Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
17a0703e by security tracker role at 2023-06-16T08:12:05+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,35 @@
+CVE-2023-3291 (Heap-based Buffer Overflow in GitHub repository gpac/gpac prior
to 2.2 ...)
+ TODO: check
+CVE-2023-35708 (Progress MOVEit Transfer has a privilege escalation
vulnerability that ...)
+ TODO: check
+CVE-2023-34845 (Bludit v3.14.1 was discovered to contain an arbitrary file
upload vuln ...)
+ TODO: check
+CVE-2023-34800 (D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a
command in ...)
+ TODO: check
+CVE-2023-34797 (Broken access control in the Registration page
(/Registration.aspx) of ...)
+ TODO: check
+CVE-2023-34165 (Unauthorized access vulnerability in the Save for later
feature provid ...)
+ TODO: check
+CVE-2023-34157 (Vulnerability of HwWatchHealth being hijacked.Successful
exploitation ...)
+ TODO: check
+CVE-2023-34154 (Vulnerability of undefined permissions in HUAWEI VR screen
projection. ...)
+ TODO: check
+CVE-2023-32754 (Thinking Software Efence login function has insufficient
validation fo ...)
+ TODO: check
+CVE-2023-32753 (OMICARD EDM\u2019s file uploading function does not restrict
upload of ...)
+ TODO: check
+CVE-2023-32752 (L7 Networks InstantScan IS-8000 & InstantQoS IQ-8000\u2019s
file uploa ...)
+ TODO: check
+CVE-2023-32028 (Microsoft OLE DB Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-32027 (Microsoft ODBC Driver for SQL Server Remote Code Execution
Vulnerabili ...)
+ TODO: check
+CVE-2023-32026 (Microsoft ODBC Driver for SQL Server Remote Code Execution
Vulnerabili ...)
+ TODO: check
+CVE-2023-32025 (Microsoft ODBC Driver for SQL Server Remote Code Execution
Vulnerabili ...)
+ TODO: check
+CVE-2023-2431 (A security issue was discovered in Kubelet that allows pods to
bypass ...)
+ TODO: check
CVE-2023-2728
- kubernetes 1.20.5+really1.20.2-1
NOTE: Server components no longer built since 1.20.5+really1.20.2-1,
marking that as fixed version
@@ -5891,8 +5923,8 @@ CVE-2023-2082
RESERVED
CVE-2023-2081
RESERVED
-CVE-2023-2080
- RESERVED
+CVE-2023-2080 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
CVE-2023-2079
RESERVED
CVE-2023-2078
@@ -9712,8 +9744,8 @@ CVE-2023-29358 (Windows GDI Elevation of Privilege
Vulnerability)
NOT-FOR-US: Microsoft
CVE-2023-29357 (Microsoft SharePoint Server Elevation of Privilege
Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2023-29356
- RESERVED
+CVE-2023-29356 (Microsoft ODBC Driver for SQL Server Remote Code Execution
Vulnerabili ...)
+ TODO: check
CVE-2023-29355 (DHCP Server Service Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2023-29354 (Microsoft Edge (Chromium-based) Security Feature Bypass
Vulnerability)
@@ -9726,8 +9758,8 @@ CVE-2023-29351 (Windows Group Policy Elevation of
Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2023-29350 (Microsoft Edge (Chromium-based) Elevation of Privilege
Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2023-29349
- RESERVED
+CVE-2023-29349 (Microsoft ODBC and OLE DB Remote Code Execution Vulnerability)
+ TODO: check
CVE-2023-29348
RESERVED
CVE-2023-29347
@@ -11538,8 +11570,8 @@ CVE-2023-28812
RESERVED
CVE-2023-28811
RESERVED
-CVE-2023-28810
- RESERVED
+CVE-2023-28810 (Some access control/intercom products have unauthorized
modification o ...)
+ TODO: check
CVE-2023-28809 (Some access control products are vulnerable to a session
hijacking att ...)
NOT-FOR-US: hikvision
CVE-2023-28808 (Some Hikvision Hybrid SAN/Cluster Storage products have an
access cont ...)
@@ -25864,12 +25896,12 @@ CVE-2023-24034
RESERVED
CVE-2023-24033 (The Samsung Exynos Modem 5123, Exynos Modem 5300, Exynos 980,
Exynos 1 ...)
NOT-FOR-US: Samsung
-CVE-2023-24032
- RESERVED
-CVE-2023-24031
- RESERVED
-CVE-2023-24030
- RESERVED
+CVE-2023-24032 (In Zimbra Collaboration Suite through 9.0 and 8.8.15, an
attacker (who ...)
+ TODO: check
+CVE-2023-24031 (An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and
8.8.15. ...)
+ TODO: check
+CVE-2023-24030 (An open redirect vulnerability exists in the /preauth Servlet
in Zimbr ...)
+ TODO: check
CVE-2023-24029 (In Progress WS_FTP Server before 8.8, it is possible for a
host admini ...)
NOT-FOR-US: Progress WS_FTP Server
CVE-2023-24028 (In MISP 2.4.167, app/Controller/Component/ACLComponent.php has
incorre ...)
@@ -26374,8 +26406,8 @@ CVE-2023-23843
RESERVED
CVE-2023-23842
RESERVED
-CVE-2023-23841
- RESERVED
+CVE-2023-23841 (SolarWinds Serv-U is submitting an HTTP request when changing
or updat ...)
+ TODO: check
CVE-2023-23840
RESERVED
CVE-2023-23839 (The SolarWinds Platform was susceptible to the Exposure of
Sensitive I ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17a0703e43ac96d4cc9437253d18bbf0a1e67822
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17a0703e43ac96d4cc9437253d18bbf0a1e67822
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
