[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Dec 18 08:12:15 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dae8f8c2 by security tracker role at 2023-12-18T08:12:01+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2023-6909 (Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prio ...)
+ TODO: check
+CVE-2023-6908 (A vulnerability, which was classified as problematic, was found in DFI ...)
+ TODO: check
+CVE-2023-6907 (A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2 ...)
+ TODO: check
+CVE-2023-6906 (A vulnerability, which was classified as critical, was found in Totoli ...)
+ TODO: check
+CVE-2023-6905 (A vulnerability, which was classified as problematic, has been found i ...)
+ TODO: check
+CVE-2023-6904 (A vulnerability classified as problematic was found in Jahastech NxFil ...)
+ TODO: check
+CVE-2023-6903 (A vulnerability classified as critical has been found in Netentsec NS- ...)
+ TODO: check
+CVE-2023-6483 (The vulnerability exists in ADiTaaS (Allied Digital Integrated Tool-as ...)
+ TODO: check
+CVE-2023-50981 (ModularSquareRoot in Crypto++ (aka cryptopp) through 8.9.0 allows atta ...)
+ TODO: check
+CVE-2023-50980 (gf2n.cpp in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to ...)
+ TODO: check
+CVE-2023-50979 (Crypto++ (aka cryptopp) through 8.9.0 has a Marvin side channel during ...)
+ TODO: check
+CVE-2023-50976 (Redpanda before 23.1.21 and 23.2.x before 23.2.18 has missing authoriz ...)
+ TODO: check
CVE-2023-6902 (A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2 ...)
NOT-FOR-US: Stupid Simple CMS
CVE-2023-6901 (A vulnerability, which was classified as critical, was found in codely ...)
@@ -876,7 +900,7 @@ CVE-2023-3904 (An issue has been discovered in GitLab EE affecting all versions
- gitlab <not-affected> (Specific to EE)
CVE-2023-3511 (An issue has been discovered in GitLab EE affecting all versions start ...)
- gitlab <not-affected> (Specific to EE)
-CVE-2023-3907
+CVE-2023-3907 (A privilege escalation vulnerability in GitLab EE affecting all versio ...)
- gitlab <not-affected> (Specific to EE)
CVE-2023-5061 (An issue has been discovered in GitLab affecting all versions starting ...)
- gitlab <unfixed>
@@ -2950,11 +2974,11 @@ CVE-2023-48800 (In TOTOLINK X6000R_Firmware V9.4.0cu.852_B20230719, the shttpd f
NOT-FOR-US: TOTOLINK
CVE-2023-48799 (TOTOLINK-X6000R Firmware-V9.4.0cu.852_B20230719 is vulnerable to Comma ...)
NOT-FOR-US: TOTOLINK
-CVE-2023-44306 (Dell DM5500 contains a path traversal vulnerability in PPOE Component. ...)
+CVE-2023-44306 (Dell DM5500 contains a path traversal vulnerability in the appliance. ...)
NOT-FOR-US: Dell
CVE-2023-44305 (Dell DM5500 5.14.0.0, contains a Stack-based Buffer Overflow Vulnerabi ...)
NOT-FOR-US: Dell
-CVE-2023-44304 (Dell DM5500 contains a privilege escalation vulnerability in PPOE Comp ...)
+CVE-2023-44304 (Dell DM5500 contains a privilege escalation vulnerability in the appli ...)
NOT-FOR-US: Dell
CVE-2023-44302 (Dell DM5500 5.14.0.0 and prior contain an improper authentication vuln ...)
NOT-FOR-US: Dell
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dae8f8c290fc6c39c97aa9195321c6c8473eb244
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dae8f8c290fc6c39c97aa9195321c6c8473eb244
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231218/41fa5870/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list