Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8821073c by security tracker role at 2023-12-08T20:12:24+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,125 @@
+CVE-2023-6622 (A null pointer dereference vulnerability was found in
nft_dynset_init( ...)
+ TODO: check
+CVE-2023-6619 (A vulnerability was found in SourceCodester Simple Student
Attendance ...)
+ TODO: check
+CVE-2023-6618 (A vulnerability was found in SourceCodester Simple Student
Attendance ...)
+ TODO: check
+CVE-2023-6617 (A vulnerability was found in SourceCodester Simple Student
Attendance ...)
+ TODO: check
+CVE-2023-6616 (A vulnerability was found in SourceCodester Simple Student
Attendance ...)
+ TODO: check
+CVE-2023-6615 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2023-6614 (A vulnerability classified as problematic was found in Typecho
1.2.1. ...)
+ TODO: check
+CVE-2023-6613 (A vulnerability classified as problematic has been found in
Typecho 1. ...)
+ TODO: check
+CVE-2023-6612 (A vulnerability was found in Totolink X5000R
9.1.0cu.2300_B20230112. I ...)
+ TODO: check
+CVE-2023-6611 (A vulnerability was found in Tongda OA 2017 up to 11.9. It has
been de ...)
+ TODO: check
+CVE-2023-6610 (An out-of-bounds read vulnerability was found in
smb2_dump_detail in f ...)
+ TODO: check
+CVE-2023-6609 (A vulnerability was found in osCommerce 4. It has been
classified as p ...)
+ TODO: check
+CVE-2023-6608 (A vulnerability was found in Tongda OA 2017 up to 11.9 and
classified ...)
+ TODO: check
+CVE-2023-6607 (A vulnerability has been found in Tongda OA 2017 up to 11.10
and class ...)
+ TODO: check
+CVE-2023-6606 (An out-of-bounds read vulnerability was found in smbCalcSize in
fs/smb ...)
+ TODO: check
+CVE-2023-6507 (An issue was found in CPython 3.12.0 `subprocess` module on
POSIX plat ...)
+ TODO: check
+CVE-2023-6245 (The Candid library causes a Denial of Service while parsing a
special ...)
+ TODO: check
+CVE-2023-6146 (A Qualys web application was found to have a stored XSS
vulnerability ...)
+ TODO: check
+CVE-2023-49788 (Collabora Online is a collaborative online office suite based
on Libre ...)
+ TODO: check
+CVE-2023-49782 (Collabora Online is a collaborative online office suite based
on Libre ...)
+ TODO: check
+CVE-2023-49487 (JFinalCMS v5.0.0 was discovered to contain a cross-site
scripting (XSS ...)
+ TODO: check
+CVE-2023-49486 (JFinalCMS v5.0.0 was discovered to contain a cross-site
scripting (XSS ...)
+ TODO: check
+CVE-2023-49485 (JFinalCMS v5.0.0 was discovered to contain a cross-site
scripting (XSS ...)
+ TODO: check
+CVE-2023-49484 (Dreamer CMS v4.1.3 was discovered to contain a cross-site
scripting (X ...)
+ TODO: check
+CVE-2023-49444 (An arbitrary file upload vulnerability in DoraCMS v2.1.8 allow
attacke ...)
+ TODO: check
+CVE-2023-49443 (DoraCMS v2.1.8 was discovered to re-use the same code for
verification ...)
+ TODO: check
+CVE-2023-49007 (In Netgear Orbi RBR750 firmware before V7.2.6.21, there is a
stack-bas ...)
+ TODO: check
+CVE-2023-48423 (In dhcp4_SetPDNAddress of dhcp4_Main.c, there is a possible
out of bou ...)
+ TODO: check
+CVE-2023-48422 (In Init of protocolnetadapter.cpp, there is a possible out of
bounds r ...)
+ TODO: check
+CVE-2023-48421 (In gpu_pixel_handle_buffer_liveness_update_ioctl of
private/google-mod ...)
+ TODO: check
+CVE-2023-48420 (there is a possible use after free due to a race condition.
This could ...)
+ TODO: check
+CVE-2023-48416 (In multiple locations, there is a possible null dereference
due to a m ...)
+ TODO: check
+CVE-2023-48415 (In Init of protocolembmsadapter.cpp, there is a possible out
of bounds ...)
+ TODO: check
+CVE-2023-48414 (In the Pixel Camera Driver, there is a possible use after free
due to ...)
+ TODO: check
+CVE-2023-48413 (In Init of protocolnetadapter.cpp, there is a possible out of
bounds r ...)
+ TODO: check
+CVE-2023-48412 (In private_handle_t of mali_gralloc_buffer.h, there is a
possible info ...)
+ TODO: check
+CVE-2023-48411 (In SignalStrengthAdapter::FillGsmSignalStrength() of
protocolmiscadapt ...)
+ TODO: check
+CVE-2023-48410 (In cd_ParseMsg of cd_codec.c, there is a possible out of
bounds read d ...)
+ TODO: check
+CVE-2023-48409 (In gpu_pixel_handle_buffer_liveness_update_ioctl of
private/google-mod ...)
+ TODO: check
+CVE-2023-48408 (In ProtocolNetSimFileInfoAdapter() of protocolnetadapter.cpp,
there is ...)
+ TODO: check
+CVE-2023-48407 (there is a possible DCK won't be deleted after factory reset
due to a ...)
+ TODO: check
+CVE-2023-48406 (there is a possible permanent DoS or way for the modem to boot
unverif ...)
+ TODO: check
+CVE-2023-48405 (there is a possible way for the secure world to write to NS
memory due ...)
+ TODO: check
+CVE-2023-48404 (In ProtocolMiscCarrierConfigSimInfoIndAdapter of
protocolmiscadapter.c ...)
+ TODO: check
+CVE-2023-48403 (In sms_DecodeCodedTpMsg of sms_PduCodec.c, there is a possible
out of ...)
+ TODO: check
+CVE-2023-48402 (In ppcfw_enable of ppcfw.c, there is a possible EoP due to a
missing p ...)
+ TODO: check
+CVE-2023-48401 (In GetSizeOfEenlRecords of protocoladapter.cpp, there is a
possible ou ...)
+ TODO: check
+CVE-2023-48399 (In ProtocolMiscATCommandAdapter::Init() of
protocolmiscadapter.cpp, th ...)
+ TODO: check
+CVE-2023-48398 (In ProtocolNetAcBarringInfo::ProtocolNetAcBarringInfo() of
protocolnet ...)
+ TODO: check
+CVE-2023-48397 (In Init of protocolcalladapter.cpp, there is a possible out of
bounds ...)
+ TODO: check
+CVE-2023-47565 (An OS command injection vulnerability has been found to affect
legacy ...)
+ TODO: check
+CVE-2023-46499 (Cross Site Scripting vulnerability in EverShop NPM versions
before v.1 ...)
+ TODO: check
+CVE-2023-46498 (An issue in EverShop NPM versions before v.1.0.0-rc.8 allows a
remote ...)
+ TODO: check
+CVE-2023-46497 (Directory Traversal vulnerability in EverShop NPM versions
before v.1. ...)
+ TODO: check
+CVE-2023-46496 (Directory Traversal vulnerability in EverShop NPM versions
before v.1. ...)
+ TODO: check
+CVE-2023-46495 (Cross Site Scripting vulnerability in EverShop NPM versions
before v.1 ...)
+ TODO: check
+CVE-2023-46494 (Cross Site Scripting vulnerability in EverShop NPM versions
before v.1 ...)
+ TODO: check
+CVE-2023-46493 (Directory Traversal vulnerability in EverShop NPM versions
before v.1. ...)
+ TODO: check
+CVE-2023-46157 (File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the
lowest p ...)
+ TODO: check
+CVE-2023-32975 (A buffer copy without checking size of input vulnerability has
been re ...)
+ TODO: check
+CVE-2023-32968 (A buffer copy without checking size of input vulnerability has
been re ...)
+ TODO: check
CVE-2023-6599 (Missing Standardized Error Handling Mechanism in GitHub
repository mic ...)
NOT-FOR-US: microweber
CVE-2023-6581 (A vulnerability has been found in D-Link DAR-7000 up to
20231126 and c ...)
@@ -26753,7 +26875,7 @@ CVE-2023-2414 (The Online Booking & Scheduling Calendar
for WordPress by vcita p
NOT-FOR-US: WordPress plugin
CVE-2023-2402 (The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for
WordPre ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-3164 (A heap out-of-bounds read flaw was found in builtin.c in the
gawk pack ...)
+CVE-2023-3164 (A heap-buffer-overflow vulnerability was found in LibTIFF, in
extractI ...)
- tiff <unfixed> (unimportant)
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/542
NOTE: Crash in CLI tool, no security impact
@@ -54753,8 +54875,8 @@ CVE-2023-23374 (Microsoft Edge (Chromium-based) Remote
Code Execution Vulnerabil
NOT-FOR-US: Microsoft
CVE-2023-23373 (An OS command injection vulnerability has been reported to
affect QUSB ...)
NOT-FOR-US: QNAP
-CVE-2023-23372
- RESERVED
+CVE-2023-23372 (A cross-site scripting (XSS) vulnerability has been reported
to affect ...)
+ TODO: check
CVE-2023-23371 (A cleartext transmission of sensitive information
vulnerability has be ...)
NOT-FOR-US: QNAP
CVE-2023-23370 (An insufficiently protected credentials vulnerability has been
reporte ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8821073ce348996f49b73ce47b73a9778fc2867d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8821073ce348996f49b73ce47b73a9778fc2867d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
