[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Dec 4 08:11:45 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
49210d46 by security tracker role at 2023-12-04T08:11:34+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,243 @@
+CVE-2023-5332 (Patch in third party library Consul requires 'enable-script-checks' to ...)
+ TODO: check
+CVE-2023-49287 (TinyDir is a lightweight C directory and file reader. Buffer overflows ...)
+ TODO: check
+CVE-2023-49108 (Path traversal vulnerability exists in RakRak Document Plus Ver.3.2.0. ...)
+ TODO: check
+CVE-2023-49093 (HtmlUnit is a GUI-less browser for Java programs. HtmlUnit is vulnerab ...)
+ TODO: check
+CVE-2023-47701 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5 ...)
+ TODO: check
+CVE-2023-46167 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 ...)
+ TODO: check
+CVE-2023-42751 (In gnss service, there is a possible out of bounds write due to a miss ...)
+ TODO: check
+CVE-2023-42749 (In enginnermode service, there is a possible way to write permission u ...)
+ TODO: check
+CVE-2023-42748 (In telecom service, there is a possible missing permission check. This ...)
+ TODO: check
+CVE-2023-42747 (In camera service, there is a possible missing permission check. This ...)
+ TODO: check
+CVE-2023-42746 (In power manager, there is a possible missing permission check. This c ...)
+ TODO: check
+CVE-2023-42745 (In telecom service, there is a possible missing permission check. This ...)
+ TODO: check
+CVE-2023-42744 (In telecom service, there is a possible missing permission check. This ...)
+ TODO: check
+CVE-2023-42743 (In telecom service, there is a possible missing permission check. This ...)
+ TODO: check
+CVE-2023-42742 (In sysui, there is a possible missing permission check. This could lea ...)
+ TODO: check
+CVE-2023-42741 (In telecom service, there is a possible way to write permission usage ...)
+ TODO: check
+CVE-2023-42740 (In telecom service, there is a possible way to write permission usage ...)
+ TODO: check
+CVE-2023-42739 (In engineermode service, there is a possible way to write permission u ...)
+ TODO: check
+CVE-2023-42738 (In telocom service, there is a possible missing permission check. This ...)
+ TODO: check
+CVE-2023-42737 (In telecom service, there is a possible way to write permission usage ...)
+ TODO: check
+CVE-2023-42736 (In telecom service, there is a possible missing permission check. This ...)
+ TODO: check
+CVE-2023-42735 (In telephony service, there is a possible missing permission check. Th ...)
+ TODO: check
+CVE-2023-42734 (In telephony service, there is a possible missing permission check. Th ...)
+ TODO: check
+CVE-2023-42733 (In telephony service, there is a possible missing permission check. Th ...)
+ TODO: check
+CVE-2023-42732 (In telephony service, there is a possible missing permission check. Th ...)
+ TODO: check
+CVE-2023-42731 (In Gnss service, there is a possible out of bounds read due to a missi ...)
+ TODO: check
+CVE-2023-42730 (In IMS service, there is a possible way to write permission usage reco ...)
+ TODO: check
+CVE-2023-42729 (In ril service, there is a possible out of bounds write due to a missi ...)
+ TODO: check
+CVE-2023-42728 (In phasecheckserver, there is a possible out of bounds read due to a m ...)
+ TODO: check
+CVE-2023-42727 (In gpu driver, there is a possible out of bounds write due to a incorr ...)
+ TODO: check
+CVE-2023-42726 (In TeleService, there is a possible out of bounds read due to a missin ...)
+ TODO: check
+CVE-2023-42725 (In gpu driver, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2023-42724 (In gpu driver, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2023-42723 (In camera service, there is a possible out of bounds read due to a mis ...)
+ TODO: check
+CVE-2023-42722 (In camera service, there is a possible use after free due to a logic e ...)
+ TODO: check
+CVE-2023-42721 (In flv extractor, there is a possible missing verification incorrect i ...)
+ TODO: check
+CVE-2023-42720 (In video service, there is a possible out of bounds read due to a miss ...)
+ TODO: check
+CVE-2023-42719 (In video service, there is a possible out of bounds read due to a inco ...)
+ TODO: check
+CVE-2023-42718 (In dialer, there is a possible way to write permission usage records o ...)
+ TODO: check
+CVE-2023-42717 (In telephony service, there is a possible missing permission check. Th ...)
+ TODO: check
+CVE-2023-42716 (In telephony service, there is a possible missing permission check. Th ...)
+ TODO: check
+CVE-2023-42715 (In telephony service, there is a possible missing permission check. Th ...)
+ TODO: check
+CVE-2023-42714 (In firewall service, there is a possible way to write permission usage ...)
+ TODO: check
+CVE-2023-42713 (In firewall service, there is a possible way to write permission usage ...)
+ TODO: check
+CVE-2023-42712 (In firewall service, there is a possible way to write permission usage ...)
+ TODO: check
+CVE-2023-42711 (In firewall service, there is a possible way to write permission usage ...)
+ TODO: check
+CVE-2023-42710 (In firewall service, there is a possible way to write permission usage ...)
+ TODO: check
+CVE-2023-42709 (In firewall service, there is a possible way to write permission usage ...)
+ TODO: check
+CVE-2023-42708 (In firewall service, there is a possible way to write permission usage ...)
+ TODO: check
+CVE-2023-42707 (In firewall service, there is a possible way to write permission usage ...)
+ TODO: check
+CVE-2023-42706 (In firewall service, there is a possible way to write permission usage ...)
+ TODO: check
+CVE-2023-42705 (In imsservice, there is a possible way to write permission usage recor ...)
+ TODO: check
+CVE-2023-42704 (In imsservice, there is a possible way to write permission usage recor ...)
+ TODO: check
+CVE-2023-42703 (In firewall service, there is a possible way to write permission usage ...)
+ TODO: check
+CVE-2023-42702 (In firewall service, there is a possible way to write permission usage ...)
+ TODO: check
+CVE-2023-42701 (In firewall service, there is a possible way to write permission usage ...)
+ TODO: check
+CVE-2023-42700 (In firewall service, there is a possible way to write permission usage ...)
+ TODO: check
+CVE-2023-42699 (In omacp service, there is a possible way to write permission usage re ...)
+ TODO: check
+CVE-2023-42698 (In omacp service, there is a possible way to write permission usage re ...)
+ TODO: check
+CVE-2023-42697 (In omacp service, there is a possible way to write permission usage re ...)
+ TODO: check
+CVE-2023-42696 (In telecom service, there is a possible missing permission check. This ...)
+ TODO: check
+CVE-2023-42695 (In wifi service, there is a possible missing permission check. This co ...)
+ TODO: check
+CVE-2023-42694 (In wifi service, there is a possible missing permission check. This co ...)
+ TODO: check
+CVE-2023-42693 (In wifi service, there is a possible missing permission check. This co ...)
+ TODO: check
+CVE-2023-42692 (In wifi service, there is a possible missing permission check. This co ...)
+ TODO: check
+CVE-2023-42691 (In wifi service, there is a possible missing permission check. This co ...)
+ TODO: check
+CVE-2023-42690 (In wifi service, there is a possible missing permission check. This co ...)
+ TODO: check
+CVE-2023-42689 (In wifi service, there is a possible missing permission check. This co ...)
+ TODO: check
+CVE-2023-42688 (In wifi service, there is a possible missing permission check. This co ...)
+ TODO: check
+CVE-2023-42687 (In wifi service, there is a possible missing permission check. This co ...)
+ TODO: check
+CVE-2023-42686 (In wifi service, there is a possible missing permission check. This co ...)
+ TODO: check
+CVE-2023-42685 (In wifi service, there is a possible missing permission check. This co ...)
+ TODO: check
+CVE-2023-42684 (In gsp driver, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2023-42683 (In gsp driver, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2023-42682 (In gsp driver, there is a possible out of bounds write due to a missin ...)
+ TODO: check
+CVE-2023-42681 (In ion service, there is a possible missing permission check. This cou ...)
+ TODO: check
+CVE-2023-42680 (In gpu driver, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2023-42679 (In gpu driver, there is a possible out of bounds write due to a missin ...)
+ TODO: check
+CVE-2023-42678 (In imsservice, there is a possible way to write permission usage recor ...)
+ TODO: check
+CVE-2023-42677 (In imsservice, there is a possible way to write permission usage recor ...)
+ TODO: check
+CVE-2023-42676 (In imsservice, there is a possible way to write permission usage recor ...)
+ TODO: check
+CVE-2023-42675 (In imsservice, there is a possible way to write permission usage recor ...)
+ TODO: check
+CVE-2023-42674 (In imsservice, there is a possible way to write permission usage recor ...)
+ TODO: check
+CVE-2023-42673 (In imsservice, there is a possible way to write permission usage recor ...)
+ TODO: check
+CVE-2023-42672 (In imsservice, there is a possible way to write permission usage recor ...)
+ TODO: check
+CVE-2023-42671 (In imsservice, there is a possible way to write permission usage recor ...)
+ TODO: check
+CVE-2023-40692 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5 ...)
+ TODO: check
+CVE-2023-40687 (IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5 ...)
+ TODO: check
+CVE-2023-38727 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5 ...)
+ TODO: check
+CVE-2023-38003 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5 ...)
+ TODO: check
+CVE-2023-32870 (In display drm, there is a possible out of bounds read due to a missin ...)
+ TODO: check
+CVE-2023-32869 (In display drm, there is a possible out of bounds write due to a missi ...)
+ TODO: check
+CVE-2023-32868 (In display drm, there is a possible out of bounds write due to a missi ...)
+ TODO: check
+CVE-2023-32867 (In display drm, there is a possible out of bounds write due to a missi ...)
+ TODO: check
+CVE-2023-32866 (In mmp, there is a possible memory corruption due to an incorrect boun ...)
+ TODO: check
+CVE-2023-32865 (In display drm, there is a possible out of bounds write due to an inco ...)
+ TODO: check
+CVE-2023-32864 (In display drm, there is a possible out of bounds write due to an inco ...)
+ TODO: check
+CVE-2023-32863 (In display drm, there is a possible out of bounds read due to a missin ...)
+ TODO: check
+CVE-2023-32862 (In display, there is a possible out of bounds read due to an incorrect ...)
+ TODO: check
+CVE-2023-32861 (In display, there is a possible out of bounds read due to an incorrect ...)
+ TODO: check
+CVE-2023-32860 (In display, there is a possible classic buffer overflow due to a missi ...)
+ TODO: check
+CVE-2023-32859 (In meta, there is a possible classic buffer overflow due to a missing ...)
+ TODO: check
+CVE-2023-32858 (In GZ, there is a possible information disclosure due to a missing dat ...)
+ TODO: check
+CVE-2023-32857 (In display, there is a possible out of bounds read due to an incorrect ...)
+ TODO: check
+CVE-2023-32856 (In display, there is a possible out of bounds read due to an incorrect ...)
+ TODO: check
+CVE-2023-32855 (In aee, there is a possible escalation of privilege due to a missing p ...)
+ TODO: check
+CVE-2023-32854 (In ril, there is a possible out of bounds write due to a missing bound ...)
+ TODO: check
+CVE-2023-32853 (In rpmb, there is a possible out of bounds write due to a missing boun ...)
+ TODO: check
+CVE-2023-32852 (In cameraisp, there is a possible information disclosure due to improp ...)
+ TODO: check
+CVE-2023-32851 (In decoder, there is a possible out of bounds write due to a missing b ...)
+ TODO: check
+CVE-2023-32850 (In decoder, there is a possible out of bounds write due to an integer ...)
+ TODO: check
+CVE-2023-32849 (In cmdq, there is a possible out of bounds write due to type confusion ...)
+ TODO: check
+CVE-2023-32848 (In vdec, there is a possible out of bounds write due to type confusion ...)
+ TODO: check
+CVE-2023-32847 (In audio, there is a possible out of bounds write due to a missing bou ...)
+ TODO: check
+CVE-2023-32846 (In 5G Modem, there is a possible system crash due to improper error ha ...)
+ TODO: check
+CVE-2023-32845 (In 5G Modem, there is a possible system crash due to improper error ha ...)
+ TODO: check
+CVE-2023-32844 (In 5G Modem, there is a possible system crash due to improper error ha ...)
+ TODO: check
+CVE-2023-32843 (In 5G Modem, there is a possible system crash due to improper error ha ...)
+ TODO: check
+CVE-2023-32842 (In 5G Modem, there is a possible system crash due to improper error ha ...)
+ TODO: check
+CVE-2023-32841 (In 5G Modem, there is a possible system crash due to improper error ha ...)
+ TODO: check
CVE-2023-49948 (Forgejo before 1.20.5-1 allows remote attackers to test for the existe ...)
NOT-FOR-US: Forgejo
CVE-2023-49947 (Forgejo before 1.20.5-1 allows 2FA bypass when docker login uses Basic ...)
@@ -86,7 +326,7 @@ CVE-2023-5635 (Improper Protection for Outbound Error Messages and Alert Signals
NOT-FOR-US: ArslanSoft Education Portal
CVE-2023-5634 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: ArslanSoft Education Portal
-CVE-2023-5427 (A local non-privileged user can make improper GPU processing operation ...)
+CVE-2023-5427 (Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm ...)
TODO: check
CVE-2023-4518 (A vulnerability exists in the input validation of the GOOSE messages ...)
TODO: check
@@ -31524,12 +31764,12 @@ CVE-2022-48466
RESERVED
CVE-2022-48465
RESERVED
-CVE-2022-48464
- RESERVED
-CVE-2022-48463
- RESERVED
-CVE-2022-48462
- RESERVED
+CVE-2022-48464 (In wifi service, there is a possible out of bounds write due to a miss ...)
+ TODO: check
+CVE-2022-48463 (In wifi service, there is a possible out of bounds write due to a miss ...)
+ TODO: check
+CVE-2022-48462 (In wifi service, there is a possible out of bounds write due to a miss ...)
+ TODO: check
CVE-2022-48461 (In sensor driver, there is a possible out of bounds write due to a mis ...)
NOT-FOR-US: Unisoc
CVE-2022-48460 (In setting service, there is a possible undefined behavior due to inco ...)
@@ -35168,8 +35408,8 @@ CVE-2023-29260 (IBM Sterling Connect:Express for UNIX 1.5 is vulnerable to serve
NOT-FOR-US: IBM
CVE-2023-29259 (IBM Sterling Connect:Express for UNIX 1.5 browser UI is vulnerable to ...)
NOT-FOR-US: IBM
-CVE-2023-29258
- RESERVED
+CVE-2023-29258 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 ...)
+ TODO: check
CVE-2023-29257 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5 ...)
NOT-FOR-US: IBM
CVE-2023-29256 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49210d46bab8020ad411ef1325c940ba35aacd43
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49210d46bab8020ad411ef1325c940ba35aacd43
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231204/4e9f765c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list