CVE-2023-1298
RESERVED
-CVE-2023-28004
- RESERVED
-CVE-2023-28003
- RESERVED
+CVE-2023-28004 (A CWE-129: Improper validation of an array index vulnerability exists ...)
+ TODO: check
+CVE-2023-28003 (A CWE-613: Insufficient Session Expiration vulnerability exists that c ...)
+ TODO: check
CVE-2023-28002
RESERVED
CVE-2023-28001
@@ -9796,6 +9808,7 @@ CVE-2023-27586 (CairoSVG is an SVG converter based on Cairo, a 2D graphics libra
NOTE: https://github.com/Kozea/CairoSVG/security/advisories/GHSA-rwmf-w63j-p7gv
NOTE: Introduced in https://github.com/Kozea/CairoSVG/commit/1ee0889f4015ebaddcf9976d43222e673155797c (0.3)
CVE-2023-27585 (PJSIP is a free and open source multimedia communication library writt ...)
+ {DLA-3394-1}
- asterisk <unfixed>
- pjproject <removed>
- ring <unfixed>
@@ -11309,8 +11322,8 @@ CVE-2023-27045
RESERVED
CVE-2023-27044
RESERVED
-CVE-2023-27043
- RESERVED
+CVE-2023-27043 (The e-mail module of Python 0 - 2.7.18, 3.x - 3.11 incorrectly parses ...)
+ TODO: check
CVE-2023-27042 (Tenda AX3 V16.03.12.11 is vulnerable to Buffer Overflow via /goform/Se ...)
NOT-FOR-US: Tenda
CVE-2023-27041 (School Registration and Fee System v1.0 was discovered to contain a SQ ...)
@@ -13887,10 +13900,10 @@ CVE-2023-26051 (Saleor is a headless, GraphQL commerce platform delivering perso
NOT-FOR-US: Saleor
CVE-2023-26050
RESERVED
-CVE-2023-26049
- RESERVED
-CVE-2023-26048
- RESERVED
+CVE-2023-26049 (Jetty is a java based web server and servlet engine. Nonstandard cooki ...)
+ TODO: check
+CVE-2023-26048 (Jetty is a java based web server and servlet engine. In affected versi ...)
+ TODO: check
CVE-2023-26047 (teler-waf is a Go HTTP middleware that provides teler IDS functionalit ...)
NOT-FOR-US: teler-waf
CVE-2023-26046 (teler-waf is a Go HTTP middleware that provides teler IDS functionalit ...)
@@ -15578,24 +15591,24 @@ CVE-2023-25557 (DataHub is an open-source metadata platform. The DataHub fronten
NOT-FOR-US: DataHub
CVE-2023-25556 (A CWE-287: Improper Authentication vulnerability exists that could all ...)
TODO: check
-CVE-2023-25555
- RESERVED
-CVE-2023-25554
- RESERVED
-CVE-2023-25553
- RESERVED
-CVE-2023-25552
- RESERVED
-CVE-2023-25551
- RESERVED
-CVE-2023-25550
- RESERVED
-CVE-2023-25549
- RESERVED
-CVE-2023-25548
- RESERVED
-CVE-2023-25547
- RESERVED
+CVE-2023-25555 (A CWE-78: Improper Neutralization of Special Elements used in an OS Co ...)
+ TODO: check
+CVE-2023-25554 (A CWE-78: Improper Neutralization of Special Elements used in an OS Co ...)
+ TODO: check
+CVE-2023-25553 (A CWE-79: Improper Neutralization of Input During Web Page Generation ...)
+ TODO: check
+CVE-2023-25552 (A CWE-862: Missing Authorization vulnerability exists that could allow ...)
+ TODO: check
+CVE-2023-25551 (A CWE-79: Improper Neutralization of Input During Web Page Generation ...)
+ TODO: check
+CVE-2023-25550 (A CWE-94: Improper Control of Generation of Code ('Code Injection') vu ...)
+ TODO: check
+CVE-2023-25549 (A CWE-94: Improper Control of Generation of Code ('Code Injection') vu ...)
+ TODO: check
+CVE-2023-25548 (A CWE-863: Incorrect Authorization vulnerability exists that could all ...)
+ TODO: check
+CVE-2023-25547 (A CWE-863: Incorrect Authorization vulnerability exists that could all ...)
+ TODO: check
CVE-2023-25544 (Dell NetWorker versions 19.5 and earlier contain 'Apache Tomcat' versi ...)
NOT-FOR-US: Dell
CVE-2023-25543
@@ -28167,210 +28180,210 @@ CVE-2023-22005
RESERVED
CVE-2023-22004
RESERVED
-CVE-2023-22003
- RESERVED
-CVE-2023-22002
- RESERVED
-CVE-2023-22001
- RESERVED
-CVE-2023-22000
- RESERVED
-CVE-2023-21999
- RESERVED
-CVE-2023-21998
- RESERVED
-CVE-2023-21997
- RESERVED
-CVE-2023-21996
- RESERVED
+CVE-2023-22003 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2023-22002 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2023-22001 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2023-22000 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2023-21999 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2023-21998 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2023-21997 (Vulnerability in the Oracle User Management product of Oracle E-Busine ...)
+ TODO: check
+CVE-2023-21996 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
CVE-2023-21995
RESERVED
CVE-2023-21994
RESERVED
-CVE-2023-21993
- RESERVED
-CVE-2023-21992
- RESERVED
-CVE-2023-21991
- RESERVED
-CVE-2023-21990
- RESERVED
-CVE-2023-21989
- RESERVED
-CVE-2023-21988
- RESERVED
-CVE-2023-21987
- RESERVED
-CVE-2023-21986
- RESERVED
-CVE-2023-21985
- RESERVED
-CVE-2023-21984
- RESERVED
+CVE-2023-21993 (Vulnerability in the Oracle Clinical Remote Data Capture product of Or ...)
+ TODO: check
+CVE-2023-21992 (Vulnerability in the PeopleSoft Enterprise HCM Human Resources product ...)
+ TODO: check
+CVE-2023-21991 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2023-21990 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2023-21989 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2023-21988 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2023-21987 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2023-21986 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
+ TODO: check
+CVE-2023-21985 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2023-21984 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
CVE-2023-21983
RESERVED
-CVE-2023-21982
- RESERVED
-CVE-2023-21981
- RESERVED
-CVE-2023-21980
- RESERVED
-CVE-2023-21979
- RESERVED
-CVE-2023-21978
- RESERVED
-CVE-2023-21977
- RESERVED
-CVE-2023-21976
- RESERVED
+CVE-2023-21982 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2023-21981 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2023-21980 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2023-21979 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2023-21978 (Vulnerability in the Oracle Application Object Library product of Orac ...)
+ TODO: check
+CVE-2023-21977 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2023-21976 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
CVE-2023-21975
RESERVED
CVE-2023-21974
RESERVED
-CVE-2023-21973
- RESERVED
-CVE-2023-21972
- RESERVED
-CVE-2023-21971
- RESERVED
-CVE-2023-21970
- RESERVED
-CVE-2023-21969
- RESERVED
-CVE-2023-21968
- RESERVED
-CVE-2023-21967
- RESERVED
-CVE-2023-21966
- RESERVED
-CVE-2023-21965
- RESERVED
-CVE-2023-21964
- RESERVED
-CVE-2023-21963
- RESERVED
-CVE-2023-21962
- RESERVED
+CVE-2023-21973 (Vulnerability in the Oracle iProcurement product of Oracle E-Business ...)
+ TODO: check
+CVE-2023-21972 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2023-21971 (Vulnerability in the MySQL Connectors product of Oracle MySQL (compone ...)
+ TODO: check
+CVE-2023-21970 (Vulnerability in the Oracle BI Publisher product of Oracle Analytics ( ...)
+ TODO: check
+CVE-2023-21969 (Vulnerability in Oracle SQL Developer (component: Installation). Suppo ...)
+ TODO: check
+CVE-2023-21968 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
+ TODO: check
+CVE-2023-21967 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
+ TODO: check
+CVE-2023-21966 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2023-21965 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+ TODO: check
+CVE-2023-21964 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2023-21963 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2023-21962 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
CVE-2023-21961
RESERVED
-CVE-2023-21960
- RESERVED
-CVE-2023-21959
- RESERVED
+CVE-2023-21960 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2023-21959 (Vulnerability in the Oracle iReceivables product of Oracle E-Business ...)
+ TODO: check
CVE-2023-21958
RESERVED
CVE-2023-21957
RESERVED
-CVE-2023-21956
- RESERVED
-CVE-2023-21955
- RESERVED
-CVE-2023-21954
- RESERVED
-CVE-2023-21953
- RESERVED
-CVE-2023-21952
- RESERVED
+CVE-2023-21956 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2023-21955 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2023-21954 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
+ TODO: check
+CVE-2023-21953 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2023-21952 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+ TODO: check
CVE-2023-21951
RESERVED
CVE-2023-21950
RESERVED
CVE-2023-21949
RESERVED
-CVE-2023-21948
- RESERVED
-CVE-2023-21947
- RESERVED
-CVE-2023-21946
- RESERVED
-CVE-2023-21945
- RESERVED
-CVE-2023-21944
- RESERVED
-CVE-2023-21943
- RESERVED
-CVE-2023-21942
- RESERVED
-CVE-2023-21941
- RESERVED
-CVE-2023-21940
- RESERVED
-CVE-2023-21939
- RESERVED
-CVE-2023-21938
- RESERVED
-CVE-2023-21937
- RESERVED
-CVE-2023-21936
- RESERVED
-CVE-2023-21935
- RESERVED
-CVE-2023-21934
- RESERVED
-CVE-2023-21933
- RESERVED
-CVE-2023-21932
- RESERVED
-CVE-2023-21931
- RESERVED
-CVE-2023-21930
- RESERVED
-CVE-2023-21929
- RESERVED
-CVE-2023-21928
- RESERVED
-CVE-2023-21927
- RESERVED
-CVE-2023-21926
- RESERVED
-CVE-2023-21925
- RESERVED
-CVE-2023-21924
- RESERVED
-CVE-2023-21923
- RESERVED
-CVE-2023-21922
- RESERVED
-CVE-2023-21921
- RESERVED
-CVE-2023-21920
- RESERVED
-CVE-2023-21919
- RESERVED
-CVE-2023-21918
- RESERVED
-CVE-2023-21917
- RESERVED
-CVE-2023-21916
- RESERVED
-CVE-2023-21915
- RESERVED
+CVE-2023-21948 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2023-21947 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2023-21946 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2023-21945 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2023-21944 (Vulnerability in Oracle Essbase (component: Security and Provisioning) ...)
+ TODO: check
+CVE-2023-21943 (Vulnerability in Oracle Essbase (component: Security and Provisioning) ...)
+ TODO: check
+CVE-2023-21942 (Vulnerability in Oracle Essbase (component: Security and Provisioning) ...)
+ TODO: check
+CVE-2023-21941 (Vulnerability in the Oracle BI Publisher product of Oracle Analytics ( ...)
+ TODO: check
+CVE-2023-21940 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2023-21939 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
+ TODO: check
+CVE-2023-21938 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
+ TODO: check
+CVE-2023-21937 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
+ TODO: check
+CVE-2023-21936 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
+ TODO: check
+CVE-2023-21935 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2023-21934 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
+ TODO: check
+CVE-2023-21933 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2023-21932 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services prod ...)
+ TODO: check
+CVE-2023-21931 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2023-21930 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
+ TODO: check
+CVE-2023-21929 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2023-21928 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2023-21927 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
+ TODO: check
+CVE-2023-21926 (Vulnerability in the Oracle Health Sciences InForm product of Oracle H ...)
+ TODO: check
+CVE-2023-21925 (Vulnerability in the Oracle Health Sciences InForm product of Oracle H ...)
+ TODO: check
+CVE-2023-21924 (Vulnerability in the Oracle Health Sciences InForm product of Oracle H ...)
+ TODO: check
+CVE-2023-21923 (Vulnerability in the Oracle Health Sciences InForm product of Oracle H ...)
+ TODO: check
+CVE-2023-21922 (Vulnerability in the Oracle Health Sciences InForm product of Oracle H ...)
+ TODO: check
+CVE-2023-21921 (Vulnerability in the Oracle Health Sciences InForm product of Oracle H ...)
+ TODO: check
+CVE-2023-21920 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2023-21919 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2023-21918 (Vulnerability in the Oracle Database Recovery Manager component of Ora ...)
+ TODO: check
+CVE-2023-21917 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2023-21916 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2023-21915 (Vulnerability in the Oracle Banking Payments product of Oracle Financi ...)
+ TODO: check
CVE-2023-21914
RESERVED
-CVE-2023-21913
- RESERVED
-CVE-2023-21912
- RESERVED
-CVE-2023-21911
- RESERVED
-CVE-2023-21910
- RESERVED
-CVE-2023-21909
- RESERVED
-CVE-2023-21908
- RESERVED
-CVE-2023-21907
- RESERVED
-CVE-2023-21906
- RESERVED
-CVE-2023-21905
- RESERVED
-CVE-2023-21904
- RESERVED
-CVE-2023-21903
- RESERVED
-CVE-2023-21902
- RESERVED
+CVE-2023-21913 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2023-21912 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2023-21911 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2023-21910 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+ TODO: check
+CVE-2023-21909 (Vulnerability in the Siebel CRM product of Oracle Siebel CRM (componen ...)
+ TODO: check
+CVE-2023-21908 (Vulnerability in the Oracle Banking Virtual Account Management product ...)
+ TODO: check
+CVE-2023-21907 (Vulnerability in the Oracle Banking Virtual Account Management product ...)
+ TODO: check
+CVE-2023-21906 (Vulnerability in the Oracle Banking Virtual Account Management product ...)
+ TODO: check
+CVE-2023-21905 (Vulnerability in the Oracle Banking Virtual Account Management product ...)
+ TODO: check
+CVE-2023-21904 (Vulnerability in the Oracle Banking Virtual Account Management product ...)
+ TODO: check
+CVE-2023-21903 (Vulnerability in the Oracle Banking Virtual Account Management product ...)
+ TODO: check
+CVE-2023-21902 (Vulnerability in the Oracle Financial Services Behavior Detection Plat ...)
+ TODO: check
CVE-2023-21901
RESERVED
CVE-2023-21900 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
@@ -28381,8 +28394,8 @@ CVE-2023-21898 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virt
- virtualbox 7.0.6-dfsg-1 (bug #1029153)
CVE-2023-21897
RESERVED
-CVE-2023-21896
- RESERVED
+CVE-2023-21896 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
CVE-2023-21895
RESERVED
CVE-2023-21894 (Vulnerability in the Oracle Global Lifecycle Management NextGen OUI Fr ...)
@@ -43836,12 +43849,12 @@ CVE-2022-3569 (Due to an issue with incorrect sudo permissions, Zimbra Collabora
NOT-FOR-US: Zimbra
CVE-2022-3568 (The ImageMagick Engine plugin for WordPress is vulnerable to deseriali ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-43378
- RESERVED
-CVE-2022-43377
- RESERVED
-CVE-2022-43376
- RESERVED
+CVE-2022-43378 (A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulne ...)
+ TODO: check
+CVE-2022-43377 (A CWE-307: Improper Restriction of Excessive Authentication Attempts v ...)
+ TODO: check
+CVE-2022-43376 (A CWE-79: Improper Neutralization of Input During Web Page Generation ...)
+ TODO: check
CVE-2022-43375
RESERVED
CVE-2022-43374
@@ -67204,8 +67217,8 @@ CVE-2022-34757 (A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vuln
NOT-FOR-US: Schneider Electric
CVE-2022-34756 (A CWE-120: Buffer Copy without Checking Size of Input vulnerability ex ...)
NOT-FOR-US: Schneider Electric
-CVE-2022-34755
- RESERVED
+CVE-2022-34755 (A CWE-427 - Uncontrolled Search Path Element vulnerability exists that ...)
+ TODO: check
CVE-2022-34754 (A CWE-269: Improper Privilege Management vulnerability exists that cou ...)
NOT-FOR-US: Schneider Electric
CVE-2022-34753 (A CWE-78: Improper Neutralization of Special Elements used in an OS Co ...)
@@ -156814,8 +156827,8 @@ CVE-2021-28256
RESERVED
CVE-2021-28255
RESERVED
-CVE-2021-28254
- RESERVED
+CVE-2021-28254 (A deserialization vulnerability in the destruct() function of Laravel ...)
+ TODO: check
CVE-2021-28253
RESERVED
CVE-2021-28252
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aacf588fd9311e9d4bb14b908920a7ae9977f7ac
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aacf588fd9311e9d4bb14b908920a7ae9977f7ac
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230419/3e2d8f42/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list