[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Dec 7 20:12:45 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
110c6fa7 by security tracker role at 2023-12-07T20:12:27+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,161 @@
+CVE-2023-6588 (Offline mode is always enabled, even if permission disallows it, in D ...)
+ TODO: check
+CVE-2023-6575 (A vulnerability was found in Beijing Baichuo S210 up to 20231121. It h ...)
+ TODO: check
+CVE-2023-6574 (A vulnerability was found in Beijing Baichuo Smart S20 up to 20231120 ...)
+ TODO: check
+CVE-2023-6333 (The affected ControlByWeb Relay products are vulnerable to a stored cr ...)
+ TODO: check
+CVE-2023-50164 (An attacker can manipulate file upload params to enable paths traversa ...)
+ TODO: check
+CVE-2023-50002 (Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflo ...)
+ TODO: check
+CVE-2023-50001 (Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflo ...)
+ TODO: check
+CVE-2023-50000 (Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflo ...)
+ TODO: check
+CVE-2023-4486 (Under certain circumstances, invalid authentication credentials could ...)
+ TODO: check
+CVE-2023-49999 (Tenda W30E V16.01.0.12(4843) was discovered to contain a command injec ...)
+ TODO: check
+CVE-2023-49967 (Typecho v1.2.1 was discovered to be vulnerable to an XML Quadratic Blo ...)
+ TODO: check
+CVE-2023-49958 (An issue was discovered in Dalmann OCPP.Core through 1.2.0 for OCPP (O ...)
+ TODO: check
+CVE-2023-49957 (An issue was discovered in Dalmann OCPP.Core before 1.3.0 for OCPP (Op ...)
+ TODO: check
+CVE-2023-49956 (An issue was discovered in Dalmann OCPP.Core before 1.3.0 for OCPP (Op ...)
+ TODO: check
+CVE-2023-49955 (An issue was discovered in Dalmann OCPP.Core before 1.2.0 for OCPP (Op ...)
+ TODO: check
+CVE-2023-49787
+ REJECTED
+CVE-2023-49746 (Server-Side Request Forgery (SSRF) vulnerability in Softaculous Team S ...)
+ TODO: check
+CVE-2023-49493 (DedeCMS v5.7.111 was discovered to contain a reflective cross-site scr ...)
+ TODO: check
+CVE-2023-49492 (DedeCMS v5.7.111 was discovered to contain a reflective cross-site scr ...)
+ TODO: check
+CVE-2023-49468 (Libde265 v1.0.14 was discovered to contain a global buffer overflow vu ...)
+ TODO: check
+CVE-2023-49467 (Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vuln ...)
+ TODO: check
+CVE-2023-49465 (Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vuln ...)
+ TODO: check
+CVE-2023-49464 (libheif v1.17.5 was discovered to contain a segmentation violation via ...)
+ TODO: check
+CVE-2023-49463 (libheif v1.17.5 was discovered to contain a segmentation violation via ...)
+ TODO: check
+CVE-2023-49462 (libheif v1.17.5 was discovered to contain a segmentation violation via ...)
+ TODO: check
+CVE-2023-49460 (libheif v1.17.5 was discovered to contain a segmentation violation via ...)
+ TODO: check
+CVE-2023-49437 (Tenda AX12 V22.03.01.46 has been discovered to contain a command injec ...)
+ TODO: check
+CVE-2023-49436 (Tenda AX9 V22.03.01.46 has been discovered to contain a command inject ...)
+ TODO: check
+CVE-2023-49435 (Tenda AX9 V22.03.01.46 is vulnerable to command injection.)
+ TODO: check
+CVE-2023-49434 (Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vuln ...)
+ TODO: check
+CVE-2023-49433 (Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vuln ...)
+ TODO: check
+CVE-2023-49432 (Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vuln ...)
+ TODO: check
+CVE-2023-49431 (Tenda AX9 V22.03.01.46 has been discovered to contain a command inject ...)
+ TODO: check
+CVE-2023-49430 (Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vuln ...)
+ TODO: check
+CVE-2023-49429 (Tenda AX9 V22.03.01.46 was discovered to contain a SQL command injecti ...)
+ TODO: check
+CVE-2023-49428 (Tenda AX12 V22.03.01.46 has been discovered to contain a command injec ...)
+ TODO: check
+CVE-2023-49426 (Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via ...)
+ TODO: check
+CVE-2023-49425 (Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via ...)
+ TODO: check
+CVE-2023-49424 (Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via ...)
+ TODO: check
+CVE-2023-49411 (Tenda W30E V16.01.0.12(4843) contains a stack overflow vulnerability v ...)
+ TODO: check
+CVE-2023-49410 (Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflo ...)
+ TODO: check
+CVE-2023-49409 (Tenda AX3 V16.03.12.11 was discovered to contain a Command Execution v ...)
+ TODO: check
+CVE-2023-49408 (Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via ...)
+ TODO: check
+CVE-2023-49406 (Tenda W30E V16.01.0.12(4843) was discovered to contain a Command Execu ...)
+ TODO: check
+CVE-2023-49405 (Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflo ...)
+ TODO: check
+CVE-2023-49404 (Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflo ...)
+ TODO: check
+CVE-2023-49403 (Tenda W30E V16.01.0.12(4843) was discovered to contain a command injec ...)
+ TODO: check
+CVE-2023-49402 (Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflo ...)
+ TODO: check
+CVE-2023-48958 (gpac 2.3-DEV-rev617-g671976fcc-master contains memory leaks in gf_mpd_ ...)
+ TODO: check
+CVE-2023-48325 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in P ...)
+ TODO: check
+CVE-2023-47779 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in C ...)
+ TODO: check
+CVE-2023-47548 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in S ...)
+ TODO: check
+CVE-2023-47440 (Gladys Assistant v4.27.0 and prior is vulnerable to Directory Traversa ...)
+ TODO: check
+CVE-2023-46974 (Cross Site Scripting vulnerability in Best Courier Management System v ...)
+ TODO: check
+CVE-2023-46871 (GPAC version 2.3-DEV-rev602-ged8424300-master in MP4Box contains a mem ...)
+ TODO: check
+CVE-2023-46641 (Server-Side Request Forgery (SSRF) vulnerability in Code for Recovery ...)
+ TODO: check
+CVE-2023-45762 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in M ...)
+ TODO: check
+CVE-2023-41905 (NETSCOUT nGeniusONE 6.3.4 build 2298 allows a Reflected Cross-Site scr ...)
+ TODO: check
+CVE-2023-41804 (Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force S ...)
+ TODO: check
+CVE-2023-41172 (NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site script ...)
+ TODO: check
+CVE-2023-41171 (NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site script ...)
+ TODO: check
+CVE-2023-41170 (NetScout nGeniusONE 6.3.4 build 2298 allows a Reflected Cross-Site scr ...)
+ TODO: check
+CVE-2023-41169 (NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site script ...)
+ TODO: check
+CVE-2023-41168 (NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site script ...)
+ TODO: check
+CVE-2023-40302 (NETSCOUT nGeniusPULSE 3.8 has Weak File Permissions Vulnerability)
+ TODO: check
+CVE-2023-40301 (NETSCOUT nGeniusPULSE 3.8 has a Command Injection Vulnerability.)
+ TODO: check
+CVE-2023-40300 (NETSCOUT nGeniusPULSE 3.8 has a Hardcoded Cryptographic Key.)
+ TODO: check
+CVE-2023-39909 (Ericsson Network Manager before 23.2 mishandles Access Control and thu ...)
+ TODO: check
+CVE-2023-39172 (The affected devices transmit sensitive information unencrypted allowi ...)
+ TODO: check
+CVE-2023-39171 (SENEC Storage Box V1,V2 and V3 accidentially expose a management UI ac ...)
+ TODO: check
+CVE-2023-39170
+ REJECTED
+CVE-2023-39169 (The affected devices use publicly available default credentials with a ...)
+ TODO: check
+CVE-2023-39168
+ REJECTED
+CVE-2023-39167 (InSENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker ca ...)
+ TODO: check
+CVE-2023-35909 (Uncontrolled Resource Consumption vulnerability in Saturday Drive Ninj ...)
+ TODO: check
+CVE-2023-35039 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
+ TODO: check
+CVE-2023-33413 (The configuration functionality in the Intelligent Platform Management ...)
+ TODO: check
+CVE-2023-33412 (The web interface in the Intelligent Platform Management Interface (IP ...)
+ TODO: check
+CVE-2023-33411 (A web server in the Intelligent Platform Management Interface (IPMI) b ...)
+ TODO: check
CVE-2023-6568 (Cross-site Scripting (XSS) - Reflected in GitHub repository mlflow/mlf ...)
NOT-FOR-US: mlflow
CVE-2023-6566 (Business Logic Errors in GitHub repository microweber/microweber prior ...)
@@ -68523,8 +68681,8 @@ CVE-2022-45364 (Cross-Site Request Forgery (CSRF) vulnerability in Glen Don L. M
NOT-FOR-US: WordPress plugin
CVE-2022-45363 (Auth. (subscriber+) Stored Cross-Site Scripting (XSS) in Muffingroup B ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-45362
- RESERVED
+CVE-2022-45362 (Server-Side Request Forgery (SSRF) vulnerability in Paytm Paytm Paymen ...)
+ TODO: check
CVE-2022-45361 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Bori ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45360 (Improper Neutralization of Formula Elements in a CSV File vulnerabilit ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/110c6fa7ea1784b5f3944db30d704b05b3424c6f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/110c6fa7ea1784b5f3944db30d704b05b3424c6f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231207/4a24de44/attachment.htm>
More information about the debian-security-tracker-commits
mailing list