[Git][security-tracker-team/security-tracker][master] automatic update

Mon Oct 16 09:12:23 BST 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1fd95aab by security tracker role at 2023-10-16T08:12:07+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,71 @@
+CVE-2023-5591 (SQL Injection in GitHub repository librenms/librenms prior to 23.10.0.)
+	TODO: check
+CVE-2023-5590 (NULL Pointer Dereference in GitHub repository seleniumhq/selenium prio ...)
+	TODO: check
+CVE-2023-5589 (A vulnerability was found in SourceCodester Judging Management System  ...)
+	TODO: check
+CVE-2023-5588 (A vulnerability was found in kphrx pleroma. It has been classified as  ...)
+	TODO: check
+CVE-2023-5587 (A vulnerability was found in SourceCodester Free Hospital Management S ...)
+	TODO: check
+CVE-2023-45898 (The Linux kernel before 6.5.4 has an es1 use-after-free in fs/ext4/ext ...)
+	TODO: check
+CVE-2023-45757 (Security vulnerability in Apache bRPC <=1.6.0 on all platforms allows  ...)
+	TODO: check
+CVE-2023-45580 (Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before ...)
+	TODO: check
+CVE-2023-45579 (Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before ...)
+	TODO: check
+CVE-2023-45578 (Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before ...)
+	TODO: check
+CVE-2023-45577 (An issue in DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23 ...)
+	TODO: check
+CVE-2023-45576 (Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before ...)
+	TODO: check
+CVE-2023-45575 (Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before ...)
+	TODO: check
+CVE-2023-45574 (Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before ...)
+	TODO: check
+CVE-2023-45573 (Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before ...)
+	TODO: check
+CVE-2023-45572 (Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before ...)
+	TODO: check
+CVE-2023-45158 (An OS command injection vulnerability exists in web2py 2.24.1 and earl ...)
+	TODO: check
+CVE-2023-44809 (D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions.)
+	TODO: check
+CVE-2023-44808 (D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_ ...)
+	TODO: check
+CVE-2023-40791 (extract_user_to_sg in lib/scatterlist.c in the Linux kernel before 6.4 ...)
+	TODO: check
+CVE-2023-40790
+	REJECTED
+CVE-2023-40377 (Backup, Recovery, and Media Services (BRMS) for IBM i 7.2, 7.3, and 7. ...)
+	TODO: check
+CVE-2023-38280 (IBM HMC (Hardware Management Console) 10.1.1010.0 and 10.2.1030.0 coul ...)
+	TODO: check
+CVE-2023-36955 (TOTOLINK CP300+ <=V5.2cu.7594_B20200910 was discovered to contain a st ...)
+	TODO: check
+CVE-2023-36954 (TOTOLINK CP300+ V5.2cu.7594_B20200910 and before is vulnerable to comm ...)
+	TODO: check
+CVE-2023-36953 (TOTOLINK CP300+ V5.2cu.7594_B20200910 and before is vulnerable to comm ...)
+	TODO: check
+CVE-2023-36952 (TOTOLINK CP300+ V5.2cu.7594_B20200910 was discovered to contain a stac ...)
+	TODO: check
+CVE-2023-36950 (TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.611 ...)
+	TODO: check
+CVE-2023-36947 (TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.611 ...)
+	TODO: check
+CVE-2023-36340 (TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a st ...)
+	TODO: check
+CVE-2023-35018 (IBM Security Verify Governance 10.0 could allow a privileged use to up ...)
+	TODO: check
+CVE-2023-35013 (IBM Security Verify Governance 10.0, Identity Manager could allow a lo ...)
+	TODO: check
+CVE-2023-33836 (IBM Security Verify Governance 10.0 contains hard-coded credentials, s ...)
+	TODO: check
+CVE-2022-48612 (A Universal Cross Site Scripting (UXSS) vulnerability in ClassLink One ...)
+	TODO: check
 CVE-2023-38312 (A directory traversal vulnerability in Valve Counter-Strike 8684 allow ...)
 	TODO: check
 CVE-2018-25091 (urllib3 before 1.24.2 does not remove the authorization HTTP header wh ...)
@@ -60997,12 +61065,12 @@ CVE-2023-21417
 	RESERVED
 CVE-2023-21416
 	RESERVED
-CVE-2023-21415
-	RESERVED
-CVE-2023-21414
-	RESERVED
-CVE-2023-21413
-	RESERVED
+CVE-2023-21415 (Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that ...)
+	TODO: check
+CVE-2023-21414 (NCC Group has found a flaw during the annual internal penetration test ...)
+	TODO: check
+CVE-2023-21413 (GoSecure on behalf of Genetec Inc. has found a flaw that allows for a  ...)
+	TODO: check
 CVE-2023-21412 (User provided input is not sanitized on the AXIS License Plate Verifie ...)
 	NOT-FOR-US: AXIS License Plate Verifier
 CVE-2023-21411 (User provided input is not sanitized in the \u201cSettings > Access Co ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1fd95aab3396af934cfaa6c4bfec7c15b3aebdb0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1fd95aab3396af934cfaa6c4bfec7c15b3aebdb0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231016/ed547e7a/attachment-0001.htm>
