Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dae8f8c2 by security tracker role at 2023-12-18T08:12:01+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2023-6909 (Path Traversal: '\..\filename' in GitHub repository
mlflow/mlflow prio ...)
+ TODO: check
+CVE-2023-6908 (A vulnerability, which was classified as problematic, was found
in DFI ...)
+ TODO: check
+CVE-2023-6907 (A vulnerability has been found in codelyfe Stupid Simple CMS up
to 1.2 ...)
+ TODO: check
+CVE-2023-6906 (A vulnerability, which was classified as critical, was found in
Totoli ...)
+ TODO: check
+CVE-2023-6905 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2023-6904 (A vulnerability classified as problematic was found in
Jahastech NxFil ...)
+ TODO: check
+CVE-2023-6903 (A vulnerability classified as critical has been found in
Netentsec NS- ...)
+ TODO: check
+CVE-2023-6483 (The vulnerability exists in ADiTaaS (Allied Digital Integrated
Tool-as ...)
+ TODO: check
+CVE-2023-50981 (ModularSquareRoot in Crypto++ (aka cryptopp) through 8.9.0
allows atta ...)
+ TODO: check
+CVE-2023-50980 (gf2n.cpp in Crypto++ (aka cryptopp) through 8.9.0 allows
attackers to ...)
+ TODO: check
+CVE-2023-50979 (Crypto++ (aka cryptopp) through 8.9.0 has a Marvin side
channel during ...)
+ TODO: check
+CVE-2023-50976 (Redpanda before 23.1.21 and 23.2.x before 23.2.18 has missing
authoriz ...)
+ TODO: check
CVE-2023-6902 (A vulnerability has been found in codelyfe Stupid Simple CMS up
to 1.2 ...)
NOT-FOR-US: Stupid Simple CMS
CVE-2023-6901 (A vulnerability, which was classified as critical, was found in
codely ...)
@@ -876,7 +900,7 @@ CVE-2023-3904 (An issue has been discovered in GitLab EE
affecting all versions
- gitlab <not-affected> (Specific to EE)
CVE-2023-3511 (An issue has been discovered in GitLab EE affecting all
versions start ...)
- gitlab <not-affected> (Specific to EE)
-CVE-2023-3907
+CVE-2023-3907 (A privilege escalation vulnerability in GitLab EE affecting all
versio ...)
- gitlab <not-affected> (Specific to EE)
CVE-2023-5061 (An issue has been discovered in GitLab affecting all versions
starting ...)
- gitlab <unfixed>
@@ -2950,11 +2974,11 @@ CVE-2023-48800 (In TOTOLINK X6000R_Firmware
V9.4.0cu.852_B20230719, the shttpd f
NOT-FOR-US: TOTOLINK
CVE-2023-48799 (TOTOLINK-X6000R Firmware-V9.4.0cu.852_B20230719 is vulnerable
to Comma ...)
NOT-FOR-US: TOTOLINK
-CVE-2023-44306 (Dell DM5500 contains a path traversal vulnerability in PPOE
Component. ...)
+CVE-2023-44306 (Dell DM5500 contains a path traversal vulnerability in the
appliance. ...)
NOT-FOR-US: Dell
CVE-2023-44305 (Dell DM5500 5.14.0.0, contains a Stack-based Buffer Overflow
Vulnerabi ...)
NOT-FOR-US: Dell
-CVE-2023-44304 (Dell DM5500 contains a privilege escalation vulnerability in
PPOE Comp ...)
+CVE-2023-44304 (Dell DM5500 contains a privilege escalation vulnerability in
the appli ...)
NOT-FOR-US: Dell
CVE-2023-44302 (Dell DM5500 5.14.0.0 and prior contain an improper
authentication vuln ...)
NOT-FOR-US: Dell
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dae8f8c290fc6c39c97aa9195321c6c8473eb244
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dae8f8c290fc6c39c97aa9195321c6c8473eb244
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
