[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Jan 15 08:10:22 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6eb1486c by security tracker role at 2023-01-15T08:10:11+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2023-23596
+	RESERVED
+CVE-2023-23595 (BlueCat Device Registration Portal 2.2 allows XXE attacks that exfiltr ...)
+	TODO: check
+CVE-2023-23594
+	RESERVED
+CVE-2023-23593
+	RESERVED
+CVE-2023-23592
+	RESERVED
+CVE-2023-23591
+	RESERVED
+CVE-2023-0302 (Failure to Sanitize Special Elements into a Different Plane (Special E ...)
+	TODO: check
 CVE-2023-0301 (Cross-site Scripting (XSS) - Stored in GitHub repository alfio-event/a ...)
 	NOT-FOR-US: Alf.io
 CVE-2023-0300 (Cross-site Scripting (XSS) - Reflected in GitHub repository alfio-even ...)
@@ -36,8 +50,8 @@ CVE-2014-125078
 	RESERVED
 CVE-2014-125077
 	RESERVED
-CVE-2023-23590
-	RESERVED
+CVE-2023-23590 (Mercedes-Benz XENTRY Retail Data Storage 7.8.1 allows remote attackers ...)
+	TODO: check
 CVE-2023-0298 (Improper Authorization in GitHub repository firefly-iii/firefly-iii pr ...)
 	TODO: check
 CVE-2023-0297 (Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev ...)
@@ -52,8 +66,8 @@ CVE-2023-0293 (The Mediamatic – Media Library Folders plugin for WordPress
 	NOT-FOR-US: Mediamatic Media Library Folders plugin for WordPress
 CVE-2017-20169 (A vulnerability, which was classified as critical, has been found in G ...)
 	NOT-FOR-US: GGGGGGGG ToN-MasterServer
-CVE-2015-10043
-	RESERVED
+CVE-2015-10043 (A vulnerability, which was classified as critical, was found in abreen ...)
+	TODO: check
 CVE-2015-10042 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical ...)
 	NOT-FOR-US: Dovgalyuk AIBattle
 CVE-2015-10041 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical ...)
@@ -1816,8 +1830,8 @@ CVE-2023-0146
 	RESERVED
 CVE-2023-0145
 	RESERVED
-CVE-2017-20167
-	RESERVED
+CVE-2017-20167 (A vulnerability, which was classified as problematic, was found in Min ...)
+	TODO: check
 CVE-2016-15017 (A vulnerability has been found in fabarea media_upload and classified  ...)
 	NOT-FOR-US: fabarea media_upload
 CVE-2014-125073 (A vulnerability was found in mapoor voteapp. It has been rated as crit ...)
@@ -2210,8 +2224,8 @@ CVE-2015-10022 (A vulnerability was found in IISH nlgis2. It has been declared a
 	NOT-FOR-US: IISH nlgis2
 CVE-2015-10021 (A vulnerability was found in ritterim definely. It has been classified ...)
 	NOT-FOR-US: ritterim
-CVE-2015-10020
-	RESERVED
+CVE-2015-10020 (A vulnerability has been found in ssn2013 cis450Project and classified ...)
+	TODO: check
 CVE-2015-10019 (A vulnerability, which was classified as problematic, has been found i ...)
 	NOT-FOR-US: MySimplifiedSQL
 CVE-2014-125063 (A vulnerability was found in ada-l0velace Bid and classified as critic ...)
@@ -15244,12 +15258,14 @@ CVE-2022-44795 (An issue was discovered in Object First 1.0.7.712. A flaw was fo
 CVE-2022-44794 (An issue was discovered in Object First 1.0.7.712. Management protocol ...)
 	NOT-FOR-US: Object First
 CVE-2022-44793 (handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-S ...)
+	{DLA-3270-1}
 	- net-snmp 5.9.3+dfsg-2 (bug #1024020)
 	[bullseye] - net-snmp <no-dsa> (Minor issue)
 	NOTE: https://github.com/net-snmp/net-snmp/issues/475
 	NOTE: https://gist.github.com/menglong2234/d07a65b5028145c9f4e1d1db8c4c202f
 	NOTE: https://github.com/net-snmp/net-snmp/commit/be804106fd0771a7d05236cff36e199af077af57
 CVE-2022-44792 (handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP  ...)
+	{DLA-3270-1}
 	- net-snmp 5.9.3+dfsg-2 (bug #1024020)
 	[bullseye] - net-snmp <no-dsa> (Minor issue)
 	NOTE: https://github.com/net-snmp/net-snmp/issues/474



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6eb1486cbcedb1e1829e5cc0488e30b4c80acc43

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6eb1486cbcedb1e1829e5cc0488e30b4c80acc43
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230115/69d62001/attachment.htm>

More information about the debian-security-tracker-commits mailing list