Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2e3e9a51 by security tracker role at 2023-08-07T08:12:18+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,29 @@
+CVE-2023-4193 (A vulnerability has been found in SourceCodester Resort
Reservation Sy ...)
+ TODO: check
+CVE-2023-4192 (A vulnerability, which was classified as critical, was found in
Source ...)
+ TODO: check
+CVE-2023-4191 (A vulnerability, which was classified as critical, has been
found in S ...)
+ TODO: check
+CVE-2023-39903 (An issue was discovered in Fujitsu Software Infrastructure
Manager (IS ...)
+ TODO: check
+CVE-2023-33913 (In DRM/oemcrypto, there is a possible out of bounds write due
to an in ...)
+ TODO: check
+CVE-2023-33912 (In Contacts service, there is a possible missing permission
check.This ...)
+ TODO: check
+CVE-2023-33911 (In vowifi service, there is a possible missing permission
check.This c ...)
+ TODO: check
+CVE-2023-33910 (In Contacts Service, there is a possible missing permission
check.This ...)
+ TODO: check
+CVE-2023-33909 (In Contacts service, there is a possible missing permission
check.This ...)
+ TODO: check
+CVE-2023-33908 (In ims service, there is a possible missing permission check.
This cou ...)
+ TODO: check
+CVE-2023-33907 (In Contacts Service, there is a possible missing permission
check. Thi ...)
+ TODO: check
+CVE-2023-33906 (In Contacts Service, there is a possible missing permission
check.This ...)
+ TODO: check
+CVE-2022-48579 (UnRAR before 6.2.3 allows extraction of files outside of the
destinati ...)
+ TODO: check
CVE-2023-4196 (Cross-site Scripting (XSS) - Stored in GitHub repository
cockpit-hq/co ...)
TODO: check
CVE-2023-4195 (PHP Remote File Inclusion in GitHub repository
cockpit-hq/cockpit prio ...)
@@ -4451,6 +4477,7 @@ CVE-2023-36223 (Cross Site Scripting vulnerability in
mlogclub bbs-go v. 3.5.5.
CVE-2023-36222 (Cross Site Scripting vulnerability in mlogclub bbs-go v.
3.5.5. and be ...)
NOT-FOR-US: mlogclub bbs-go
CVE-2023-36183 (Buffer Overflow vulnerability in OpenImageIO v.2.4.12.0 and
before all ...)
+ {DLA-3518-1}
- openimageio 2.4.13.0+dfsg-1
[bookworm] - openimageio <no-dsa> (Minor issue)
[bullseye] - openimageio <no-dsa> (Minor issue)
@@ -31216,6 +31243,7 @@ CVE-2023-24473 (An information disclosure vulnerability
exists in the TGAInput::
NOTE:
https://github.com/OpenImageIO/oiio/commit/209bb4c327b2a8be08f41c1a213dfe9001f0b5d0
(v2.4.8.1)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1707
CVE-2023-24472 (A denial of service vulnerability exists in the
FitsOutput::close() fu ...)
+ {DLA-3518-1}
[experimental] - openimageio 2.4.9.0+dfsg-1
- openimageio <unfixed> (bug #1034151)
[bookworm] - openimageio <no-dsa> (Minor issue)
@@ -32727,10 +32755,10 @@ CVE-2023-0428 (The Watu Quiz WordPress plugin before
3.3.8.2 does not sanitise a
NOT-FOR-US: WordPress plugin
CVE-2023-0427
RESERVED
-CVE-2023-0426
- RESERVED
-CVE-2023-0425
- RESERVED
+CVE-2023-0426 (ABB is aware of vulnerabilities in the product versions listed
below. ...)
+ TODO: check
+CVE-2023-0425 (ABB is aware of vulnerabilities in the product versions listed
below. ...)
+ TODO: check
CVE-2023-0424 (The MS-Reviews WordPress plugin through 1.5 does not sanitise
and esca ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0423 (The WordPress Amazon S3 Plugin WordPress plugin before 1.6 does
not sa ...)
@@ -42493,10 +42521,10 @@ CVE-2022-47353
RESERVED
CVE-2022-47352
RESERVED
-CVE-2022-47351
- RESERVED
-CVE-2022-47350
- RESERVED
+CVE-2022-47351 (In camera driver, there is a possible out of bounds read due
to a miss ...)
+ TODO: check
+CVE-2022-47350 (In camera driver, there is a possible out of bounds read due
to a miss ...)
+ TODO: check
CVE-2022-47349
RESERVED
CVE-2022-47348 (In engineermode services, there is a missing permission check.
This co ...)
@@ -53298,84 +53326,84 @@ CVE-2023-20820
RESERVED
CVE-2023-20819
RESERVED
-CVE-2023-20818
- RESERVED
-CVE-2023-20817
- RESERVED
-CVE-2023-20816
- RESERVED
-CVE-2023-20815
- RESERVED
-CVE-2023-20814
- RESERVED
-CVE-2023-20813
- RESERVED
-CVE-2023-20812
- RESERVED
-CVE-2023-20811
- RESERVED
-CVE-2023-20810
- RESERVED
-CVE-2023-20809
- RESERVED
-CVE-2023-20808
- RESERVED
-CVE-2023-20807
- RESERVED
-CVE-2023-20806
- RESERVED
-CVE-2023-20805
- RESERVED
-CVE-2023-20804
- RESERVED
-CVE-2023-20803
- RESERVED
-CVE-2023-20802
- RESERVED
-CVE-2023-20801
- RESERVED
-CVE-2023-20800
- RESERVED
+CVE-2023-20818 (In wlan service, there is a possible out of bounds read due to
imprope ...)
+ TODO: check
+CVE-2023-20817 (In wlan service, there is a possible out of bounds write due
to improp ...)
+ TODO: check
+CVE-2023-20816 (In wlan service, there is a possible out of bounds write due
to improp ...)
+ TODO: check
+CVE-2023-20815 (In wlan service, there is a possible out of bounds write due
to improp ...)
+ TODO: check
+CVE-2023-20814 (In wlan service, there is a possible out of bounds write due
to improp ...)
+ TODO: check
+CVE-2023-20813 (In wlan service, there is a possible out of bounds read due to
imprope ...)
+ TODO: check
+CVE-2023-20812 (In wlan driver, there is a possible out of bounds write due to
imprope ...)
+ TODO: check
+CVE-2023-20811 (In IOMMU, there is a possible out of bounds write due to a
missing bou ...)
+ TODO: check
+CVE-2023-20810 (In IOMMU, there is a possible information disclosure due to
improper i ...)
+ TODO: check
+CVE-2023-20809 (In vdec, there is a possible out of bounds write due to a
missing boun ...)
+ TODO: check
+CVE-2023-20808 (In OPTEE, there is a possible out of bounds write due to a
missing bou ...)
+ TODO: check
+CVE-2023-20807 (In dpe, there is a possible out of bounds write due to a
missing bound ...)
+ TODO: check
+CVE-2023-20806 (In hcp, there is a possible out of bounds write due to a
missing bound ...)
+ TODO: check
+CVE-2023-20805 (In imgsys, there is a possible out of bounds write due to a
missing bo ...)
+ TODO: check
+CVE-2023-20804 (In imgsys, there is a possible out of bounds write due to a
missing bo ...)
+ TODO: check
+CVE-2023-20803 (In imgsys, there is a possible memory corruption due to
improper input ...)
+ TODO: check
+CVE-2023-20802 (In imgsys, there is a possible memory corruption due to
improper input ...)
+ TODO: check
+CVE-2023-20801 (In imgsys,there is a possible use after free due to a race
condition. ...)
+ TODO: check
+CVE-2023-20800 (In imgsys, there is a possible system crash due to a mssing
ptr check. ...)
+ TODO: check
CVE-2023-20799
RESERVED
-CVE-2023-20798
- RESERVED
-CVE-2023-20797
- RESERVED
-CVE-2023-20796
- RESERVED
-CVE-2023-20795
- RESERVED
+CVE-2023-20798 (In pda, there is a possible out of bounds read due to an
incorrect cal ...)
+ TODO: check
+CVE-2023-20797 (In camera middleware, there is a possible out of bounds write
due to a ...)
+ TODO: check
+CVE-2023-20796 (In power, there is a possible memory corruption due to an
incorrect bo ...)
+ TODO: check
+CVE-2023-20795 (In ril, there is a possible out of bounds write due to a
missing bound ...)
+ TODO: check
CVE-2023-20794
RESERVED
-CVE-2023-20793
- RESERVED
+CVE-2023-20793 (In apu, there is a possible memory corruption due to a missing
bounds ...)
+ TODO: check
CVE-2023-20792
RESERVED
CVE-2023-20791
RESERVED
-CVE-2023-20790
- RESERVED
-CVE-2023-20789
- RESERVED
-CVE-2023-20788
- RESERVED
-CVE-2023-20787
- RESERVED
-CVE-2023-20786
- RESERVED
-CVE-2023-20785
- RESERVED
-CVE-2023-20784
- RESERVED
-CVE-2023-20783
- RESERVED
-CVE-2023-20782
- RESERVED
-CVE-2023-20781
- RESERVED
-CVE-2023-20780
- RESERVED
+CVE-2023-20790 (In nvram, there is a possible out of bounds write due to a
missing bou ...)
+ TODO: check
+CVE-2023-20789 (In jpeg, there is a possible information disclosure due to a
missing b ...)
+ TODO: check
+CVE-2023-20788 (In thermal, there is a possible use after free due to a race
condition ...)
+ TODO: check
+CVE-2023-20787 (In thermal, there is a possible use after free due to a race
condition ...)
+ TODO: check
+CVE-2023-20786 (In gps, there is a possible out of bounds write due to a
missing bound ...)
+ TODO: check
+CVE-2023-20785 (In audio, there is a possible out of bounds write due to a
missing bou ...)
+ TODO: check
+CVE-2023-20784 (In keyinstall, there is a possible out of bounds write due to
a missin ...)
+ TODO: check
+CVE-2023-20783 (In keyinstall, there is a possible out of bounds write due to
a missin ...)
+ TODO: check
+CVE-2023-20782 (In keyinstall, there is a possible information disclosure due
to a mis ...)
+ TODO: check
+CVE-2023-20781 (In keyinstall, there is a possible memory corruption due to a
missing ...)
+ TODO: check
+CVE-2023-20780 (In keyinstall, there is a possible information disclosure due
to a mis ...)
+ TODO: check
CVE-2023-20779
RESERVED
CVE-2023-20778
@@ -59305,7 +59333,7 @@ CVE-2022-41838 (A code execution vulnerability exists
in the DDS scanline parsin
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1634
NOTE:
https://github.com/OpenImageIO/oiio/commit/e44400feac32d455b49e9c8baffa52ed855ba59b
CVE-2022-41837 (An out-of-bounds write vulnerability exists in the
OpenImageIO::add_ex ...)
- {DSA-5384-1}
+ {DSA-5384-1 DLA-3518-1}
- openimageio 2.4.7.1+dfsg-2 (bug #1027143)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1636
NOTE:
https://github.com/OpenImageIO/oiio/commit/884dfd6b7c1fd6130390853b5074ddeb48f2f19b
@@ -60635,17 +60663,17 @@ CVE-2022-41977 (An out of bounds read vulnerability
exists in the way OpenImageI
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1627
NOTE: https://github.com/OpenImageIO/oiio/pull/3628
CVE-2022-41794 (A heap based buffer overflow vulnerability exists in the PSD
thumbnail ...)
- {DSA-5384-1}
+ {DSA-5384-1 DLA-3518-1}
- openimageio 2.4.7.1+dfsg-2 (bug #1027143)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1626
NOTE:
https://github.com/OpenImageIO/oiio/commit/884dfd6b7c1fd6130390853b5074ddeb48f2f19b
CVE-2022-41684 (A heap out of bounds read vulnerability exists in the
OpenImageIO mast ...)
- {DSA-5384-1}
+ {DSA-5384-1 DLA-3518-1}
- openimageio 2.4.7.1+dfsg-2 (bug #1027143)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1632
NOTE:
https://github.com/OpenImageIO/oiio/commit/884dfd6b7c1fd6130390853b5074ddeb48f2f19b
CVE-2022-41649 (A heap out of bounds read vulnerability exists in the handling
of IPTC ...)
- {DSA-5384-1}
+ {DSA-5384-1 DLA-3518-1}
- openimageio 2.4.7.1+dfsg-2 (bug #1027143)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1631
NOTE:
https://github.com/OpenImageIO/oiio/commit/884dfd6b7c1fd6130390853b5074ddeb48f2f19b
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e3e9a5115407848a9f5856153be69885f9db909
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e3e9a5115407848a9f5856153be69885f9db909
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
