[Git][security-tracker-team/security-tracker][master] automatic update

Sat Dec 2 08:11:43 GMT 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a029ce1c by security tracker role at 2023-12-02T08:11:28+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,47 @@
+CVE-2023-6463 (A vulnerability has been found in SourceCodester User Registration and ...)
+	TODO: check
+CVE-2023-6462 (A vulnerability, which was classified as problematic, was found in Sou ...)
+	TODO: check
+CVE-2023-49914 (InteraXon Muse 2 devices allow remote attackers to cause a denial of s ...)
+	TODO: check
+CVE-2023-49281 (Calendarinho is an open source calendaring application to manage large ...)
+	TODO: check
+CVE-2023-49277 (dpaste is an open source pastebin application written in Python using  ...)
+	TODO: check
+CVE-2023-49276 (Uptime Kuma is an open source self-hosted monitoring tool. In affected ...)
+	TODO: check
+CVE-2023-48887 (A deserialization vulnerability in Jupiter v1.3.1 allows attackers to  ...)
+	TODO: check
+CVE-2023-48886 (A deserialization vulnerability in NettyRpc v1.2 allows attackers to e ...)
+	TODO: check
+CVE-2023-48801 (In TOTOLINK X6000R_Firmware V9.4.0cu.852_B20230719, the shttpd file su ...)
+	TODO: check
+CVE-2023-48314 (Collabora Online is a collaborative online office suite based on Libre ...)
+	TODO: check
+CVE-2023-46746 (PostHog provides open-source product analytics, session recording, fea ...)
+	TODO: check
+CVE-2023-46174 (IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scr ...)
+	TODO: check
+CVE-2023-44402 (Electron is an open source framework for writing cross-platform deskto ...)
+	TODO: check
+CVE-2023-44382 (October is a Content Management System (CMS) and web platform to assis ...)
+	TODO: check
+CVE-2023-44381 (October is a Content Management System (CMS) and web platform to assis ...)
+	TODO: check
+CVE-2023-43021 (IBM InfoSphere Information Server 11.7 could allow a remote attacker t ...)
+	TODO: check
+CVE-2023-42022 (IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scr ...)
+	TODO: check
+CVE-2023-42019 (IBM InfoSphere Information Server 11.7 could allow a remote attacker t ...)
+	TODO: check
+CVE-2023-42009 (IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scr ...)
+	TODO: check
+CVE-2023-40699 (IBM InfoSphere Information Server 11.7 could allow a remote attacker t ...)
+	TODO: check
+CVE-2023-39257 (Dell Rugged Control Center, version prior to 4.7, contains an Improper ...)
+	TODO: check
+CVE-2023-39256 (Dell Rugged Control Center, version prior to 4.7, contains an improper ...)
+	TODO: check
 CVE-2023-6461 (Cross-site Scripting (XSS) - Reflected in GitHub repository viliusle/m ...)
 	NOT-FOR-US: minipaint
 CVE-2023-6449 (The Contact Form 7 plugin for WordPress is vulnerable to arbitrary fil ...)
@@ -5945,6 +5989,7 @@ CVE-2023-46120 (The RabbitMQ Java client library allows Java and JVM-based appli
 CVE-2023-46119 (Parse Server is an open source backend that can be deployed to any inf ...)
 	NOT-FOR-US: Parse Server
 CVE-2023-46118 (RabbitMQ is a multi-protocol messaging and streaming broker. HTTP API  ...)
+	{DSA-5571-1}
 	- rabbitmq-server 3.10.8-3 (bug #1056723)
 	NOTE: https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-w6cq-9cf4-gqpg
 	NOTE: https://github.com/rabbitmq/rabbitmq-server/pull/9708
@@ -8882,7 +8927,7 @@ CVE-2023-3961 (A path traversal vulnerability was identified in Samba when proce
 	NOTE: https://www.samba.org/samba/security/CVE-2023-3961.html
 	NOTE: In scope for continued Samba support
 CVE-2023-44487 (The HTTP/2 protocol allows a denial of service (server resource consum ...)
-	{DSA-5558-1 DSA-5549-1 DSA-5540-1 DSA-5522-1 DSA-5521-1 DLA-3656-1 DLA-3645-1 DLA-3641-1 DLA-3638-1 DLA-3621-1 DLA-3617-1}
+	{DSA-5570-1 DSA-5558-1 DSA-5549-1 DSA-5540-1 DSA-5522-1 DSA-5521-1 DLA-3656-1 DLA-3645-1 DLA-3641-1 DLA-3638-1 DLA-3621-1 DLA-3617-1}
 	- tomcat9 9.0.70-2
 	- tomcat10 10.1.14-1
 	- trafficserver 9.2.3+ds-1 (bug #1053801; bug #1054427)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a029ce1c89babd54d6f6dabcc9cbbd63dbb2c9f7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a029ce1c89babd54d6f6dabcc9cbbd63dbb2c9f7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231202/e43dc1ac/attachment-0001.htm>
