[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Sep 20 09:12:33 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6a1878f0 by security tracker role at 2023-09-20T08:12:21+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,39 @@
+CVE-2023-5063 (The Widget Responsive for Youtube plugin for WordPress is vulnerable t ...)
+ TODO: check
+CVE-2023-5062 (The WordPress Charts plugin for WordPress is vulnerable to Stored Cros ...)
+ TODO: check
+CVE-2023-4088 (Incorrect Default Permissions vulnerability due to incomplete fix to a ...)
+ TODO: check
+CVE-2023-43621 (An issue was discovered in Croc through 9.6.5. The shared secret, loca ...)
+ TODO: check
+CVE-2023-43620 (An issue was discovered in Croc through 9.6.5. A sender may place ANSI ...)
+ TODO: check
+CVE-2023-43619 (An issue was discovered in Croc through 9.6.5. A sender may send dange ...)
+ TODO: check
+CVE-2023-43618 (An issue was discovered in Croc through 9.6.5. The protocol requires a ...)
+ TODO: check
+CVE-2023-43617 (An issue was discovered in Croc through 9.6.5. When a custom shared se ...)
+ TODO: check
+CVE-2023-43616 (An issue was discovered in Croc through 9.6.5. A sender can cause a re ...)
+ TODO: check
+CVE-2023-40934 (A SQL injection vulnerability in Nagios XI 5.11.1 and below allows aut ...)
+ TODO: check
+CVE-2023-40933 (A SQL injection vulnerability in Nagios XI v5.11.1 and below allows au ...)
+ TODO: check
+CVE-2023-40932 (A Cross-site scripting (XSS) vulnerability in Nagios XI version 5.11.1 ...)
+ TODO: check
+CVE-2023-40931 (A SQL injection vulnerability in Nagios XI from version 5.11.0 up to a ...)
+ TODO: check
+CVE-2023-39575 (A reflected cross-site scripting (XSS) vulnerability in the url_str UR ...)
+ TODO: check
+CVE-2023-38888 (Cross Site Scripting vulnerability in Dolibarr ERP CRM v.17.0.1 and be ...)
+ TODO: check
+CVE-2023-38887 (File Upload vulnerability in Dolibarr ERP CRM v.17.0.1 and before allo ...)
+ TODO: check
+CVE-2023-38886 (An issue in Dolibarr ERP CRM v.17.0.1 and before allows a remote privi ...)
+ TODO: check
+CVE-2023-36319 (File Upload vulnerability in Openupload Stable v.0.4.3 allows a remote ...)
+ TODO: check
CVE-2023-4376 (The Serial Codes Generator and Validator with WooCommerce Support Word ...)
NOT-FOR-US: WordPress plugin
CVE-2023-4096 (Weak password recovery mechanism vulnerability in Fujitsu Arconte \xc1 ...)
@@ -17525,22 +17561,22 @@ CVE-2023-31017
RESERVED
CVE-2023-31016
RESERVED
-CVE-2023-31015
- RESERVED
-CVE-2023-31014
- RESERVED
-CVE-2023-31013
- RESERVED
-CVE-2023-31012
- RESERVED
-CVE-2023-31011
- RESERVED
-CVE-2023-31010
- RESERVED
-CVE-2023-31009
- RESERVED
-CVE-2023-31008
- RESERVED
+CVE-2023-31015 (NVIDIA DGX H100 BMC contains a vulnerability in the REST service where ...)
+ TODO: check
+CVE-2023-31014 (NVIDIA GeForce Now for Android contains a vulnerability in the game la ...)
+ TODO: check
+CVE-2023-31013 (NVIDIA DGX H100 BMC contains a vulnerability in the REST service, wher ...)
+ TODO: check
+CVE-2023-31012 (NVIDIA DGX H100 BMC contains a vulnerability in the REST service where ...)
+ TODO: check
+CVE-2023-31011 (NVIDIA DGX H100 BMC contains a vulnerability in the REST service where ...)
+ TODO: check
+CVE-2023-31010 (NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacke ...)
+ TODO: check
+CVE-2023-31009 (NVIDIA DGX H100 BMC contains a vulnerability in the REST service, wher ...)
+ TODO: check
+CVE-2023-31008 (NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacke ...)
+ TODO: check
CVE-2023-31007 (Improper Authentication vulnerability in Apache Software Foundation Ap ...)
NOT-FOR-US: Apache Pulsar
CVE-2023-31006
@@ -18166,8 +18202,7 @@ CVE-2023-2165
RESERVED
CVE-2023-2164 (An issue has been discovered in GitLab affecting all versions starting ...)
- gitlab <unfixed>
-CVE-2023-2163 [bpf: Fix incorrect verifier pruning due to missing register precision taints]
- RESERVED
+CVE-2023-2163 (Incorrect verifier pruningin BPF in Linux Kernel>=5.4leads to unsafe c ...)
- linux 6.1.27-1
[bullseye] - linux 5.10.179-1
[buster] - linux <not-affected> (Vulnerable code not present)
@@ -32400,8 +32435,8 @@ CVE-2023-26146
RESERVED
CVE-2023-26145
RESERVED
-CVE-2023-26144
- RESERVED
+CVE-2023-26144 (Versions of the package graphql from 16.3.0 and before 16.8.1 are vuln ...)
+ TODO: check
CVE-2023-26143 (Versions of the package blamer before 1.0.4 are vulnerable to Arbitrar ...)
TODO: check
CVE-2023-26142 (All versions of the package crow are vulnerable to HTTP Response Split ...)
@@ -34637,26 +34672,26 @@ CVE-2023-XXXX [RUSTSEC-2023-0005]
[bullseye] - rust-tokio <not-affected> (Vulnerable code not present)
NOTE: https://rustsec.org/advisories/RUSTSEC-2023-0005.html
NOTE: https://github.com/tokio-rs/tokio/issues/5372
-CVE-2023-25534
- RESERVED
-CVE-2023-25533
- RESERVED
-CVE-2023-25532
- RESERVED
-CVE-2023-25531
- RESERVED
-CVE-2023-25530
- RESERVED
-CVE-2023-25529
- RESERVED
-CVE-2023-25528
- RESERVED
-CVE-2023-25527
- RESERVED
-CVE-2023-25526
- RESERVED
-CVE-2023-25525
- RESERVED
+CVE-2023-25534 (NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacke ...)
+ TODO: check
+CVE-2023-25533 (NVIDIA DGX H100 BMC contains a vulnerability in the web UI, where an a ...)
+ TODO: check
+CVE-2023-25532 (NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacke ...)
+ TODO: check
+CVE-2023-25531 (NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacke ...)
+ TODO: check
+CVE-2023-25530 (NVIDIA DGX H100 BMC contains a vulnerability in the KVM service, where ...)
+ TODO: check
+CVE-2023-25529 (NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, w ...)
+ TODO: check
+CVE-2023-25528 (NVIDIA DGX H100 baseboard management controller (BMC) contains a vulne ...)
+ TODO: check
+CVE-2023-25527 (NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, w ...)
+ TODO: check
+CVE-2023-25526 (NVIDIA Cumulus Linux contains a vulnerability in neighmgrd and nlmanag ...)
+ TODO: check
+CVE-2023-25525 (NVIDIA Cumulus Linux contains a vulnerability in forwarding where a Vx ...)
+ TODO: check
CVE-2023-25524 (NVIDIA Omniverse Workstation Launcher for Windows and Linux contains a ...)
NOT-FOR-US: NVIDIA
CVE-2023-25523 (NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in ...)
@@ -46797,12 +46832,12 @@ CVE-2022-47564
RESERVED
CVE-2022-47563
RESERVED
-CVE-2022-47562
- RESERVED
-CVE-2022-47561
- RESERVED
-CVE-2022-47560
- RESERVED
+CVE-2022-47562 (Vulnerability in the RCPbind service running on UDP port (111), allowi ...)
+ TODO: check
+CVE-2022-47561 (The web application stores credentials in clear text in the "admin.xml ...)
+ TODO: check
+CVE-2022-47560 (The lack of web request control on ekorCCP and ekorRCI devices allows ...)
+ TODO: check
CVE-2022-47559 (Lack of device control over web requests in ekorCCP and ekorRCI, allow ...)
TODO: check
CVE-2022-47558 (Devices ekorCCP and ekorRCI are vulnerable due to access to the FTP se ...)
@@ -219242,8 +219277,8 @@ CVE-2020-24091
RESERVED
CVE-2020-24090
RESERVED
-CVE-2020-24089
- RESERVED
+CVE-2020-24089 (An issue was discovered in ImfHpRegFilter.sys in IOBit Malware Fighter ...)
+ TODO: check
CVE-2020-24088 (An issue was discovered in MmMapIoSpace routine in Foxconn Live Update ...)
NOT-FOR-US: Foxconn
CVE-2020-24087
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a1878f0cfdaf9e0741d067d02848cfc90e34724
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a1878f0cfdaf9e0741d067d02848cfc90e34724
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230920/d15d353e/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list