[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Mar 8 08:10:33 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
33c51249 by security tracker role at 2023-03-08T08:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,59 @@
+CVE-2023-27915
+ RESERVED
+CVE-2023-27914
+ RESERVED
+CVE-2023-27913
+ RESERVED
+CVE-2023-27912
+ RESERVED
+CVE-2023-27911
+ RESERVED
+CVE-2023-27910
+ RESERVED
+CVE-2023-27909
+ RESERVED
+CVE-2023-27908
+ RESERVED
+CVE-2023-27907
+ RESERVED
+CVE-2023-27906
+ RESERVED
+CVE-2023-27884
+ RESERVED
+CVE-2023-27879
+ RESERVED
+CVE-2023-27519
+ RESERVED
+CVE-2023-27502
+ RESERVED
+CVE-2023-27306
+ RESERVED
+CVE-2023-27305
+ RESERVED
+CVE-2023-25952
+ RESERVED
+CVE-2023-24588
+ RESERVED
+CVE-2023-24587
+ RESERVED
+CVE-2023-22434
+ RESERVED
+CVE-2023-1266
+ RESERVED
+CVE-2023-1265
+ RESERVED
+CVE-2023-1264 (NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.139 ...)
+ TODO: check
+CVE-2023-1263 (The CMP – Coming Soon & Maintenance plugin for WordPress is ...)
+ TODO: check
+CVE-2023-1262
+ RESERVED
+CVE-2023-1261
+ RESERVED
+CVE-2023-1260
+ RESERVED
+CVE-2023-1259
+ RESERVED
CVE-2023-27905
RESERVED
CVE-2023-27904
@@ -153,100 +209,76 @@ CVE-2023-1238 (Cross-site Scripting (XSS) - Stored in GitHub repository answerde
NOT-FOR-US: Answer
CVE-2023-1237 (Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/ans ...)
NOT-FOR-US: Answer
-CVE-2023-1236
- RESERVED
+CVE-2023-1236 (Inappropriate implementation in Internals in Google Chrome prior to 11 ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1235
- RESERVED
+CVE-2023-1235 (Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 all ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1234
- RESERVED
+CVE-2023-1234 (Inappropriate implementation in Intents in Google Chrome on Android pr ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1233
- RESERVED
+CVE-2023-1233 (Insufficient policy enforcement in Resource Timing in Google Chrome pr ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1232
- RESERVED
+CVE-2023-1232 (Insufficient policy enforcement in Resource Timing in Google Chrome pr ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1231
- RESERVED
+CVE-2023-1231 (Inappropriate implementation in Autofill in Google Chrome on Android p ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1230
- RESERVED
+CVE-2023-1230 (Inappropriate implementation in WebApp Installs in Google Chrome on An ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1229
- RESERVED
+CVE-2023-1229 (Inappropriate implementation in Permission prompts in Google Chrome pr ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1228
- RESERVED
+CVE-2023-1228 (Insufficient policy enforcement in Intents in Google Chrome on Android ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1227
- RESERVED
+CVE-2023-1227 (Use after free in Core in Google Chrome on Lacros prior to 111.0.5563. ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1226
- RESERVED
+CVE-2023-1226 (Insufficient policy enforcement in Web Payments API in Google Chrome p ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1225
- RESERVED
+CVE-2023-1225 (Insufficient policy enforcement in Navigation in Google Chrome on iOS ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1224
- RESERVED
+CVE-2023-1224 (Insufficient policy enforcement in Web Payments API in Google Chrome p ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1223
- RESERVED
+CVE-2023-1223 (Insufficient policy enforcement in Autofill in Google Chrome on Androi ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1222
- RESERVED
+CVE-2023-1222 (Heap buffer overflow in Web Audio API in Google Chrome prior to 111.0. ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1221
- RESERVED
+CVE-2023-1221 (Insufficient policy enforcement in Extensions API in Google Chrome pri ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1220
- RESERVED
+CVE-2023-1220 (Heap buffer overflow in UMA in Google Chrome prior to 111.0.5563.64 al ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1219
- RESERVED
+CVE-2023-1219 (Heap buffer overflow in Metrics in Google Chrome prior to 111.0.5563.6 ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1218
- RESERVED
+CVE-2023-1218 (Use after free in WebRTC in Google Chrome prior to 111.0.5563.64 allow ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1217
- RESERVED
+CVE-2023-1217 (Stack buffer overflow in Crash reporting in Google Chrome on Windows p ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1216
- RESERVED
+CVE-2023-1216 (Use after free in DevTools in Google Chrome prior to 111.0.5563.64 all ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1215
- RESERVED
+CVE-2023-1215 (Type confusion in CSS in Google Chrome prior to 111.0.5563.64 allowed ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1214
- RESERVED
+CVE-2023-1214 (Type confusion in V8 in Google Chrome prior to 111.0.5563.64 allowed a ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1213
- RESERVED
+CVE-2023-1213 (Use after free in Swiftshader in Google Chrome prior to 111.0.5563.64 ...)
- chromium 111.0.5563.64-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2023-1212 (Cross-site Scripting (XSS) - Stored in GitHub repository phpipam/phpip ...)
@@ -1238,20 +1270,20 @@ CVE-2023-27487
RESERVED
CVE-2023-27486
RESERVED
-CVE-2023-27485
- RESERVED
+CVE-2023-27485 (thmmniii/fbs-core is an open source feedback system for students. In v ...)
+ TODO: check
CVE-2023-27484
RESERVED
CVE-2023-27483
RESERVED
CVE-2023-27482
RESERVED
-CVE-2023-27481
- RESERVED
-CVE-2023-27480
- RESERVED
-CVE-2023-27479
- RESERVED
+CVE-2023-27481 (Directus is a real-time API and App dashboard for managing SQL databas ...)
+ TODO: check
+CVE-2023-27480 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+ TODO: check
+CVE-2023-27479 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+ TODO: check
CVE-2023-27478 (libmemcached-awesome is an open source C/C++ client library and tools ...)
- libmemcached 1.1.4-1 (bug #1032479)
[bullseye] - libmemcached <not-affected> (Vulnerable code introduced later)
@@ -1260,8 +1292,8 @@ CVE-2023-27478 (libmemcached-awesome is an open source C/C++ client library and
NOTE: Fixed by: https://github.com/awesomized/libmemcached/commit/48dcc61a4919f6f3d5ee164630a843f2d8b8ade9 (1.1.4)
CVE-2023-27477
RESERVED
-CVE-2023-27476
- RESERVED
+CVE-2023-27476 (OWSLib is a Python package for client programming with Open Geospatial ...)
+ TODO: check
CVE-2023-27475 (Goutil is a collection of miscellaneous functionality for the go langu ...)
TODO: check
CVE-2023-27474 (Directus is a real-time API and App dashboard for managing SQL databas ...)
@@ -2794,8 +2826,8 @@ CVE-2023-26825
RESERVED
CVE-2023-26824
RESERVED
-CVE-2023-26823
- RESERVED
+CVE-2023-26823 (An arbitrary file upload vulnerability in the /admin/template.php comp ...)
+ TODO: check
CVE-2023-26822
RESERVED
CVE-2023-26821
@@ -3555,8 +3587,8 @@ CVE-2023-1005 (A vulnerability was found in JP1016 Markdown-Electron and classif
NOT-FOR-US: JP1016 Markdown-Electron
CVE-2023-1004 (A vulnerability has been found in MarkText up to 0.17.1 and classified ...)
NOT-FOR-US: MarkText
-CVE-2023-1003
- RESERVED
+CVE-2023-1003 (A vulnerability, which was classified as critical, was found in Typora ...)
+ TODO: check
CVE-2023-1002 (A vulnerability, which was classified as problematic, has been found i ...)
NOT-FOR-US: MuYuCMS
CVE-2023-1001
@@ -7553,18 +7585,18 @@ CVE-2023-25150 (Nextcloud office/richdocuments is an office suit for the nextclo
NOT-FOR-US: Nextcloud office/richdocuments
CVE-2023-25149 (TimescaleDB, an open-source time-series SQL database, has a privilege ...)
NOT-FOR-US: Timescale TimescaleDB
-CVE-2023-25148
- RESERVED
-CVE-2023-25147
- RESERVED
-CVE-2023-25146
- RESERVED
-CVE-2023-25145
- RESERVED
-CVE-2023-25144
- RESERVED
-CVE-2023-25143
- RESERVED
+CVE-2023-25148 (A security agent link following vulnerability in Trend Micro Apex One ...)
+ TODO: check
+CVE-2023-25147 (An issue in the Trend Micro Apex One agent could allow an attacker who ...)
+ TODO: check
+CVE-2023-25146 (A security agent link following vulnerability in the Trend Micro Apex ...)
+ TODO: check
+CVE-2023-25145 (A link following vulnerability in the scanning function of Trend Micro ...)
+ TODO: check
+CVE-2023-25144 (An improper access control vulnerability in the Trend Micro Apex One a ...)
+ TODO: check
+CVE-2023-25143 (An uncontrolled search path element vulnerability in the Trend Micro A ...)
+ TODO: check
CVE-2023-25142
RESERVED
CVE-2023-25141 (Apache Sling JCR Base < 3.1.12 has a critical injection vulnerabili ...)
@@ -8544,8 +8576,8 @@ CVE-2023-24782
RESERVED
CVE-2023-24781 (Funadmin v3.2.0 was discovered to contain a SQL injection vulnerabilit ...)
TODO: check
-CVE-2023-24780
- RESERVED
+CVE-2023-24780 (Funadmin v3.2.0 was discovered to contain a SQL injection vulnerabilit ...)
+ TODO: check
CVE-2023-24779
RESERVED
CVE-2023-24778
@@ -8811,8 +8843,8 @@ CVE-2023-24659
RESERVED
CVE-2023-24658
RESERVED
-CVE-2023-24657
- RESERVED
+CVE-2023-24657 (phpipam v1.6 was discovered to contain a reflected cross-site scriptin ...)
+ TODO: check
CVE-2023-24656 (Simple Customer Relationship Management System v1.0 was discovered to ...)
NOT-FOR-US: Simple Customer Relationship Management System
CVE-2023-24655
@@ -14838,10 +14870,10 @@ CVE-2023-0093 (Okta Advanced Server Access Client versions 1.13.1 through 1.65.0
NOT-FOR-US: Okta Advanced Server Access Client
CVE-2023-0092
RESERVED
-CVE-2023-0090
- RESERVED
-CVE-2023-0089
- RESERVED
+CVE-2023-0090 (The webservices in Proofpoint Enterprise Protection (PPS/POD) contain ...)
+ TODO: check
+CVE-2023-0089 (The webutils in Proofpoint Enterprise Protection (PPS/POD) contain a v ...)
+ TODO: check
CVE-2022-48228
RESERVED
CVE-2022-48227
@@ -17776,7 +17808,7 @@ CVE-2022-47650
RESERVED
CVE-2022-47649
RESERVED
-CVE-2022-47648 (Bosch Security Systems B420 firmware 02.02.0001 employs IP based autho ...)
+CVE-2022-47648 (** UNSUPPORTED WHEN ASSIGNED ** Bosch Security Systems B420 firmware 0 ...)
NOT-FOR-US: Bosch Security Systems B420 firmware
CVE-2022-47647
RESERVED
@@ -31148,70 +31180,70 @@ CVE-2023-20653
RESERVED
CVE-2023-20652
RESERVED
-CVE-2023-20651
- RESERVED
-CVE-2023-20650
- RESERVED
-CVE-2023-20649
- RESERVED
-CVE-2023-20648
- RESERVED
-CVE-2023-20647
- RESERVED
-CVE-2023-20646
- RESERVED
-CVE-2023-20645
- RESERVED
-CVE-2023-20644
- RESERVED
-CVE-2023-20643
- RESERVED
-CVE-2023-20642
- RESERVED
-CVE-2023-20641
- RESERVED
-CVE-2023-20640
- RESERVED
-CVE-2023-20639
- RESERVED
-CVE-2023-20638
- RESERVED
-CVE-2023-20637
- RESERVED
-CVE-2023-20636
- RESERVED
-CVE-2023-20635
- RESERVED
-CVE-2023-20634
- RESERVED
-CVE-2023-20633
- RESERVED
-CVE-2023-20632
- RESERVED
+CVE-2023-20651 (In apu, there is a possible out of bounds read due to a missing bounds ...)
+ TODO: check
+CVE-2023-20650 (In apu, there is a possible out of bounds write due to a missing bound ...)
+ TODO: check
+CVE-2023-20649 (In ril, there is a possible out of bounds read due to a missing bounds ...)
+ TODO: check
+CVE-2023-20648 (In ril, there is a possible out of bounds read due to a missing bounds ...)
+ TODO: check
+CVE-2023-20647 (In ril, there is a possible out of bounds read due to a missing bounds ...)
+ TODO: check
+CVE-2023-20646 (In ril, there is a possible out of bounds read due to a missing bounds ...)
+ TODO: check
+CVE-2023-20645 (In ril, there is a possible out of bounds read due to a missing bounds ...)
+ TODO: check
+CVE-2023-20644 (In ril, there is a possible out of bounds read due to a missing bounds ...)
+ TODO: check
+CVE-2023-20643 (In ril, there is a possible out of bounds write due to a missing bound ...)
+ TODO: check
+CVE-2023-20642 (In ril, there is a possible out of bounds write due to a missing bound ...)
+ TODO: check
+CVE-2023-20641 (In ril, there is a possible out of bounds write due to a missing bound ...)
+ TODO: check
+CVE-2023-20640 (In ril, there is a possible out of bounds write due to a missing bound ...)
+ TODO: check
+CVE-2023-20639 (In ril, there is a possible out of bounds write due to a missing bound ...)
+ TODO: check
+CVE-2023-20638 (In ril, there is a possible out of bounds write due to a missing bound ...)
+ TODO: check
+CVE-2023-20637 (In ril, there is a possible out of bounds write due to a missing bound ...)
+ TODO: check
+CVE-2023-20636 (In display drm, there is a possible out of bounds write due to a missi ...)
+ TODO: check
+CVE-2023-20635 (In keyinstall, there is a possible information disclosure due to an in ...)
+ TODO: check
+CVE-2023-20634 (In widevine, there is a possible out of bounds write due to improper i ...)
+ TODO: check
+CVE-2023-20633 (In usb, there is a possible out of bounds write due to a missing bound ...)
+ TODO: check
+CVE-2023-20632 (In usb, there is a possible out of bounds write due to a missing bound ...)
+ TODO: check
CVE-2023-20631
RESERVED
-CVE-2023-20630
- RESERVED
+CVE-2023-20630 (In usb, there is a possible out of bounds write due to a missing bound ...)
+ TODO: check
CVE-2023-20629
RESERVED
-CVE-2023-20628
- RESERVED
-CVE-2023-20627
- RESERVED
-CVE-2023-20626
- RESERVED
-CVE-2023-20625
- RESERVED
-CVE-2023-20624
- RESERVED
-CVE-2023-20623
- RESERVED
+CVE-2023-20628 (In thermal, there is a possible memory corruption due to an uncaught e ...)
+ TODO: check
+CVE-2023-20627 (In pqframework, there is a possible out of bounds write due to a missi ...)
+ TODO: check
+CVE-2023-20626 (In msdc, there is a possible out of bounds write due to an incorrect b ...)
+ TODO: check
+CVE-2023-20625 (In adsp, there is a possible double free due to a race condition. This ...)
+ TODO: check
+CVE-2023-20624 (In vow, there is a possible out of bounds write due to an incorrect bo ...)
+ TODO: check
+CVE-2023-20623 (In ion, there is a possible escalation of privilege due to improper lo ...)
+ TODO: check
CVE-2023-20622
RESERVED
-CVE-2023-20621
- RESERVED
-CVE-2023-20620
- RESERVED
+CVE-2023-20621 (In tinysys, there is a possible out of bounds write due to a missing b ...)
+ TODO: check
+CVE-2023-20620 (In adsp, there is a possible escalation of privilege due to a logic er ...)
+ TODO: check
CVE-2023-20619 (In vcu, there is a possible memory corruption due to improper locking. ...)
NOT-FOR-US: MediaTek
CVE-2023-20618 (In vcu, there is a possible memory corruption due to improper locking. ...)
@@ -81510,50 +81542,50 @@ CVE-2022-26427 (In camera isp, there is a possible out of bounds write due to a
NOT-FOR-US: MediaTek driver for Android
CVE-2022-26426 (In camera isp, there is a possible out of bounds write due to a missin ...)
NOT-FOR-US: MediaTek driver for Android
-CVE-2022-26418
- RESERVED
-CVE-2022-26416
- RESERVED
+CVE-2022-26418 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
+CVE-2022-26416 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
CVE-2022-26414 (A potential buffer overflow vulnerability was identified in some inter ...)
NOT-FOR-US: Zyxel
CVE-2022-26413 (A command injection vulnerability in the CGI program of Zyxel VMG3312- ...)
NOT-FOR-US: Zyxel
CVE-2022-26348 (Command Centre Server is vulnerable to SQL Injection via Windows Regis ...)
NOT-FOR-US: gallagher
-CVE-2022-26347
- RESERVED
-CVE-2022-26339
- RESERVED
-CVE-2022-26123
- RESERVED
-CVE-2022-26087
- RESERVED
+CVE-2022-26347 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
+CVE-2022-26339 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
+CVE-2022-26123 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
+CVE-2022-26087 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
CVE-2022-26078 (Gallagher Controller 6000 is vulnerable to a Denial of Service attack ...)
NOT-FOR-US: Gallagher
-CVE-2022-26058
- RESERVED
-CVE-2022-26055
- RESERVED
-CVE-2022-26053
- RESERVED
-CVE-2022-26039
- RESERVED
-CVE-2022-26031
- RESERVED
-CVE-2022-26027
- RESERVED
-CVE-2022-25997
- RESERVED
-CVE-2022-25968
- RESERVED
-CVE-2022-25957
- RESERVED
-CVE-2022-25920
- RESERVED
-CVE-2022-25889
- RESERVED
-CVE-2022-21224
- RESERVED
+CVE-2022-26058 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
+CVE-2022-26055 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
+CVE-2022-26053 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
+CVE-2022-26039 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
+CVE-2022-26031 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
+CVE-2022-26027 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
+CVE-2022-25997 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
+CVE-2022-25968 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
+CVE-2022-25957 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
+CVE-2022-25920 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
+CVE-2022-25889 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
+CVE-2022-21224 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
CVE-2022-0864 (The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.22.9 ...)
NOT-FOR-US: WordPress plugin
CVE-2022-0863 (The WP SVG Icons WordPress plugin through 3.2.3 does not properly vali ...)
@@ -85845,6 +85877,7 @@ CVE-2022-24965
CVE-2022-24964
RESERVED
CVE-2022-24963 (Integer Overflow or Wraparound vulnerability in apr_encode functions o ...)
+ {DSA-5370-1}
- apr 1.7.2-1
[buster] - apr <not-affected> (Vulnerable code introduced later)
NOTE: https://lists.apache.org/thread/fw9p6sdncwsjkstwc066vz57xqzfksq9
@@ -152096,8 +152129,8 @@ CVE-2021-26267 (cPanel before 92.0.9 allows a MySQL user (who has an old-style p
NOT-FOR-US: cPanel
CVE-2021-26266 (cPanel before 92.0.9 allows a Reseller to bypass the suspension lock ( ...)
NOT-FOR-US: cPanel
-CVE-2021-26246
- RESERVED
+CVE-2021-26246 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
CVE-2021-26245
RESERVED
CVE-2021-26244
@@ -152387,30 +152420,30 @@ CVE-2021-26125
RESERVED
CVE-2021-26124
RESERVED
-CVE-2021-23232
- RESERVED
+CVE-2021-23232 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
CVE-2021-23230 (A SQL Injection vulnerability in the OPCUA interface of Gallagher Comm ...)
NOT-FOR-US: Gallagher Command Centre Server
-CVE-2021-23224
- RESERVED
-CVE-2021-23220
- RESERVED
-CVE-2021-23212
- RESERVED
+CVE-2021-23224 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
+CVE-2021-23220 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
+CVE-2021-23212 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
CVE-2021-23211 (Cleartext Storage of Sensitive Information in Memory vulnerability in ...)
NOT-FOR-US: Gallagher Command Centre Server
CVE-2021-23205 (Improper Encoding or Escaping in Gallagher Command Centre Server allow ...)
NOT-FOR-US: Gallagher Command Centre Server
CVE-2021-23204 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
NOT-FOR-US: Gallagher Command Centre Server
-CVE-2021-23199
- RESERVED
+CVE-2021-23199 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
CVE-2021-23197 (Unquoted service path vulnerability in the Gallagher Controller Servic ...)
NOT-FOR-US: Gallagher Controller Service
CVE-2021-23193 (Improper privilege validation vulnerability in COM Interface of Gallag ...)
NOT-FOR-US: Gallagher Command Centre Server
-CVE-2021-23185
- RESERVED
+CVE-2021-23185 (This candidate was in a CNA pool that was not assigned to any issues d ...)
+ TODO: check
CVE-2021-23182 (Cleartext Storage of Sensitive Information in Memory vulnerability in ...)
NOT-FOR-US: Gallagher Command Centre Server
CVE-2021-23167 (Improper certificate validation vulnerability in SMTP Client allows ma ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33c5124992ba60ae745e34464457a5f645a177d0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33c5124992ba60ae745e34464457a5f645a177d0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230308/a6034a2e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list