[Git][security-tracker-team/security-tracker][master] automatic update

Sat Jun 24 09:12:27 BST 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a35ad6eb by security tracker role at 2023-06-24T08:12:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,31 @@
+CVE-2023-3388 (The Beautiful Cookie Consent Banner for WordPress is vulnerable to Sto ...)
+	TODO: check
+CVE-2023-3387 (The Lana Text to Image plugin for WordPress is vulnerable to Stored Cr ...)
+	TODO: check
+CVE-2023-3197 (The MStore API plugin for WordPress is vulnerable to Unauthenticated B ...)
+	TODO: check
+CVE-2023-35932 (jcvi is a Python library to facilitate genome assembly, annotation, an ...)
+	TODO: check
+CVE-2023-35928 (Nextcloud Server is a space for data storage on Nextcloud, a self-host ...)
+	TODO: check
+CVE-2023-35927 (NextCloud Server and NextCloud Enterprise Server provide file storage  ...)
+	TODO: check
+CVE-2023-35173 (Nextcloud End-to-end encryption app provides all the necessary APIs to ...)
+	TODO: check
+CVE-2023-35172 (NextCloud Server and NextCloud Enterprise Server provide file storage  ...)
+	TODO: check
+CVE-2023-35171 (NextCloud Server and NextCloud Enterprise Server provide file storage  ...)
+	TODO: check
+CVE-2023-35169 (PHP-IMAP is a wrapper for common IMAP communication without the need t ...)
+	TODO: check
+CVE-2023-35165 (AWS Cloud Development Kit (AWS CDK) is an open-source software develop ...)
+	TODO: check
+CVE-2023-35163 (Vega is a decentralized trading platform that allows pseudo-anonymous  ...)
+	TODO: check
+CVE-2023-35154 (Knowage is an open source analytics and business intelligence suite. S ...)
+	TODO: check
+CVE-2023-34254 (The GLPI Agent is a generic management agent. Prior to version 1.5, if ...)
+	TODO: check
 CVE-2023-3394 (Session Fixation in GitHub repository fossbilling/fossbilling prior to ...)
 	NOT-FOR-US: fossbilling
 CVE-2023-3393 (Code Injection in GitHub repository fossbilling/fossbilling prior to 0 ...)
@@ -11413,8 +11441,8 @@ CVE-2023-29094 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability i
 	NOT-FOR-US: WordPress plugin
 CVE-2023-29093
 	RESERVED
-CVE-2023-1783
-	RESERVED
+CVE-2023-1783 (OrangeScrum version 2.0.11 allows an external attacker to remotely obt ...)
+	TODO: check
 CVE-2023-1782 (HashiCorp Nomad and Nomad Enterprise versions 1.5.0 up to 1.5.2 allow  ...)
 	- nomad <not-affected> (Vulnerable code not present; Introduced in 1.5.0)
 	NOTE: https://discuss.hashicorp.com/t/hcsec-2023-13-nomad-unauthenticated-client-agent-http-request-privilege-escalation/52375
@@ -11657,14 +11685,14 @@ CVE-2023-1726 (Improper Neutralization of Input During Web Page Generation ('Cro
 	NOT-FOR-US: Proliz OBS
 CVE-2023-1725 (Server-Side Request Forgery (SSRF) vulnerability in Infoline Project M ...)
 	NOT-FOR-US: Infoline Project Management System
-CVE-2023-1724
-	RESERVED
+CVE-2023-1724 (Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent  ...)
+	TODO: check
 CVE-2023-1723 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
 	NOT-FOR-US: Veragroup Mobile Assistant
-CVE-2023-1722
-	RESERVED
-CVE-2023-1721
-	RESERVED
+CVE-2023-1722 (Yoga Class Registration System version 1.0 allows an administrator to  ...)
+	TODO: check
+CVE-2023-1721 (Yoga Class Registration System version 1.0 allows an administrator to  ...)
+	TODO: check
 CVE-2023-1720
 	RESERVED
 CVE-2023-1719



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a35ad6ebac49e17c533627e86334e7aa50229d4d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a35ad6ebac49e17c533627e86334e7aa50229d4d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230624/b55807a8/attachment.htm>
