[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Thu, 05 Oct 2023 01:12:40 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
9f7bebe9 by security tracker role at 2023-10-05T08:12:19+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2023-45198 (ftpd before "NetBSD-ftpd 20230930" can leak information about 
the host ...)
+       TODO: check
+CVE-2023-44389 (Zope is an open-source web application server. The title 
property, ava ...)
+       TODO: check
+CVE-2023-43877 (Rite CMS 3.0 has Multiple Cross-Site scripting (XSS) 
vulnerabilities t ...)
+       TODO: check
+CVE-2023-43809 (Soft Serve is a self-hostable Git server for the command line. 
Prior t ...)
+       TODO: check
+CVE-2023-43805 (Nexkey is a fork of Misskey, an open source, decentralized 
social medi ...)
+       TODO: check
+CVE-2023-43799 (Altair is a GraphQL Client. Prior to version 5.2.5, the Altair 
GraphQL ...)
+       TODO: check
+CVE-2023-43793 (Misskey is an open source, decentralized social media 
platform. Prior  ...)
+       TODO: check
+CVE-2023-43321 (File Upload vulnerability in Digital China Networks 
DCFW-1800-SDC v.3. ...)
+       TODO: check
+CVE-2023-40299 (Kong Insomnia 2023.4.0 on macOS allows attackers to execute 
code and a ...)
+       TODO: check
+CVE-2023-36619 (Atos Unify OpenScape Session Border Controller through V10 
R3.01.03 al ...)
+       TODO: check
+CVE-2023-36618 (Atos Unify OpenScape Session Border Controller through V10 
R3.01.03 al ...)
+       TODO: check
+CVE-2023-35803 (IQ Engine before 10.6r2 on Extreme Network AP devices has a 
Buffer Ove ...)
+       TODO: check
 CVE-2023-3430
        - openimageio 2.4.13.0+dfsg-1
        NOTE: https://github.com/OpenImageIO/oiio/issues/3840
@@ -1148,7 +1172,7 @@ CVE-2023-5222 (A vulnerability classified as critical was 
found in Viessmann Vit
 CVE-2023-5221 (A vulnerability classified as critical has been found in ForU 
CMS. Thi ...)
        NOT-FOR-US: ForU CMS
 CVE-2023-5217 (Heap buffer overflow in vp8 encoding in libvpx in Google Chrome 
prior  ...)
-       {DSA-5513-1 DSA-5510-1 DSA-5509-1 DSA-5508-1 DLA-3598-1 DLA-3591-1}
+       {DSA-5513-1 DSA-5510-1 DSA-5509-1 DSA-5508-1 DLA-3601-1 DLA-3598-1 
DLA-3591-1}
        - chromium 117.0.5938.132-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        - firefox <unfixed> (unimportant)
@@ -1687,7 +1711,7 @@ CVE-2023-34043 (VMware Aria Operations contains a local 
privilege escalation vul
 CVE-2023-32541 (A use-after-free vulnerability exists in the footerr 
functionality of  ...)
        NOT-FOR-US: Hancom Office 2020 HWord
 CVE-2023-5176 (Memory safety bugs present in Firefox 117, Firefox ESR 115.2, 
and Thun ...)
-       {DSA-5513-1 DSA-5506-1 DLA-3587-1}
+       {DSA-5513-1 DSA-5506-1 DLA-3601-1 DLA-3587-1}
        - firefox 118.0-1
        - firefox-esr 115.3.0esr-1
        - thunderbird 1:115.3.0-1
@@ -1711,7 +1735,7 @@ CVE-2023-5172 (A hashtable  in the Ion Engine could have 
been mutated while ther
        - firefox 118.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/#CVE-2023-5172
 CVE-2023-5171 (During Ion compilation, a Garbage Collection could have 
resulted in a  ...)
-       {DSA-5513-1 DSA-5506-1 DLA-3587-1}
+       {DSA-5513-1 DSA-5506-1 DLA-3601-1 DLA-3587-1}
        - firefox 118.0-1
        - firefox-esr 115.3.0esr-1
        - thunderbird 1:115.3.0-1
@@ -1722,7 +1746,7 @@ CVE-2023-5170 (In canvas rendering, a compromised content 
process could have cau
        - firefox 118.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/#CVE-2023-5170
 CVE-2023-5169 (A compromised content process could have provided malicious 
data in a  ...)
-       {DSA-5513-1 DSA-5506-1 DLA-3587-1}
+       {DSA-5513-1 DSA-5506-1 DLA-3601-1 DLA-3587-1}
        - firefox 118.0-1
        - firefox-esr 115.3.0esr-1
        - thunderbird 1:115.3.0-1
@@ -34625,14 +34649,14 @@ CVE-2023-26241
        RESERVED
 CVE-2023-26240
        RESERVED
-CVE-2023-26239
-       RESERVED
-CVE-2023-26238
-       RESERVED
-CVE-2023-26237
-       RESERVED
-CVE-2023-26236
-       RESERVED
+CVE-2023-26239 (An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to 
a weak  ...)
+       TODO: check
+CVE-2023-26238 (An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is 
possible ...)
+       TODO: check
+CVE-2023-26237 (An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is 
possible ...)
+       TODO: check
+CVE-2023-26236 (An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to 
a weak  ...)
+       TODO: check
 CVE-2023-26235 (JD-GUI 1.6.6 allows XSS via 
util/net/InterProcessCommunicationUtil.jav ...)
        NOT-FOR-US: JD-GUI
 CVE-2023-26234 (JD-GUI 1.6.6 allows deserialization via 
UIMainWindowPreferencesProvide ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f7bebe969da6c1c1fdf93be3d9b7d43c9f6dcbd

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f7bebe969da6c1c1fdf93be3d9b7d43c9f6dcbd
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to