[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
77e45a5d by security tracker role at 2023-08-21T08:12:06+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,61 @@
+CVE-2023-4450 (A vulnerability was found in jeecgboot JimuReport up to 1.6.0. It has  ...)
+	TODO: check
+CVE-2023-4449 (A vulnerability was found in SourceCodester Free and Open Source Inven ...)
+	TODO: check
+CVE-2023-4448 (A vulnerability was found in OpenRapid RapidCMS 1.3.1 and classified a ...)
+	TODO: check
+CVE-2023-4447 (A vulnerability has been found in OpenRapid RapidCMS 1.3.1 and classif ...)
+	TODO: check
+CVE-2023-4446 (A vulnerability, which was classified as critical, was found in OpenRa ...)
+	TODO: check
+CVE-2023-4445 (A vulnerability, which was classified as critical, has been found in M ...)
+	TODO: check
+CVE-2023-4444 (A vulnerability classified as critical was found in SourceCodester Fre ...)
+	TODO: check
+CVE-2023-4443 (A vulnerability classified as critical has been found in SourceCodeste ...)
+	TODO: check
+CVE-2023-4442 (A vulnerability was found in SourceCodester Free Hospital Management S ...)
+	TODO: check
+CVE-2023-4441 (A vulnerability was found in SourceCodester Free Hospital Management S ...)
+	TODO: check
+CVE-2023-4440 (A vulnerability was found in SourceCodester Free Hospital Management S ...)
+	TODO: check
+CVE-2023-4439 (A vulnerability was found in SourceCodester Card Holder Management Sys ...)
+	TODO: check
+CVE-2023-4438 (A vulnerability has been found in SourceCodester Inventory Management  ...)
+	TODO: check
+CVE-2023-4437 (A vulnerability, which was classified as critical, was found in Source ...)
+	TODO: check
+CVE-2023-4436 (A vulnerability, which was classified as critical, has been found in S ...)
+	TODO: check
+CVE-2023-39809 (N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a comm ...)
+	TODO: check
+CVE-2023-39808 (N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a hard ...)
+	TODO: check
+CVE-2023-39807 (N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a SQL  ...)
+	TODO: check
+CVE-2023-39786 (Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow vi ...)
+	TODO: check
+CVE-2023-39785 (Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow vi ...)
+	TODO: check
+CVE-2023-39784 (Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow vi ...)
+	TODO: check
+CVE-2023-39751 (TP-Link TL-WR941ND V6 were discovered to contain a buffer overflow via ...)
+	TODO: check
+CVE-2023-39750 (D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via  ...)
+	TODO: check
+CVE-2023-39749 (D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via  ...)
+	TODO: check
+CVE-2023-39748 (An issue in the component /userRpm/NetworkCfgRpm of TP-Link TL-WR1041N ...)
+	TODO: check
+CVE-2023-39747 (TP-Link WR841N V8, TP-Link TL-WR940N V2, and TL-WR941ND V5 were discov ...)
+	TODO: check
+CVE-2023-39745 (TP-Link TL-WR940N V2, TP-Link TL-WR941ND V5 and TP-Link TL-WR841N V8 w ...)
+	TODO: check
+CVE-2023-39618 (TOTOLINK X5000R B20210419 was discovered to contain a remote code exec ...)
+	TODO: check
+CVE-2023-39617 (TOTOLINK X5000R_V9.1.0cu.2089_B20211224 and X5000R_V9.1.0cu.2350_B2023 ...)
+	TODO: check
 CVE-2023-4451 (Cross-site Scripting (XSS) - Reflected in GitHub repository cockpit-hq ...)
 	NOT-FOR-US: Cockpit Content Platform (different from src:cockpit)
 CVE-2023-4435 (Improper Input Validation in GitHub repository hamza417/inure prior to ...)
@@ -226,7 +284,7 @@ CVE-2023-40281 (EC-CUBE 2.11.0 to 2.17.2-p1 contain a cross-site scripting vulne
 	NOT-FOR-US: EC-CUBE
 CVE-2023-40252 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
 	NOT-FOR-US: Genians
-CVE-2023-40251 (Missing Encryption of Sensitive DataCAPEC- vulnerability in Genians Ge ...)
+CVE-2023-40251 (Missing Encryption of Sensitive Data vulnerability in Genians Genian N ...)
 	NOT-FOR-US: Genians
 CVE-2023-40034 (Woodpecker is a community fork of the Drone CI system. In affected ver ...)
 	NOT-FOR-US: Woodpecker
@@ -879,9 +937,9 @@ CVE-2023-40260 (EmpowerID before 7.205.0.1 allows an attacker to bypass an MFA (
 	NOT-FOR-US: EmpowerID
 CVE-2023-40256 (A vulnerability was discovered in Veritas NetBackup Snapshot Manager b ...)
 	NOT-FOR-US: Veritas
-CVE-2023-40254 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+CVE-2023-40254 (Download of Code Without Integrity Check vulnerability in Genians Geni ...)
 	NOT-FOR-US: Genians
-CVE-2023-40253 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+CVE-2023-40253 (Improper Authentication vulnerability in Genians Genian NAC V4.0, Geni ...)
 	NOT-FOR-US: Genians
 CVE-2023-40235 (An NTLM Hash Disclosure was discovered in ArchiMate Archi before 5.1.0 ...)
 	NOT-FOR-US: ArchiMate Archi
@@ -46180,8 +46238,7 @@ CVE-2022-46753
 	REJECTED
 CVE-2022-46752 (Dell BIOS contains an Improper Authorization vulnerability. An unauthe ...)
 	NOT-FOR-US: Dell
-CVE-2022-46751
-	RESERVED
+CVE-2022-46751 (Improper Restriction of XML External Entity Reference, XML Injection ( ...)
 	NOT-FOR-US: Apache Ivy
 CVE-2022-4340 (The BookingPress WordPress plugin before 1.0.31 suffers from an Insecu ...)
 	NOT-FOR-US: WordPress plugin



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77e45a5d6421f5e8679d04d87aa0f7c893653cd9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77e45a5d6421f5e8679d04d87aa0f7c893653cd9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230821/c7274220/attachment-0001.htm>