[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Tue, 13 Jun 2023 01:12:39 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
cd7541e9 by security tracker role at 2023-06-13T08:12:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2023-33991 (SAP UI5 Variant Management - versions SAP_UI 750, SAP_UI 754, 
SAP_UI 7 ...)
+       TODO: check
+CVE-2023-33986 (SAP CRM ABAP (Grantor Management) - versions 700, 701, 702, 
712, 713,  ...)
+       TODO: check
+CVE-2023-33985 (SAP NetWeaver Enterprise Portal - version 7.50, does not 
sufficiently  ...)
+       TODO: check
+CVE-2023-33984 (SAP NetWeaver (Design Time Repository) - version 7.50, returns 
an unfa ...)
+       TODO: check
+CVE-2023-32674 (Certain versions of HP PC Hardware Diagnostics Windows are 
potentially ...)
+       TODO: check
+CVE-2023-32673 (Certain versions of HP PC Hardware Diagnostics Windows, HP 
Image Assis ...)
+       TODO: check
+CVE-2023-32221 (EaseUS Todo Backup version 20220111.390 - An omission during 
installat ...)
+       TODO: check
+CVE-2023-32220 (Milesight NCR/camera version 71.8.0.6-r5 allows authentication 
bypass  ...)
+       TODO: check
+CVE-2023-32219 (A Mazda model (2015-2016) can be unlocked via an unspecified 
method.)
+       TODO: check
+CVE-2023-32115 (An attacker can exploit MDS COMPARE TOOL and use specially 
crafted inp ...)
+       TODO: check
+CVE-2023-32114 (SAP NetWeaver (Change and Transport System) - versions 702, 
731, 740,  ...)
+       TODO: check
+CVE-2023-2876 (Sensitive Cookie Without 'HttpOnly' Flag vulnerability in ABB 
REX640 P ...)
+       TODO: check
+CVE-2023-2827 (SAP Plant Connectivity - version 15.5 (PCo) or the Production 
Connecto ...)
+       TODO: check
+CVE-2023-2729 (Use of insufficiently random values vulnerability in User 
Management F ...)
+       TODO: check
+CVE-2023-2673 (Improper Input Validation vulnerability in PHOENIX CONTACT 
FL/TC MGUAR ...)
+       TODO: check
+CVE-2023-2563 (The WordPress Contact Forms by Cimatti plugin for WordPress is 
vulnera ...)
+       TODO: check
+CVE-2023-2351 (The WP Directory Kit plugin for WordPress is vulnerable to 
unauthorize ...)
+       TODO: check
 CVE-2023-3212 [gfs2: Don't deref jdesc in evict]
        - linux 6.3.7-1
        NOTE: 
https://git.kernel.org/linus/504a10d9e46bc37b23d0a1ae2f28973c8516e636 (6.4-rc2)
@@ -1454,7 +1488,7 @@ CVE-2023-2961 (A segmentation fault flaw was found in the 
Advancecomp package. T
        NOTE: Crash in CLI tool, no security impact
 CVE-2023-2808 (Mattermost fails to normalize UTF confusable characters when 
determini ...)
        - mattermost-server <itp> (bug #823556)
-CVE-2023-2518 (The Easy Forms for Mailchimp WordPress plugin through 6.8.8 
does not s ...)
+CVE-2023-2518 (The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does 
not sa ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-2470 (The Add to Feedly WordPress plugin through 1.2.11 does not 
sanitize an ...)
        NOT-FOR-US: WordPress plugin
@@ -3946,10 +3980,10 @@ CVE-2023-2280 (The WP Directory Kit plugin for 
WordPress is vulnerable to unauth
        NOT-FOR-US: WordPress plugin
 CVE-2023-2279
        RESERVED
-CVE-2023-2278
-       RESERVED
-CVE-2023-2277
-       RESERVED
+CVE-2023-2278 (The WP Directory Kit plugin for WordPress is vulnerable to 
Local File  ...)
+       TODO: check
+CVE-2023-2277 (The WP Directory Kit plugin for WordPress is vulnerable to 
Cross-Site  ...)
+       TODO: check
 CVE-2023-2276 (The WCFM Membership \u2013 WooCommerce Memberships for 
Multivendor Mar ...)
        NOT-FOR-US: WCFM Membership &#8211; WooCommerce Memberships for 
Multivendor Marketplace plugin for WordPress
 CVE-2023-2275 (The WooCommerce Multivendor Marketplace \u2013 REST API plugin 
for Wor ...)
@@ -13808,7 +13842,7 @@ CVE-2023-1325 (The Easy Forms for Mailchimp WordPress 
plugin before 6.8.7 does n
        NOT-FOR-US: WordPress plugin
 CVE-2023-1324 (The Easy Forms for Mailchimp WordPress plugin before 6.8.8 does 
not sa ...)
        NOT-FOR-US: WordPress plugin
-CVE-2023-1323 (The Easy Forms for Mailchimp WordPress plugin through 6.8.8 
does not s ...)
+CVE-2023-1323 (The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does 
not sa ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-1322 (A vulnerability was found in lmxcms 1.41 and classified as 
critical. A ...)
        NOT-FOR-US: lmxcms
@@ -14859,8 +14893,8 @@ CVE-2023-27718 (D-Link DIR878 1.30B08 was discovered to 
contain a stack overflow
        NOT-FOR-US: D-Link
 CVE-2023-27717
        RESERVED
-CVE-2023-27716
-       RESERVED
+CVE-2023-27716 (An issue was discovered in freakchicken kafkaUI-lite 1.2.11 
allows att ...)
+       TODO: check
 CVE-2023-27715
        RESERVED
 CVE-2023-27714
@@ -18599,16 +18633,16 @@ CVE-2023-26300
        RESERVED
 CVE-2023-26299
        RESERVED
-CVE-2023-26298
-       RESERVED
-CVE-2023-26297
-       RESERVED
-CVE-2023-26296
-       RESERVED
-CVE-2023-26295
-       RESERVED
-CVE-2023-26294
-       RESERVED
+CVE-2023-26298 (Previous versions of HP Device Manager (prior to HPDM 5.0.10) 
could po ...)
+       TODO: check
+CVE-2023-26297 (Previous versions of HP Device Manager (prior to HPDM 5.0.10) 
could po ...)
+       TODO: check
+CVE-2023-26296 (Previous versions of HP Device Manager (prior to HPDM 5.0.10) 
could po ...)
+       TODO: check
+CVE-2023-26295 (Previous versions of HP Device Manager (prior to HPDM 5.0.10) 
could po ...)
+       TODO: check
+CVE-2023-26294 (Previous versions of HP Device Manager (prior to HPDM 5.0.10) 
could po ...)
+       TODO: check
 CVE-2023-0947 (Path Traversal in GitHub repository flatpressblog/flatpress 
prior to 1 ...)
        NOT-FOR-US: flatpressblog
 CVE-2023-0946 (A vulnerability has been found in SourceCodester Best POS 
Management S ...)
@@ -29013,8 +29047,8 @@ CVE-2023-0144 (The Event Manager and Tickets Selling 
Plugin for WooCommerce Word
        NOT-FOR-US: WordPress plugin
 CVE-2023-0143 (The Send PDF for Contact Form 7 WordPress plugin before 0.9.9.2 
does n ...)
        NOT-FOR-US: WordPress plugin
-CVE-2023-0142
-       RESERVED
+CVE-2023-0142 (Uncontrolled search path element vulnerability in Backup 
Management Fu ...)
+       TODO: check
 CVE-2023-0141 (Insufficient policy enforcement in CORS in Google Chrome prior 
to 109. ...)
        {DSA-5317-1}
        - chromium 109.0.5414.74-1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd7541e9727daa91a3ea8d6c578a06568b13530e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd7541e9727daa91a3ea8d6c578a06568b13530e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to