[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Nov 16 08:11:41 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
64d36f1f by security tracker role at 2023-11-16T08:11:30+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,61 @@
+CVE-2023-6105 (An information disclosure vulnerability exists in multiple ManageEngin ...)
+	TODO: check
+CVE-2023-5381 (The Elementor Addon Elements plugin for WordPress is vulnerable to Sto ...)
+	TODO: check
+CVE-2023-4723 (The Elementor Addon Elements plugin for WordPress is vulnerable to Sen ...)
+	TODO: check
+CVE-2023-4690 (The Elementor Addon Elements plugin for WordPress is vulnerable to Cro ...)
+	TODO: check
+CVE-2023-4689 (The Elementor Addon Elements plugin for WordPress is vulnerable to Cro ...)
+	TODO: check
+CVE-2023-48365 (Qlik Sense Enterprise for Windows before August 2023 Patch 2 allows un ...)
+	TODO: check
+CVE-2023-48224 (Fides is an open-source privacy engineering platform for managing the  ...)
+	TODO: check
+CVE-2023-48204 (An issue in PublicCMS v.4.0.202302.e allows a remote attacker to obtai ...)
+	TODO: check
+CVE-2023-48200 (Cross Site Scripting vulnerability in Grocy v.4.0.3 allows a local att ...)
+	TODO: check
+CVE-2023-48199 (An issue in Grocy v.4.0.3 allows a local attacker to execute arbitrary ...)
+	TODO: check
+CVE-2023-48198 (Cross Site Scripting vulnerability in Grocy v.4.0.3 allows a local att ...)
+	TODO: check
+CVE-2023-48197 (Cross Site Scripting vulnerability in Grocy v.4.0.3 allows a local att ...)
+	TODO: check
+CVE-2023-47674 (Missing authentication for critical function vulnerability in First Co ...)
+	TODO: check
+CVE-2023-47638
+	REJECTED
+CVE-2023-47471 (Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a ...)
+	TODO: check
+CVE-2023-47470 (Buffer Overflow vulnerability in Ffmpeg before github commit 456574705 ...)
+	TODO: check
+CVE-2023-47444 (An issue discovered in OpenCart 4.0.0.0 to 4.0.2.3 allows authenticate ...)
+	TODO: check
+CVE-2023-47347 (Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cau ...)
+	TODO: check
+CVE-2023-47345 (Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cau ...)
+	TODO: check
+CVE-2023-47335 (Insecure permissions in the setNFZEnable function of Autel Robotics EV ...)
+	TODO: check
+CVE-2023-47264 (Certain WithSecure products have a buffer over-read whereby processing ...)
+	TODO: check
+CVE-2023-47263 (Certain WithSecure products allow a Denial of Service (DoS) in the ant ...)
+	TODO: check
+CVE-2023-47213 (First Corporation's DVRs use a hard-coded password, which may allow a  ...)
+	TODO: check
+CVE-2023-47003 (An issue in RedisGraph v.2.12.10 allows an attacker to execute arbitra ...)
+	TODO: check
+CVE-2023-44296 (Dell ELab-Navigator, version 3.1.9 contains a hard-coded credential vu ...)
+	TODO: check
+CVE-2023-43757 (Inadequate encryption strength vulnerability in multiple routers provi ...)
+	TODO: check
+CVE-2023-43752 (OS command injection vulnerability in WRC-X3000GS2-W v1.05 and earlier ...)
+	TODO: check
+CVE-2023-43275 (Cross-Site Request Forgery (CSRF) vulnerability in DedeCMS v5.7 in 110 ...)
+	TODO: check
+CVE-2023-41442 (An issue in Kloudq Technologies Limited Tor Equip 1.0, Tor Loco Mini 1 ...)
+	TODO: check
 CVE-2023-6079
 	REJECTED
 CVE-2023-5720 (A flaw was found in Quarkus, where it does not properly sanitize artif ...)
@@ -273,9 +331,11 @@ CVE-2023-44441 [GIMP DDS File Parsing Heap-based Buffer Overflow Remote Code Exe
 	NOTE: https://gitlab.gnome.org/GNOME/gimp/-/commit/e92f279c97282a2b20dca0d923db7465f2057703 (GIMP_2_10_36)
 	NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/10069 (restricted)
 CVE-2023-6112 (Use after free in Navigation in Google Chrome prior to 119.0.6045.159  ...)
+	{DSA-5556-1}
 	- chromium 119.0.6045.159-1
 	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-5997 (Use after free in Garbage Collection in Google Chrome prior to 119.0.6 ...)
+	{DSA-5556-1}
 	- chromium 119.0.6045.159-1
 	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-6131 (Code Injection in GitHub repository salesagility/suitecrm prior to 7.1 ...)
@@ -168424,8 +168484,8 @@ CVE-2021-35439
 CVE-2021-35438 (phpIPAM 1.4.3 allows Reflected XSS via app/dashboard/widgets/ipcalc-re ...)
 	- phpipam <itp> (bug #731713)
 	NOTE: https://github.com/phpipam/phpipam/issues/3351
-CVE-2021-35437
-	RESERVED
+CVE-2021-35437 (SQL injection vulnerability in LMXCMS v.1.4 allows attacker to execute ...)
+	TODO: check
 CVE-2021-35436
 	RESERVED
 CVE-2021-35435



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64d36f1f17ada721534b25919b105525aa2db681

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64d36f1f17ada721534b25919b105525aa2db681
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231116/a0e98cac/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list