[Git][security-tracker-team/security-tracker][master] automatic update

Mon Aug 14 09:12:28 BST 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f4b6d1d3 by security tracker role at 2023-08-14T08:12:18+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,41 @@
+CVE-2023-40305 (GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in  ...)
+	TODO: check
+CVE-2023-40303 (GNU inetutils through 2.4 may allow privilege escalation because of un ...)
+	TODO: check
+CVE-2023-40296 (async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in R ...)
+	TODO: check
+CVE-2023-40295 (libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_strInit ...)
+	TODO: check
+CVE-2023-40294 (libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_parseBl ...)
+	TODO: check
+CVE-2023-40293 (Harman Infotainment 20190525031613 and later allows command injection  ...)
+	TODO: check
+CVE-2023-40292 (Harman Infotainment 20190525031613 and later discloses the IP address  ...)
+	TODO: check
+CVE-2023-40291 (Harman Infotainment 20190525031613 allows root access via SSH over a U ...)
+	TODO: check
+CVE-2023-40283 (An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_s ...)
+	TODO: check
+CVE-2023-40274 (An issue was discovered in zola 0.13.0 through 0.17.2. The custom impl ...)
+	TODO: check
+CVE-2023-3267 (When adding a remote backup location, an authenticated user can pass a ...)
+	TODO: check
+CVE-2023-3266 (A non-feature complete authentication mechanism exists in the producti ...)
+	TODO: check
+CVE-2023-3265 (An authentication bypass exists on CyberPower PowerPanel Enterprise by ...)
+	TODO: check
+CVE-2023-3264 (The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earl ...)
+	TODO: check
+CVE-2023-3263 (The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earl ...)
+	TODO: check
+CVE-2023-3262 (The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earl ...)
+	TODO: check
+CVE-2023-3261 (When adding a remote backup location, an authenticated user can pass a ...)
+	TODO: check
+CVE-2023-3260 (When adding a remote backup location, an authenticated user can pass a ...)
+	TODO: check
+CVE-2023-3259 (The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earl ...)
+	TODO: check
 CVE-2023-39406 (Permission control vulnerability in the XLayout component. Successful  ...)
 	TODO: check
 CVE-2023-39405 (Vulnerability of out-of-bounds parameter read/write in the Wi-Fi modul ...)
@@ -36292,8 +36330,8 @@ CVE-2023-23210
 	RESERVED
 CVE-2023-23209
 	RESERVED
-CVE-2023-23208
-	RESERVED
+CVE-2023-23208 (Genesys Administrator Extension (GAX) before 9.0.105.15 is vulnerable  ...)
+	TODO: check
 CVE-2023-23207
 	RESERVED
 CVE-2023-23206
@@ -395242,7 +395280,8 @@ CVE-2017-14252 (SQL Injection exists in the EyesOfNetwork web interface (aka eon
 CVE-2017-14251 (Unrestricted File Upload vulnerability in the fileDenyPattern in sysex ...)
 	- typo3-src <removed>
 	[wheezy] - typo3-src <end-of-life> (Not supported in Wheezy LTS)
-CVE-2017-14250 (In TP-LINK TL-WR741N / TL-WR741ND 150M Wireless Lite N Router with Fir ...)
+CVE-2017-14250
+	REJECTED
 	NOT-FOR-US: TP-Link Router
 CVE-2017-14249 (ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coder ...)
 	{DLA-2366-1 DLA-1785-1 DLA-1131-1}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4b6d1d374ebe5eedc7d45e83c7badf7d4d3eb18

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4b6d1d374ebe5eedc7d45e83c7badf7d4d3eb18
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230814/3bb2ab21/attachment.htm>
