Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e9964073 by security tracker role at 2023-08-10T08:12:18+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2023-4277 (The Realia plugin for WordPress is vulnerable to Cross-Site
Request Fo ...)
+ TODO: check
+CVE-2023-4276 (The Absolute Privacy plugin for WordPress is vulnerable to
Cross-Site ...)
+ TODO: check
+CVE-2023-36673 (An issue was discovered in Avira Phantom VPN through 2.23.1
for macOS. ...)
+ TODO: check
+CVE-2023-36672 (An issue was discovered in the Clario VPN client through
5.9.1.1662 fo ...)
+ TODO: check
+CVE-2023-36671 (An issue was discovered in the Clario VPN client through
5.9.1.1662 fo ...)
+ TODO: check
+CVE-2023-35838 (The WireGuard client 0.5.3 on Windows insecurely configures
the operat ...)
+ TODO: check
+CVE-2023-33242 (Crypto wallets implementing the Lindell17 TSS protocol might
allow an ...)
+ TODO: check
+CVE-2023-33241 (Crypto wallets implementing the GG18 or GG20 TSS protocol
might allow ...)
+ TODO: check
CVE-2023-32559
- nodejs <unfixed>
NOTE:
https://nodejs.org/en/blog/vulnerability/august-2023-security-releases#permissions-policies-can-be-bypassed-via-processbinding-mediumcve-2023-32559
@@ -13168,60 +13184,60 @@ CVE-2023-30707
RESERVED
CVE-2023-30706
RESERVED
-CVE-2023-30705
- RESERVED
-CVE-2023-30704
- RESERVED
-CVE-2023-30703
- RESERVED
-CVE-2023-30702
- RESERVED
-CVE-2023-30701
- RESERVED
-CVE-2023-30700
- RESERVED
-CVE-2023-30699
- RESERVED
-CVE-2023-30698
- RESERVED
-CVE-2023-30697
- RESERVED
-CVE-2023-30696
- RESERVED
-CVE-2023-30695
- RESERVED
-CVE-2023-30694
- RESERVED
-CVE-2023-30693
- RESERVED
+CVE-2023-30705 (Improper sanitization of incoming intent in Galaxy Store prior
to vers ...)
+ TODO: check
+CVE-2023-30704 (Improper Authorization vulnerability in Samsung Internet prior
to vers ...)
+ TODO: check
+CVE-2023-30703 (Improper URL validation vulnerability in Samsung Members prior
to vers ...)
+ TODO: check
+CVE-2023-30702 (Stack overflow vulnerability in SSHDCPAPP TA prior to
"SAMSUNG EL ...)
+ TODO: check
+CVE-2023-30701 (PendingIntent hijacking in WifiGeofenceManager prior to SMR
Aug-2023 R ...)
+ TODO: check
+CVE-2023-30700 (PendingIntent hijacking vulnerability in SemWifiApTimeOutImpl
in frame ...)
+ TODO: check
+CVE-2023-30699 (Out-of-bounds write vulnerability in parser_hvcC function of
libsimba ...)
+ TODO: check
+CVE-2023-30698 (Improper access control vulnerability in TelephonyUI prior to
SMR Aug- ...)
+ TODO: check
+CVE-2023-30697 (An improper input validation in IpcTxCfgSetSimlockPayload in
libsec-ri ...)
+ TODO: check
+CVE-2023-30696 (An improper input validation in IpcTxGetVerifyAkey in
libsec-ril prior ...)
+ TODO: check
+CVE-2023-30695 (Out-of-bounds Write vulnerability in SSHDCPAPP TA prior to
"SAMSU ...)
+ TODO: check
+CVE-2023-30694 (Out-of-bounds Write in IpcTxPcscTransmitApdu of libsec-ril
prior to SM ...)
+ TODO: check
+CVE-2023-30693 (Out-of-bounds Write in DoOemFactorySendFactoryBypassCommand of
libsec- ...)
+ TODO: check
CVE-2023-30692
RESERVED
-CVE-2023-30691
- RESERVED
+CVE-2023-30691 (Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023
Release ...)
+ TODO: check
CVE-2023-30690
RESERVED
-CVE-2023-30689
- RESERVED
-CVE-2023-30688
- RESERVED
-CVE-2023-30687
- RESERVED
-CVE-2023-30686
- RESERVED
-CVE-2023-30685
- RESERVED
-CVE-2023-30684
- RESERVED
-CVE-2023-30683
- RESERVED
-CVE-2023-30682
- RESERVED
-CVE-2023-30681
- RESERVED
-CVE-2023-30680
- RESERVED
-CVE-2023-30679
- RESERVED
+CVE-2023-30689 (Out-of-bounds Write in BuildOemEmbmsGetSigStrengthResponse of
libsec-r ...)
+ TODO: check
+CVE-2023-30688 (Out-of-bounds Write in MakeUiccAuthForOem of libsec-ril prior
to SMR A ...)
+ TODO: check
+CVE-2023-30687 (Out-of-bounds Write in RmtUimApdu of libsec-ril prior to SMR
Aug-2023 ...)
+ TODO: check
+CVE-2023-30686 (Out-of-bounds Write in ReqDataRaw of libsec-ril prior to SMR
Aug-2023 ...)
+ TODO: check
+CVE-2023-30685 (Improper access control vulnerability in Telecom prior to SMR
Aug-2023 ...)
+ TODO: check
+CVE-2023-30684 (Improper access control in Samsung Telecom prior to SMR
Aug-2023 Relea ...)
+ TODO: check
+CVE-2023-30683 (Improper access control in Telecom prior to SMR Aug-2023
Release 1 all ...)
+ TODO: check
+CVE-2023-30682 (Improper access control in Telecom prior to SMR Aug-2023
Release 1 all ...)
+ TODO: check
+CVE-2023-30681 (An improper input validation vulnerability within initialize
function ...)
+ TODO: check
+CVE-2023-30680 (Improper privilege management vulnerability in MMIGroup prior
to SMR A ...)
+ TODO: check
+CVE-2023-30679 (Improper access control in HDCP trustlet prior to SMR Aug-2023
Release ...)
+ TODO: check
CVE-2023-30678 (Potential zip path traversal vulnerability in Calendar
application pri ...)
NOT-FOR-US: Samsung
CVE-2023-30677 (Improper access control vulnerability in Samsung Pass prior to
version ...)
@@ -13270,8 +13286,8 @@ CVE-2023-30656 (Improper input validation vulnerability
in LSOItemData prior to
NOT-FOR-US: Samsung
CVE-2023-30655 (Improper input validation vulnerability in SCEPProfile prior
to SMR Ju ...)
NOT-FOR-US: Samsung
-CVE-2023-30654
- RESERVED
+CVE-2023-30654 (Improper access control vulnerability in SLocationService
prior to SMR ...)
+ TODO: check
CVE-2023-30653 (Out of bounds read and write in enableTspDevice of sysinput
HAL servic ...)
NOT-FOR-US: Samsung
CVE-2023-30652 (Out of bounds read and write in callrunTspCmdNoRead of
sysinput HAL se ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e9964073ba41bc446455d7c23f6232cdcc0a0f14
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e9964073ba41bc446455d7c23f6232cdcc0a0f14
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
