[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Dec 18 08:12:15 GMT 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dae8f8c2 by security tracker role at 2023-12-18T08:12:01+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2023-6909 (Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prio ...)
+	TODO: check
+CVE-2023-6908 (A vulnerability, which was classified as problematic, was found in DFI ...)
+	TODO: check
+CVE-2023-6907 (A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2 ...)
+	TODO: check
+CVE-2023-6906 (A vulnerability, which was classified as critical, was found in Totoli ...)
+	TODO: check
+CVE-2023-6905 (A vulnerability, which was classified as problematic, has been found i ...)
+	TODO: check
+CVE-2023-6904 (A vulnerability classified as problematic was found in Jahastech NxFil ...)
+	TODO: check
+CVE-2023-6903 (A vulnerability classified as critical has been found in Netentsec NS- ...)
+	TODO: check
+CVE-2023-6483 (The vulnerability exists in ADiTaaS (Allied Digital Integrated Tool-as ...)
+	TODO: check
+CVE-2023-50981 (ModularSquareRoot in Crypto++ (aka cryptopp) through 8.9.0 allows atta ...)
+	TODO: check
+CVE-2023-50980 (gf2n.cpp in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to  ...)
+	TODO: check
+CVE-2023-50979 (Crypto++ (aka cryptopp) through 8.9.0 has a Marvin side channel during ...)
+	TODO: check
+CVE-2023-50976 (Redpanda before 23.1.21 and 23.2.x before 23.2.18 has missing authoriz ...)
+	TODO: check
 CVE-2023-6902 (A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2 ...)
 	NOT-FOR-US: Stupid Simple CMS
 CVE-2023-6901 (A vulnerability, which was classified as critical, was found in codely ...)
@@ -876,7 +900,7 @@ CVE-2023-3904 (An issue has been discovered in GitLab EE affecting all versions
 	- gitlab <not-affected> (Specific to EE)
 CVE-2023-3511 (An issue has been discovered in GitLab EE affecting all versions start ...)
 	- gitlab <not-affected> (Specific to EE)
-CVE-2023-3907
+CVE-2023-3907 (A privilege escalation vulnerability in GitLab EE affecting all versio ...)
 	- gitlab <not-affected> (Specific to EE)
 CVE-2023-5061 (An issue has been discovered in GitLab affecting all versions starting ...)
 	- gitlab <unfixed>
@@ -2950,11 +2974,11 @@ CVE-2023-48800 (In TOTOLINK X6000R_Firmware V9.4.0cu.852_B20230719, the shttpd f
 	NOT-FOR-US: TOTOLINK
 CVE-2023-48799 (TOTOLINK-X6000R Firmware-V9.4.0cu.852_B20230719 is vulnerable to Comma ...)
 	NOT-FOR-US: TOTOLINK
-CVE-2023-44306 (Dell DM5500 contains a path traversal vulnerability in PPOE Component. ...)
+CVE-2023-44306 (Dell DM5500 contains a path traversal vulnerability in the appliance.  ...)
 	NOT-FOR-US: Dell
 CVE-2023-44305 (Dell DM5500 5.14.0.0, contains a Stack-based Buffer Overflow Vulnerabi ...)
 	NOT-FOR-US: Dell
-CVE-2023-44304 (Dell DM5500 contains a privilege escalation vulnerability in PPOE Comp ...)
+CVE-2023-44304 (Dell DM5500 contains a privilege escalation vulnerability in the appli ...)
 	NOT-FOR-US: Dell
 CVE-2023-44302 (Dell DM5500 5.14.0.0 and prior contain an improper authentication vuln ...)
 	NOT-FOR-US: Dell



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dae8f8c290fc6c39c97aa9195321c6c8473eb244

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dae8f8c290fc6c39c97aa9195321c6c8473eb244
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231218/41fa5870/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list