[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Jan 7 08:10:40 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
75076f38 by security tracker role at 2023-01-07T08:10:16+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,109 @@
+CVE-2023-22837
+	RESERVED
+CVE-2023-22836
+	RESERVED
+CVE-2023-22835
+	RESERVED
+CVE-2023-22834
+	RESERVED
+CVE-2023-22833
+	RESERVED
+CVE-2023-22832
+	RESERVED
+CVE-2023-22831
+	RESERVED
+CVE-2023-22830
+	RESERVED
+CVE-2023-22829
+	RESERVED
+CVE-2023-22828
+	RESERVED
+CVE-2023-22827
+	RESERVED
+CVE-2023-22826
+	RESERVED
+CVE-2023-22825
+	RESERVED
+CVE-2023-22824
+	RESERVED
+CVE-2023-22823
+	RESERVED
+CVE-2023-22822
+	RESERVED
+CVE-2023-22821
+	RESERVED
+CVE-2023-22820
+	RESERVED
+CVE-2023-22819
+	RESERVED
+CVE-2023-22818
+	RESERVED
+CVE-2023-22817
+	RESERVED
+CVE-2023-22816
+	RESERVED
+CVE-2023-22815
+	RESERVED
+CVE-2023-22814
+	RESERVED
+CVE-2023-22813
+	RESERVED
+CVE-2023-22812
+	RESERVED
+CVE-2023-22811
+	RESERVED
+CVE-2023-22810
+	RESERVED
+CVE-2023-22809
+	RESERVED
+CVE-2023-22808
+	RESERVED
+CVE-2023-22663
+	RESERVED
+CVE-2023-22448
+	RESERVED
+CVE-2023-22445
+	RESERVED
+CVE-2023-22430
+	RESERVED
+CVE-2023-22355
+	RESERVED
+CVE-2023-22338
+	RESERVED
+CVE-2023-22337
+	RESERVED
+CVE-2023-22292
+	RESERVED
+CVE-2023-22290
+	RESERVED
+CVE-2023-22285
+	RESERVED
+CVE-2023-0112 (Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memo ...)
+	TODO: check
+CVE-2023-0111 (Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memo ...)
+	TODO: check
+CVE-2023-0110 (Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memo ...)
+	TODO: check
+CVE-2023-0109
+	RESERVED
+CVE-2023-0108 (Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memo ...)
+	TODO: check
+CVE-2023-0107 (Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memo ...)
+	TODO: check
+CVE-2023-0106 (Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memo ...)
+	TODO: check
+CVE-2023-0105
+	RESERVED
+CVE-2018-25068 (A vulnerability has been found in devent globalpom-utils up to 4.5.0 a ...)
+	TODO: check
+CVE-2018-25067 (A vulnerability, which was classified as critical, was found in JoomGa ...)
+	TODO: check
+CVE-2014-125053 (A vulnerability was found in Piwigo-Guest-Book up to 1.3.0. It has bee ...)
+	TODO: check
+CVE-2014-125052 (A vulnerability was found in JervenBolleman sparql-identifiers and cla ...)
+	TODO: check
+CVE-2013-10008 (A vulnerability was found in sheilazpy eShop. It has been classified a ...)
+	TODO: check
 CVE-2023-22807
 	RESERVED
 CVE-2023-22806
@@ -9517,12 +9623,12 @@ CVE-2022-45915 (ILIAS before 7.16 allows OS Command Injection. ...)
 	NOT-FOR-US: ILIAS
 CVE-2022-45914 (The ESL (Electronic Shelf Label) protocol, as implemented by (for exam ...)
 	NOT-FOR-US: ESL (Electronic Shelf Label) protocol
-CVE-2022-45913
-	RESERVED
+CVE-2022-45913 (An issue was discovered in Zimbra Collaboration (ZCS) 9.0. XSS can occ ...)
+	TODO: check
 CVE-2022-45912 (An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0.  ...)
 	NOT-FOR-US: Zimbra
-CVE-2022-45911
-	RESERVED
+CVE-2022-45911 (An issue was discovered in Zimbra Collaboration (ZCS) 9.0. XSS can occ ...)
+	TODO: check
 CVE-2022-4145
 	RESERVED
 	NOT-FOR-US: OpenShift
@@ -12510,8 +12616,8 @@ CVE-2022-44941
 	RESERVED
 CVE-2022-44940 (Patchelf v0.9 was discovered to contain an out-of-bounds read via the  ...)
 	TODO: check
-CVE-2022-44939
-	RESERVED
+CVE-2022-44939 (Efs Software Easy Chat Server Version 3.1 was discovered to contain a  ...)
+	TODO: check
 CVE-2022-44938 (Weak reset token generation in SeedDMS v6.0.20 and v5.1.7 allows attac ...)
 	NOT-FOR-US: SeedDMS
 CVE-2022-44937 (Bosscms v2.0.0 was discovered to contain a Cross-Site Request Forgery  ...)
@@ -23719,8 +23825,8 @@ CVE-2022-41629 (Delta Electronics InfraSuite Device Master versions 00.00.01a an
 	NOT-FOR-US: Delta Electronics
 CVE-2022-41627 (The physical IoT device of the AliveCor's KardiaMobile, a smartphone-b ...)
 	NOT-FOR-US: AliveCor
-CVE-2022-41613
-	RESERVED
+CVE-2022-41613 (Bentley Systems MicroStation Connect versions 10.17.0.209 and prior ar ...)
+	TODO: check
 CVE-2022-41607 (All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prio ...)
 	NOT-FOR-US: ETIC Telecom Remote Access Server (RAS)
 CVE-2022-41555 (The affected product DIAEnergie (versions prior to v1.9.01.002) is vul ...)
@@ -23739,8 +23845,8 @@ CVE-2022-40204 (A cross-site scripting (XSS) vulnerability exists in all current
 	NOT-FOR-US: Digital Alert Systems DASDEC software
 CVE-2022-40202 (The database backup function in Delta Electronics InfraSuite Device Ma ...)
 	NOT-FOR-US: Delta Electronics
-CVE-2022-40201
-	RESERVED
+CVE-2022-40201 (Bentley Systems MicroStation Connect versions 10.17.0.209 and prior ar ...)
+	TODO: check
 CVE-2022-40190 (SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflec ...)
 	NOT-FOR-US: SAUTER Controls moduWeb firmware
 CVE-2022-38355 (Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and pr ...)
@@ -38260,12 +38366,12 @@ CVE-2022-32575
 	RESERVED
 CVE-2022-2485 (Any attempt (good or bad) to log into AutomationDirect Stride Field I/ ...)
 	NOT-FOR-US: AutomationDirect
-CVE-2022-2484
-	RESERVED
-CVE-2022-2483
-	RESERVED
-CVE-2022-2482
-	RESERVED
+CVE-2022-2484 (The signature check in the Nokia ASIK AirScale system module version 4 ...)
+	TODO: check
+CVE-2022-2483 (The bootloader in the Nokia ASIK AirScale system module (versions 4740 ...)
+	TODO: check
+CVE-2022-2482 (A vulnerability exists in Nokia’s ASIK AirScale system module (v ...)
+	TODO: check
 CVE-2022-2481 (Use after free in Views in Google Chrome prior to 103.0.5060.134 allow ...)
 	{DSA-5187-1}
 	- chromium 103.0.5060.134-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75076f383db5da933315f220db3712e4429496b6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75076f383db5da933315f220db3712e4429496b6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230107/9581d4ac/attachment.htm>

More information about the debian-security-tracker-commits mailing list