[Git][security-tracker-team/security-tracker][master] automatic update

Mon Dec 11 20:12:22 GMT 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f5a49770 by security tracker role at 2023-12-11T20:11:59+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,39 @@
-CVE-2023-6185 [Improper input validation enabling arbitrary Gstreamer pipeline injection]
+CVE-2023-6679 (A null pointer dereference vulnerability was found in dpll_pin_parent_ ...)
+	TODO: check
+CVE-2023-6671 (A vulnerability has been discovered on OJS, that consists in a CSRF (C ...)
+	TODO: check
+CVE-2023-6538 (SMU versions prior to 14.8.7825.01 are susceptible to unintended infor ...)
+	TODO: check
+CVE-2023-6194 (In Eclipse Memory Analyzer versions 0.7 to 1.14.0, report definition X ...)
+	TODO: check
+CVE-2023-6035 (The EazyDocs WordPress plugin before 2.3.4 does not properly sanitize  ...)
+	TODO: check
+CVE-2023-5955 (The Contact Form Email WordPress plugin before 1.3.44 does not sanitis ...)
+	TODO: check
+CVE-2023-5940 (The WP Not Login Hide (WPNLH) WordPress plugin through 1.0 does not sa ...)
+	TODO: check
+CVE-2023-5907 (The File Manager WordPress plugin before 6.3 does not restrict the fil ...)
+	TODO: check
+CVE-2023-5757 (The WP Crowdfunding WordPress plugin before 2.1.8 does not sanitise an ...)
+	TODO: check
+CVE-2023-5750 (The EmbedPress WordPress plugin before 3.9.2 does not sanitise and esc ...)
+	TODO: check
+CVE-2023-5749 (The EmbedPress WordPress plugin before 3.9.2 does not sanitise and esc ...)
+	TODO: check
+CVE-2023-49795 (MindsDB connects artificial intelligence models to real time data. Ver ...)
+	TODO: check
+CVE-2023-49418 (TOTOLink A7000R V9.1.0u.6115_B20201022has a stack overflow vulnerabili ...)
+	TODO: check
+CVE-2023-49417 (TOTOLink A7000R V9.1.0u.6115_B20201022 has a stack overflow vulnerabil ...)
+	TODO: check
+CVE-2023-48715 (Tuleap is an open source suite to improve management of software devel ...)
+	TODO: check
+CVE-2023-6185 (Improper Input Validation vulnerability in GStreamer integration of Th ...)
+	{DSA-5574-1}
 	- libreoffice 4:7.6.3-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2023-6185/
-CVE-2023-6186 [Link targets allow arbitrary script execution]
+CVE-2023-6186 (Insufficient macro permission validation of The Document Foundation Li ...)
+	{DSA-5574-1}
 	- libreoffice 4:7.6.4~rc1-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2023-6186/
 CVE-2023-6659 (A vulnerability, which was classified as critical, has been found in C ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f5a497702677573f58deb08617ce2273d80e02fa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f5a497702677573f58deb08617ce2273d80e02fa
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231211/fb55a0cb/attachment.htm>
