[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Aug 5 09:12:28 BST 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
81bbc9bc by security tracker role at 2023-08-05T08:12:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,13 @@
+CVE-2023-39508 (Execution with Unnecessary Privileges, : Exposure of Sensitive Informa ...)
+	TODO: check
+CVE-2023-39346 (LinuxASMCallGraph is software for drawing the call graph of the progra ...)
+	TODO: check
+CVE-2023-38943 (ShuiZe_0x727 v1.0 was discovered to contain a remote command execution ...)
+	TODO: check
+CVE-2023-36095 (An issue in Harrison Chase langchain v.0.0.194 allows an attacker to e ...)
+	TODO: check
+CVE-2023-33367 (A SQL injection vulnerability exists in Control ID IDSecure 4.7.26.0 a ...)
+	TODO: check
 CVE-2023-4159 (Unrestricted Upload of File with Dangerous Type in GitHub repository o ...)
 	NOT-FOR-US: omeka-s
 CVE-2023-4158 (Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s ...)
@@ -20519,7 +20529,7 @@ CVE-2023-28096 (OpenSIPS, a Session Initiation Protocol (SIP) server implementat
 	NOT-FOR-US: OpenSIPS
 CVE-2023-28095 (OpenSIPS is a Session Initiation Protocol (SIP) server implementation. ...)
 	NOT-FOR-US: OpenSIPS
-CVE-2023-28094 (Pega platform clients who are using versions 6.1 through 8.8.3 and hav ...)
+CVE-2023-28094 (Pega platform clients who are using versions 7.4 through 8.8.x and hav ...)
 	NOT-FOR-US: Pega
 CVE-2023-28093 (A user with a compromised configuration can start an unsigned binary a ...)
 	NOT-FOR-US: Pegasystems
@@ -43899,8 +43909,8 @@ CVE-2022-46784 (SquaredUp Dashboard Server SCOM edition before 5.7.1 GA allows o
 	NOT-FOR-US: SquaredUp Dashboard Server
 CVE-2022-46783
 	RESERVED
-CVE-2022-46782
-	RESERVED
+CVE-2022-46782 (An issue was discovered in Stormshield SSL VPN Client before 3.2.0. A  ...)
+	TODO: check
 CVE-2022-46781 (An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privi ...)
 	NOT-FOR-US: Arm Mali GPU Kernel Driver
 CVE-2022-46780
@@ -207368,8 +207378,8 @@ CVE-2020-26084 (A vulnerability in the REST API of Cisco Edge Fog Fabric could a
 	NOT-FOR-US: Cisco
 CVE-2020-26083 (A vulnerability in the web-based management interface of Cisco Identit ...)
 	NOT-FOR-US: Cisco
-CVE-2020-26082
-	RESERVED
+CVE-2020-26082 (A vulnerability in the zip decompression engine of Cisco AsyncOS Softw ...)
+	TODO: check
 CVE-2020-26081 (Multiple vulnerabilities in the web UI of Cisco IoT Field Network Dire ...)
 	NOT-FOR-US: Cisco
 CVE-2020-26080 (A vulnerability in the user management functionality of Cisco IoT Fiel ...)
@@ -207402,10 +207412,10 @@ CVE-2020-26067
 	RESERVED
 CVE-2020-26066
 	RESERVED
-CVE-2020-26065
-	RESERVED
-CVE-2020-26064
-	RESERVED
+CVE-2020-26065 (A vulnerability in the web-based management interface of Cisco SD-WAN  ...)
+	TODO: check
+CVE-2020-26064 (A vulnerability in the web UI of Cisco SD-WAN vManage Software could a ...)
+	TODO: check
 CVE-2020-26063
 	RESERVED
 CVE-2020-26062
@@ -213385,8 +213395,8 @@ CVE-2020-23566 (Irfanview v4.53 was discovered to contain an infinity loop via J
 	NOT-FOR-US: IrfanView
 CVE-2020-23565 (Irfanview v4.53 allows attackers to execute arbitrary code via a craft ...)
 	NOT-FOR-US: IrfanView
-CVE-2020-23564
-	RESERVED
+CVE-2020-23564 (File Upload vulnerability in SEMCMS 3.9 allows remote attackers to run ...)
+	TODO: check
 CVE-2020-23563 (IrfanView 4.54 allows a user-mode write access violation starting at F ...)
 	NOT-FOR-US: IrfanView
 CVE-2020-23562 (IrfanView 4.54 allows a user-mode write access violation starting at F ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81bbc9bc6d380973bdeeee14526eafef12858d61

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81bbc9bc6d380973bdeeee14526eafef12858d61
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230805/9c9d5fb3/attachment.htm>


More information about the debian-security-tracker-commits mailing list