[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Oct 13 09:12:21 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
13e52ecc by security tracker role at 2023-10-13T08:12:08+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,35 @@
+CVE-2023-5564 (Cross-site Scripting (XSS) - Stored in GitHub repository froxlor/froxl ...)
+ TODO: check
+CVE-2023-5563 (The SJA1000 CAN controller driver backend automatically attempt to rec ...)
+ TODO: check
+CVE-2023-5557 (A flaw was found in the tracker-miners package. A weakness in the sand ...)
+ TODO: check
+CVE-2023-4562 (Improper Authentication vulnerability in Mitsubishi Electric Corporati ...)
+ TODO: check
+CVE-2023-45511 (A memory leak in tsMuxer version git-2539d07 allows attackers to cause ...)
+ TODO: check
+CVE-2023-45510 (tsMuxer version git-2539d07 was discovered to contain an alloc-dealloc ...)
+ TODO: check
+CVE-2023-41263 (An issue was discovered in Plixer Scrutinizer before 19.3.1. It expose ...)
+ TODO: check
+CVE-2023-41262 (An issue was discovered in /fcgi/scrut_fcgi.fcgi in Plixer Scrutinizer ...)
+ TODO: check
+CVE-2023-41261 (An issue was discovered in /fcgi/scrut_fcgi.fcgi in Plixer Scrutinizer ...)
+ TODO: check
+CVE-2023-38251 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earli ...)
+ TODO: check
+CVE-2023-38250 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earli ...)
+ TODO: check
+CVE-2023-38249 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earli ...)
+ TODO: check
+CVE-2023-38221 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earli ...)
+ TODO: check
+CVE-2023-38220 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earli ...)
+ TODO: check
+CVE-2023-38219 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earli ...)
+ TODO: check
+CVE-2023-38218 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earli ...)
+ TODO: check
CVE-2023-45365
NOT-FOR-US: MediaWiki extension Citoid
CVE-2023-45366
@@ -70,55 +102,55 @@ CVE-2023-31192 (An information disclosure vulnerability exists in the ClientConn
NOT-FOR-US: SoftEther VPN
CVE-2023-27516 (An authentication bypass vulnerability exists in the CiRpcAccepted() f ...)
NOT-FOR-US: SoftEther VPN
-CVE-2023-36839
+CVE-2023-36839 (An Improper Validation of Specified Quantity in Input vulnerability in ...)
NOT-FOR-US: Juniper
-CVE-2023-44204
+CVE-2023-44204 (An Improper Validation of Syntactic Correctness of Input vulnerability ...)
NOT-FOR-US: Juniper
-CVE-2023-44182
+CVE-2023-44182 (An Unchecked Return Value vulnerability in the user interfaces to the ...)
NOT-FOR-US: Juniper
-CVE-2023-44203
+CVE-2023-44203 (An Improper Check or Handling of Exceptional Conditions vulnerability ...)
NOT-FOR-US: Juniper
CVE-2023-44202
NOT-FOR-US: Juniper
-CVE-2023-44198
+CVE-2023-44198 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...)
NOT-FOR-US: Juniper
-CVE-2023-44197
+CVE-2023-44197 (An Out-of-Bounds Write vulnerability in the Routing Protocol Daemon (r ...)
NOT-FOR-US: Juniper
-CVE-2023-44196
+CVE-2023-44196 (An Improper Check for Unusual or Exceptional Conditions in the Packet ...)
NOT-FOR-US: Juniper
-CVE-2023-44195
+CVE-2023-44195 (An Improper Restriction of Communication Channel to Intended Endpoints ...)
NOT-FOR-US: Juniper
-CVE-2023-44201
+CVE-2023-44201 (An Incorrect Permission Assignment for Critical Resource vulnerability ...)
NOT-FOR-US: Juniper
-CVE-2023-44199
+CVE-2023-44199 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...)
NOT-FOR-US: Juniper
-CVE-2023-44184
+CVE-2023-44184 (An Improper Restriction of Operations within the Bounds of a Memory Bu ...)
NOT-FOR-US: Juniper
-CVE-2023-44181
+CVE-2023-44181 (An Improperly Implemented Security Check for Standard vulnerability in ...)
NOT-FOR-US: Juniper
-CVE-2023-44191
+CVE-2023-44191 (An Allocation of Resources Without Limits or Throttling vulnerability ...)
NOT-FOR-US: Juniper
-CVE-2023-44192
+CVE-2023-44192 (An Improper Input Validation vulnerability in the Packet Forwarding En ...)
NOT-FOR-US: Juniper
-CVE-2023-44175
+CVE-2023-44175 (A Reachable Assertion vulnerability in the routing protocol daemon (rp ...)
NOT-FOR-US: Juniper
-CVE-2023-44178
+CVE-2023-44178 (A Stack-based Buffer Overflow vulnerability in the CLI command of Juni ...)
NOT-FOR-US: Juniper
-CVE-2023-44177
+CVE-2023-44177 (A Stack-based Buffer Overflow vulnerability in the CLI command of Juni ...)
NOT-FOR-US: Juniper
-CVE-2023-44176
+CVE-2023-44176 (A Stack-based Buffer Overflow vulnerability in the CLI command of Juni ...)
NOT-FOR-US: Juniper
-CVE-2023-36841
+CVE-2023-36841 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...)
NOT-FOR-US: Juniper
-CVE-2023-36843
+CVE-2023-36843 (An Improper Handling of Inconsistent Special Elements vulnerability in ...)
NOT-FOR-US: Juniper
-CVE-2023-44194
+CVE-2023-44194 (An Incorrect Default Permissions vulnerability in Juniper Networks Jun ...)
NOT-FOR-US: Juniper
-CVE-2023-44193
+CVE-2023-44193 (An Improper Release of Memory Before Removing Last Reference vulnerabi ...)
NOT-FOR-US: Juniper
-CVE-2023-44183
+CVE-2023-44183 (An Improper Input Validation vulnerability in the VxLAN packet forward ...)
NOT-FOR-US: Juniper
-CVE-2023-44185
+CVE-2023-44185 (An Improper Input Validation vulnerability in the routing protocol dae ...)
NOT-FOR-US: Juniper
CVE-2023-5531 (The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable ...)
NOT-FOR-US: WordPress plugin
@@ -4034,7 +4066,7 @@ CVE-2023-42753 (An array indexing vulnerability was found in the netfilter subsy
[bullseye] - linux 5.10.197-1
NOTE: https://www.openwall.com/lists/oss-security/2023/09/22/10
NOTE: https://git.kernel.org/linus/050d91c03b28ca479df13dfb02bcd2c60dd6a878 (6.6-rc1)
-CVE-2023-42752 [integer overflows in kmalloc_reserve()]
+CVE-2023-42752 (An integer overflow flaw was found in the Linux kernel. This issue lea ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -33403,8 +33435,8 @@ CVE-2023-27318
RESERVED
CVE-2023-27317
RESERVED
-CVE-2023-27316
- RESERVED
+CVE-2023-27316 (SnapCenter versions 4.8 through 4.9 are susceptible to a vulnerabilit ...)
+ TODO: check
CVE-2023-27315 (SnapGathers versions prior to 4.9 are susceptible to a vulnerability ...)
TODO: check
CVE-2023-27314 (ONTAP 9 versions prior to 9.8P19, 9.9.1P16, 9.10.1P12, 9.11.1P8, 9.12 ...)
@@ -35802,10 +35834,10 @@ CVE-2023-26369 (Acrobat Reader versions 23.003.20284 (and earlier), 20.005.30516
NOT-FOR-US: Adobe
CVE-2023-26368
RESERVED
-CVE-2023-26367
- RESERVED
-CVE-2023-26366
- RESERVED
+CVE-2023-26367 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earli ...)
+ TODO: check
+CVE-2023-26366 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earli ...)
+ TODO: check
CVE-2023-26365
RESERVED
CVE-2023-26364
@@ -49317,8 +49349,7 @@ CVE-2023-22394 (An Improper Handling of Unexpected Data Type vulnerability in th
NOT-FOR-US: Juniper
CVE-2023-22393 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...)
NOT-FOR-US: Juniper
-CVE-2023-22392
- RESERVED
+CVE-2023-22392 (A Missing Release of Memory after Effective Lifetime vulnerability in ...)
NOT-FOR-US: Juniper
CVE-2023-22391 (A vulnerability in class-of-service (CoS) queue management in Juniper ...)
NOT-FOR-US: Juniper
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13e52ecc069b26ba6927c3dbad9549f7b2296a44
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13e52ecc069b26ba6927c3dbad9549f7b2296a44
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231013/17ac54ef/attachment.htm>
More information about the debian-security-tracker-commits
mailing list