[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Oct 21 09:12:18 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5f829ba2 by security tracker role at 2023-10-21T08:12:04+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,79 @@
+CVE-2023-5684 (A vulnerability was found in Beijing Baichuo Smart S85F Management Pla ...)
+	TODO: check
+CVE-2023-5683 (A vulnerability was found in Beijing Baichuo Smart S85F Management Pla ...)
+	TODO: check
+CVE-2023-5682 (A vulnerability has been found in Tongda OA 2017 and classified as cri ...)
+	TODO: check
+CVE-2023-5681 (A vulnerability, which was classified as critical, was found in Netent ...)
+	TODO: check
+CVE-2023-5205 (The Add Custom Body Class plugin for WordPress is vulnerable to Stored ...)
+	TODO: check
+CVE-2023-5132 (The Soisy Pagamento Rateale plugin for WordPress is vulnerable to unau ...)
+	TODO: check
+CVE-2023-4939 (The SALESmanago plugin for WordPress is vulnerable to Log Injection in ...)
+	TODO: check
+CVE-2023-4635 (The EventON plugin for WordPress is vulnerable to Reflected Cross-Site ...)
+	TODO: check
+CVE-2023-46055 (An issue in ThingNario Photon v.1.0 allows a remote attacker to execut ...)
+	TODO: check
+CVE-2023-46054 (Cross Site Scripting (XSS) vulnerability in WBCE CMS v.1.6.1 and befor ...)
+	TODO: check
+CVE-2023-46003 (I-doit pro 25 and below is vulnerable to Cross Site Scripting (XSS) vi ...)
+	TODO: check
+CVE-2023-45682 (stb_vorbis is a single file MIT licensed library for processing ogg vo ...)
+	TODO: check
+CVE-2023-45681 (stb_vorbis is a single file MIT licensed library for processing ogg vo ...)
+	TODO: check
+CVE-2023-45680 (stb_vorbis is a single file MIT licensed library for processing ogg vo ...)
+	TODO: check
+CVE-2023-45679 (stb_vorbis is a single file MIT licensed library for processing ogg vo ...)
+	TODO: check
+CVE-2023-45678 (stb_vorbis is a single file MIT licensed library for processing ogg vo ...)
+	TODO: check
+CVE-2023-45677 (stb_vorbis is a single file MIT licensed library for processing ogg vo ...)
+	TODO: check
+CVE-2023-45676 (stb_vorbis is a single file MIT licensed library for processing ogg vo ...)
+	TODO: check
+CVE-2023-45675 (stb_vorbis is a single file MIT licensed library for processing ogg vo ...)
+	TODO: check
+CVE-2023-45667 (stb_image is a single file MIT licensed library for processing images. ...)
+	TODO: check
+CVE-2023-45666 (stb_image is a single file MIT licensed library for processing images. ...)
+	TODO: check
+CVE-2023-45664 (stb_image is a single file MIT licensed library for processing images. ...)
+	TODO: check
+CVE-2023-45663 (stb_image is a single file MIT licensed library for processing images. ...)
+	TODO: check
+CVE-2023-45662 (stb_image is a single file MIT licensed library for processing images. ...)
+	TODO: check
+CVE-2023-45661 (stb_image is a single file MIT licensed library for processing images. ...)
+	TODO: check
+CVE-2023-43357 (Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a  ...)
+	TODO: check
+CVE-2023-43356 (Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a  ...)
+	TODO: check
+CVE-2023-43355 (Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a  ...)
+	TODO: check
+CVE-2023-43354 (Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a  ...)
+	TODO: check
+CVE-2023-43353 (Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a  ...)
+	TODO: check
+CVE-2023-43346 (Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6 ...)
+	TODO: check
+CVE-2023-38194 (An issue was discovered in SuperWebMailer 9.00.0.01710. It allows keep ...)
+	TODO: check
+CVE-2023-38193 (An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Remo ...)
+	TODO: check
+CVE-2023-38192 (An issue was discovered in SuperWebMailer 9.00.0.01710. It allows supe ...)
+	TODO: check
+CVE-2023-38191 (An issue was discovered in SuperWebMailer 9.00.0.01710. It allows spam ...)
+	TODO: check
+CVE-2023-38190 (An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Expo ...)
+	TODO: check
+CVE-2023-32786 (In Langchain through 0.0.155, prompt injection allows an attacker to f ...)
+	TODO: check
+CVE-2023-32785 (In Langchain through 0.0.155, prompt injection allows execution of arb ...)
+	TODO: check
 CVE-2023-5690 (Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa ...)
 	NOT-FOR-US: Modoboa
 CVE-2023-5689 (Cross-site Scripting (XSS) - DOM in GitHub repository modoboa/modoboa  ...)
@@ -577,7 +653,7 @@ CVE-2023-39276 (SonicOS post-authentication stack-based buffer overflow vulnerab
 	NOT-FOR-US: SonicOS
 CVE-2023-38552 (When the Node.js policy feature checks the integrity of a resource aga ...)
 	TODO: check
-CVE-2023-36321 (Connected Vehicle Systems Alliance (COVESA) up to v2.18.8 wwas discove ...)
+CVE-2023-36321 (Connected Vehicle Systems Alliance (COVESA) up to v2.18.8 was discover ...)
 	TODO: check
 CVE-2023-35084 (Unsafe Deserialization of User Input could lead to Execution of Unauth ...)
 	NOT-FOR-US: Ivanti
@@ -34036,7 +34112,7 @@ CVE-2023-27540 (IBM Watson CP4D Data Stores 4.6.0 does not properly allocate res
 	NOT-FOR-US: IBM
 CVE-2023-1165 (A vulnerability was found in Zhong Bang CRMEB Java 1.3.4. It has been  ...)
 	NOT-FOR-US: Zhong Bang CRMEB Java
-CVE-2023-1164 (A vulnerability was found in KylinSoft kylin-activation and classified ...)
+CVE-2023-1164 (A vulnerability was found in KylinSoft kylin-activation on KylinOS and ...)
 	NOT-FOR-US: KylinSoft
 CVE-2023-1163 (A vulnerability has been found in DrayTek Vigor 2960 1.5.1.4 and class ...)
 	NOT-FOR-US: DrayTek Vigor 2960
@@ -36705,7 +36781,7 @@ CVE-2023-1006 (A vulnerability was found in SourceCodester Medical Certificate G
 	NOT-FOR-US: SourceCodester Medical Certificate Generator App
 CVE-2023-1005 (A vulnerability was found in JP1016 Markdown-Electron and classified a ...)
 	NOT-FOR-US: JP1016 Markdown-Electron
-CVE-2023-1004 (A vulnerability has been found in MarkText up to 0.17.1 and classified ...)
+CVE-2023-1004 (A vulnerability has been found in MarkText up to 0.17.1 on Windows and ...)
 	NOT-FOR-US: MarkText
 CVE-2023-1003 (A vulnerability, which was classified as critical, was found in Typora ...)
 	NOT-FOR-US: Typora



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5f829ba2de81801d3065f037db3f2e3062ec757a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5f829ba2de81801d3065f037db3f2e3062ec757a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231021/771c0672/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list