[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ec11c018 by security tracker role at 2024-01-16T08:11:56+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,57 @@
+CVE-2024-22428 (Dell iDRAC Service Module, versions 5.2.0.0 and prior, contain an Inco ...)
+	TODO: check
+CVE-2024-22362 (Drupal contains a vulnerability with improper handling of structural e ...)
+	TODO: check
+CVE-2024-21674 (This High severity Remote Code Execution (RCE) vulnerability was intro ...)
+	TODO: check
+CVE-2024-21673 (This High severity Remote Code Execution (RCE) vulnerability was intro ...)
+	TODO: check
+CVE-2024-21672 (This High severity Remote Code Execution (RCE) vulnerability was intro ...)
+	TODO: check
+CVE-2023-7206 (In Horner Automation Cscape versions 9.90 SP10 and prior, local attack ...)
+	TODO: check
+CVE-2023-6457 (Incorrect Default Permissions vulnerability in Hitachi Tuning Manager  ...)
+	TODO: check
+CVE-2023-52113 (launchAnyWhere vulnerability in the ActivityManagerService module. Suc ...)
+	TODO: check
+CVE-2023-52112 (Unauthorized file access vulnerability in the wallpaper service module ...)
+	TODO: check
+CVE-2023-52111 (Authorization vulnerability in the BootLoader module. Successful explo ...)
+	TODO: check
+CVE-2023-52110 (The sensor module has an out-of-bounds access vulnerability.Successful ...)
+	TODO: check
+CVE-2023-52109 (Vulnerability of trust relationships being inaccurate in distributed s ...)
+	TODO: check
+CVE-2023-51810 (SQL injection vulnerability in StackIdeas EasyDiscuss v.5.0.5 and fixe ...)
+	TODO: check
+CVE-2023-51282 (An issue in mingSoft MCMS v.5.2.4 allows a a remote attacker to obtain ...)
+	TODO: check
+CVE-2023-51257 (An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and be ...)
+	TODO: check
+CVE-2023-51059 (An issue in MOKO TECHNOLOGY LTD MOKOSmart MKGW1 BLE Gateway v.1.1.1 an ...)
+	TODO: check
+CVE-2023-4566 (Vulnerability of trust relationships being inaccurate in distributed s ...)
+	TODO: check
+CVE-2023-49107 (Generation of Error Message Containing Sensitive Information vulnerabi ...)
+	TODO: check
+CVE-2023-49106 (Missing Password Field Masking vulnerability in Hitachi Device Manager ...)
+	TODO: check
+CVE-2023-48104 (Alinto SOGo 5.8.0 is vulnerable to HTML Injection.)
+	TODO: check
+CVE-2023-47460 (SQL injection vulnerability in Knovos Discovery v.22.67.0 allows a rem ...)
+	TODO: check
+CVE-2023-47459 (An issue in Knovos Discovery v.22.67.0 allows a remote attacker to obt ...)
+	TODO: check
+CVE-2023-44117 (Vulnerability of trust relationships being inaccurate in distributed s ...)
+	TODO: check
+CVE-2023-44112 (Out-of-bounds access vulnerability in the device authentication module ...)
+	TODO: check
+CVE-2023-43449 (An issue in HummerRisk HummerRisk v.1.10 thru 1.4.1 allows an authenti ...)
+	TODO: check
+CVE-2023-41619 (Emlog Pro v2.1.14 was discovered to contain a cross-site scripting (XS ...)
+	TODO: check
+CVE-2011-10005 (A vulnerability, which was classified as critical, was found in EasyFT ...)
+	TODO: check
 CVE-2024-22207 (fastify-swagger-ui is a Fastify plugin for serving Swagger UI.  Prior  ...)
 	TODO: check
 CVE-2024-20721 (Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier are a ...)
@@ -65261,10 +65315,10 @@ CVE-2023-22529
 	RESERVED
 CVE-2023-22528
 	RESERVED
-CVE-2023-22527
-	RESERVED
-CVE-2023-22526
-	RESERVED
+CVE-2023-22527 (Summary of Vulnerability A template injection vulnerability on older v ...)
+	TODO: check
+CVE-2023-22526 (This High severity RCE (Remote Code Execution) vulnerability was intro ...)
+	TODO: check
 CVE-2023-22525
 	RESERVED
 CVE-2023-22524 (Certain versions of the Atlassian Companion App for MacOS were affecte ...)
@@ -109472,7 +109526,7 @@ CVE-2022-34366 (Dell SupportAssist for Home PCs (version 3.11.2 and prior) conta
 	NOT-FOR-US: Dell
 CVE-2022-34365 (WMS 3.7 contains a Path Traversal Vulnerability in Device API. An atta ...)
 	NOT-FOR-US: Dell
-CVE-2022-34364 (Dell BSAFE SSL-J when used in debug mode can reveal unnecessary inform ...)
+CVE-2022-34364 (Dell BSAFE SSL-J, versions before 6.5 and version 7.0 contain a debug  ...)
 	NOT-FOR-US: Dell
 CVE-2022-34363
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ec11c018d1bfc66f012916a808e20dd72852a7a7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ec11c018d1bfc66f012916a808e20dd72852a7a7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240116/50deae34/attachment-0001.htm>