[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Fri, 28 Jul 2023 01:12:32 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
38687779 by security tracker role at 2023-07-28T08:12:11+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,63 @@
+CVE-2023-3990 (A vulnerability classified as problematic has been found in 
Mingsoft M ...)
+       TODO: check
+CVE-2023-3989 (A vulnerability was found in SourceCodester Jewelry Store 
System 1.0.  ...)
+       TODO: check
+CVE-2023-3988 (A vulnerability was found in Cafe Billing System 1.0. It has 
been decl ...)
+       TODO: check
+CVE-2023-3987 (A vulnerability was found in SourceCodester Simple Online Mens 
Salon M ...)
+       TODO: check
+CVE-2023-3986 (A vulnerability was found in SourceCodester Simple Online Mens 
Salon M ...)
+       TODO: check
+CVE-2023-3985 (A vulnerability has been found in SourceCodester Online Jewelry 
Store  ...)
+       TODO: check
+CVE-2023-3984 (A vulnerability, which was classified as critical, was found in 
phpscr ...)
+       TODO: check
+CVE-2023-3977 (Several plugins for WordPress by Inisev are vulnerable to 
Cross-Site R ...)
+       TODO: check
+CVE-2023-3774 (An unhandled error in Vault Enterprise's namespace creation may 
cause  ...)
+       TODO: check
+CVE-2023-3670 (In CODESYS Development System 3.5.9.0 to3.5.17.0 andCODESYS 
Scripting4 ...)
+       TODO: check
+CVE-2023-38609 (An injection issue was addressed with improved input 
validation. This  ...)
+       TODO: check
+CVE-2023-38604 (An out-of-bounds write issue was addressed with improved input 
validat ...)
+       TODO: check
+CVE-2023-38601 (This issue was addressed by removing the vulnerable code. This 
issue i ...)
+       TODO: check
+CVE-2023-38599 (A logic issue was addressed with improved state management. 
This issue ...)
+       TODO: check
+CVE-2023-38598 (A use-after-free issue was addressed with improved memory 
management.  ...)
+       TODO: check
+CVE-2023-38592 (A logic issue was addressed with improved restrictions. This 
issue is  ...)
+       TODO: check
+CVE-2023-38590 (A buffer overflow issue was addressed with improved memory 
handling. T ...)
+       TODO: check
+CVE-2023-38571 (This issue was addressed with improved validation of symlinks. 
This is ...)
+       TODO: check
+CVE-2023-38331 (Zoho ManageEngine Support Center Plus 14001 and below is 
vulnerable to ...)
+       TODO: check
+CVE-2023-37285 (An out-of-bounds read was addressed with improved bounds 
checking. Thi ...)
+       TODO: check
+CVE-2023-36495 (An integer overflow was addressed with improved input 
validation. This ...)
+       TODO: check
+CVE-2023-34425 (The issue was addressed with improved memory handling. This 
issue is f ...)
+       TODO: check
+CVE-2023-33745 (TeleAdapt RoomCast TA-2400 1.0 through 3.1 is vulnerable to 
Improper P ...)
+       TODO: check
+CVE-2023-33744 (TeleAdapt RoomCast TA-2400 1.0 through 3.1 suffers from Use of 
a Hard- ...)
+       TODO: check
+CVE-2023-33743 (TeleAdapt RoomCast TA-2400 1.0 through 3.1 is vulnerable to 
Improper A ...)
+       TODO: check
+CVE-2023-33742 (TeleAdapt RoomCast TA-2400 1.0 through 3.1 suffers from 
Cleartext Stor ...)
+       TODO: check
+CVE-2023-32654 (A logic issue was addressed with improved state management. 
This issue ...)
+       TODO: check
+CVE-2023-32445 (This issue was addressed with improved checks. This issue is 
fixed in  ...)
+       TODO: check
+CVE-2023-32444 (A logic issue was addressed with improved validation. This 
issue is fi ...)
+       TODO: check
+CVE-2023-32427 (This issue was addressed by using HTTPS when sending 
information over  ...)
+       TODO: check
 CVE-2023-37369
        - qt6-base <unfixed>
        [bookworm] - qt6-base <no-dsa> (Minor issue)
@@ -18997,8 +19057,8 @@ CVE-2023-28204 (An out-of-bounds read was addressed 
with improved input validati
        NOTE: https://bugs.webkit.org/show_bug.cgi?id=254930
        NOTE: 
https://github.com/WebKit/WebKit/commit/698c6e293734c3c46f223b77d5b4ee48b320e32c
        NOTE: https://webkitgtk.org/security/WSA-2023-0004.html
-CVE-2023-28203
-       RESERVED
+CVE-2023-28203 (The issue was addressed with improved checks. This issue is 
fixed in A ...)
+       TODO: check
 CVE-2023-28202 (This issue was addressed with improved state management. This 
issue is ...)
        NOT-FOR-US: Apple
 CVE-2023-28201 (This issue was addressed with improved state management. This 
issue is ...)
@@ -24370,8 +24430,8 @@ CVE-2023-0960 (A vulnerability was found in SeaCMS 11.6 
and classified as proble
        NOT-FOR-US: SeaCMS
 CVE-2023-0959 (Bhima version 1.27.0 allows a remote attacker to update the 
privileges ...)
        NOT-FOR-US: Bhima
-CVE-2023-0958
-       RESERVED
+CVE-2023-0958 (Several plugins for WordPress by Inisev are vulnerable to 
unauthorized ...)
+       TODO: check
 CVE-2023-0957 (An issue was discovered in Gitpod versions prior to 
release-2022.11.2. ...)
        NOT-FOR-US: Gitpod
 CVE-2023-0956
@@ -32084,8 +32144,8 @@ CVE-2023-23766
        RESERVED
 CVE-2023-23765
        RESERVED
-CVE-2023-23764
-       RESERVED
+CVE-2023-23764 (An incorrect comparison vulnerability was identified in GitHub 
Enterpr ...)
+       TODO: check
 CVE-2023-23763
        RESERVED
 CVE-2023-23762 (An incorrect comparison vulnerability was identified in GitHub 
Enterpr ...)
@@ -54387,12 +54447,12 @@ CVE-2022-43705 (In Botan before 2.19.3, it is 
possible to forge OCSP responses d
        NOTE: 
https://github.com/randombit/botan/commit/909c62717855402e04dbaf8ffc085f444d547aae
 (2.19.3)
 CVE-2022-43704 (The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 
1.3.6, a ...)
        NOT-FOR-US: Sinilink XY-WFT1 WiFi Remote Thermostat
-CVE-2022-43703
-       RESERVED
-CVE-2022-43702
-       RESERVED
-CVE-2022-43701
-       RESERVED
+CVE-2022-43703 (An installer that loads or executes files using an 
unconstrained searc ...)
+       TODO: check
+CVE-2022-43702 (When the directory containing the installer does not have 
sufficiently ...)
+       TODO: check
+CVE-2022-43701 (When the installation directory does not have sufficiently 
restrictive ...)
+       TODO: check
 CVE-2022-43700
        RESERVED
 CVE-2022-43699 (OX App Suite before 7.10.6-rev30 allows SSRF because e-mail 
account di ...)
@@ -88254,8 +88314,8 @@ CVE-2022-31456 (A cross-site scripting (XSS) 
vulnerability in Truedesk v1.2.2 al
        NOT-FOR-US: Truedesk
 CVE-2022-31455 (* A cross-site scripting (XSS) vulnerability in Truedesk 
v1.2.2 allows ...)
        NOT-FOR-US: Truedesk
-CVE-2022-31454
-       RESERVED
+CVE-2022-31454 (Yii 2 v2.0.45 was discovered to contain a cross-site scripting 
(XSS) v ...)
+       TODO: check
 CVE-2022-31453
        RESERVED
 CVE-2022-31452



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3868777938fd26335f012bd4aa1162cb59abfc6c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3868777938fd26335f012bd4aa1162cb59abfc6c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to