[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jan 25 20:10:46 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e3f5a46d by security tracker role at 2023-01-25T20:10:27+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,69 @@
+CVE-2023-24530
+ RESERVED
+CVE-2023-24529
+ RESERVED
+CVE-2023-24528
+ RESERVED
+CVE-2023-24527
+ RESERVED
+CVE-2023-24526
+ RESERVED
+CVE-2023-24525
+ RESERVED
+CVE-2023-24524
+ RESERVED
+CVE-2023-24523
+ RESERVED
+CVE-2023-24522
+ RESERVED
+CVE-2023-24521
+ RESERVED
+CVE-2023-24520
+ RESERVED
+CVE-2023-24519
+ RESERVED
+CVE-2023-24518
+ RESERVED
+CVE-2023-24517
+ RESERVED
+CVE-2023-24516
+ RESERVED
+CVE-2023-24515
+ RESERVED
+CVE-2023-24514
+ RESERVED
+CVE-2023-23546
+ RESERVED
+CVE-2023-0507
+ RESERVED
+CVE-2023-0506
+ RESERVED
+CVE-2023-0505
+ RESERVED
+CVE-2023-0504
+ RESERVED
+CVE-2023-0503
+ RESERVED
+CVE-2023-0502
+ RESERVED
+CVE-2023-0501
+ RESERVED
+CVE-2023-0500
+ RESERVED
+CVE-2023-0499
+ RESERVED
+CVE-2023-0498
+ RESERVED
+CVE-2023-0497
+ RESERVED
+CVE-2023-0496
+ RESERVED
+CVE-2023-0495
+ RESERVED
+CVE-2023-0494
+ RESERVED
+CVE-2022-4897
+ RESERVED
CVE-2023-24513
RESERVED
CVE-2023-24512
@@ -8,7 +74,7 @@ CVE-2023-24510
RESERVED
CVE-2023-24509
RESERVED
-CVE-2023-24508 (Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with ...)
+CVE-2023-24508 (Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB and Nova 246 ...)
TODO: check
CVE-2023-24507
RESERVED
@@ -3649,8 +3715,8 @@ CVE-2023-23153
RESERVED
CVE-2023-23152
RESERVED
-CVE-2023-23151
- RESERVED
+CVE-2023-23151 (bloofoxCMS v0.5.2.1 was discovered to contain an arbitrary file deleti ...)
+ TODO: check
CVE-2023-23150
RESERVED
CVE-2023-23149
@@ -6066,8 +6132,8 @@ CVE-2023-22484 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and re
TODO: check
CVE-2023-22483 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ...)
TODO: check
-CVE-2023-22482
- RESERVED
+CVE-2023-22482 (Argo CD is a declarative, GitOps continuous delivery tool for Kubernet ...)
+ TODO: check
CVE-2023-22481
RESERVED
CVE-2023-22480 (KubeOperator is an open source Kubernetes distribution focused on help ...)
@@ -7878,8 +7944,8 @@ CVE-2022-47769
RESERVED
CVE-2022-47768
RESERVED
-CVE-2022-47767
- RESERVED
+CVE-2022-47767 (A backdoor in Solar-Log Gateway products allows remote access via web ...)
+ TODO: check
CVE-2022-47766 (PopojiCMS v2.0.1 backend plugin function has a file upload vulnerabili ...)
NOT-FOR-US: PopojiCMS
CVE-2022-47765
@@ -9928,8 +9994,8 @@ CVE-2022-4512
RESERVED
CVE-2022-4511 (A vulnerability has been found in RainyGao DocSys and classified as cr ...)
NOT-FOR-US: RainyGao DocSys
-CVE-2022-4510
- RESERVED
+CVE-2022-4510 (A path traversal vulnerability was identified in ReFirm Labs binwalk f ...)
+ TODO: check
CVE-2022-4509 (The Content Control WordPress plugin before 1.1.10 does not validate a ...)
NOT-FOR-US: WordPress plugin
CVE-2022-43494 (An unauthorized user could be able to read any file on the system, pot ...)
@@ -11253,10 +11319,10 @@ CVE-2022-47001
RESERVED
CVE-2022-47000
RESERVED
-CVE-2022-46999
- RESERVED
-CVE-2022-46998
- RESERVED
+CVE-2022-46999 (Tuzicms v2.0.6 was discovered to contain a SQL injection vulnerability ...)
+ TODO: check
+CVE-2022-46998 (An issue in the website background of taocms v3.0.2 allows attackers t ...)
+ TODO: check
CVE-2022-46997 (Passhunt commit 54eb987d30ead2b8ebbf1f0b880aa14249323867 was discovere ...)
NOT-FOR-US: Passhunt
CVE-2022-46996 (vSphere_selfuse commit 2a9fe074a64f6a0dd8ac02f21e2f10d66cac5749 was di ...)
@@ -22955,8 +23021,8 @@ CVE-2022-43919
RESERVED
CVE-2022-43918
RESERVED
-CVE-2022-43917
- RESERVED
+CVE-2022-43917 (IBM WebSphere Application Server 8.5 and 9.0 traditional container use ...)
+ TODO: check
CVE-2022-43916
RESERVED
CVE-2022-43915
@@ -23061,8 +23127,8 @@ CVE-2022-43866
RESERVED
CVE-2022-43865
RESERVED
-CVE-2022-43864
- RESERVED
+CVE-2022-43864 (IBM Business Automation Workflow 22.0.2 could allow a remote attacker ...)
+ TODO: check
CVE-2022-43863
RESERVED
CVE-2022-43862
@@ -36595,8 +36661,8 @@ CVE-2022-38760
RESERVED
CVE-2022-38759
RESERVED
-CVE-2022-38758
- RESERVED
+CVE-2022-38758 (Cross-site Scripting (XSS) vulnerability in NetIQ iManager prior to ve ...)
+ TODO: check
CVE-2022-38757 (A vulnerability has been identified in Micro Focus ZENworks 2020 Updat ...)
NOT-FOR-US: Micro Focus
CVE-2022-38756 (A vulnerability has been identified in Micro Focus GroupWise Web in ve ...)
@@ -48845,8 +48911,8 @@ CVE-2022-34407
RESERVED
CVE-2022-34406
RESERVED
-CVE-2022-34405
- RESERVED
+CVE-2022-34405 (An improper access control vulnerability was identified in the Realtek ...)
+ TODO: check
CVE-2022-34404
RESERVED
CVE-2022-34403
@@ -85136,8 +85202,8 @@ CVE-2022-22464 (IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2
NOT-FOR-US: IBM
CVE-2022-22463 (IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, an ...)
NOT-FOR-US: IBM
-CVE-2022-22462
- RESERVED
+CVE-2022-22462 (IBM Security Verify Governance, Identity Manager virtual appliance com ...)
+ TODO: check
CVE-2022-22461 (IBM Security Verify Governance, Identity Manager 10.0.1 uses weaker th ...)
NOT-FOR-US: IBM
CVE-2022-22460 (IBM Security Verify Identity Manager 10.0 contains sensitive informati ...)
@@ -184534,36 +184600,43 @@ CVE-2020-21608
CVE-2020-21607
RESERVED
CVE-2020-21606 (libde265 v1.0.4 contains a heap buffer overflow fault in the put_epel_ ...)
+ {DLA-3240-1}
- libde265 1.0.9-1 (bug #1014999)
[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/232
CVE-2020-21605 (libde265 v1.0.4 contains a segmentation fault in the apply_sao_interna ...)
+ {DLA-3240-1}
- libde265 1.0.9-1 (bug #1014999)
[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/234
CVE-2020-21604 (libde265 v1.0.4 contains a heap buffer overflow fault in the _mm_loadl ...)
+ {DLA-3240-1}
- libde265 1.0.9-1 (bug #1014999)
[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/231
CVE-2020-21603 (libde265 v1.0.4 contains a heap buffer overflow in the put_qpel_0_0_fa ...)
+ {DLA-3240-1}
- libde265 1.0.9-1 (bug #1014999)
[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/240
CVE-2020-21602 (libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bi ...)
+ {DLA-3240-1}
- libde265 1.0.9-1 (bug #1004963)
[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/242
CVE-2020-21601 (libde265 v1.0.4 contains a stack buffer overflow in the put_qpel_fallb ...)
+ {DLA-3240-1}
- libde265 1.0.9-1 (bug #1014999)
[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/241
CVE-2020-21600 (libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_pr ...)
+ {DLA-3240-1}
- libde265 1.0.9-1 (bug #1004963)
[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
@@ -184576,13 +184649,13 @@ CVE-2020-21599 (libde265 v1.0.4 contains a heap buffer overflow in the de265_ima
NOTE: https://github.com/strukturag/libde265/issues/235
NOTE: https://github.com/strukturag/libde265/commit/a3f1c6a0dea2b0d4a531255ad06ed40cdb184d25 (v1.0.9)
CVE-2020-21598 (libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unw ...)
- {DLA-3280-1}
+ {DLA-3280-1 DLA-3240-1}
- libde265 1.0.9-1 (bug #1004963)
[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/237
CVE-2020-21597 (libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma funct ...)
- {DLA-3280-1}
+ {DLA-3280-1 DLA-3240-1}
- libde265 1.0.9-1 (bug #1014999)
[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
@@ -184594,6 +184667,7 @@ CVE-2020-21596 (libde265 v1.0.4 contains a global buffer overflow in the decode_
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/236
CVE-2020-21595 (libde265 v1.0.4 contains a heap buffer overflow in the mc_luma functio ...)
+ {DLA-3240-1}
- libde265 1.0.9-1 (bug #1014999)
[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3f5a46d981f71737f2beca6ef14387dce9d67d6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3f5a46d981f71737f2beca6ef14387dce9d67d6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230125/bfeba4f8/attachment.htm>
More information about the debian-security-tracker-commits
mailing list