[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Aug 10 09:12:29 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e9964073 by security tracker role at 2023-08-10T08:12:18+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2023-4277 (The Realia plugin for WordPress is vulnerable to Cross-Site Request Fo ...)
+	TODO: check
+CVE-2023-4276 (The Absolute Privacy plugin for WordPress is vulnerable to Cross-Site  ...)
+	TODO: check
+CVE-2023-36673 (An issue was discovered in Avira Phantom VPN through 2.23.1 for macOS. ...)
+	TODO: check
+CVE-2023-36672 (An issue was discovered in the Clario VPN client through 5.9.1.1662 fo ...)
+	TODO: check
+CVE-2023-36671 (An issue was discovered in the Clario VPN client through 5.9.1.1662 fo ...)
+	TODO: check
+CVE-2023-35838 (The WireGuard client 0.5.3 on Windows insecurely configures the operat ...)
+	TODO: check
+CVE-2023-33242 (Crypto wallets implementing the Lindell17 TSS protocol might allow an  ...)
+	TODO: check
+CVE-2023-33241 (Crypto wallets implementing the GG18 or GG20 TSS protocol might allow  ...)
+	TODO: check
 CVE-2023-32559
 	- nodejs <unfixed>
 	NOTE: https://nodejs.org/en/blog/vulnerability/august-2023-security-releases#permissions-policies-can-be-bypassed-via-processbinding-mediumcve-2023-32559
@@ -13168,60 +13184,60 @@ CVE-2023-30707
 	RESERVED
 CVE-2023-30706
 	RESERVED
-CVE-2023-30705
-	RESERVED
-CVE-2023-30704
-	RESERVED
-CVE-2023-30703
-	RESERVED
-CVE-2023-30702
-	RESERVED
-CVE-2023-30701
-	RESERVED
-CVE-2023-30700
-	RESERVED
-CVE-2023-30699
-	RESERVED
-CVE-2023-30698
-	RESERVED
-CVE-2023-30697
-	RESERVED
-CVE-2023-30696
-	RESERVED
-CVE-2023-30695
-	RESERVED
-CVE-2023-30694
-	RESERVED
-CVE-2023-30693
-	RESERVED
+CVE-2023-30705 (Improper sanitization of incoming intent in Galaxy Store prior to vers ...)
+	TODO: check
+CVE-2023-30704 (Improper Authorization vulnerability in Samsung Internet prior to vers ...)
+	TODO: check
+CVE-2023-30703 (Improper URL validation vulnerability in Samsung Members prior to vers ...)
+	TODO: check
+CVE-2023-30702 (Stack overflow vulnerability in SSHDCPAPP TA prior to "SAMSUNG EL ...)
+	TODO: check
+CVE-2023-30701 (PendingIntent hijacking in WifiGeofenceManager prior to SMR Aug-2023 R ...)
+	TODO: check
+CVE-2023-30700 (PendingIntent hijacking vulnerability in SemWifiApTimeOutImpl in frame ...)
+	TODO: check
+CVE-2023-30699 (Out-of-bounds write vulnerability in parser_hvcC function of libsimba  ...)
+	TODO: check
+CVE-2023-30698 (Improper access control vulnerability in TelephonyUI prior to SMR Aug- ...)
+	TODO: check
+CVE-2023-30697 (An improper input validation in IpcTxCfgSetSimlockPayload in libsec-ri ...)
+	TODO: check
+CVE-2023-30696 (An improper input validation in IpcTxGetVerifyAkey in libsec-ril prior ...)
+	TODO: check
+CVE-2023-30695 (Out-of-bounds Write vulnerability in SSHDCPAPP TA prior to "SAMSU ...)
+	TODO: check
+CVE-2023-30694 (Out-of-bounds Write in IpcTxPcscTransmitApdu of libsec-ril prior to SM ...)
+	TODO: check
+CVE-2023-30693 (Out-of-bounds Write in DoOemFactorySendFactoryBypassCommand of libsec- ...)
+	TODO: check
 CVE-2023-30692
 	RESERVED
-CVE-2023-30691
-	RESERVED
+CVE-2023-30691 (Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023 Release  ...)
+	TODO: check
 CVE-2023-30690
 	RESERVED
-CVE-2023-30689
-	RESERVED
-CVE-2023-30688
-	RESERVED
-CVE-2023-30687
-	RESERVED
-CVE-2023-30686
-	RESERVED
-CVE-2023-30685
-	RESERVED
-CVE-2023-30684
-	RESERVED
-CVE-2023-30683
-	RESERVED
-CVE-2023-30682
-	RESERVED
-CVE-2023-30681
-	RESERVED
-CVE-2023-30680
-	RESERVED
-CVE-2023-30679
-	RESERVED
+CVE-2023-30689 (Out-of-bounds Write in BuildOemEmbmsGetSigStrengthResponse of libsec-r ...)
+	TODO: check
+CVE-2023-30688 (Out-of-bounds Write in MakeUiccAuthForOem of libsec-ril prior to SMR A ...)
+	TODO: check
+CVE-2023-30687 (Out-of-bounds Write in RmtUimApdu of libsec-ril prior to SMR Aug-2023  ...)
+	TODO: check
+CVE-2023-30686 (Out-of-bounds Write in ReqDataRaw of libsec-ril prior to SMR Aug-2023  ...)
+	TODO: check
+CVE-2023-30685 (Improper access control vulnerability in Telecom prior to SMR Aug-2023 ...)
+	TODO: check
+CVE-2023-30684 (Improper access control in Samsung Telecom prior to SMR Aug-2023 Relea ...)
+	TODO: check
+CVE-2023-30683 (Improper access control in Telecom prior to SMR Aug-2023 Release 1 all ...)
+	TODO: check
+CVE-2023-30682 (Improper access control in Telecom prior to SMR Aug-2023 Release 1 all ...)
+	TODO: check
+CVE-2023-30681 (An improper input validation vulnerability within initialize function  ...)
+	TODO: check
+CVE-2023-30680 (Improper privilege management vulnerability in MMIGroup prior to SMR A ...)
+	TODO: check
+CVE-2023-30679 (Improper access control in HDCP trustlet prior to SMR Aug-2023 Release ...)
+	TODO: check
 CVE-2023-30678 (Potential zip path traversal vulnerability in Calendar application pri ...)
 	NOT-FOR-US: Samsung
 CVE-2023-30677 (Improper access control vulnerability in Samsung Pass prior to version ...)
@@ -13270,8 +13286,8 @@ CVE-2023-30656 (Improper input validation vulnerability in LSOItemData prior to
 	NOT-FOR-US: Samsung
 CVE-2023-30655 (Improper input validation vulnerability in SCEPProfile prior to SMR Ju ...)
 	NOT-FOR-US: Samsung
-CVE-2023-30654
-	RESERVED
+CVE-2023-30654 (Improper access control vulnerability in SLocationService prior to SMR ...)
+	TODO: check
 CVE-2023-30653 (Out of bounds read and write in enableTspDevice of sysinput HAL servic ...)
 	NOT-FOR-US: Samsung
 CVE-2023-30652 (Out of bounds read and write in callrunTspCmdNoRead of sysinput HAL se ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e9964073ba41bc446455d7c23f6232cdcc0a0f14

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e9964073ba41bc446455d7c23f6232cdcc0a0f14
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230810/44606293/attachment.htm>

More information about the debian-security-tracker-commits mailing list