[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Aug 28 09:13:18 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8dd7679f by security tracker role at 2023-08-28T08:13:07+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,35 @@
+CVE-2023-4561 (Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s ...)
+ TODO: check
+CVE-2023-4560 (Improper Authorization of Index Containing Sensitive Information in Gi ...)
+ TODO: check
+CVE-2023-4559 (A vulnerability, which was classified as critical, has been found in B ...)
+ TODO: check
+CVE-2023-4558 (A vulnerability classified as critical was found in SourceCodester Inv ...)
+ TODO: check
+CVE-2023-4557 (A vulnerability classified as critical has been found in SourceCodeste ...)
+ TODO: check
+CVE-2023-40195 (Deserialization of Untrusted Data, Inclusion of Functionality from Unt ...)
+ TODO: check
+CVE-2023-38730 (IBM Storage Copy Data Management 2.2.0.0 through 2.2.19.0 uses weaker ...)
+ TODO: check
+CVE-2023-38030 (Saho\u2019s attendance devices ADM100 and ADM-100FP have a vulnerabili ...)
+ TODO: check
+CVE-2023-38029 (Saho\u2019s attendance devices ADM100 and ADM-100FP has insufficient f ...)
+ TODO: check
+CVE-2023-38028 (Saho\u2019s attendance devices ADM100 and ADM-100FP have insufficient ...)
+ TODO: check
+CVE-2023-38027 (SpotCam Co., Ltd. SpotCam Sense\u2019s hidden Telnet function has a vu ...)
+ TODO: check
+CVE-2023-38026 (SpotCam Co., Ltd. SpotCam FHD 2 has a vulnerability of using hard-code ...)
+ TODO: check
+CVE-2023-38025 (SpotCam Co., Ltd. SpotCam FHD 2\u2019s hidden Telnet function has a vu ...)
+ TODO: check
+CVE-2023-38024 (SpotCam Co., Ltd. SpotCam FHD 2\u2019s hidden Telnet function has a vu ...)
+ TODO: check
+CVE-2023-33852 (IBM Security Guardium 11.4 is vulnerable to SQL injection. A remote at ...)
+ TODO: check
+CVE-2016-15035 (A vulnerability was found in Doc2k RE-Chat 1.0. It has been classified ...)
+ TODO: check
CVE-2023-4556 (A vulnerability was found in SourceCodester Online Graduate Tracer Sys ...)
NOT-FOR-US: SourceCodester Online Graduate Tracer System
CVE-2023-4555 (A vulnerability has been found in SourceCodester Inventory Management ...)
@@ -16255,12 +16287,12 @@ CVE-2023-30439
RESERVED
CVE-2023-30438 (An internally discovered vulnerability in PowerVM on IBM Power9 and Po ...)
NOT-FOR-US: IBM
-CVE-2023-30437
- RESERVED
-CVE-2023-30436
- RESERVED
-CVE-2023-30435
- RESERVED
+CVE-2023-30437 (IBM Security Guardium 11.3, 11.4, and 11.5 could allow an unauthorized ...)
+ TODO: check
+CVE-2023-30436 (IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to cross-site ...)
+ TODO: check
+CVE-2023-30435 (IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cro ...)
+ TODO: check
CVE-2023-30434 (IBM Storage Scale (IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 ...)
NOT-FOR-US: IBM
CVE-2023-30433 (IBM Security Verify Access 10.0 could allow a remote attacker to condu ...)
@@ -25038,8 +25070,7 @@ CVE-2023-27605
RESERVED
CVE-2023-1178 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
- gitlab 15.10.8+ds1-2
-CVE-2023-27604
- RESERVED
+CVE-2023-27604 (Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a ...)
NOT-FOR-US: Apache Airflow Sqoop Provider
CVE-2023-27603 (In Apache Linkis <=1.3.1, due to the Manager module engineConn materia ...)
NOT-FOR-US: Apache Linkis
@@ -28628,12 +28659,12 @@ CVE-2023-26274 (IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. Thi
NOT-FOR-US: IBM
CVE-2023-26273 (IBM QRadar SIEM 7.5.0 could allow an authenticated user to perform una ...)
NOT-FOR-US: IBM
-CVE-2023-26272
- RESERVED
-CVE-2023-26271
- RESERVED
-CVE-2023-26270
- RESERVED
+CVE-2023-26272 (IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager ...)
+ TODO: check
+CVE-2023-26271 (IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager ...)
+ TODO: check
+CVE-2023-26270 (IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager ...)
+ TODO: check
CVE-2023-26269 (Apache James server version 3.7.3 and earlier provides a JMX managemen ...)
NOT-FOR-US: Apache James
CVE-2023-26268 (Design documents with matching document IDs, from databases on the sam ...)
@@ -32796,8 +32827,8 @@ CVE-2023-24961
RESERVED
CVE-2023-24960 (IBM InfoSphere Information Server 11.7 could allow a remote attacker t ...)
NOT-FOR-US: IBM
-CVE-2023-24959
- RESERVED
+CVE-2023-24959 (IBM InfoSphere Information Systems 11.7 could expose information about ...)
+ TODO: check
CVE-2023-24958 (A vulnerability in the IBM TS7700 Management Interface 8.51.2.12, 8.52 ...)
NOT-FOR-US: IBM
CVE-2023-24957 (IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0. ...)
@@ -37342,8 +37373,8 @@ CVE-2023-23475 (IBM Infosphere Information Server 11.7 is vulnerable to cross-si
NOT-FOR-US: IBM
CVE-2023-23474
RESERVED
-CVE-2023-23473
- RESERVED
+CVE-2023-23473 (IBM InfoSphere Information Server 11.7 is vulnerable to cross-site req ...)
+ TODO: check
CVE-2023-23472
RESERVED
CVE-2023-23471
@@ -39270,8 +39301,8 @@ CVE-2023-22879
RESERVED
CVE-2023-22878 (IBM InfoSphere Information Server 11.7 stores user credentials in plai ...)
NOT-FOR-US: IBM
-CVE-2023-22877
- RESERVED
+CVE-2023-22877 (IBM InfoSphere Information Server 11.7 is potentially vulnerable to CS ...)
+ TODO: check
CVE-2023-22876 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 a ...)
NOT-FOR-US: IBM
CVE-2023-22875 (IBM QRadar SIEM 7.4 and 7.5copies certificate key files used for SSL/T ...)
@@ -57686,6 +57717,7 @@ CVE-2023-20199 (A vulnerability in Cisco Duo Two-Factor Authentication for macOS
CVE-2023-20198
RESERVED
CVE-2023-20197 (A vulnerability in the filesystem image parser for Hierarchical File S ...)
+ {DLA-3544-1}
- clamav 1.0.2+dfsg-1 (bug #1050057)
[bookworm] - clamav <no-dsa> (clamav is updated via -updates)
[bullseye] - clamav <no-dsa> (clamav is updated via -updates)
@@ -58270,18 +58302,18 @@ CVE-2022-43911
RESERVED
CVE-2022-43910 (IBM Security Guardium 11.3 could allow a local user to escalate their ...)
NOT-FOR-US: IBM
-CVE-2022-43909
- RESERVED
+CVE-2022-43909 (IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This ...)
+ TODO: check
CVE-2022-43908 (IBM Security Guardium 11.3 could allow an authenticated user to cause ...)
NOT-FOR-US: IBM
-CVE-2022-43907
- RESERVED
+CVE-2022-43907 (IBM Security Guardium 11.4 could allow a remote authenticated attacker ...)
+ TODO: check
CVE-2022-43906
RESERVED
CVE-2022-43905
RESERVED
-CVE-2022-43904
- RESERVED
+CVE-2022-43904 (IBM Security Guardium 11.3 and 11.4 could disclose sensitive informati ...)
+ TODO: check
CVE-2022-43903
RESERVED
CVE-2022-43902 (IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS is vulnerable to a denial ...)
@@ -224708,7 +224740,7 @@ CVE-2020-19911
RESERVED
CVE-2020-19910
RESERVED
-CVE-2020-19909 (Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via cr ...)
+CVE-2020-19909 (Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a ...)
- curl 7.66.0-1 (unimportant)
NOTE: https://github.com/curl/curl/pull/4166
NOTE: Fixed by: https://github.com/curl/curl/commit/db0a0dfb0eb41d39273b0590b992df58f38b9a4d (curl-7_66_0)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8dd7679f67237b40883550e50db5f73b3ad07fe3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8dd7679f67237b40883550e50db5f73b3ad07fe3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230828/3b473de3/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list