Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a35ad6eb by security tracker role at 2023-06-24T08:12:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,31 @@
+CVE-2023-3388 (The Beautiful Cookie Consent Banner for WordPress is vulnerable
to Sto ...)
+ TODO: check
+CVE-2023-3387 (The Lana Text to Image plugin for WordPress is vulnerable to
Stored Cr ...)
+ TODO: check
+CVE-2023-3197 (The MStore API plugin for WordPress is vulnerable to
Unauthenticated B ...)
+ TODO: check
+CVE-2023-35932 (jcvi is a Python library to facilitate genome assembly,
annotation, an ...)
+ TODO: check
+CVE-2023-35928 (Nextcloud Server is a space for data storage on Nextcloud, a
self-host ...)
+ TODO: check
+CVE-2023-35927 (NextCloud Server and NextCloud Enterprise Server provide file
storage ...)
+ TODO: check
+CVE-2023-35173 (Nextcloud End-to-end encryption app provides all the necessary
APIs to ...)
+ TODO: check
+CVE-2023-35172 (NextCloud Server and NextCloud Enterprise Server provide file
storage ...)
+ TODO: check
+CVE-2023-35171 (NextCloud Server and NextCloud Enterprise Server provide file
storage ...)
+ TODO: check
+CVE-2023-35169 (PHP-IMAP is a wrapper for common IMAP communication without
the need t ...)
+ TODO: check
+CVE-2023-35165 (AWS Cloud Development Kit (AWS CDK) is an open-source software
develop ...)
+ TODO: check
+CVE-2023-35163 (Vega is a decentralized trading platform that allows
pseudo-anonymous ...)
+ TODO: check
+CVE-2023-35154 (Knowage is an open source analytics and business intelligence
suite. S ...)
+ TODO: check
+CVE-2023-34254 (The GLPI Agent is a generic management agent. Prior to version
1.5, if ...)
+ TODO: check
CVE-2023-3394 (Session Fixation in GitHub repository fossbilling/fossbilling
prior to ...)
NOT-FOR-US: fossbilling
CVE-2023-3393 (Code Injection in GitHub repository fossbilling/fossbilling
prior to 0 ...)
@@ -11413,8 +11441,8 @@ CVE-2023-29094 (Auth. (admin+) Stored Cross-site
Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-29093
RESERVED
-CVE-2023-1783
- RESERVED
+CVE-2023-1783 (OrangeScrum version 2.0.11 allows an external attacker to
remotely obt ...)
+ TODO: check
CVE-2023-1782 (HashiCorp Nomad and Nomad Enterprise versions 1.5.0 up to 1.5.2
allow ...)
- nomad <not-affected> (Vulnerable code not present; Introduced in
1.5.0)
NOTE:
https://discuss.hashicorp.com/t/hcsec-2023-13-nomad-unauthenticated-client-agent-http-request-privilege-escalation/52375
@@ -11657,14 +11685,14 @@ CVE-2023-1726 (Improper Neutralization of Input
During Web Page Generation ('Cro
NOT-FOR-US: Proliz OBS
CVE-2023-1725 (Server-Side Request Forgery (SSRF) vulnerability in Infoline
Project M ...)
NOT-FOR-US: Infoline Project Management System
-CVE-2023-1724
- RESERVED
+CVE-2023-1724 (Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with
agent ...)
+ TODO: check
CVE-2023-1723 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: Veragroup Mobile Assistant
-CVE-2023-1722
- RESERVED
-CVE-2023-1721
- RESERVED
+CVE-2023-1722 (Yoga Class Registration System version 1.0 allows an
administrator to ...)
+ TODO: check
+CVE-2023-1721 (Yoga Class Registration System version 1.0 allows an
administrator to ...)
+ TODO: check
CVE-2023-1720
RESERVED
CVE-2023-1719
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a35ad6ebac49e17c533627e86334e7aa50229d4d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a35ad6ebac49e17c533627e86334e7aa50229d4d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
