Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: ea444445 by Moritz Muehlenhoff at 2023-10-27T17:05:19+02:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -47,33 +47,33 @@ CVE-2023-46093 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i CVE-2023-46091 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Bala ...) NOT-FOR-US: WordPress plugin CVE-2023-45499 (VinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* was disco ...) - TODO: check + NOT-FOR-US: VinChin Backup & Recovery CVE-2023-45498 (VinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* was disco ...) - TODO: check + NOT-FOR-US: VinChin Backup & Recovery CVE-2023-44375 (Online Art Gallery v1.0 is vulnerable to multiple Unauthenticated SQL ...) - TODO: check + NOT-FOR-US: Online Art Gallery CVE-2023-44268 (Online Art Gallery v1.0 is vulnerable to multiple Unauthenticated SQL ...) - TODO: check + NOT-FOR-US: Online Art Gallery CVE-2023-44220 (SonicWall NetExtender Windows (32-bit and 64-bit) client 10.2.336 and ...) - TODO: check + NOT-FOR-US: SonicWall CVE-2023-44219 (A local privilege escalation vulnerability in SonicWall Directory Serv ...) - TODO: check + NOT-FOR-US: SonicWall CVE-2023-44162 (Online Art Gallery v1.0 is vulnerable to multiple Unauthenticated SQL ...) - TODO: check + NOT-FOR-US: Online Art Gallery CVE-2023-43738 (Online Art Gallery v1.0 is vulnerable to multiple Unauthenticated SQL ...) - TODO: check + NOT-FOR-US: Online Art Gallery CVE-2023-43737 (Online Art Gallery v1.0 is vulnerable to multiple Unauthenticated SQL ...) - TODO: check + NOT-FOR-US: Online Art Gallery CVE-2023-43352 (An issue in CMSmadesimple v.2.2.18 allows a local attacker to execute ...) - TODO: check + NOT-FOR-US: CMSmadesimple CVE-2023-42406 (SQL injection vulnerability in D-Link Online behavior audit gateway DA ...) - TODO: check + NOT-FOR-US: D-Link CVE-2023-42188 (IceCMS v2.0.1 is vulnerable to Cross Site Request Forgery (CSRF).) - TODO: check + NOT-FOR-US: IceCMS CVE-2023-39726 (An issue in Mintty v.3.6.4 and before allows a remote attacker to exec ...) - TODO: check + NOT-FOR-US: Mintty CVE-2023-38328 (An issue was discovered in eGroupWare 17.1.20190111. An Improper Passw ...) - TODO: check + - egroupware <removed> CVE-2023-34059 (open-vm-tools contains a file descriptor hijack vulnerability in the v ...) - open-vm-tools <unfixed> NOTE: https://www.openwall.com/lists/oss-security/2023/10/27/3 @@ -84,9 +84,9 @@ CVE-2023-34058 (VMware Tools contains a SAML token signature bypass vulnerabilit CVE-2023-34057 (VMware Tools contains a local privilege escalation vulnerability.A mal ...) NOT-FOR-US: WMware CVE-2023-33559 (A local file inclusion vulnerability via the lang parameter in OcoMon ...) - TODO: check + NOT-FOR-US: OcoMon CVE-2023-33558 (An information disclosure vulnerability in the component users-grid-da ...) - TODO: check + NOT-FOR-US: OcoMon CVE-2023-46813 (An issue was discovered in the Linux kernel before 6.5.9, exploitable ...) - linux <unfixed> NOTE: https://git.kernel.org/linus/63e44bc52047f182601e7817da969a105aa1f721 (6.6-rc7) @@ -240,12 +240,12 @@ CVE-2023-46345 (Catdoc v0.95 was discovered to contain a NULL pointer dereferenc CVE-2023-46233 (crypto-js is a JavaScript library of crypto standards. Prior to versio ...) TODO: check CVE-2023-46232 (era-compiler-vyper is the EraVM Vyper compiler for zkSync Era, a layer ...) - TODO: check + NOT-FOR-US: era-compiler-vyper CVE-2023-46137 (Twisted is an event-based framework for internet applications. Prior t ...) - twisted <unfixed> NOTE: https://github.com/twisted/twisted/security/advisories/GHSA-xc8x-vp79-p3wm CVE-2023-46134 (D-Tale is the combination of a Flask back-end and a React front-end to ...) - TODO: check + NOT-FOR-US: D-Tale CVE-2023-46133 (CryptoES is a cryptography algorithms library compatible with ES6 and ...) TODO: check CVE-2023-45137 (XWiki Platform is a generic wiki platform offering runtime services fo ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea4444459b6d89c629b31e4c216a111e2c19ca16 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea4444459b6d89c629b31e4c216a111e2c19ca16 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits