[Git][security-tracker-team/security-tracker][master] automatic update

Mon Jul 31 09:12:28 BST 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4ae91f99 by security tracker role at 2023-07-31T08:12:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2023-4007 (Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpm ...)
+	TODO: check
+CVE-2023-4006 (Improper Neutralization of Formula Elements in a CSV File in GitHub re ...)
+	TODO: check
+CVE-2023-4005 (Insufficient Session Expiration in GitHub repository fossbilling/fossb ...)
+	TODO: check
+CVE-2023-35019 (IBM Security Verify Governance, Identity Manager 10.0 could allow a re ...)
+	TODO: check
+CVE-2023-35016 (IBM Security Verify Governance, Identity Manager 10.0 could allow a re ...)
+	TODO: check
+CVE-2023-34360 (A stored cross-site scripting (XSS) issue was discovered within the Cu ...)
+	TODO: check
+CVE-2023-34359 (ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition.  ...)
+	TODO: check
+CVE-2023-34358 (ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition.  ...)
+	TODO: check
 CVE-2023-4004
 	- linux <unfixed>
 	[buster] - linux <not-affected> (Vulnerable code not present)
@@ -2687,7 +2703,7 @@ CVE-2023-31405 (SAP NetWeaver AS for Java - versions ENGINEAPI 7.50, SERVERCORE
 CVE-2023-3605 (A vulnerability was found in PHPGurukul Online Shopping Portal 1.0. It ...)
 	NOT-FOR-US: PHPGurukul Online Shopping Portal
 CVE-2023-3417 (Thunderbird allowed the Text Direction Override Unicode Character in f ...)
-	{DSA-5463-1}
+	{DSA-5463-1 DLA-3510-1}
 	- thunderbird 1:102.13.1-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-27/#CVE-2023-3417
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-28/#CVE-2023-3417
@@ -28745,8 +28761,8 @@ CVE-2023-24973
 	RESERVED
 CVE-2023-24972
 	RESERVED
-CVE-2023-24971
-	RESERVED
+CVE-2023-24971 (IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integ ...)
+	TODO: check
 CVE-2023-24970
 	RESERVED
 CVE-2023-24969
@@ -36356,8 +36372,8 @@ CVE-2023-22597 (InHand Networks InRouter 302, prior to version IR302 V3.5.56, an
 	NOT-FOR-US: InHand Networks InRouter
 CVE-2023-22596
 	RESERVED
-CVE-2023-22595
-	RESERVED
+CVE-2023-22595 (IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integ ...)
+	TODO: check
 CVE-2023-22594 (IBM Robotic Process Automation for Cloud Pak 20.12.0 through 21.0.4 is ...)
 	NOT-FOR-US: IBM
 CVE-2023-22593 (IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 a ...)
@@ -54232,8 +54248,8 @@ CVE-2022-43833
 	RESERVED
 CVE-2022-43832
 	RESERVED
-CVE-2022-43831
-	RESERVED
+CVE-2022-43831 (IBM Storage Scale Container Native Storage Access 5.1.2.1 through 5.1. ...)
+	TODO: check
 CVE-2022-43830
 	REJECTED
 CVE-2022-43829
@@ -259701,8 +259717,8 @@ CVE-2020-4870 (IBM MQ 9.2 CD and LTS are vulnerable to a denial of service attac
 	NOT-FOR-US: IBM
 CVE-2020-4869 (IBM MQ Appliance 9.2 CD and 9.2 LTS is vulnerable to a denial of servi ...)
 	NOT-FOR-US: IBM
-CVE-2020-4868
-	RESERVED
+CVE-2020-4868 (IBM TRIRIGA 3.0, 4.0, and 4.4 could allow a remote attacker to obtain  ...)
+	TODO: check
 CVE-2020-4867
 	RESERVED
 CVE-2020-4866 (IBM Engineering products are vulnerable to cross-site scripting. This  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ae91f99ab742884140af91860e4465198189508

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ae91f99ab742884140af91860e4465198189508
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230731/6151aed8/attachment.htm>
