diff options
| author | security tracker role <sectracker@soriano.debian.org> | 2023-11-02 08:12:03 +0000 |
|---|---|---|
| committer | security tracker role <sectracker@soriano.debian.org> | 2023-11-02 08:12:03 +0000 |
| commit | b625ad7dc5285ebeb2efbef586a00b8bb83a5a33 (patch) | |
| tree | 6cd14cbcd2074d5657a11a65ef35c718fd7c3458 /data | |
| parent | 79268a2e8175ececadc6c2aa7d40fb1edb1b4d72 (diff) | |
automatic update
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 66 |
1 files changed, 57 insertions, 9 deletions
diff --git a/data/CVE/list b/data/CVE/list index 14f189a207..f17d9f0627 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,51 @@ +CVE-2023-5910 (A vulnerability was found in PopojiCMS 2.0.1 and classified as problem ...) + TODO: check +CVE-2023-47204 (Unsafe YAML deserialization in yaml.Loader in transmute-core before 1. ...) + TODO: check +CVE-2023-46595 (Net-NTLM leak in Fireflow A32.20 and A32.50 allows an attackerto obtai ...) + TODO: check +CVE-2023-46448 (Reflected Cross-Site Scripting (XSS) vulnerability in dmpop Mejiro Com ...) + TODO: check +CVE-2023-46428 (An arbitrary file upload vulnerability in HadSky v7.12.10 allows attac ...) + TODO: check +CVE-2023-46327 (Multiple MFPs (multifunction printers) provided by FUJIFILM Business I ...) + TODO: check +CVE-2023-45203 (Online Examination System v1.0 is vulnerable to multiple Open Redirect ...) + TODO: check +CVE-2023-45202 (Online Examination System v1.0 is vulnerable to multiple Open Redirect ...) + TODO: check +CVE-2023-45201 (Online Examination System v1.0 is vulnerable to multiple Open Redirect ...) + TODO: check +CVE-2023-45114 (Online Examination System v1.0 is vulnerable to multiple Unauthenticat ...) + TODO: check +CVE-2023-45113 (Online Examination System v1.0 is vulnerable to multiple Unauthenticat ...) + TODO: check +CVE-2023-45112 (Online Examination System v1.0 is vulnerable to multiple Unauthenticat ...) + TODO: check +CVE-2023-45111 (Online Examination System v1.0 is vulnerable to multiple Unauthenticat ...) + TODO: check +CVE-2023-45019 (Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticat ...) + TODO: check +CVE-2023-45018 (Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticat ...) + TODO: check +CVE-2023-45017 (Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticat ...) + TODO: check +CVE-2023-45016 (Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticat ...) + TODO: check +CVE-2023-45015 (Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticat ...) + TODO: check +CVE-2023-45014 (Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticat ...) + TODO: check +CVE-2023-45013 (Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticat ...) + TODO: check +CVE-2023-45012 (Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticat ...) + TODO: check +CVE-2023-44954 (Cross Site Scripting vulnerability in BigTree CMS v.4.5.7 allows a rem ...) + TODO: check +CVE-2023-44025 (SQL injection vulnerability in addify Addifyfreegifts v.1.0.2 and befo ...) + TODO: check +CVE-2023-39281 (A stack buffer overflow vulnerability discovered in AsfSecureBootDxe i ...) + TODO: check CVE-2023-5849 (Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allow ...) - chromium <unfixed> [buster] - chromium <end-of-life> (see DSA 5046) @@ -97,7 +145,7 @@ CVE-2023-33227 (The Network Configuration Manager was susceptible to a Directory NOT-FOR-US: SolarWinds CVE-2023-33226 (The Network Configuration Manager was susceptible to a Directory Trave ...) NOT-FOR-US: SolarWinds -CVE-2023-46695 +CVE-2023-46695 (An issue was discovered in Django 3.2 before 3.2.23, 4.1 before 4.1.13 ...) - python-django <not-affected> (Only an issue on windows) NOTE: https://www.djangoproject.com/weblog/2023/nov/01/security-releases/ CVE-2023-5831 @@ -158,17 +206,17 @@ CVE-2023-4198 (Improper Access Control in Dolibarr ERP CRM <= v17.0.3 allows an - dolibarr <removed> CVE-2023-4197 (Improper input validation in Dolibarr ERP CRM <= v18.0.1 fails to stri ...) - dolibarr <removed> -CVE-2023-47099 (An issue was discovered in Virtualmin 7.7. The Create Virtual Server f ...) +CVE-2023-47099 (A Stored Cross-Site Scripting (XSS) vulnerability in the Create Virtua ...) NOT-FOR-US: Virtualmin -CVE-2023-47098 (An issue was discovered in Virtualmin 7.7. A Stored Cross-Site Scripti ...) +CVE-2023-47098 (A Stored Cross-Site Scripting (XSS) vulnerability in the Manage Extra ...) NOT-FOR-US: Virtualmin -CVE-2023-47097 (An issue was discovered in Virtualmin 7.7. The Server Templates featur ...) +CVE-2023-47097 (A Stored Cross-Site Scripting (XSS) vulnerability in the Server Templa ...) NOT-FOR-US: Virtualmin -CVE-2023-47096 (An issue was discovered in Virtualmin 7.7. The Cloudmin Services Clien ...) +CVE-2023-47096 (A Reflected Cross-Site Scripting (XSS) vulnerability in the Cloudmin S ...) NOT-FOR-US: Virtualmin -CVE-2023-47095 (An issue was discovered in Virtualmin 7.7. The Custom Fields feature o ...) +CVE-2023-47095 (A Stored Cross-Site Scripting (XSS) vulnerability in the Custom fields ...) NOT-FOR-US: Virtualmin -CVE-2023-47094 (An issue was discovered in Virtualmin 7.7. A Stored Cross-Site Scripti ...) +CVE-2023-47094 (A Stored Cross-Site Scripting (XSS) vulnerability in the Account Plans ...) NOT-FOR-US: Virtualmin CVE-2023-46485 (An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote att ...) NOT-FOR-US: TOTOLINK @@ -1820,7 +1868,7 @@ CVE-2023-XXXX [SQUID-2021:8 Denial of Service in Gopher gateway] NOTE: https://github.com/squid-cache/squid/commit/6ea12e8fb590ac6959e9356a81aa3370576568c3 (SQUID_6_0_1) NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-cg5h-v6vc-w33f NOTE: https://megamansec.github.io/Squid-Security-Audit/gopher-nullpointer.html -CVE-2023-46724 [Squid: Buffer UnderRead in SSL CN Parsing] +CVE-2023-46724 (Squid is a caching proxy for the Web. Due to an Improper Validation of ...) - squid <unfixed> [buster] - squid <not-affected> (Doesn't build with OpenSSL yet) NOTE: https://github.com/squid-cache/squid/commit/792ef23e6e1c05780fe17f733859eef6eb8c8be3 @@ -4705,7 +4753,7 @@ CVE-2023-32972 (A buffer copy without checking size of input vulnerability has b NOT-FOR-US: QNAP CVE-2023-32971 (A buffer copy without checking size of input vulnerability has been re ...) NOT-FOR-US: QNAP -CVE-2023-5408 +CVE-2023-5408 (A privilege escalation flaw was found in the node restriction admissio ...) NOT-FOR-US: OpenShift CVE-2023-4061 NOT-FOR-US: Red Hat Enterprise Application Platform |