[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Sep 27 21:13:00 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3df0b338 by security tracker role at 2023-09-27T20:12:42+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,139 @@
+CVE-2023-5223 (A vulnerability, which was classified as critical, has been found in H ...)
+ TODO: check
+CVE-2023-5222 (A vulnerability classified as critical was found in Viessmann Vitogate ...)
+ TODO: check
+CVE-2023-5221 (A vulnerability classified as critical has been found in ForU CMS. Thi ...)
+ TODO: check
+CVE-2023-5184 (Two potential signed to unsigned conversion errors and buffer overflow ...)
+ TODO: check
+CVE-2023-4523 (Real Time Automation 460 Series products with versions prior to v8.9.8 ...)
+ TODO: check
+CVE-2023-4129 (Dell Data Protection Central, version 19.9, contains an Inadequate Enc ...)
+ TODO: check
+CVE-2023-4003 (One Identity Password Manager version 5.9.7.1 -An unauthenticated atta ...)
+ TODO: check
+CVE-2023-44207 (Stored cross-site scripting (XSS) vulnerability in protection plan nam ...)
+ TODO: check
+CVE-2023-44206 (Sensitive information disclosure and manipulation due to improper auth ...)
+ TODO: check
+CVE-2023-44205 (Sensitive information disclosure due to improper authorization. The fo ...)
+ TODO: check
+CVE-2023-44161 (Sensitive information manipulation due to cross-site request forgery. ...)
+ TODO: check
+CVE-2023-44160 (Sensitive information manipulation due to cross-site request forgery. ...)
+ TODO: check
+CVE-2023-44159 (Sensitive information disclosure due to cleartext storage of sensitive ...)
+ TODO: check
+CVE-2023-44158 (Sensitive information disclosure due to insufficient token field maski ...)
+ TODO: check
+CVE-2023-44157 (Local privilege escalation due to insecure folder permissions. The fol ...)
+ TODO: check
+CVE-2023-44156 (Sensitive information disclosure due to spell-jacking. The following p ...)
+ TODO: check
+CVE-2023-44155 (Sensitive information leak through log files. The following products a ...)
+ TODO: check
+CVE-2023-44154 (Sensitive information disclosure and manipulation due to improper auth ...)
+ TODO: check
+CVE-2023-44153 (Sensitive information disclosure due to cleartext storage of sensitive ...)
+ TODO: check
+CVE-2023-44152 (Sensitive information disclosure and manipulation due to improper auth ...)
+ TODO: check
+CVE-2023-44129 (The vulnerability is that the Messaging ("com.android.mms") app patche ...)
+ TODO: check
+CVE-2023-44128 (he vulnerability is to delete arbitrary files in LGInstallService ("co ...)
+ TODO: check
+CVE-2023-44127 (he vulnerability is that the Call management ("com.android.server.tele ...)
+ TODO: check
+CVE-2023-44126 (The vulnerability is that the Call management ("com.android.server.tel ...)
+ TODO: check
+CVE-2023-44125 (The vulnerability is the use of implicit PendingIntents without the Pe ...)
+ TODO: check
+CVE-2023-44124 (The vulnerability is to theft of arbitrary files with system privilege ...)
+ TODO: check
+CVE-2023-44123 (The vulnerability is the use of implicit PendingIntents with the Pendi ...)
+ TODO: check
+CVE-2023-44122 (The vulnerability is to theft of arbitrary files with system privilege ...)
+ TODO: check
+CVE-2023-44121 (The vulnerability is an intent redirection in LG ThinQ Service ("com.l ...)
+ TODO: check
+CVE-2023-44048 (Sourcecodester Expense Tracker App v1 is vulnerable to Cross Site Scri ...)
+ TODO: check
+CVE-2023-44047 (Sourcecodester Toll Tax Management System v1 is vulnerable to SQL Inje ...)
+ TODO: check
+CVE-2023-44023 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
+ TODO: check
+CVE-2023-44022 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
+ TODO: check
+CVE-2023-44021 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
+ TODO: check
+CVE-2023-44020 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
+ TODO: check
+CVE-2023-44019 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
+ TODO: check
+CVE-2023-44018 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
+ TODO: check
+CVE-2023-44017 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
+ TODO: check
+CVE-2023-44016 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
+ TODO: check
+CVE-2023-44015 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
+ TODO: check
+CVE-2023-44014 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
+ TODO: check
+CVE-2023-44013 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
+ TODO: check
+CVE-2023-43830 (A Cross-site scripting (XSS) vulnerability in /panel/configuration/fin ...)
+ TODO: check
+CVE-2023-43828 (A Cross-site scripting (XSS) vulnerability in /panel/languages/ of Sub ...)
+ TODO: check
+CVE-2023-43652 (JumpServer is an open source bastion host. As an unauthenticated user, ...)
+ TODO: check
+CVE-2023-43650 (JumpServer is an open source bastion host. The verification code for r ...)
+ TODO: check
+CVE-2023-43125 (BIG-IP APM clients may send IP traffic outside of the VPN tunnel. Note ...)
+ TODO: check
+CVE-2023-43124 (BIG-IP APM clients may send IP traffic outside of the VPN tunnel.Note: ...)
+ TODO: check
+CVE-2023-42822 (xrdp is an open source remote desktop protocol server. Access to the f ...)
+ TODO: check
+CVE-2023-42657 (In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a directory traver ...)
+ TODO: check
+CVE-2023-42487 (Soundminer \u2013 CWE-22: Improper Limitation of a Pathname to a Restr ...)
+ TODO: check
+CVE-2023-42486 (Fortect - CWE-428: Unquoted Search Path or Element, may be used by loc ...)
+ TODO: check
+CVE-2023-41653 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Beplus S ...)
+ TODO: check
+CVE-2023-41242 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Hass ...)
+ TODO: check
+CVE-2023-41241 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sure ...)
+ TODO: check
+CVE-2023-41238 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ultimate ...)
+ TODO: check
+CVE-2023-41237 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest ...)
+ TODO: check
+CVE-2023-41236 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Happy ad ...)
+ TODO: check
+CVE-2023-41235 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest ...)
+ TODO: check
+CVE-2023-40333 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Qode Int ...)
+ TODO: check
+CVE-2023-40049 (In WS_FTP Server version prior to 8.8.2, an unauthenticated user cou ...)
+ TODO: check
+CVE-2023-40048 (In WS_FTP Server version prior to 8.8.2, the WS_FTP Server Manager i ...)
+ TODO: check
+CVE-2023-40047 (In WS_FTP Server version prior to 8.8.2,a stored cross-site scripting ...)
+ TODO: check
+CVE-2023-40046 (In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a SQL injection ...)
+ TODO: check
+CVE-2023-40045 (In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a reflected cros ...)
+ TODO: check
+CVE-2023-40044 (In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticate ...)
+ TODO: check
+CVE-2023-33972 (Scylladb is a NoSQL data store using the seastar framework, compatible ...)
+ TODO: check
+CVE-2023-32458 (Dell AppSync, versions 4.4.0.0 to 4.6.0.0 including Service Pack relea ...)
+ TODO: check
CVE-2023-XXXX [code execution via malformed XTGETTCAP]
- foot 1.15.3-2 (bug #1053115)
[bookworm] - foot <no-dsa> (Minor issue)
@@ -5,7 +141,7 @@ CVE-2023-XXXX [code execution via malformed XTGETTCAP]
NOTE: https://codeberg.org/dnkl/foot/commit/8a5f2915e9d327d1517d1da49ce7e2303fe61d36
CVE-2023-5183 (Unsafe deserialization of untrusted JSON allows execution of arbitrary ...)
NOT-FOR-US: Illumio
-CVE-2023-4934 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+CVE-2023-4934 (Authorization Bypass Through User-Controlled Key vulnerability in Usta ...)
NOT-FOR-US: Usta" AYBS
CVE-2023-4737 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: Hedef Tracking Admin Panel
@@ -351,39 +487,39 @@ CVE-2023-34043 (VMware Aria Operations contains a local privilege escalation vul
NOT-FOR-US: VMware
CVE-2023-32541 (A use-after-free vulnerability exists in the footerr functionality of ...)
NOT-FOR-US: Hancom Office 2020 HWord
-CVE-2023-5176
+CVE-2023-5176 (Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thun ...)
- firefox 118.0-1
- firefox-esr 115.3.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/#CVE-2023-5176
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-42/#CVE-2023-5176
-CVE-2023-5175
+CVE-2023-5175 (During process shutdown, it was possible that an `ImageBitmap` was cre ...)
- firefox 118.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/#CVE-2023-5175
-CVE-2023-5174
+CVE-2023-5174 (If Windows failed to duplicate a handle during process creation, the s ...)
- firefox <not-affected> (Only affects Firefox on Windows)
- firefox-esr <not-affected> (Only affects Firefox ESR on Windows)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/#CVE-2023-5174
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-42/#CVE-2023-5174
-CVE-2023-5173
+CVE-2023-5173 (In a non-standard configuration of Firefox, an integer overflow could ...)
- firefox 118.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/#CVE-2023-5173
-CVE-2023-5172
+CVE-2023-5172 (A hashtable in the Ion Engine could have been mutated while there was ...)
- firefox 118.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/#CVE-2023-5172
-CVE-2023-5171
+CVE-2023-5171 (During Ion compilation, a Garbage Collection could have resulted in a ...)
- firefox 118.0-1
- firefox-esr 115.3.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/#CVE-2023-5171
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-42/#CVE-2023-5171
-CVE-2023-5170
+CVE-2023-5170 (In canvas rendering, a compromised content process could have caused a ...)
- firefox 118.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/#CVE-2023-5170
-CVE-2023-5169
+CVE-2023-5169 (A compromised content process could have provided malicious data in a ...)
- firefox 118.0-1
- firefox-esr 115.3.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/#CVE-2023-5169
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-42/#CVE-2023-5169
-CVE-2023-5168
+CVE-2023-5168 (A compromised content process could have provided malicious data to `F ...)
- firefox 118.0-1
- firefox-esr 115.3.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/#CVE-2023-5168
@@ -2049,7 +2185,7 @@ CVE-2023-4900 (Inappropriate implementation in Custom Tabs in Google Chrome on A
{DSA-5499-1}
- chromium 117.0.5938.62-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-4863 (Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 ...)
+CVE-2023-4863 (Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.1 ...)
{DSA-5497-2 DSA-5498-1 DSA-5497-1 DSA-5496-1 DLA-3570-1 DLA-3569-1 DLA-3568-1}
- chromium 117.0.5938.62-1 (unimportant)
[buster] - chromium <end-of-life> (see DSA 5046)
@@ -6559,7 +6695,7 @@ CVE-2023-33934 (Improper Input Validation vulnerability in Apache Software Found
NOTE: https://lists.apache.org/thread/jsl6dfdgs1mjjo1mbtyflyjr7xftswhc
CVE-2023-2905 (Due to a failure in validating the length of a provided MQTT_CMD_PUBLI ...)
NOT-FOR-US: Cesanta Mongoose
-CVE-2023-3223
+CVE-2023-3223 (A flaw was found in undertow. Servlets annotated with @MultipartConfig ...)
- undertow <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2209689
CVE-2023-4219 (A vulnerability was found in SourceCodester Doctors Appointment System ...)
@@ -20487,8 +20623,8 @@ CVE-2023-30495
RESERVED
CVE-2023-30494 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ImageRec ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-30493
- RESERVED
+CVE-2023-30493 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Themefic ...)
+ TODO: check
CVE-2023-30492
RESERVED
CVE-2023-30491 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CodeBard ...)
@@ -20529,8 +20665,8 @@ CVE-2023-30474 (Cross-Site Request Forgery (CSRF) vulnerability in Kilian Evang
NOT-FOR-US: Kilian Evang Ultimate Noindex Nofollow
CVE-2023-30473 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Maxim Gl ...)
NOT-FOR-US: WordPress Plugin
-CVE-2023-30472
- RESERVED
+CVE-2023-30472 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in MyThemeS ...)
+ TODO: check
CVE-2023-30471 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cornel R ...)
TODO: check
CVE-2023-30470 (A use-after-free related to unsound inference in the bytecode generati ...)
@@ -34610,8 +34746,8 @@ CVE-2023-0834 (Incorrect Permission Assignment for Critical Resource vulnerabili
NOT-FOR-US: HYPR Workforce Access on MacOS
CVE-2023-25181
RESERVED
-CVE-2023-0833
- RESERVED
+CVE-2023-0833 (A flaw was found in Red Hat's AMQ-Streams, which ships a version of th ...)
+ TODO: check
CVE-2023-0832 (The Under Construction plugin for WordPress is vulnerable to Cross-Sit ...)
NOT-FOR-US: Under Construction plugin for WordPress
CVE-2023-0831 (The Under Construction plugin for WordPress is vulnerable to Cross-Sit ...)
@@ -38990,8 +39126,7 @@ CVE-2023-22371 (An os command injection vulnerability exists in the liburvpn.so
NOT-FOR-US: MilesightVPN
CVE-2023-22315 (Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use a propri ...)
NOT-FOR-US: Snap One Wattbox WB-300-IP-3
-CVE-2023-0456
- RESERVED
+CVE-2023-0456 (A flaw was found in APICast, when 3Scale's OIDC module does not proper ...)
NOT-FOR-US: Red Hat 3scale API gateway
CVE-2023-0455 (Unrestricted Upload of File with Dangerous Type in GitHub repository u ...)
NOT-FOR-US: unilogies/bumsys
@@ -62082,8 +62217,8 @@ CVE-2023-20270
RESERVED
CVE-2023-20269 (A vulnerability in the remote access VPN feature of Cisco Adaptive Sec ...)
NOT-FOR-US: Cisco
-CVE-2023-20268
- RESERVED
+CVE-2023-20268 (A vulnerability in the packet processing functionality of Cisco access ...)
+ TODO: check
CVE-2023-20267
RESERVED
CVE-2023-20266 (A vulnerability in Cisco Emergency Responder, Cisco Unified Communicat ...)
@@ -62094,8 +62229,8 @@ CVE-2023-20264
RESERVED
CVE-2023-20263 (A vulnerability in the web-based management interface of Cisco HyperFl ...)
NOT-FOR-US: Cisco
-CVE-2023-20262
- RESERVED
+CVE-2023-20262 (A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager co ...)
+ TODO: check
CVE-2023-20261
RESERVED
CVE-2023-20260
@@ -62110,14 +62245,14 @@ CVE-2023-20256
RESERVED
CVE-2023-20255
RESERVED
-CVE-2023-20254
- RESERVED
-CVE-2023-20253
- RESERVED
-CVE-2023-20252
- RESERVED
-CVE-2023-20251
- RESERVED
+CVE-2023-20254 (A vulnerability in the session management system of the Cisco Catalyst ...)
+ TODO: check
+CVE-2023-20253 (A vulnerability in the command line interface (cli) management interfa ...)
+ TODO: check
+CVE-2023-20252 (A vulnerability in the Security Assertion Markup Language (SAML) APIs ...)
+ TODO: check
+CVE-2023-20251 (A vulnerability in the memory buffer of Cisco Wireless LAN Controller ...)
+ TODO: check
CVE-2023-20250 (A vulnerability in the web-based management interface of Cisco Small B ...)
NOT-FOR-US: Cisco
CVE-2023-20249
@@ -62156,24 +62291,24 @@ CVE-2023-20233 (A vulnerability in the Connectivity Fault Management (CFM) featu
NOT-FOR-US: Cisco
CVE-2023-20232 (A vulnerability in the Tomcat implementation for Cisco Unified Contact ...)
NOT-FOR-US: Cisco
-CVE-2023-20231
- RESERVED
+CVE-2023-20231 (A vulnerability in the web UI of Cisco IOS XE Software could allow an ...)
+ TODO: check
CVE-2023-20230 (A vulnerability in the restricted security domain implementation of Ci ...)
NOT-FOR-US: Cisco
CVE-2023-20229 (A vulnerability in the CryptoService function of Cisco Duo Device Heal ...)
NOT-FOR-US: Cisco
CVE-2023-20228 (A vulnerability in the web-based management interface of Cisco Integra ...)
NOT-FOR-US: Cisco
-CVE-2023-20227
- RESERVED
-CVE-2023-20226
- RESERVED
+CVE-2023-20227 (A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Ci ...)
+ TODO: check
+CVE-2023-20226 (A vulnerability in Application Quality of Experience (AppQoE) and Unif ...)
+ TODO: check
CVE-2023-20225
RESERVED
CVE-2023-20224 (A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Vir ...)
NOT-FOR-US: Cisco
-CVE-2023-20223
- RESERVED
+CVE-2023-20223 (A vulnerability in Cisco DNA Center could allow an unauthenticated, re ...)
+ TODO: check
CVE-2023-20222 (A vulnerability in the web-based management interface of Cisco Prime I ...)
NOT-FOR-US: Cisco
CVE-2023-20221 (A vulnerability in the web-based management interface of Cisco IP Phon ...)
@@ -62218,8 +62353,8 @@ CVE-2023-20204 (A vulnerability in the web-based management interface of Cisco B
NOT-FOR-US: Cisco
CVE-2023-20203 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
NOT-FOR-US: Cisco
-CVE-2023-20202
- RESERVED
+CVE-2023-20202 (A vulnerability in the Wireless Network Control daemon (wncd) of Cisco ...)
+ TODO: check
CVE-2023-20201 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
NOT-FOR-US: Cisco
CVE-2023-20200 (A vulnerability in the Simple Network Management Protocol (SNMP) servi ...)
@@ -62252,10 +62387,10 @@ CVE-2023-20189 (Multiple vulnerabilities in the web-based user interface of cert
NOT-FOR-US: Cisco
CVE-2023-20188 (A vulnerability in the web-based management interface of Cisco Small B ...)
NOT-FOR-US: Cisco
-CVE-2023-20187
- RESERVED
-CVE-2023-20186
- RESERVED
+CVE-2023-20187 (A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) featu ...)
+ TODO: check
+CVE-2023-20186 (A vulnerability in the Authentication, Authorization, and Accounting ( ...)
+ TODO: check
CVE-2023-20185 (A vulnerability in the Cisco ACI Multi-Site CloudSec encryption featur ...)
NOT-FOR-US: Cisco
CVE-2023-20184 (Multiple vulnerabilities in the API of Cisco DNA Center Software could ...)
@@ -62268,14 +62403,14 @@ CVE-2023-20181 (A vulnerability in the web-based management interface of Cisco S
NOT-FOR-US: Cisco
CVE-2023-20180 (A vulnerability in the web interface of Cisco Webex Meetings could all ...)
NOT-FOR-US: Cisco
-CVE-2023-20179
- RESERVED
+CVE-2023-20179 (A vulnerability in the web-based management interface of Cisco Catalys ...)
+ TODO: check
CVE-2023-20178 (A vulnerability in the client update process of Cisco AnyConnect Secur ...)
NOT-FOR-US: Cisco
CVE-2023-20177
RESERVED
-CVE-2023-20176
- RESERVED
+CVE-2023-20176 (A vulnerability in the networking component of Cisco access point (AP) ...)
+ TODO: check
CVE-2023-20175
RESERVED
CVE-2023-20174 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
@@ -62408,8 +62543,8 @@ CVE-2023-20111 (A vulnerability in the web-based management interface of Cisco I
NOT-FOR-US: Cisco
CVE-2023-20110 (A vulnerability in the web-based management interface of Cisco Smart S ...)
NOT-FOR-US: Cisco
-CVE-2023-20109
- RESERVED
+CVE-2023-20109 (A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) f ...)
+ TODO: check
CVE-2023-20108 (A vulnerability in the XCP Authentication Service of the Cisco Unified ...)
NOT-FOR-US: Cisco
CVE-2023-20107 (A vulnerability in the deterministic random bit generator (DRBG), also ...)
@@ -62561,10 +62696,10 @@ CVE-2023-20036
RESERVED
CVE-2023-20035 (A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow ...)
NOT-FOR-US: Cisco
-CVE-2023-20034
- RESERVED
-CVE-2023-20033
- RESERVED
+CVE-2023-20034 (Vulnerability in the Elasticsearch database used in the of Cisco SD-WA ...)
+ TODO: check
+CVE-2023-20033 (A vulnerability in Cisco IOS XE Software for Cisco Catalyst 3650 and C ...)
+ TODO: check
CVE-2023-20032 (On Feb 15, 2023, the following vulnerability in the ClamAV scanning li ...)
{DLA-3328-1}
- clamav 1.0.1+dfsg-1 (bug #1031509)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3df0b338641fa8904cf20dd9252b2e3b8d195370
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3df0b338641fa8904cf20dd9252b2e3b8d195370
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230927/c2a08e4a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list