[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Mar 22 08:10:31 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f50e2ed1 by security tracker role at 2023-03-22T08:10:21+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,61 @@
+CVE-2023-28730
+ RESERVED
+CVE-2023-28729
+ RESERVED
+CVE-2023-28728
+ RESERVED
+CVE-2023-28727
+ RESERVED
+CVE-2023-28726
+ RESERVED
+CVE-2023-28725 (General Bytes Crypto Application Server (CAS) 20230120, as distributed ...)
+ TODO: check
+CVE-2023-28723
+ RESERVED
+CVE-2023-28718
+ RESERVED
+CVE-2023-28714
+ RESERVED
+CVE-2023-28712
+ RESERVED
+CVE-2023-28710
+ RESERVED
+CVE-2023-28654
+ RESERVED
+CVE-2023-28648
+ RESERVED
+CVE-2023-28411
+ RESERVED
+CVE-2023-28410
+ RESERVED
+CVE-2023-28404
+ RESERVED
+CVE-2023-28403
+ RESERVED
+CVE-2023-28401
+ RESERVED
+CVE-2023-28398
+ RESERVED
+CVE-2023-28395
+ RESERVED
+CVE-2023-28385
+ RESERVED
+CVE-2023-28376
+ RESERVED
+CVE-2023-28375
+ RESERVED
+CVE-2023-27886
+ RESERVED
+CVE-2023-27394
+ RESERVED
+CVE-2023-25071
+ RESERVED
+CVE-2023-1554
+ RESERVED
+CVE-2023-1553
+ RESERVED
+CVE-2023-1552
+ RESERVED
CVE-2023-28709
RESERVED
CVE-2023-28708
@@ -153,32 +211,25 @@ CVE-2023-1536 (Cross-site Scripting (XSS) - Stored in GitHub repository answerde
NOT-FOR-US: answer
CVE-2023-1535 (Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/ans ...)
NOT-FOR-US: answer
-CVE-2023-1534
- RESERVED
+CVE-2023-1534 (Out of bounds read in ANGLE in Google Chrome prior to 111.0.5563.110 a ...)
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1533
- RESERVED
+CVE-2023-1533 (Use after free in WebProtect in Google Chrome prior to 111.0.5563.110 ...)
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1532
- RESERVED
+CVE-2023-1532 (Out of bounds read in GPU Video in Google Chrome prior to 111.0.5563.1 ...)
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1531
- RESERVED
+CVE-2023-1531 (Use after free in ANGLE in Google Chrome prior to 111.0.5563.110 allow ...)
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1530
- RESERVED
+CVE-2023-1530 (Use after free in PDF in Google Chrome prior to 111.0.5563.110 allowed ...)
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1529
- RESERVED
+CVE-2023-1529 (Out of bounds memory access in WebHID in Google Chrome prior to 111.0. ...)
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-1528
- RESERVED
+CVE-2023-1528 (Use after free in Passwords in Google Chrome prior to 111.0.5563.110 a ...)
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2023-1527 (Cross-site Scripting (XSS) - Generic in GitHub repository tsolucio/cor ...)
@@ -2084,8 +2135,8 @@ CVE-2023-28085
RESERVED
CVE-2023-28084
RESERVED
-CVE-2023-28083
- RESERVED
+CVE-2023-28083 (A remote Cross-site Scripting vulnerability was discovered in HPE Inte ...)
+ TODO: check
CVE-2023-28082
RESERVED
CVE-2023-28081
@@ -2639,10 +2690,10 @@ CVE-2023-1264 (NULL Pointer Dereference in GitHub repository vim/vim prior to 9.
NOTE: Crash in CLI tool, no security impact
CVE-2023-1263 (The CMP – Coming Soon & Maintenance plugin for WordPress is ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-1262
- RESERVED
-CVE-2023-1261
- RESERVED
+CVE-2023-1262 (Missing MAC layer security in Silicon Labs Wi-SUN Linux Border Router ...)
+ TODO: check
+CVE-2023-1261 (Missing MAC layer security in Silicon Labs Wi-SUN SDK v1.5.0 and earli ...)
+ TODO: check
CVE-2023-1260
RESERVED
CVE-2023-1259
@@ -2772,12 +2823,12 @@ CVE-2023-27859
RESERVED
CVE-2023-27858
RESERVED
-CVE-2023-27857
- RESERVED
-CVE-2023-27856
- RESERVED
-CVE-2023-27855
- RESERVED
+CVE-2023-27857 (In affected versions, a heap-based buffer over-read condition occurs w ...)
+ TODO: check
+CVE-2023-27856 (In affected versions, path traversal exists when processing a message ...)
+ TODO: check
+CVE-2023-27855 (In affected versions, a path traversal exists when processing a messag ...)
+ TODO: check
CVE-2023-27854
RESERVED
CVE-2023-25947 (The bundle management subsystem within OpenHarmony-v3.1.4 and prior ve ...)
@@ -3674,8 +3725,8 @@ CVE-2023-1169
RESERVED
CVE-2015-10089 (A vulnerability classified as problematic has been found in flame.js. ...)
NOT-FOR-US: flame.js
-CVE-2023-1168
- RESERVED
+CVE-2023-1168 (An authenticated remote code execution vulnerability exists in the AOS ...)
+ TODO: check
CVE-2023-1167
RESERVED
CVE-2023-1166
@@ -5013,8 +5064,8 @@ CVE-2023-27089
RESERVED
CVE-2023-27088 (feiqu-opensource Background Vertical authorization vulnerability exist ...)
NOT-FOR-US: feiqu-opensource Background Vertical
-CVE-2023-27087
- RESERVED
+CVE-2023-27087 (Permissions vulnerabiltiy found in Xuxueli xxl-job v2.2.0, v 2.3.0 and ...)
+ TODO: check
CVE-2023-27086
RESERVED
CVE-2023-27085
@@ -6364,8 +6415,8 @@ CVE-2023-26499
RESERVED
CVE-2023-26498
RESERVED
-CVE-2023-26497
- RESERVED
+CVE-2023-26497 (An issue was discovered in Samsung Baseband Modem Chipset for Exynos M ...)
+ TODO: check
CVE-2023-26496
RESERVED
CVE-2023-26495
@@ -7952,8 +8003,8 @@ CVE-2023-25926
RESERVED
CVE-2023-25925
RESERVED
-CVE-2023-25924
- RESERVED
+CVE-2023-25924 (IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and ...)
+ TODO: check
CVE-2023-25923 (IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and ...)
NOT-FOR-US: IBM
CVE-2023-25922
@@ -8856,8 +8907,8 @@ CVE-2022-4905 (A vulnerability was found in UDX Stateless Media Plugin 3.1.1. It
NOT-FOR-US: UDX Stateless Media Plugin
CVE-2023-25689 (IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1 , and ...)
NOT-FOR-US: IBM
-CVE-2023-25688
- RESERVED
+CVE-2023-25688 (IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and ...)
+ TODO: check
CVE-2023-25687 (IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and ...)
NOT-FOR-US: IBM
CVE-2023-25686 (IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and ...)
@@ -11503,8 +11554,8 @@ CVE-2023-24711
RESERVED
CVE-2023-24710
RESERVED
-CVE-2023-24709
- RESERVED
+CVE-2023-24709 (An issue found in Paradox Security Systems IPR512 allows attackers to ...)
+ TODO: check
CVE-2023-24708
RESERVED
CVE-2023-24707
@@ -13903,8 +13954,8 @@ CVE-2023-0393
RESERVED
CVE-2023-0392
RESERVED
-CVE-2023-0391
- RESERVED
+CVE-2023-0391 (MGT-COMMERCE CloudPanel ships with a static SSL certificate to encrypt ...)
+ TODO: check
CVE-2022-48278
RESERVED
CVE-2022-48277
@@ -19982,14 +20033,14 @@ CVE-2022-4632 (A vulnerability has been found in Auto Upload Images up to 3.3.0
NOT-FOR-US: WordPress plugin
CVE-2022-4631 (A vulnerability, which was classified as problematic, was found in WP- ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-46300
- RESERVED
+CVE-2022-46300 (Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose i ...)
+ TODO: check
CVE-2022-4630 (Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal ...)
NOT-FOR-US: daloRADIUS
CVE-2022-4629 (The Product Slider for WooCommerce WordPress plugin before 2.6.4 does ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-46286
- RESERVED
+CVE-2022-46286 (Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose i ...)
+ TODO: check
CVE-2022-4628 (The Easy PayPal Buy Now Button WordPress plugin before 1.7.4 does not ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4627 (The ShiftNav WordPress plugin before 1.7.2 does not validate and escap ...)
@@ -20004,24 +20055,24 @@ CVE-2022-4623
RESERVED
CVE-2022-45876
RESERVED
-CVE-2022-45468
- RESERVED
+CVE-2022-45468 (Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose i ...)
+ TODO: check
CVE-2022-45444 (Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up ...)
NOT-FOR-US: Sewio
CVE-2022-45127 (Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up ...)
NOT-FOR-US: Sewio
-CVE-2022-45121
- RESERVED
-CVE-2022-43512
- RESERVED
+CVE-2022-45121 (Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose i ...)
+ TODO: check
+CVE-2022-43512 (Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose i ...)
+ TODO: check
CVE-2022-43483 (Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up ...)
NOT-FOR-US: Sewio
CVE-2022-43455 (Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up ...)
NOT-FOR-US: Sewio
CVE-2022-41989 (Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up ...)
NOT-FOR-US: Sewio
-CVE-2022-41696
- RESERVED
+CVE-2022-41696 (Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose i ...)
+ TODO: check
CVE-2022-40633 (A malicious actor can clone access cards used to open control cabinets ...)
NOT-FOR-US: Rittal
CVE-2021-4274 (A vulnerability, which was classified as problematic, has been found i ...)
@@ -27826,8 +27877,8 @@ CVE-2022-45636 (An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS
TODO: check
CVE-2022-45635 (An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & ...)
TODO: check
-CVE-2022-45634
- RESERVED
+CVE-2022-45634 (An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & ...)
+ TODO: check
CVE-2022-45633
RESERVED
CVE-2022-45632
@@ -162342,7 +162393,7 @@ CVE-2021-3101 (Hotdog, prior to v1.0.1, did not mimic the capabilities or the SE
CVE-2021-3100 (The Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch ...)
NOT-FOR-US: Amazon Web Services hotpatch
CVE-2021-3099
- RESERVED
+ REJECTED
CVE-2021-3098
REJECTED
CVE-2021-3097
@@ -162358,7 +162409,7 @@ CVE-2021-3093
CVE-2021-3092
REJECTED
CVE-2021-3091
- RESERVED
+ REJECTED
CVE-2021-3090
REJECTED
CVE-2021-3089
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f50e2ed161c1579c883123f1dd2f66b862969600
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f50e2ed161c1579c883123f1dd2f66b862969600
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230322/bcb46373/attachment.htm>
More information about the debian-security-tracker-commits
mailing list