[Git][security-tracker-team/security-tracker][master] automatic update

Sat May 6 09:12:16 BST 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c9bff024 by security tracker role at 2023-05-06T08:12:06+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2016-15031 (A vulnerability was found in PHP-Login 1.0. It has been declared as cr ...)
+	TODO: check
 CVE-2023-2554 (External Control of File Name or Path in GitHub repository unilogies/b ...)
 	NOT-FOR-US: unilogies/bumsys
 CVE-2023-2553 (Cross-site Scripting (XSS) - Stored in GitHub repository unilogies/bum ...)
@@ -986,6 +988,7 @@ CVE-2023-31048
 	RESERVED
 CVE-2023-31047 [Potential bypass of validation when uploading multiple files using one form field]
 	RESERVED
+	{DLA-3415-1}
 	- python-django 3:3.2.19-1 (bug #1035467)
 	NOTE: https://www.djangoproject.com/weblog/2023/may/03/security-releases/
 	NOTE: https://github.com/django/django/commit/fb4c55d9ec4bb812a7fb91fa20510d91645e411b (main)
@@ -3828,8 +3831,8 @@ CVE-2023-30067
 	RESERVED
 CVE-2023-30066
 	RESERVED
-CVE-2023-30065
-	RESERVED
+CVE-2023-30065 (MitraStar GPT-2741GNAC-N2 with firmware BR_g5.9_1.11(WVK.0)b32 was dis ...)
+	TODO: check
 CVE-2023-30064
 	RESERVED
 CVE-2023-30063 (D-Link DIR-890L FW1.10 A1 is vulnerable to Authentication bypass.)
@@ -4032,8 +4035,8 @@ CVE-2023-29965
 	RESERVED
 CVE-2023-29964
 	RESERVED
-CVE-2023-29963
-	RESERVED
+CVE-2023-29963 (S-CMS v5.0 was discovered to contain an authenticated remote code exec ...)
+	TODO: check
 CVE-2023-29962
 	RESERVED
 CVE-2023-29961
@@ -5684,16 +5687,16 @@ CVE-2023-29356
 	RESERVED
 CVE-2023-29355
 	RESERVED
-CVE-2023-29354
-	RESERVED
+CVE-2023-29354 (Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability)
+	TODO: check
 CVE-2023-29353
 	RESERVED
 CVE-2023-29352
 	RESERVED
 CVE-2023-29351
 	RESERVED
-CVE-2023-29350
-	RESERVED
+CVE-2023-29350 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability)
+	TODO: check
 CVE-2023-29349
 	RESERVED
 CVE-2023-29348
@@ -14271,12 +14274,12 @@ CVE-2023-26521
 	RESERVED
 CVE-2023-26520
 	RESERVED
-CVE-2023-26519
-	RESERVED
+CVE-2023-26519 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex ...)
+	TODO: check
 CVE-2023-26518
 	RESERVED
-CVE-2023-26517
-	RESERVED
+CVE-2023-26517 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jeff ...)
+	TODO: check
 CVE-2023-26516
 	RESERVED
 CVE-2023-26515
@@ -18965,8 +18968,8 @@ CVE-2023-24959
 	RESERVED
 CVE-2023-24958 (A vulnerability in the IBM TS7700 Management Interface 8.51.2.12, 8.52 ...)
 	NOT-FOR-US: IBM
-CVE-2023-24957
-	RESERVED
+CVE-2023-24957 (IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0. ...)
+	TODO: check
 CVE-2023-24956 (Forget Heart Message Box v1.1 was discovered to contain a SQL injectio ...)
 	NOT-FOR-US: Forget Heart Message Box
 CVE-2023-24955
@@ -44166,8 +44169,8 @@ CVE-2022-43879
 	RESERVED
 CVE-2022-43878
 	RESERVED
-CVE-2022-43877
-	RESERVED
+CVE-2022-43877 (IBM UrbanCode Deploy (UCD) versions up to 7.3.0.1 could disclose sensi ...)
+	TODO: check
 CVE-2022-43876
 	RESERVED
 CVE-2022-43875 (IBM Financial Transaction Manager for SWIFT Services for Multiplatform ...)
@@ -106980,8 +106983,8 @@ CVE-2022-22315 (IBM UrbanCode Deploy (UCD) 7.2.2.1 could allow an authenticated
 	NOT-FOR-US: IBM
 CVE-2022-22314 (IBM Planning Analytics Local 2.0 allows web pages to be stored locally ...)
 	NOT-FOR-US: IBM
-CVE-2022-22313
-	RESERVED
+CVE-2022-22313 (IBM QRadar Data Synchronization App 1.0 through 3.0.1 uses weaker than ...)
+	TODO: check
 CVE-2022-22312 (IBM Security Identity Manager (IBM Security Verify Password Synchroniz ...)
 	NOT-FOR-US: IBM
 CVE-2022-22311 (IBM Security Verify Access could allow a user, using man in the middle ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c9bff02427f7ff8c1b7e279a302c676000fa9ac2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c9bff02427f7ff8c1b7e279a302c676000fa9ac2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230506/8405cdc9/attachment.htm>
