[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jun 28 21:12:50 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c4aea1e2 by security tracker role at 2023-06-28T20:12:38+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,47 @@
+CVE-2023-3450 (A vulnerability was found in Ruijie RG-BCR860 2.5.13 and classified as ...)
+ TODO: check
+CVE-2023-3449 (A vulnerability has been found in IBOS OA 4.5.5 and classified as crit ...)
+ TODO: check
+CVE-2023-3445 (Cross-site Scripting (XSS) - Stored in GitHub repository spinacms/spin ...)
+ TODO: check
+CVE-2023-3390 (A use-after-free vulnerability was found in the Linux kernel's netfilt ...)
+ TODO: check
+CVE-2023-3389 (A use-after-free vulnerability in the Linux Kernel io_uring subsystem ...)
+ TODO: check
+CVE-2023-3090 (A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan ne ...)
+ TODO: check
+CVE-2023-3034 (Reflected XSS affects the \u2018mode\u2019 parameter in the /admin fun ...)
+ TODO: check
+CVE-2023-36467 (AWS data.all is an open source development framework to help users bui ...)
+ TODO: check
+CVE-2023-34937 (A stack overflow in the UpdateSnat function of H3C Magic B1STV100R012 ...)
+ TODO: check
+CVE-2023-34936 (A stack overflow in the UpdateMacClone function of H3C Magic B1STV100R ...)
+ TODO: check
+CVE-2023-34935 (A stack overflow in the AddWlanMacList function of H3C Magic B1STV100R ...)
+ TODO: check
+CVE-2023-34934 (A stack overflow in the Edit_BasicSSID_5G function of H3C Magic B1STV1 ...)
+ TODO: check
+CVE-2023-34933 (A stack overflow in the UpdateWanParams function of H3C Magic B1STV100 ...)
+ TODO: check
+CVE-2023-34932 (A stack overflow in the UpdateWanMode function of H3C Magic B1STV100R0 ...)
+ TODO: check
+CVE-2023-34931 (A stack overflow in the EditWlanMacList function of H3C Magic B1STV100 ...)
+ TODO: check
+CVE-2023-34930 (A stack overflow in the EditMacList function of H3C Magic B1STV100R012 ...)
+ TODO: check
+CVE-2023-34929 (A stack overflow in the AddMacList function of H3C Magic B1STV100R012 ...)
+ TODO: check
+CVE-2023-34928 (A stack overflow in the Edit_BasicSSID function of H3C Magic B1STV100R ...)
+ TODO: check
+CVE-2023-34761 (An unauthenticated attacker within BLE proximity can remotely connect ...)
+ TODO: check
+CVE-2023-33592 (Lost and Found Information System v1.0 was discovered to contain a SQL ...)
+ TODO: check
+CVE-2023-33570 (Bagisto v1.5.1 is vulnerable to Server-Side Template Injection (SSTI).)
+ TODO: check
+CVE-2023-2625 (A vulnerability exists that can be exploited by an authenticated clien ...)
+ TODO: check
CVE-2023-3436 (Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is ...)
TODO: check
CVE-2023-3427 (The Salon Booking System plugin for WordPress is vulnerable to Cross-S ...)
@@ -197,12 +241,15 @@ CVE-2023-32521 (A path traversal exists in a specific service dll of Trend Micro
CVE-2023-3361
NOT-FOR-US: OpenShift Data
CVE-2023-3422 (Use after free in Guest View in Google Chrome prior to 114.0.5735.198 ...)
+ {DSA-5440-1}
- chromium 114.0.5735.198-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2023-3421 (Use after free in Media in Google Chrome prior to 114.0.5735.198 allow ...)
+ {DSA-5440-1}
- chromium 114.0.5735.198-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2023-3420 (Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed ...)
+ {DSA-5440-1}
- chromium 114.0.5735.198-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2023-3398 (Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3.)
@@ -8645,8 +8692,8 @@ CVE-2023-30261 (Command Injection vulnerability in OpenWB 1.6 and 1.7 allows rem
NOT-FOR-US: OpenWB
CVE-2023-30260 (Command injection vulnerability in RaspAP raspap-webgui 2.8.8 and earl ...)
NOT-FOR-US: RaspAP
-CVE-2023-30259
- RESERVED
+CVE-2023-30259 (A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 ...)
+ TODO: check
CVE-2023-30258 (Command Injection vulnerability in MagnusSolution magnusbilling 6.x an ...)
NOT-FOR-US: MagnusSolution magnusbilling
CVE-2023-30257 (A buffer overflow in the component /proc/ftxxxx-debug of FiiO M6 Build ...)
@@ -15777,8 +15824,8 @@ CVE-2023-1297 (Consul and Consul Enterprise's cluster peering implementation con
CVE-2023-1296 (HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.5.0 did not correct ...)
- nomad <not-affected> (Vulnerable code not present)
NOTE: https://discuss.hashicorp.com/t/hcsec-2023-09-nomad-acls-can-not-deny-access-to-workloads-own-variables/51390
-CVE-2023-1295
- RESERVED
+CVE-2023-1295 (A time-of-check to time-of-use issue exists in io_uring subsystem's IO ...)
+ TODO: check
CVE-2023-1294 (A vulnerability was found in SourceCodester File Tracker Manager Syste ...)
NOT-FOR-US: SourceCodester File Tracker Manager System
CVE-2023-1293 (A vulnerability was found in SourceCodester Online Graduate Tracer Sys ...)
@@ -16166,8 +16213,8 @@ CVE-2023-27868
RESERVED
CVE-2023-27867
RESERVED
-CVE-2023-27866
- RESERVED
+CVE-2023-27866 (IBM Informix JDBC Driver 4.10 and 4.50 is susceptible to remote code e ...)
+ TODO: check
CVE-2023-27865
RESERVED
CVE-2023-27864 (IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable to HTML ...)
@@ -19468,8 +19515,8 @@ CVE-2023-26617
RESERVED
CVE-2023-26616
RESERVED
-CVE-2023-26615
- RESERVED
+CVE-2023-26615 (D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerab ...)
+ TODO: check
CVE-2023-26614
RESERVED
CVE-2023-26613
@@ -45280,10 +45327,10 @@ CVE-2023-21239
RESERVED
CVE-2023-21238
RESERVED
-CVE-2023-21237
- RESERVED
-CVE-2023-21236
- RESERVED
+CVE-2023-21237 (In applyRemoteView of NotificationContentInflater.java, there is a pos ...)
+ TODO: check
+CVE-2023-21236 (In aoc_service_set_read_blocked of aoc.c, there is a possible out of b ...)
+ TODO: check
CVE-2023-21235
RESERVED
CVE-2023-21234
@@ -45302,22 +45349,22 @@ CVE-2023-21228
RESERVED
CVE-2023-21227
RESERVED
-CVE-2023-21226
- RESERVED
-CVE-2023-21225
- RESERVED
-CVE-2023-21224
- RESERVED
-CVE-2023-21223
- RESERVED
-CVE-2023-21222
- RESERVED
+CVE-2023-21226 (In SAEMM_RetrieveTaiList of SAEMM_ContextManagement.c, there is a poss ...)
+ TODO: check
+CVE-2023-21225 (there is a possible way to bypass the protected confirmation screen du ...)
+ TODO: check
+CVE-2023-21224 (In ss_ProcessReturnResultComponent of ss_MmConManagement.c, there is a ...)
+ TODO: check
+CVE-2023-21223 (In LPP_ConvertGNSS_DataBitAssistance of LPP_CommonUtil.c, there is a p ...)
+ TODO: check
+CVE-2023-21222 (In load_dt_data of storage.c, there is a possible out of bounds write ...)
+ TODO: check
CVE-2023-21221
RESERVED
-CVE-2023-21220
- RESERVED
-CVE-2023-21219
- RESERVED
+CVE-2023-21220 (there is a possible use of unencrypted transport over cellular network ...)
+ TODO: check
+CVE-2023-21219 (there is a possible use of unencrypted transport over cellular network ...)
+ TODO: check
CVE-2023-21218
RESERVED
CVE-2023-21217
@@ -45326,102 +45373,102 @@ CVE-2023-21216
RESERVED
CVE-2023-21215
RESERVED
-CVE-2023-21214
- RESERVED
-CVE-2023-21213
- RESERVED
-CVE-2023-21212
- RESERVED
-CVE-2023-21211
- RESERVED
-CVE-2023-21210
- RESERVED
-CVE-2023-21209
- RESERVED
-CVE-2023-21208
- RESERVED
-CVE-2023-21207
- RESERVED
-CVE-2023-21206
- RESERVED
-CVE-2023-21205
- RESERVED
-CVE-2023-21204
- RESERVED
-CVE-2023-21203
- RESERVED
-CVE-2023-21202
- RESERVED
-CVE-2023-21201
- RESERVED
-CVE-2023-21200
- RESERVED
-CVE-2023-21199
- RESERVED
-CVE-2023-21198
- RESERVED
-CVE-2023-21197
- RESERVED
-CVE-2023-21196
- RESERVED
-CVE-2023-21195
- RESERVED
-CVE-2023-21194
- RESERVED
-CVE-2023-21193
- RESERVED
-CVE-2023-21192
- RESERVED
-CVE-2023-21191
- RESERVED
-CVE-2023-21190
- RESERVED
-CVE-2023-21189
- RESERVED
-CVE-2023-21188
- RESERVED
-CVE-2023-21187
- RESERVED
-CVE-2023-21186
- RESERVED
-CVE-2023-21185
- RESERVED
-CVE-2023-21184
- RESERVED
-CVE-2023-21183
- RESERVED
-CVE-2023-21182
- RESERVED
-CVE-2023-21181
- RESERVED
-CVE-2023-21180
- RESERVED
-CVE-2023-21179
- RESERVED
-CVE-2023-21178
- RESERVED
-CVE-2023-21177
- RESERVED
-CVE-2023-21176
- RESERVED
-CVE-2023-21175
- RESERVED
-CVE-2023-21174
- RESERVED
-CVE-2023-21173
- RESERVED
-CVE-2023-21172
- RESERVED
-CVE-2023-21171
- RESERVED
-CVE-2023-21170
- RESERVED
-CVE-2023-21169
- RESERVED
-CVE-2023-21168
- RESERVED
-CVE-2023-21167
- RESERVED
+CVE-2023-21214 (In addGroupWithConfigInternal of p2p_iface.cpp, there is a possible ou ...)
+ TODO: check
+CVE-2023-21213 (In initiateTdlsTeardownInternal of sta_iface.cpp, there is a possible ...)
+ TODO: check
+CVE-2023-21212 (In multiple files, there is a possible out of bounds read due to a mis ...)
+ TODO: check
+CVE-2023-21211 (In multiple files, there is a possible out of bounds read due to a hea ...)
+ TODO: check
+CVE-2023-21210 (In initiateHs20IconQueryInternal of sta_iface.cpp, there is a possible ...)
+ TODO: check
+CVE-2023-21209 (In multiple functions of sta_iface.cpp, there is a possible out of bou ...)
+ TODO: check
+CVE-2023-21208 (In setCountryCodeInternal of sta_iface.cpp, there is a possible out of ...)
+ TODO: check
+CVE-2023-21207 (In initiateTdlsSetupInternal of sta_iface.cpp, there is a possible out ...)
+ TODO: check
+CVE-2023-21206 (In initiateVenueUrlAnqpQueryInternal of sta_iface.cpp, there is a poss ...)
+ TODO: check
+CVE-2023-21205 (In startWpsPinDisplayInternal of sta_iface.cpp, there is a possible ou ...)
+ TODO: check
+CVE-2023-21204 (In multiple files, there is a possible out of bounds read due to a mis ...)
+ TODO: check
+CVE-2023-21203 (In startWpsPbcInternal of sta_iface.cpp, there is a possible out of bo ...)
+ TODO: check
+CVE-2023-21202 (In btm_delete_stored_link_key_complete of btm_devctl.cc, there is a po ...)
+ TODO: check
+CVE-2023-21201 (In on_create_record_event of btif_sdp_server.cc, there is a possible o ...)
+ TODO: check
+CVE-2023-21200 (In on_remove_iso_data_path of btm_iso_impl.h, there is a possible out ...)
+ TODO: check
+CVE-2023-21199 (In btu_ble_proc_ltk_req of btu_hcif.cc, there is a possible out of bou ...)
+ TODO: check
+CVE-2023-21198 (In remove_sdp_record of btif_sdp_server.cc, there is a possible out of ...)
+ TODO: check
+CVE-2023-21197 (In btm_acl_process_sca_cmpl_pkt of btm_acl.cc, there is a possible out ...)
+ TODO: check
+CVE-2023-21196 (In btm_ble_batchscan_filter_track_adv_vse_cback of btm_ble_batchscan.c ...)
+ TODO: check
+CVE-2023-21195 (In btm_ble_periodic_adv_sync_tx_rcvd of btm_ble_gap.cc, there is a pos ...)
+ TODO: check
+CVE-2023-21194 (In gatt_dbg_op_name of gatt_utils.cc, there is a possible out of bound ...)
+ TODO: check
+CVE-2023-21193 (In VideoFrame of VideoFrame.h, there is a possible abort due to an int ...)
+ TODO: check
+CVE-2023-21192 (In setInputMethodWithSubtypeIdLocked of InputMethodManagerService.java ...)
+ TODO: check
+CVE-2023-21191 (In fixNotification of NotificationManagerService.java, there is a poss ...)
+ TODO: check
+CVE-2023-21190 (In btm_acl_encrypt_change of btm_acl.cc, there is a possible way for a ...)
+ TODO: check
+CVE-2023-21189 (In startLockTaskMode of LockTaskController.java, there is a possible b ...)
+ TODO: check
+CVE-2023-21188 (In btm_ble_update_inq_result of btm_ble_gap.cc, there is a possible ou ...)
+ TODO: check
+CVE-2023-21187 (In onCreate of UsbAccessoryUriActivity.java, there is a possible way t ...)
+ TODO: check
+CVE-2023-21186 (In LogResponse of Dns.cpp, there is a possible out of bounds read due ...)
+ TODO: check
+CVE-2023-21185 (In multiple functions of WifiNetworkFactory.java, there is a missing p ...)
+ TODO: check
+CVE-2023-21184 (In getCurrentPrivilegedPackagesForAllUsers of CarrierPrivilegesTracker ...)
+ TODO: check
+CVE-2023-21183 (In ForegroundUtils of ForegroundUtils.java, there is a possible way to ...)
+ TODO: check
+CVE-2023-21182 (In Exynos_parsing_user_data_registered_itu_t_t35 of VendorVideoAPI.cpp ...)
+ TODO: check
+CVE-2023-21181 (In btm_ble_update_inq_result of btm_ble_gap.cc, there is a possible ou ...)
+ TODO: check
+CVE-2023-21180 (In xmlParseTryOrFinish of parser.c, there is a possible out of bounds ...)
+ TODO: check
+CVE-2023-21179 (In parseSecurityParamsFromXml of XmlUtil.java, there is a possible byp ...)
+ TODO: check
+CVE-2023-21178 (In installKey of KeyUtil.cpp, there is a possible failure of file encr ...)
+ TODO: check
+CVE-2023-21177 (In requestAppKeyboardShortcuts of WindowManagerService.java, there is ...)
+ TODO: check
+CVE-2023-21176 (In list_key_entries of utils.rs, there is a possible way to disable us ...)
+ TODO: check
+CVE-2023-21175 (In onCreate of DataUsageSummary.java, there is a possible method for a ...)
+ TODO: check
+CVE-2023-21174 (In isPageSearchEnabled of BillingCycleSettings.java, there is a possib ...)
+ TODO: check
+CVE-2023-21173 (In multiple methods of DataUsageList.java, there is a possible way to ...)
+ TODO: check
+CVE-2023-21172 (In multiple functions of WifiCallingSettings.java, there is a possible ...)
+ TODO: check
+CVE-2023-21171 (In verifyInputEvent of InputDispatcher.cpp, there is a possible way to ...)
+ TODO: check
+CVE-2023-21170 (In executeSetClientTarget of ComposerCommandEngine.h, there is a possi ...)
+ TODO: check
+CVE-2023-21169 (In inviteInternal of p2p_iface.cpp, there is a possible out of bounds ...)
+ TODO: check
+CVE-2023-21168 (In convertCbYCrY of ColorConverter.cpp, there is a possible out of bou ...)
+ TODO: check
+CVE-2023-21167 (In setProfileName of DevicePolicyManagerService.java, there is a possi ...)
+ TODO: check
CVE-2023-21166
RESERVED
CVE-2023-21165
@@ -45432,38 +45479,38 @@ CVE-2023-21163
RESERVED
CVE-2023-21162
RESERVED
-CVE-2023-21161
- RESERVED
-CVE-2023-21160
- RESERVED
-CVE-2023-21159
- RESERVED
-CVE-2023-21158
- RESERVED
-CVE-2023-21157
- RESERVED
-CVE-2023-21156
- RESERVED
-CVE-2023-21155
- RESERVED
-CVE-2023-21154
- RESERVED
-CVE-2023-21153
- RESERVED
-CVE-2023-21152
- RESERVED
-CVE-2023-21151
- RESERVED
-CVE-2023-21150
- RESERVED
-CVE-2023-21149
- RESERVED
-CVE-2023-21148
- RESERVED
-CVE-2023-21147
- RESERVED
-CVE-2023-21146
- RESERVED
+CVE-2023-21161 (In Parse of simdata.cpp, there is a possible out of bounds write due t ...)
+ TODO: check
+CVE-2023-21160 (In BuildSetTcsFci of protocolmiscbuilder.cpp, there is a possible out ...)
+ TODO: check
+CVE-2023-21159 (In Parse of simdata.cpp, there is a possible out of bounds write due t ...)
+ TODO: check
+CVE-2023-21158 (In encode of miscdata.cpp, there is a possible out of bounds read due ...)
+ TODO: check
+CVE-2023-21157 (In encode of wlandata.cpp, there is a possible out of bounds write due ...)
+ TODO: check
+CVE-2023-21156 (In BuildGetRadioNode of protocolmiscbulider.cpp, there is a possible o ...)
+ TODO: check
+CVE-2023-21155 (In BuildSetRadioNode of protocolmiscbuilder.cpp, there is a possible o ...)
+ TODO: check
+CVE-2023-21154 (In StoreAdbSerialNumber of protocolmiscbuilder.cpp, there is a possibl ...)
+ TODO: check
+CVE-2023-21153 (In Do_AIMS_SET_CALL_WAITING of imsservice.cpp, there is a possible out ...)
+ TODO: check
+CVE-2023-21152 (In FaceStatsAnalyzer::InterpolateWeightList of face_stats_analyzer.cc, ...)
+ TODO: check
+CVE-2023-21151 (In the Google BMS kernel module, there is a possible out of bounds wri ...)
+ TODO: check
+CVE-2023-21150 (In handle_set_parameters_ctrl of hal_socket.c, there is a possible out ...)
+ TODO: check
+CVE-2023-21149 (In registerGsmaServiceIntentReceiver of ShannonRcsService.java, there ...)
+ TODO: check
+CVE-2023-21148 (In BuildSetConfig of protocolimsbuilder.cpp, there is a possible out o ...)
+ TODO: check
+CVE-2023-21147 (In lwis_i2c_device_disable of lwis_device_i2c.c, there is a possible U ...)
+ TODO: check
+CVE-2023-21146 (there is a possible way to corrupt memory due to a use after free. Thi ...)
+ TODO: check
CVE-2023-21145
RESERVED
CVE-2023-21144 (In doInBackground of NotificationContentInflater.java, there is a poss ...)
@@ -45630,8 +45677,8 @@ CVE-2023-21068 (In (TBD) of (TBD), there is a possible way to boot with a hidden
NOT-FOR-US: Android
CVE-2023-21067 (Product: AndroidVersions: Android kernelAndroid ID: A-254114726Referen ...)
NOT-FOR-US: Android
-CVE-2023-21066
- RESERVED
+CVE-2023-21066 (In cd_CodeMsg of cd_codec.c, there is a possible out of bounds write d ...)
+ TODO: check
CVE-2023-21065 (In fdt_next_tag of fdt.c, there is a possible out of bounds write due ...)
NOT-FOR-US: Android
CVE-2023-21064 (In DoSetPinControl of miscservice.cpp, there is a possible out of boun ...)
@@ -45700,7 +45747,7 @@ CVE-2023-21033 (In addNetwork of WifiManager.java, there is a possible way to tr
NOT-FOR-US: Android
CVE-2023-21032 (In _ufdt_output_node_to_fdt of ufdt_convert.c, there is a possible out ...)
NOT-FOR-US: Android
-CVE-2023-21031 (In Display::setPowerMode of HWC2.cpp, there is a possible out of bound ...)
+CVE-2023-21031 (In setPowerMode of HWC2.cpp, there is a possible out of bounds read du ...)
NOT-FOR-US: Android
CVE-2023-21030 (In Confirmation of keystore_cli_v2.cpp, there is a possible way to cor ...)
NOT-FOR-US: Android
@@ -45708,7 +45755,7 @@ CVE-2023-21029 (In register of UidObserverController.java, there is a missing pe
NOT-FOR-US: Android
CVE-2023-21028 (In parse_printerAttributes of ipphelper.c, there is a possible out of ...)
NOT-FOR-US: Android
-CVE-2023-21027 (In serializePasspointConfiguration of PasspointXmlUtils.java, there is ...)
+CVE-2023-21027 (In multiple functions of PasspointXmlUtils.java, there is a possible a ...)
NOT-FOR-US: Android
CVE-2023-21026 (In updateInputChannel of WindowManagerService.java, there is a possibl ...)
NOT-FOR-US: Android
@@ -45782,7 +45829,7 @@ CVE-2023-20992 (In on_iso_link_quality_read of btm_iso_impl.h, there is a possib
NOT-FOR-US: Android
CVE-2023-20991 (In btm_ble_process_periodic_adv_sync_lost_evt of ble_scanner_hci_inter ...)
NOT-FOR-US: Android
-CVE-2023-20990 (In btm_read_local_oob_complete of btm_sec.cc, there is a possible out ...)
+CVE-2023-20990 (In btm_ble_rand_enc_complete of btm_ble.cc, there is a possible out of ...)
NOT-FOR-US: Android
CVE-2023-20989 (In btm_ble_write_adv_enable_complete of btm_ble_gap.cc, there is a pos ...)
NOT-FOR-US: Android
@@ -45790,13 +45837,13 @@ CVE-2023-20988 (In btm_read_rssi_complete of btm_acl.cc, there is a possible out
NOT-FOR-US: Android
CVE-2023-20987 (In btm_read_link_quality_complete of btm_acl.cc, there is a possible o ...)
NOT-FOR-US: Android
-CVE-2023-20986 (In btm_ble_clear_resolving_list_complete of btm_ble_privacy.cc, there ...)
+CVE-2023-20986 (In btm_ble_clear_resolving_list_completecomplete of btm_ble_privacy.cc ...)
NOT-FOR-US: Android
CVE-2023-20985 (In BTA_GATTS_HandleValueIndication of bta_gatts_api.cc, there is a pos ...)
NOT-FOR-US: Android
CVE-2023-20984 (In ParseBqrLinkQualityEvt of btif_bqr.cc, there is a possible out of b ...)
NOT-FOR-US: Android
-CVE-2023-20983 (In btm_ble_rand_enc_complete of btm_sec.cc, there is a possible out of ...)
+CVE-2023-20983 (In btm_ble_rand_enc_complete of btm_ble.cc, there is a possible out of ...)
NOT-FOR-US: Android
CVE-2023-20982 (In btm_read_tx_power_complete of btm_acl.cc, there is a possible out o ...)
NOT-FOR-US: Android
@@ -45804,7 +45851,7 @@ CVE-2023-20981 (In btu_ble_rc_param_req_evt of btu_hcif.cc, there is a possible
NOT-FOR-US: Android
CVE-2023-20980 (In btu_ble_ll_conn_param_upd_evt of btu_hcif.cc, there is a possible o ...)
NOT-FOR-US: Android
-CVE-2023-20979 (In BtaAvCo::GetNextSourceDataPacket of bta_av_co.cc, there is a possib ...)
+CVE-2023-20979 (In GetNextSourceDataPacket of bta_av_co.cc, there is a possible out of ...)
NOT-FOR-US: Android
CVE-2023-20978
RESERVED
@@ -45826,7 +45873,7 @@ CVE-2023-20970 (In multiple locations of p2p_iface.cpp, there is a possible out
NOT-FOR-US: Android
CVE-2023-20969 (In multiple locations of p2p_iface.cpp, there is a possible out of bou ...)
NOT-FOR-US: Android
-CVE-2023-20968 (In multiple locations of p2p_iface.cpp, there is a possible out of bou ...)
+CVE-2023-20968 (In multiple functions of p2p_iface.cpp, there is a possible out of bou ...)
NOT-FOR-US: Android
CVE-2023-20967 (In avdt_scb_hdl_pkt_no_frag of avdt_scb_act.cc, there is a possible ou ...)
NOT-FOR-US: Android
@@ -47209,8 +47256,8 @@ CVE-2022-44278 (Sanitization Management System v1.0 is vulnerable to SQL Injecti
NOT-FOR-US: Sanitization Management System
CVE-2022-44277 (Sanitization Management System v1.0 is vulnerable to SQL Injection via ...)
NOT-FOR-US: Sanitization Management System
-CVE-2022-44276
- RESERVED
+CVE-2022-44276 (In Responsive Filemanager < 9.12.0, an attacker can bypass upload rest ...)
+ TODO: check
CVE-2022-44275
RESERVED
CVE-2022-44274
@@ -49241,8 +49288,8 @@ CVE-2023-20201
RESERVED
CVE-2023-20200
RESERVED
-CVE-2023-20199
- RESERVED
+CVE-2023-20199 (A vulnerability in Cisco Duo Two-Factor Authentication for macOS could ...)
+ TODO: check
CVE-2023-20198
RESERVED
CVE-2023-20197
@@ -49255,16 +49302,16 @@ CVE-2023-20194
RESERVED
CVE-2023-20193
RESERVED
-CVE-2023-20192
- RESERVED
+CVE-2023-20192 (Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePres ...)
+ TODO: check
CVE-2023-20191
RESERVED
CVE-2023-20190
RESERVED
CVE-2023-20189 (Multiple vulnerabilities in the web-based user interface of certain Ci ...)
NOT-FOR-US: Cisco
-CVE-2023-20188
- RESERVED
+CVE-2023-20188 (A vulnerability in the web-based management interface of Cisco Small B ...)
+ TODO: check
CVE-2023-20187
RESERVED
CVE-2023-20186
@@ -49283,8 +49330,8 @@ CVE-2023-20180
RESERVED
CVE-2023-20179
RESERVED
-CVE-2023-20178
- RESERVED
+CVE-2023-20178 (A vulnerability in the client update process of Cisco AnyConnect Secur ...)
+ TODO: check
CVE-2023-20177
RESERVED
CVE-2023-20176
@@ -49367,8 +49414,8 @@ CVE-2023-20138 (Multiple vulnerabilities in the web-based management interface o
NOT-FOR-US: Cisco
CVE-2023-20137 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
NOT-FOR-US: Cisco
-CVE-2023-20136
- RESERVED
+CVE-2023-20136 (A vulnerability in the OpenAPI of Cisco Secure Workload could allow an ...)
+ TODO: check
CVE-2023-20135
RESERVED
CVE-2023-20134 (Multiple vulnerabilities in the web interface of Cisco Webex Meetings ...)
@@ -49399,16 +49446,16 @@ CVE-2023-20122 (Multiple vulnerabilities in the restricted shell of Cisco Evolve
NOT-FOR-US: Cisco
CVE-2023-20121 (Multiple vulnerabilities in the restricted shell of Cisco Evolved Prog ...)
NOT-FOR-US: Cisco
-CVE-2023-20120
- RESERVED
-CVE-2023-20119
- RESERVED
+CVE-2023-20120 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2023-20119 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
CVE-2023-20118 (A vulnerability in the web-based management interface of Cisco Small B ...)
NOT-FOR-US: Cisco
CVE-2023-20117 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
NOT-FOR-US: Cisco
-CVE-2023-20116
- RESERVED
+CVE-2023-20116 (A vulnerability in the Administrative XML Web Service (AXL) API of Cis ...)
+ TODO: check
CVE-2023-20115
RESERVED
CVE-2023-20114
@@ -49423,14 +49470,14 @@ CVE-2023-20110 (A vulnerability in the web-based management interface of Cisco S
NOT-FOR-US: Cisco
CVE-2023-20109
RESERVED
-CVE-2023-20108
- RESERVED
+CVE-2023-20108 (A vulnerability in the XCP Authentication Service of the Cisco Unified ...)
+ TODO: check
CVE-2023-20107 (A vulnerability in the deterministic random bit generator (DRBG), also ...)
NOT-FOR-US: Cisco
CVE-2023-20106 (Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could ...)
NOT-FOR-US: Cisco
-CVE-2023-20105
- RESERVED
+CVE-2023-20105 (Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePres ...)
+ TODO: check
CVE-2023-20104 (A vulnerability in the file upload functionality of Cisco Webex App fo ...)
NOT-FOR-US: Cisco
CVE-2023-20103 (A vulnerability in Cisco Secure Network Analytics could allow an authe ...)
@@ -49590,8 +49637,8 @@ CVE-2023-20030 (A vulnerability in the web-based management interface of Cisco I
NOT-FOR-US: Cisco
CVE-2023-20029 (A vulnerability in the Meraki onboarding feature of Cisco IOS XE Softw ...)
NOT-FOR-US: Cisco
-CVE-2023-20028
- RESERVED
+CVE-2023-20028 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
CVE-2023-20027 (A vulnerability in the implementation of the IPv4 Virtual Fragmentatio ...)
NOT-FOR-US: Cisco
CVE-2023-20026 (A vulnerability in the web-based management interface of Cisco Small B ...)
@@ -49634,8 +49681,8 @@ CVE-2023-20008 (A vulnerability in the CLI of Cisco TelePresence CE and RoomOS S
NOT-FOR-US: Cisco
CVE-2023-20007 (A vulnerability in the web-based management interface of Cisco Small B ...)
NOT-FOR-US: Cisco
-CVE-2023-20006
- RESERVED
+CVE-2023-20006 (A vulnerability in the hardware-based SSL/TLS cryptography functionali ...)
+ TODO: check
CVE-2023-20005
RESERVED
CVE-2023-20004
@@ -127177,8 +127224,7 @@ CVE-2022-20445 (In process_service_search_rsp of sdp_discovery.cc, there is a po
NOT-FOR-US: Android
CVE-2022-20444
REJECTED
-CVE-2022-20443
- RESERVED
+CVE-2022-20443 (In hasInputInfo of Layer.cpp, there is a possible bypass of user inter ...)
NOT-FOR-US: Android
CVE-2022-20442 (In onCreate of ReviewPermissionsActivity.java, there is a possible way ...)
NOT-FOR-US: Android
@@ -154976,8 +155022,8 @@ CVE-2021-31939 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31938 (Microsoft VsCode Kubernetes Tools Extension Elevation of Privilege Vul ...)
NOT-FOR-US: Microsoft
-CVE-2021-31937
- RESERVED
+CVE-2021-31937 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability)
+ TODO: check
CVE-2021-31936 (Microsoft Accessibility Insights for Web Information Disclosure Vulner ...)
NOT-FOR-US: Microsoft
CVE-2021-31935 (OX App Suite 7.10.4 and earlier allows XSS via a crafted distribution ...)
@@ -171026,10 +171072,10 @@ CVE-2021-25830 (A file extension handling issue was found in [core] module of ON
NOT-FOR-US: ONLYOFFICE DocumentServer
CVE-2021-25829 (An improper binary stream data handling issue was found in the [core] ...)
NOT-FOR-US: ONLYOFFICE DocumentServer
-CVE-2021-25828
- RESERVED
-CVE-2021-25827
- RESERVED
+CVE-2021-25828 (Emby Server versions < 4.6.0.50 is vulnerable to Cross Site Scripting ...)
+ TODO: check
+CVE-2021-25827 (Emby Server < 4.7.12.0 is vulnerable to a login bypass attack by setti ...)
+ TODO: check
CVE-2021-25826
RESERVED
CVE-2021-25825
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c4aea1e2e90045688afd10d27e285b56ead0005f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c4aea1e2e90045688afd10d27e285b56ead0005f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230628/6f6db81a/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list