[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Oct 6 09:12:26 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b881ae44 by security tracker role at 2023-10-06T08:12:09+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,35 @@
+CVE-2023-5441 (NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161a ...)
+ TODO: check
+CVE-2023-5312 (A vulnerability classified as critical has been found in DedeCMS 5.7.1 ...)
+ TODO: check
+CVE-2023-45243 (Sensitive information disclosure due to missing authorization. The fol ...)
+ TODO: check
+CVE-2023-45242 (Sensitive information disclosure due to missing authorization. The fol ...)
+ TODO: check
+CVE-2023-45241 (Sensitive information leak through log files. The following products a ...)
+ TODO: check
+CVE-2023-45240 (Sensitive information disclosure due to missing authorization. The fol ...)
+ TODO: check
+CVE-2023-44214 (Sensitive information disclosure due to missing authorization. The fol ...)
+ TODO: check
+CVE-2023-44213 (Sensitive information disclosure due to excessive collection of system ...)
+ TODO: check
+CVE-2023-44212 (Sensitive information disclosure and manipulation due to missing autho ...)
+ TODO: check
+CVE-2023-44211 (Sensitive information disclosure and manipulation due to missing autho ...)
+ TODO: check
+CVE-2023-43343 (Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6 ...)
+ TODO: check
+CVE-2023-43269 (pigcms up to 7.0 was discovered to contain an arbitrary file upload vu ...)
+ TODO: check
+CVE-2023-40556 (Cross-Site Request Forgery (CSRF) vulnerability in Greg Ross Schedule ...)
+ TODO: check
+CVE-2023-39323 (Line directives ("//line") can be used to bypass the restrictions on " ...)
+ TODO: check
+CVE-2015-10126 (A vulnerability classified as critical was found in Easy2Map Photos Pl ...)
+ TODO: check
+CVE-2015-10125 (A vulnerability classified as problematic has been found in WP Ultimat ...)
+ TODO: check
CVE-2023-5423 (A vulnerability has been found in SourceCodester Online Pizza Ordering ...)
NOT-FOR-US: ourceCodester Online Pizza Ordering System
CVE-2023-4570 (An improper access restriction in NI MeasurementLink Python services c ...)
@@ -452,10 +484,12 @@ CVE-2023-2681 (An SQL Injection vulnerability has been found on Jorani version 1
CVE-2023-2544 (Authorization bypass vulnerability in UPV PEIX, affecting the componen ...)
NOT-FOR-US: UPV PEIX
CVE-2023-4693 [Crafted file system images can cause out-of-bounds write and may leak sensitive information into the GRUB pager]
+ {DLA-3605-1}
- grub2 2.12~rc1-11
NOTE: https://lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html
NOTE: https://lore.kernel.org/all/ZRxK8s4nQV2jBq%2F9@tomti.i.net-space.pl/
CVE-2023-4692 [Crafted file system images can cause heap-based buffer overflow and may allow arbitrary code execution and secure boot bypass]
+ {DLA-3605-1}
- grub2 2.12~rc1-11
NOTE: https://lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html
NOTE: https://lore.kernel.org/all/ZRxK8s4nQV2jBq%2F9@tomti.i.net-space.pl/
@@ -34983,8 +35017,8 @@ CVE-2023-26155
RESERVED
CVE-2023-26154
RESERVED
-CVE-2023-26153
- RESERVED
+CVE-2023-26153 (Versions of the package geokit-rails before 2.5.0 are vulnerable to Co ...)
+ TODO: check
CVE-2023-26152 (All versions of the package static-server are vulnerable to Directory ...)
TODO: check
CVE-2023-26151 (Versions of the package asyncua before 0.9.96 are vulnerable to Denial ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b881ae44090d2d133d1581c2cc52dc060d902211
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b881ae44090d2d133d1581c2cc52dc060d902211
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231006/481020eb/attachment.htm>
More information about the debian-security-tracker-commits
mailing list