[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Oct 13 09:12:21 BST 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
13e52ecc by security tracker role at 2023-10-13T08:12:08+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,35 @@
+CVE-2023-5564 (Cross-site Scripting (XSS) - Stored in GitHub repository froxlor/froxl ...)
+	TODO: check
+CVE-2023-5563 (The SJA1000 CAN controller driver backend automatically attempt to rec ...)
+	TODO: check
+CVE-2023-5557 (A flaw was found in the tracker-miners package. A weakness in the sand ...)
+	TODO: check
+CVE-2023-4562 (Improper Authentication vulnerability in Mitsubishi Electric Corporati ...)
+	TODO: check
+CVE-2023-45511 (A memory leak in tsMuxer version git-2539d07 allows attackers to cause ...)
+	TODO: check
+CVE-2023-45510 (tsMuxer version git-2539d07 was discovered to contain an alloc-dealloc ...)
+	TODO: check
+CVE-2023-41263 (An issue was discovered in Plixer Scrutinizer before 19.3.1. It expose ...)
+	TODO: check
+CVE-2023-41262 (An issue was discovered in /fcgi/scrut_fcgi.fcgi in Plixer Scrutinizer ...)
+	TODO: check
+CVE-2023-41261 (An issue was discovered in /fcgi/scrut_fcgi.fcgi in Plixer Scrutinizer ...)
+	TODO: check
+CVE-2023-38251 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earli ...)
+	TODO: check
+CVE-2023-38250 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earli ...)
+	TODO: check
+CVE-2023-38249 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earli ...)
+	TODO: check
+CVE-2023-38221 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earli ...)
+	TODO: check
+CVE-2023-38220 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earli ...)
+	TODO: check
+CVE-2023-38219 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earli ...)
+	TODO: check
+CVE-2023-38218 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earli ...)
+	TODO: check
 CVE-2023-45365
 	NOT-FOR-US: MediaWiki extension Citoid
 CVE-2023-45366
@@ -70,55 +102,55 @@ CVE-2023-31192 (An information disclosure vulnerability exists in the ClientConn
 	NOT-FOR-US: SoftEther VPN
 CVE-2023-27516 (An authentication bypass vulnerability exists in the CiRpcAccepted() f ...)
 	NOT-FOR-US: SoftEther VPN
-CVE-2023-36839
+CVE-2023-36839 (An Improper Validation of Specified Quantity in Input vulnerability in ...)
 	NOT-FOR-US: Juniper
-CVE-2023-44204
+CVE-2023-44204 (An Improper Validation of Syntactic Correctness of Input vulnerability ...)
 	NOT-FOR-US: Juniper
-CVE-2023-44182
+CVE-2023-44182 (An Unchecked Return Value vulnerability in the user interfaces to the  ...)
 	NOT-FOR-US: Juniper
-CVE-2023-44203
+CVE-2023-44203 (An Improper Check or Handling of Exceptional Conditions vulnerability  ...)
 	NOT-FOR-US: Juniper
 CVE-2023-44202
 	NOT-FOR-US: Juniper
-CVE-2023-44198
+CVE-2023-44198 (An Improper Check for Unusual or Exceptional Conditions vulnerability  ...)
 	NOT-FOR-US: Juniper
-CVE-2023-44197
+CVE-2023-44197 (An Out-of-Bounds Write vulnerability in the Routing Protocol Daemon (r ...)
 	NOT-FOR-US: Juniper
-CVE-2023-44196
+CVE-2023-44196 (An Improper Check for Unusual or Exceptional Conditions in the Packet  ...)
 	NOT-FOR-US: Juniper
-CVE-2023-44195
+CVE-2023-44195 (An Improper Restriction of Communication Channel to Intended Endpoints ...)
 	NOT-FOR-US: Juniper
-CVE-2023-44201
+CVE-2023-44201 (An Incorrect Permission Assignment for Critical Resource vulnerability ...)
 	NOT-FOR-US: Juniper
-CVE-2023-44199
+CVE-2023-44199 (An Improper Check for Unusual or Exceptional Conditions vulnerability  ...)
 	NOT-FOR-US: Juniper
-CVE-2023-44184
+CVE-2023-44184 (An Improper Restriction of Operations within the Bounds of a Memory Bu ...)
 	NOT-FOR-US: Juniper
-CVE-2023-44181
+CVE-2023-44181 (An Improperly Implemented Security Check for Standard vulnerability in ...)
 	NOT-FOR-US: Juniper
-CVE-2023-44191
+CVE-2023-44191 (An Allocation of Resources Without Limits or Throttling vulnerability  ...)
 	NOT-FOR-US: Juniper
-CVE-2023-44192
+CVE-2023-44192 (An Improper Input Validation vulnerability in the Packet Forwarding En ...)
 	NOT-FOR-US: Juniper
-CVE-2023-44175
+CVE-2023-44175 (A Reachable Assertion vulnerability in the routing protocol daemon (rp ...)
 	NOT-FOR-US: Juniper
-CVE-2023-44178
+CVE-2023-44178 (A Stack-based Buffer Overflow vulnerability in the CLI command of Juni ...)
 	NOT-FOR-US: Juniper
-CVE-2023-44177
+CVE-2023-44177 (A Stack-based Buffer Overflow vulnerability in the CLI command of Juni ...)
 	NOT-FOR-US: Juniper
-CVE-2023-44176
+CVE-2023-44176 (A Stack-based Buffer Overflow vulnerability in the CLI command of Juni ...)
 	NOT-FOR-US: Juniper
-CVE-2023-36841
+CVE-2023-36841 (An Improper Check for Unusual or Exceptional Conditions vulnerability  ...)
 	NOT-FOR-US: Juniper
-CVE-2023-36843
+CVE-2023-36843 (An Improper Handling of Inconsistent Special Elements vulnerability in ...)
 	NOT-FOR-US: Juniper
-CVE-2023-44194
+CVE-2023-44194 (An Incorrect Default Permissions vulnerability in Juniper Networks Jun ...)
 	NOT-FOR-US: Juniper
-CVE-2023-44193
+CVE-2023-44193 (An Improper Release of Memory Before Removing Last Reference vulnerabi ...)
 	NOT-FOR-US: Juniper
-CVE-2023-44183
+CVE-2023-44183 (An Improper Input Validation vulnerability in the VxLAN packet forward ...)
 	NOT-FOR-US: Juniper
-CVE-2023-44185
+CVE-2023-44185 (An Improper Input Validation vulnerability in the routing protocol dae ...)
 	NOT-FOR-US: Juniper
 CVE-2023-5531 (The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable  ...)
 	NOT-FOR-US: WordPress plugin
@@ -4034,7 +4066,7 @@ CVE-2023-42753 (An array indexing vulnerability was found in the netfilter subsy
 	[bullseye] - linux 5.10.197-1
 	NOTE: https://www.openwall.com/lists/oss-security/2023/09/22/10
 	NOTE: https://git.kernel.org/linus/050d91c03b28ca479df13dfb02bcd2c60dd6a878 (6.6-rc1)
-CVE-2023-42752 [integer overflows in kmalloc_reserve()]
+CVE-2023-42752 (An integer overflow flaw was found in the Linux kernel. This issue lea ...)
 	- linux 6.5.3-1
 	[bookworm] - linux 6.1.55-1
 	[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -33403,8 +33435,8 @@ CVE-2023-27318
 	RESERVED
 CVE-2023-27317
 	RESERVED
-CVE-2023-27316
-	RESERVED
+CVE-2023-27316 (SnapCenter versions 4.8 through 4.9 are susceptible to a  vulnerabilit ...)
+	TODO: check
 CVE-2023-27315 (SnapGathers versions prior to 4.9 are susceptible to a vulnerability   ...)
 	TODO: check
 CVE-2023-27314 (ONTAP 9 versions prior to 9.8P19, 9.9.1P16, 9.10.1P12, 9.11.1P8,  9.12 ...)
@@ -35802,10 +35834,10 @@ CVE-2023-26369 (Acrobat Reader versions 23.003.20284 (and earlier), 20.005.30516
 	NOT-FOR-US: Adobe
 CVE-2023-26368
 	RESERVED
-CVE-2023-26367
-	RESERVED
-CVE-2023-26366
-	RESERVED
+CVE-2023-26367 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earli ...)
+	TODO: check
+CVE-2023-26366 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earli ...)
+	TODO: check
 CVE-2023-26365
 	RESERVED
 CVE-2023-26364
@@ -49317,8 +49349,7 @@ CVE-2023-22394 (An Improper Handling of Unexpected Data Type vulnerability in th
 	NOT-FOR-US: Juniper
 CVE-2023-22393 (An Improper Check for Unusual or Exceptional Conditions vulnerability  ...)
 	NOT-FOR-US: Juniper
-CVE-2023-22392
-	RESERVED
+CVE-2023-22392 (A Missing Release of Memory after Effective Lifetime vulnerability in  ...)
 	NOT-FOR-US: Juniper
 CVE-2023-22391 (A vulnerability in class-of-service (CoS) queue management in Juniper  ...)
 	NOT-FOR-US: Juniper



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13e52ecc069b26ba6927c3dbad9549f7b2296a44

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13e52ecc069b26ba6927c3dbad9549f7b2296a44
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231013/17ac54ef/attachment.htm>


More information about the debian-security-tracker-commits mailing list