[Git][security-tracker-team/security-tracker][master] automatic update

Sun Sep 3 21:12:26 BST 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b2341219 by security tracker role at 2023-09-03T20:12:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,44 @@
-CVE-2023-41180
+CVE-2023-4751 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1 ...)
+	TODO: check
+CVE-2023-4740 (A vulnerability, which was classified as critical, was found in IBOS O ...)
+	TODO: check
+CVE-2023-4739 (A vulnerability, which was classified as critical, has been found in B ...)
+	TODO: check
+CVE-2023-3703 (Proscend Advice ICR Series routers FW version 1.76- CWE-1392: Use of D ...)
+	TODO: check
+CVE-2023-39374 (ForeScout NAC SecureConnector version 11.2 -CWE-427: Uncontrolled Sear ...)
+	TODO: check
+CVE-2023-39373 (A Hyundai model (2017) - CWE-294: Authentication Bypass by Capture-rep ...)
+	TODO: check
+CVE-2023-39372 (StarTrinity Softswitch version 2023-02-16 -Multiple CSRF (CWE-352))
+	TODO: check
+CVE-2023-39371 (StarTrinity Softswitch version 2023-02-16 -Open Redirect (CWE-601))
+	TODO: check
+CVE-2023-39370 (StarTrinity Softswitch version 2023-02-16 -Persistent XSS (CWE-79))
+	TODO: check
+CVE-2023-39369 (StarTrinity Softswitch version 2023-02-16- Multiple Reflected XSS (CWE ...)
+	TODO: check
+CVE-2023-38521 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Exif ...)
+	TODO: check
+CVE-2023-38518 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Visu ...)
+	TODO: check
+CVE-2023-38517 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Real ...)
+	TODO: check
+CVE-2023-38516 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
+	TODO: check
+CVE-2023-38482 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Qual ...)
+	TODO: check
+CVE-2023-38476 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Suit ...)
+	TODO: check
+CVE-2023-38387 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Elas ...)
+	TODO: check
+CVE-2023-37222 (Farsight Tech Nordic AB ProVide version 14.5- Multiple XSS vulnerabili ...)
+	TODO: check
+CVE-2023-37221 (7Twenty BOT - CWE-79: Improper Neutralization of Input During Web Page ...)
+	TODO: check
+CVE-2023-37220 (Synel Terminals - CWE-494: Download of Code Without Integrity Check)
+	TODO: check
+CVE-2023-41180 (Incorrect certificate validation in InvokeHTTP on Apache NiFi MiNiFi C ...)
 	NOT-FOR-US: Apache NiFi
 CVE-2023-4738 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1 ...)
 	- vim <unfixed>
@@ -714,7 +754,7 @@ CVE-2023-4585
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4585
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-38/#CVE-2023-4585
 CVE-2023-4584
-	{DSA-5485-1 DLA-3553-1}
+	{DSA-5488-1 DSA-5485-1 DLA-3553-1}
 	- firefox-esr 115.2.0esr-1
 	- firefox 117.0-1
 	- thunderbird 1:115.2.0-1
@@ -744,7 +784,7 @@ CVE-2023-4582
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4582
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-38/#CVE-2023-4582
 CVE-2023-4581
-	{DSA-5485-1 DLA-3553-1}
+	{DSA-5488-1 DSA-5485-1 DLA-3553-1}
 	- firefox-esr 115.2.0esr-1
 	- firefox 117.0-1
 	- thunderbird 1:115.2.0-1
@@ -804,7 +844,7 @@ CVE-2023-4576
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4576
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-38/#CVE-2023-4576
 CVE-2023-4575
-	{DSA-5485-1 DLA-3553-1}
+	{DSA-5488-1 DSA-5485-1 DLA-3553-1}
 	- firefox-esr 115.2.0esr-1
 	- firefox 117.0-1
 	- thunderbird 1:115.2.0-1
@@ -813,7 +853,7 @@ CVE-2023-4575
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4575
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-38/#CVE-2023-4575
 CVE-2023-4574
-	{DSA-5485-1 DLA-3553-1}
+	{DSA-5488-1 DSA-5485-1 DLA-3553-1}
 	- firefox-esr 115.2.0esr-1
 	- firefox 117.0-1
 	- thunderbird 1:115.2.0-1
@@ -822,7 +862,7 @@ CVE-2023-4574
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4574
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-38/#CVE-2023-4574
 CVE-2023-4573
-	{DSA-5485-1 DLA-3553-1}
+	{DSA-5488-1 DSA-5485-1 DLA-3553-1}
 	- firefox-esr 115.2.0esr-1
 	- firefox 117.0-1
 	- thunderbird 1:115.2.0-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b234121994c2f7f2312b963fbfbfac8cd470bed1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b234121994c2f7f2312b963fbfbfac8cd470bed1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230903/c712bcfe/attachment.htm>
