[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
154f219e by security tracker role at 2023-01-15T20:10:22+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2023-0305 (A vulnerability classified as critical was found in SourceCodester Onl ...)
+	TODO: check
+CVE-2023-0304 (A vulnerability classified as critical has been found in SourceCodeste ...)
+	TODO: check
+CVE-2023-0303 (A vulnerability was found in SourceCodester Online Food Ordering Syste ...)
+	TODO: check
+CVE-2022-4890
+	RESERVED
+CVE-2021-4313
+	RESERVED
+CVE-2018-25076
+	RESERVED
+CVE-2016-15020
+	RESERVED
+CVE-2015-10057
+	RESERVED
+CVE-2015-10056
+	RESERVED
+CVE-2015-10055
+	RESERVED
+CVE-2015-10054
+	RESERVED
+CVE-2015-10053
+	RESERVED
+CVE-2014-125080
+	RESERVED
+CVE-2013-10012
+	RESERVED
+CVE-2010-10005
+	RESERVED
 CVE-2023-23596
 	RESERVED
 CVE-2023-23595 (BlueCat Device Registration Portal 2.2 allows XXE attacks that exfiltr ...)
@@ -18,38 +48,38 @@ CVE-2023-0300 (Cross-site Scripting (XSS) - Reflected in GitHub repository alfio
 	NOT-FOR-US: Alf.io
 CVE-2023-0299 (Improper Input Validation in GitHub repository publify/publify prior t ...)
 	NOT-FOR-US: Publify
-CVE-2022-4889
-	RESERVED
+CVE-2022-4889 (A vulnerability classified as critical was found in visegripped Strack ...)
+	TODO: check
 CVE-2018-25075
 	RESERVED
-CVE-2016-15019
-	RESERVED
-CVE-2016-15018
-	RESERVED
-CVE-2015-10052
-	RESERVED
-CVE-2015-10051
-	RESERVED
-CVE-2015-10050
-	RESERVED
-CVE-2015-10049
-	RESERVED
-CVE-2015-10048
-	RESERVED
-CVE-2015-10047
-	RESERVED
-CVE-2015-10046
-	RESERVED
-CVE-2015-10045
-	RESERVED
-CVE-2015-10044
-	RESERVED
-CVE-2014-125079
-	RESERVED
-CVE-2014-125078
-	RESERVED
-CVE-2014-125077
-	RESERVED
+CVE-2016-15019 (A vulnerability was found in tombh jekbox. It has been rated as proble ...)
+	TODO: check
+CVE-2016-15018 (A vulnerability was found in krail-jpa up to 0.9.1. It has been classi ...)
+	TODO: check
+CVE-2015-10052 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified  ...)
+	TODO: check
+CVE-2015-10051 (A vulnerability, which was classified as critical, has been found in b ...)
+	TODO: check
+CVE-2015-10050 (A vulnerability was found in brandonfire miRNA_Database_by_PHP_MySql.  ...)
+	TODO: check
+CVE-2015-10049 (A vulnerability was found in Overdrive Eletrônica course-builder  ...)
+	TODO: check
+CVE-2015-10048 (A vulnerability was found in bmattoso desafio_buzz_woody. It has been  ...)
+	TODO: check
+CVE-2015-10047 (A vulnerability was found in KYUUBl school-register. It has been class ...)
+	TODO: check
+CVE-2015-10046 (A vulnerability has been found in lolfeedback and classified as critic ...)
+	TODO: check
+CVE-2015-10045 (A vulnerability, which was classified as critical, was found in tutran ...)
+	TODO: check
+CVE-2015-10044 (A vulnerability classified as critical was found in gophergala sqldump ...)
+	TODO: check
+CVE-2014-125079 (A vulnerability was found in agy pontifex.http. It has been declared a ...)
+	TODO: check
+CVE-2014-125078 (A vulnerability was found in yanheven console and classified as proble ...)
+	TODO: check
+CVE-2014-125077 (A vulnerability, which was classified as critical, has been found in p ...)
+	TODO: check
 CVE-2023-23590 (Mercedes-Benz XENTRY Retail Data Storage 7.8.1 allows remote attackers ...)
 	TODO: check
 CVE-2023-0298 (Improper Authorization in GitHub repository firefly-iii/firefly-iii pr ...)
@@ -23085,6 +23115,7 @@ CVE-2022-42920 (Apache Commons BCEL has a number of APIs that would normally onl
 	NOTE: whereeas CVE-2022-42920 is associated with bcel itself.
 	TODO: check with the assigning CNAs which one to retain if confirmed to be handled as duplicate and move CVE-2022-34169 to Apache Xalan Java XSLT use of BCEL only.
 CVE-2022-3517 (A vulnerability was found in the minimatch package. This flaw allows a ...)
+	{DLA-3271-1}
 	- node-minimatch 3.0.5+~3.0.5-1
 	[bullseye] - node-minimatch 3.0.4+~3.0.3-1+deb11u1
 	NOTE: https://github.com/grafana/grafana-image-renderer/issues/329



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/154f219e3d79dadb21bf27e106371879107157a8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/154f219e3d79dadb21bf27e106371879107157a8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230115/b4e7db02/attachment.htm>