[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sun, 06 Aug 2023 01:12:44 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2eea82c4 by security tracker role at 2023-08-06T08:12:25+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,41 @@
+CVE-2023-4190 (Insufficient Session Expiration in GitHub repository 
admidio/admidio p ...)
+       TODO: check
+CVE-2023-4180 (A vulnerability classified as critical was found in 
SourceCodester Fre ...)
+       TODO: check
+CVE-2023-4179 (A vulnerability classified as critical has been found in 
SourceCodeste ...)
+       TODO: check
+CVE-2023-4177 (A vulnerability was found in EmpowerID up to 7.205.0.0. It has 
been ra ...)
+       TODO: check
+CVE-2023-4176 (A vulnerability was found in SourceCodester Hospital Management 
System ...)
+       TODO: check
+CVE-2023-4175 (A vulnerability was found in mooSocial mooTravel 3.1.8 and 
classified  ...)
+       TODO: check
+CVE-2023-4174 (A vulnerability has been found in mooSocial mooStore 3.1.6 and 
classif ...)
+       TODO: check
+CVE-2023-4173 (A vulnerability, which was classified as problematic, was found 
in moo ...)
+       TODO: check
+CVE-2023-4172 (A vulnerability, which was classified as problematic, has been 
found i ...)
+       TODO: check
+CVE-2023-4171 (A vulnerability classified as problematic was found in Chengdu 
Flash F ...)
+       TODO: check
+CVE-2023-37874 (Auth. (admin+) Stored Cross-Site Scripting (XSS) 
vulnerabilityin Dimit ...)
+       TODO: check
+CVE-2023-37873 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
WooComme ...)
+       TODO: check
+CVE-2023-37581 (Insufficient input validation and sanitation in Weblog 
Category name,  ...)
+       TODO: check
+CVE-2023-36689 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
WPFactor ...)
+       TODO: check
+CVE-2023-36686 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
CartFlow ...)
+       TODO: check
+CVE-2023-36678 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in WP-b ...)
+       TODO: check
+CVE-2023-34377 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Jose ...)
+       TODO: check
+CVE-2023-34010 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability 
insubmodule ...)
+       TODO: check
+CVE-2023-32600 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) 
vulnerability i ...)
+       TODO: check
 CVE-2023-4189 (Cross-site Scripting (XSS) - Reflected in GitHub repository 
instantsof ...)
        TODO: check
 CVE-2023-4188 (SQL Injection in GitHub repository instantsoft/icms2 prior to 
2.16.1-g ...)
@@ -612,7 +650,7 @@ CVE-2023-4057 (Memory safety bugs present in Firefox 115, 
Firefox ESR 115.0, and
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/#CVE-2023-4057
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-33/#CVE-2023-4057
 CVE-2023-4056 (Memory safety bugs present in Firefox 115, Firefox ESR 115.0, 
Firefox  ...)
-       {DSA-5464-1}
+       {DSA-5469-1 DSA-5464-1}
        - firefox 116.0-1
        - firefox-esr 115.1.0esr-1
        - thunderbird 1:115.1.0-1
@@ -622,7 +660,7 @@ CVE-2023-4056 (Memory safety bugs present in Firefox 115, 
Firefox ESR 115.0, Fir
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-32/#CVE-2023-4056
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-33/#CVE-2023-4056
 CVE-2023-4055 (When the number of cookies per domain was exceeded in 
`document.cookie ...)
-       {DSA-5464-1}
+       {DSA-5469-1 DSA-5464-1}
        - firefox 116.0-1
        - firefox-esr 115.1.0esr-1
        - thunderbird 1:115.1.0-1
@@ -654,7 +692,7 @@ CVE-2023-4051 (A website could have obscured the full 
screen notification by usi
        - firefox 116.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4051
 CVE-2023-4050 (In some cases, an untrusted input stream was copied to a stack 
buffer  ...)
-       {DSA-5464-1}
+       {DSA-5469-1 DSA-5464-1}
        - firefox 116.0-1
        - firefox-esr 115.1.0esr-1
        - thunderbird 1:115.1.0-1
@@ -664,7 +702,7 @@ CVE-2023-4050 (In some cases, an untrusted input stream was 
copied to a stack bu
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-32/#CVE-2023-4050
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-33/#CVE-2023-4050
 CVE-2023-4049 (Race conditions in reference counting code were found through 
code ins ...)
-       {DSA-5464-1}
+       {DSA-5469-1 DSA-5464-1}
        - firefox 116.0-1
        - firefox-esr 115.1.0esr-1
        - thunderbird 1:115.1.0-1
@@ -674,7 +712,7 @@ CVE-2023-4049 (Race conditions in reference counting code 
were found through cod
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-32/#CVE-2023-4049
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-33/#CVE-2023-4049
 CVE-2023-4048 (An out-of-bounds read could have led to an exploitable crash 
when pars ...)
-       {DSA-5464-1}
+       {DSA-5469-1 DSA-5464-1}
        - firefox 116.0-1
        - firefox-esr 115.1.0esr-1
        - thunderbird 1:115.1.0-1
@@ -684,7 +722,7 @@ CVE-2023-4048 (An out-of-bounds read could have led to an 
exploitable crash when
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-32/#CVE-2023-4048
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-33/#CVE-2023-4048
 CVE-2023-4047 (A bug in popup notifications delay calculation could have made 
it poss ...)
-       {DSA-5464-1}
+       {DSA-5469-1 DSA-5464-1}
        - firefox 116.0-1
        - firefox-esr 115.1.0esr-1
        - thunderbird 1:115.1.0-1
@@ -694,7 +732,7 @@ CVE-2023-4047 (A bug in popup notifications delay 
calculation could have made it
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-32/#CVE-2023-4047
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-33/#CVE-2023-4047
 CVE-2023-4046 (In some circumstances, a stale value could have been used for a 
global ...)
-       {DSA-5464-1}
+       {DSA-5469-1 DSA-5464-1}
        - firefox 116.0-1
        - firefox-esr 115.1.0esr-1
        - thunderbird 1:115.1.0-1
@@ -704,7 +742,7 @@ CVE-2023-4046 (In some circumstances, a stale value could 
have been used for a g
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-32/#CVE-2023-4046
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-33/#CVE-2023-4046
 CVE-2023-4045 (Offscreen Canvas did not properly track cross-origin tainting, 
which c ...)
-       {DSA-5464-1}
+       {DSA-5469-1 DSA-5464-1}
        - firefox 116.0-1
        - firefox-esr 115.1.0esr-1
        - thunderbird 1:115.1.0-1
@@ -13135,8 +13173,8 @@ CVE-2023-30493
        RESERVED
 CVE-2023-30492
        RESERVED
-CVE-2023-30491
-       RESERVED
+CVE-2023-30491 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
CodeBard ...)
+       TODO: check
 CVE-2023-30490
        RESERVED
 CVE-2023-30489



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2eea82c4ef4fb4e655a86a1afd51fee5e5ff169e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2eea82c4ef4fb4e655a86a1afd51fee5e5ff169e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to