diff options
author | security tracker role <sectracker@soriano.debian.org> | 2023-05-26 08:12:01 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2023-05-26 08:12:01 +0000 |
commit | 5b1967daf5c957b2d562b128123442ca73a1e752 (patch) | |
tree | 7aa909fcee5794e3d206b22c3e9826e5d9765226 | |
parent | 7525bece9dfc9a930ea29d1f395eb98d03d9333c (diff) |
automatic update
-rw-r--r-- | data/CVE/list | 23 |
1 files changed, 15 insertions, 8 deletions
diff --git a/data/CVE/list b/data/CVE/list index dad1c76472..8c226edf23 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,13 @@ +CVE-2023-32074 (user_oidc app is an OpenID Connect user backend for Nextcloud. Authent ...) + TODO: check +CVE-2023-2903 (A vulnerability classified as problematic has been found in NFine Rapi ...) + TODO: check +CVE-2023-2902 (A vulnerability was found in NFine Rapid Development Platform 20230511 ...) + TODO: check +CVE-2023-2901 (A vulnerability was found in NFine Rapid Development Platform 20230511 ...) + TODO: check +CVE-2023-2900 (A vulnerability was found in NFine Rapid Development Platform 20230511 ...) + TODO: check CVE-2023-33751 (A stored cross-site scripting (XSS) vulnerability in mipjz v5.0.5 allo ...) NOT-FOR-US: mipjz CVE-2023-33750 (A stored cross-site scripting (XSS) vulnerability in mipjz v5.0.5 allo ...) @@ -354,7 +364,7 @@ CVE-2023-2587 (Teltonika\u2019s Remote Management System versions prior to 4.10. NOT-FOR-US: Teltonika CVE-2023-2586 (Teltonika\u2019s Remote Management System versions 4.14.0 is vulnerabl ...) NOT-FOR-US: Teltonika -CVE-2023-32067 +CVE-2023-32067 (c-ares is an asynchronous resolver library. c-ares is vulnerable to de ...) [experimental] - c-ares 1.19.1-1 - c-ares <unfixed> NOTE: https://github.com/c-ares/c-ares/security/advisories/GHSA-9g78-jv2r-p7vc @@ -456,7 +466,7 @@ CVE-2023-2814 (A vulnerability classified as problematic has been found in Sourc NOT-FOR-US: SourceCodester Class Scheduling System CVE-2023-2806 (A vulnerability classified as problematic was found in Weaver e-cology ...) NOT-FOR-US: Weaver e-cology -CVE-2023-2804 +CVE-2023-2804 (A heap-based buffer overflow issue was discovered in libjpeg-turbo in ...) - libjpeg-turbo <not-affected> (Vulnerable code not present) NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/675 NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9f756bc67a84d4566bf74a0c2432aa55da404021 @@ -2237,8 +2247,7 @@ CVE-2023-31149 (An Improper Input Validation vulnerability in the Schweitzer E NOT-FOR-US: Schweitzer Engineering Laboratories CVE-2023-31148 (An Improper Input Validation vulnerability in the Schweitzer Enginee ...) NOT-FOR-US: Schweitzer Engineering Laboratories -CVE-2023-31147 - RESERVED +CVE-2023-31147 (c-ares is an asynchronous resolver library. When /dev/urandom or RtlGe ...) [experimental] - c-ares 1.19.1-1 - c-ares <unfixed> (unimportant) NOTE: https://github.com/c-ares/c-ares/security/advisories/GHSA-8r8p-23f3-64c2 @@ -2278,8 +2287,7 @@ CVE-2023-31132 RESERVED CVE-2023-31131 (Greenplum Database (GPDB) is an open source data warehouse based on Po ...) NOT-FOR-US: Greenplum Database -CVE-2023-31130 - RESERVED +CVE-2023-31130 (c-ares is an asynchronous resolver library. ares_inet_net_pton() is vu ...) [experimental] - c-ares 1.19.1-1 - c-ares <unfixed> NOTE: https://github.com/c-ares/c-ares/security/advisories/GHSA-x6mf-cxr9-8q6v @@ -2294,8 +2302,7 @@ CVE-2023-31126 (`org.xwiki.commons:xwiki-commons-xml` is an XML library used by NOT-FOR-US: org.xwiki.commons:xwiki-commons-xml CVE-2023-31125 (Engine.IO is the implementation of transport-based cross-browser/cross ...) NOT-FOR-US: Engine.IO -CVE-2023-31124 - RESERVED +CVE-2023-31124 (c-ares is an asynchronous resolver library. When cross-compiling c-are ...) [experimental] - c-ares 1.19.1-1 - c-ares <unfixed> (unimportant) NOTE: https://github.com/c-ares/c-ares/security/advisories/GHSA-54xr-f67r-4pc4 |