[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jun 13 09:12:31 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cd7541e9 by security tracker role at 2023-06-13T08:12:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2023-33991 (SAP UI5 Variant Management - versions SAP_UI 750, SAP_UI 754, SAP_UI 7 ...)
+	TODO: check
+CVE-2023-33986 (SAP CRM ABAP (Grantor Management) - versions 700, 701, 702, 712, 713,  ...)
+	TODO: check
+CVE-2023-33985 (SAP NetWeaver Enterprise Portal - version 7.50, does not sufficiently  ...)
+	TODO: check
+CVE-2023-33984 (SAP NetWeaver (Design Time Repository) - version 7.50, returns an unfa ...)
+	TODO: check
+CVE-2023-32674 (Certain versions of HP PC Hardware Diagnostics Windows are potentially ...)
+	TODO: check
+CVE-2023-32673 (Certain versions of HP PC Hardware Diagnostics Windows, HP Image Assis ...)
+	TODO: check
+CVE-2023-32221 (EaseUS Todo Backup version 20220111.390 - An omission during installat ...)
+	TODO: check
+CVE-2023-32220 (Milesight NCR/camera version 71.8.0.6-r5 allows authentication bypass  ...)
+	TODO: check
+CVE-2023-32219 (A Mazda model (2015-2016) can be unlocked via an unspecified method.)
+	TODO: check
+CVE-2023-32115 (An attacker can exploit MDS COMPARE TOOL and use specially crafted inp ...)
+	TODO: check
+CVE-2023-32114 (SAP NetWeaver (Change and Transport System) - versions 702, 731, 740,  ...)
+	TODO: check
+CVE-2023-2876 (Sensitive Cookie Without 'HttpOnly' Flag vulnerability in ABB REX640 P ...)
+	TODO: check
+CVE-2023-2827 (SAP Plant Connectivity - version 15.5 (PCo) or the Production Connecto ...)
+	TODO: check
+CVE-2023-2729 (Use of insufficiently random values vulnerability in User Management F ...)
+	TODO: check
+CVE-2023-2673 (Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUAR ...)
+	TODO: check
+CVE-2023-2563 (The WordPress Contact Forms by Cimatti plugin for WordPress is vulnera ...)
+	TODO: check
+CVE-2023-2351 (The WP Directory Kit plugin for WordPress is vulnerable to unauthorize ...)
+	TODO: check
 CVE-2023-3212 [gfs2: Don't deref jdesc in evict]
 	- linux 6.3.7-1
 	NOTE: https://git.kernel.org/linus/504a10d9e46bc37b23d0a1ae2f28973c8516e636 (6.4-rc2)
@@ -1454,7 +1488,7 @@ CVE-2023-2961 (A segmentation fault flaw was found in the Advancecomp package. T
 	NOTE: Crash in CLI tool, no security impact
 CVE-2023-2808 (Mattermost fails to normalize UTF confusable characters when determini ...)
 	- mattermost-server <itp> (bug #823556)
-CVE-2023-2518 (The Easy Forms for Mailchimp WordPress plugin through 6.8.8 does not s ...)
+CVE-2023-2518 (The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sa ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-2470 (The Add to Feedly WordPress plugin through 1.2.11 does not sanitize an ...)
 	NOT-FOR-US: WordPress plugin
@@ -3946,10 +3980,10 @@ CVE-2023-2280 (The WP Directory Kit plugin for WordPress is vulnerable to unauth
 	NOT-FOR-US: WordPress plugin
 CVE-2023-2279
 	RESERVED
-CVE-2023-2278
-	RESERVED
-CVE-2023-2277
-	RESERVED
+CVE-2023-2278 (The WP Directory Kit plugin for WordPress is vulnerable to Local File  ...)
+	TODO: check
+CVE-2023-2277 (The WP Directory Kit plugin for WordPress is vulnerable to Cross-Site  ...)
+	TODO: check
 CVE-2023-2276 (The WCFM Membership \u2013 WooCommerce Memberships for Multivendor Mar ...)
 	NOT-FOR-US: WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress
 CVE-2023-2275 (The WooCommerce Multivendor Marketplace \u2013 REST API plugin for Wor ...)
@@ -13808,7 +13842,7 @@ CVE-2023-1325 (The Easy Forms for Mailchimp WordPress plugin before 6.8.7 does n
 	NOT-FOR-US: WordPress plugin
 CVE-2023-1324 (The Easy Forms for Mailchimp WordPress plugin before 6.8.8 does not sa ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2023-1323 (The Easy Forms for Mailchimp WordPress plugin through 6.8.8 does not s ...)
+CVE-2023-1323 (The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sa ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-1322 (A vulnerability was found in lmxcms 1.41 and classified as critical. A ...)
 	NOT-FOR-US: lmxcms
@@ -14859,8 +14893,8 @@ CVE-2023-27718 (D-Link DIR878 1.30B08 was discovered to contain a stack overflow
 	NOT-FOR-US: D-Link
 CVE-2023-27717
 	RESERVED
-CVE-2023-27716
-	RESERVED
+CVE-2023-27716 (An issue was discovered in freakchicken kafkaUI-lite 1.2.11 allows att ...)
+	TODO: check
 CVE-2023-27715
 	RESERVED
 CVE-2023-27714
@@ -18599,16 +18633,16 @@ CVE-2023-26300
 	RESERVED
 CVE-2023-26299
 	RESERVED
-CVE-2023-26298
-	RESERVED
-CVE-2023-26297
-	RESERVED
-CVE-2023-26296
-	RESERVED
-CVE-2023-26295
-	RESERVED
-CVE-2023-26294
-	RESERVED
+CVE-2023-26298 (Previous versions of HP Device Manager (prior to HPDM 5.0.10) could po ...)
+	TODO: check
+CVE-2023-26297 (Previous versions of HP Device Manager (prior to HPDM 5.0.10) could po ...)
+	TODO: check
+CVE-2023-26296 (Previous versions of HP Device Manager (prior to HPDM 5.0.10) could po ...)
+	TODO: check
+CVE-2023-26295 (Previous versions of HP Device Manager (prior to HPDM 5.0.10) could po ...)
+	TODO: check
+CVE-2023-26294 (Previous versions of HP Device Manager (prior to HPDM 5.0.10) could po ...)
+	TODO: check
 CVE-2023-0947 (Path Traversal in GitHub repository flatpressblog/flatpress prior to 1 ...)
 	NOT-FOR-US: flatpressblog
 CVE-2023-0946 (A vulnerability has been found in SourceCodester Best POS Management S ...)
@@ -29013,8 +29047,8 @@ CVE-2023-0144 (The Event Manager and Tickets Selling Plugin for WooCommerce Word
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0143 (The Send PDF for Contact Form 7 WordPress plugin before 0.9.9.2 does n ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2023-0142
-	RESERVED
+CVE-2023-0142 (Uncontrolled search path element vulnerability in Backup Management Fu ...)
+	TODO: check
 CVE-2023-0141 (Insufficient policy enforcement in CORS in Google Chrome prior to 109. ...)
 	{DSA-5317-1}
 	- chromium 109.0.5414.74-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd7541e9727daa91a3ea8d6c578a06568b13530e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd7541e9727daa91a3ea8d6c578a06568b13530e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230613/08ad71d6/attachment.htm>

More information about the debian-security-tracker-commits mailing list