[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Mar 15 08:10:36 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5e97e19c by security tracker role at 2023-03-15T08:10:24+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,125 @@
+CVE-2023-28373
+	RESERVED
+CVE-2023-28372
+	RESERVED
+CVE-2023-28371 (In Stellarium through 1.2, attackers can write to files that are typic ...)
+	TODO: check
+CVE-2023-28368
+	RESERVED
+CVE-2023-28366
+	RESERVED
+CVE-2023-28365
+	RESERVED
+CVE-2023-28364
+	RESERVED
+CVE-2023-28363
+	RESERVED
+CVE-2023-28362
+	RESERVED
+CVE-2023-28361
+	RESERVED
+CVE-2023-28360
+	RESERVED
+CVE-2023-28359
+	RESERVED
+CVE-2023-28358
+	RESERVED
+CVE-2023-28357
+	RESERVED
+CVE-2023-28356
+	RESERVED
+CVE-2023-28355
+	RESERVED
+CVE-2023-28354
+	RESERVED
+CVE-2023-28353
+	RESERVED
+CVE-2023-28352
+	RESERVED
+CVE-2023-28351
+	RESERVED
+CVE-2023-28350
+	RESERVED
+CVE-2023-28349
+	RESERVED
+CVE-2023-28348
+	RESERVED
+CVE-2023-28347
+	RESERVED
+CVE-2023-28346
+	RESERVED
+CVE-2023-28345
+	RESERVED
+CVE-2023-28344
+	RESERVED
+CVE-2023-28343 (OS command injection affects Altenergy Power Control Software C1.2.5 v ...)
+	TODO: check
+CVE-2023-1408
+	RESERVED
+CVE-2023-1407 (A vulnerability classified as critical was found in SourceCodester Stu ...)
+	TODO: check
+CVE-2023-1406
+	RESERVED
+CVE-2022-48420
+	RESERVED
+CVE-2022-48419
+	RESERVED
+CVE-2022-48418
+	RESERVED
+CVE-2022-48417
+	RESERVED
+CVE-2022-48416
+	RESERVED
+CVE-2022-48415
+	RESERVED
+CVE-2022-48414
+	RESERVED
+CVE-2022-48413
+	RESERVED
+CVE-2022-48412
+	RESERVED
+CVE-2022-48411
+	RESERVED
+CVE-2020-36690
+	RESERVED
+CVE-2020-36689
+	RESERVED
+CVE-2020-36688
+	RESERVED
+CVE-2020-36687
+	RESERVED
+CVE-2020-36686
+	RESERVED
+CVE-2020-36685
+	RESERVED
+CVE-2020-36684
+	RESERVED
+CVE-2020-36683
+	RESERVED
+CVE-2020-36682
+	RESERVED
+CVE-2020-36681
+	RESERVED
+CVE-2019-25125
+	RESERVED
+CVE-2019-25124
+	RESERVED
+CVE-2019-25123
+	RESERVED
+CVE-2019-25122
+	RESERVED
+CVE-2019-25121
+	RESERVED
+CVE-2019-25120
+	RESERVED
+CVE-2019-25119
+	RESERVED
+CVE-2019-25118
+	RESERVED
+CVE-2019-25117
+	RESERVED
+CVE-2019-25116
+	RESERVED
 CVE-2023-28342
 	RESERVED
 CVE-2023-28341
@@ -994,8 +1116,8 @@ CVE-2023-1329
 	RESERVED
 CVE-2023-1328 (A vulnerability was found in Guizhou 115cms 4.2. It has been classifie ...)
 	NOT-FOR-US: Guizhou 115cms
-CVE-2023-1327
-	RESERVED
+CVE-2023-1327 (Netgear RAX30 (AX2400), prior to version 1.0.6.74, was affected by an  ...)
+	TODO: check
 CVE-2023-1326
 	RESERVED
 CVE-2023-1325
@@ -1076,8 +1198,8 @@ CVE-2023-28007
 	RESERVED
 CVE-2023-28006
 	RESERVED
-CVE-2023-28005
-	RESERVED
+CVE-2023-28005 (A vulnerability in Trend Micro Endpoint Encryption Full Disk Encryptio ...)
+	TODO: check
 CVE-2023-1307 (Authentication Bypass by Primary Weakness in GitHub repository froxlor ...)
 	- froxlor <itp> (bug #581792)
 CVE-2023-1306
@@ -1925,8 +2047,8 @@ CVE-2023-27759
 	RESERVED
 CVE-2023-27758
 	RESERVED
-CVE-2023-27757
-	RESERVED
+CVE-2023-27757 (An arbitrary file upload vulnerability in the /admin/user/uploadImg co ...)
+	TODO: check
 CVE-2023-27756
 	RESERVED
 CVE-2023-27755
@@ -2310,8 +2432,8 @@ CVE-2023-27592
 	RESERVED
 CVE-2023-27591
 	RESERVED
-CVE-2023-27590
-	RESERVED
+CVE-2023-27590 (Rizin is a UNIX-like reverse engineering framework and command-line to ...)
+	TODO: check
 CVE-2023-27589 (Minio is a Multi-Cloud Object Storage framework. Starting with RELEASE ...)
 	TODO: check
 CVE-2023-27588 (Hasura is an open-source product that provides users GraphQL or REST A ...)
@@ -3380,20 +3502,20 @@ CVE-2023-27242
 	RESERVED
 CVE-2023-27241
 	RESERVED
-CVE-2023-27240
-	RESERVED
-CVE-2023-27239
-	RESERVED
+CVE-2023-27240 (Tenda AX3 V16.03.12.11 was discovered to contain a command injection v ...)
+	TODO: check
+CVE-2023-27239 (Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via  ...)
+	TODO: check
 CVE-2023-27238
 	RESERVED
 CVE-2023-27237
 	RESERVED
 CVE-2023-27236
 	RESERVED
-CVE-2023-27235
-	RESERVED
-CVE-2023-27234
-	RESERVED
+CVE-2023-27235 (An arbitrary file upload vulnerability in the \admin\c\CommonControlle ...)
+	TODO: check
+CVE-2023-27234 (A Cross-Site Request Forgery (CSRF) in /Sys/index.html of Jizhicms v2. ...)
+	TODO: check
 CVE-2023-27233
 	RESERVED
 CVE-2023-27232
@@ -5002,8 +5124,8 @@ CVE-2023-0998 (A vulnerability classified as critical has been found in SourceCo
 	NOT-FOR-US: SourceCodester Alphaware Simple E-Commerce System
 CVE-2023-0997 (A vulnerability was found in SourceCodester Moosikay E-Commerce System ...)
 	NOT-FOR-US: SourceCodester Moosikay E-Commerce System
-CVE-2023-26511
-	RESERVED
+CVE-2023-26511 (A Hard Coded Admin Credentials issue in the Web-UI Admin Panel in Prop ...)
+	TODO: check
 CVE-2023-26510 (Ghost 5.35.0 allows authorization bypass: contributors can view draft  ...)
 	NOT-FOR-US: Ghost CMS
 CVE-2023-26509
@@ -5683,8 +5805,8 @@ CVE-2023-26264
 	RESERVED
 CVE-2023-26263
 	RESERVED
-CVE-2023-26262
-	RESERVED
+CVE-2023-26262 (An issue was discovered in Sitecore XP/XM 10.3. As an authenticated Si ...)
+	TODO: check
 CVE-2023-26261 (In UBIKA WAAP Gateway/Cloud through 6.10, a blind XPath injection lead ...)
 	NOT-FOR-US: UBIKA WAAP Gateway/Cloud
 CVE-2023-26260
@@ -35273,6 +35395,7 @@ CVE-2022-43445
 	RESERVED
 CVE-2022-43441
 	RESERVED
+	{DSA-5373-1}
 	- node-sqlite3 5.1.5+ds1-1
 	NOTE: https://github.com/TryGhost/node-sqlite3/security/advisories/GHSA-jqv5-7xpx-qj74
 	NOTE: Fixed by: https://github.com/TryGhost/node-sqlite3/commit/edb1934dd222ae55632e120d8f64552d5191c781 (v5.1.5)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e97e19c822efff90e4bb2ee1d42010866df4f1f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e97e19c822efff90e4bb2ee1d42010866df4f1f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230315/eedafaf8/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list