From 6e329afb752bdcc0b755308362564e1486032d89 Mon Sep 17 00:00:00 2001 From: security tracker role Date: Fri, 27 Oct 2023 20:12:30 +0000 Subject: automatic update --- data/CVE/list | 94 +++++++++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 72 insertions(+), 22 deletions(-) (limited to 'data') diff --git a/data/CVE/list b/data/CVE/list index ad2cecf093..de73117f7c 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,51 @@ +CVE-2023-5829 (A vulnerability was found in code-projects Admission Management System ...) + TODO: check +CVE-2023-5828 (A vulnerability was found in Nanning Ontall Longxing Industrial Develo ...) + TODO: check +CVE-2023-5827 (A vulnerability was found in Shanghai CTI Navigation CTI Monitoring an ...) + TODO: check +CVE-2023-5826 (A vulnerability was found in Netentsec NS-ASG Application Security Gat ...) + TODO: check +CVE-2023-5821 (The Thumbnail carousel slider plugin for WordPress is vulnerable to Cr ...) + TODO: check +CVE-2023-5820 (The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable ...) + TODO: check +CVE-2023-5817 (The Neon text plugin for WordPress is vulnerable to Stored Cross-Site ...) + TODO: check +CVE-2023-5807 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) + TODO: check +CVE-2023-5774 (The Animated Counters plugin for WordPress is vulnerable to Stored Cro ...) + TODO: check +CVE-2023-5705 (The VK Filter Search plugin for WordPress is vulnerable to Stored Cros ...) + TODO: check +CVE-2023-5570 (Improper Protection for Outbound Error Messages and Alert Signals vuln ...) + TODO: check +CVE-2023-5443 (Improper Protection for Outbound Error Messages and Alert Signals vuln ...) + TODO: check +CVE-2023-4967 (Denial of Service in NetScaler ADC and NetScaler Gateway when configur ...) + TODO: check +CVE-2023-46853 (In Memcached before 1.6.22, an off-by-one error exists when processing ...) + TODO: check +CVE-2023-46852 (In Memcached before 1.6.22, a buffer overflow exists when processing m ...) + TODO: check +CVE-2023-46604 (Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerabili ...) + TODO: check +CVE-2023-46407 (FFmpeg prior to commit bf814 was discovered to contain an out of bound ...) + TODO: check +CVE-2023-46394 (A stored cross-site scripting (XSS) vulnerability in /home/user/edit_s ...) + TODO: check +CVE-2023-46393 (gougucms v4.08.18 was discovered to contain a password reset poisoning ...) + TODO: check +CVE-2023-46290 (Due to inadequate code logic, a previously unauthenticated threat acto ...) + TODO: check +CVE-2023-46289 (Rockwell Automation FactoryTalk View Site Edition insufficiently valid ...) + TODO: check +CVE-2023-46246 (Vim is an improved version of the good old UNIX editor Vi. Heap-use-af ...) + TODO: check +CVE-2023-44377 (Online Art Gallery v1.0 is vulnerable to multiple Unauthenticated SQL ...) + TODO: check +CVE-2023-44376 (Online Art Gallery v1.0 is vulnerable to multiple Unauthenticated SQL ...) + TODO: check CVE-2023-5814 (A vulnerability was found in SourceCodester Task Reminder System 1.0. ...) NOT-FOR-US: SourceCodester Task Reminder System CVE-2023-5813 (A vulnerability was found in SourceCodester Task Reminder System 1.0 a ...) @@ -30247,8 +30295,8 @@ CVE-2023-29011 (Git for Windows, the Windows port of Git, ships with an executab NOT-FOR-US: Git for Windows CVE-2023-29010 (Budibase is a low code platform for creating internal tools, workflows ...) NOT-FOR-US: budibase -CVE-2023-29009 - RESERVED +CVE-2023-29009 (baserCMS is a website development framework with WebAPI that runs on P ...) + TODO: check CVE-2023-29008 (The SvelteKit framework offers developers an option to create simple R ...) NOT-FOR-US: SvelteKit CVE-2023-29007 (Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2. ...) @@ -34370,16 +34418,16 @@ CVE-2023-27860 (IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could disclose s NOT-FOR-US: IBM CVE-2023-27859 RESERVED -CVE-2023-27858 - RESERVED +CVE-2023-27858 (Rockwell Automation Arena Simulation contains an arbitrary code execut ...) + TODO: check CVE-2023-27857 (In affected versions, a heap-based buffer over-read condition occurs w ...) NOT-FOR-US: Rockwell CVE-2023-27856 (In affected versions, path traversal exists when processing a message ...) NOT-FOR-US: Rockwell CVE-2023-27855 (In affected versions, a path traversal exists when processing a messag ...) NOT-FOR-US: Rockwell -CVE-2023-27854 - RESERVED +CVE-2023-27854 (An arbitrary code execution vulnerability was reported to Rockwell Aut ...) + TODO: check CVE-2023-25947 (The bundle management subsystem within OpenHarmony-v3.1.4 and prior ve ...) NOT-FOR-US: OpenHarmony CVE-2023-25076 (A buffer overflow vulnerability exists in the handling of wildcard bac ...) @@ -53972,6 +54020,7 @@ CVE-2023-22083 (Vulnerability in the Oracle Enterprise Session Border Controller CVE-2023-22082 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...) NOT-FOR-US: Oracle CVE-2023-22081 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of ...) + {DSA-5537-1} - openjdk-8 8u392-ga-1 - openjdk-11 11.0.21+9-1 - openjdk-17 17.0.9+9-1 @@ -54003,6 +54052,7 @@ CVE-2023-22069 (Vulnerability in the Oracle WebLogic Server product of Oracle Fu CVE-2023-22068 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2023-22067 (Vulnerability in Oracle Java SE (component: CORBA). Supported version ...) + {DSA-5537-1} - openjdk-11 11.0.21+9-1 - openjdk-8 8u392-ga-1 CVE-2023-22066 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) @@ -68775,12 +68825,12 @@ CVE-2022-3704 (A vulnerability classified as problematic has been found in Ruby NOTE: Considered only a bug withouth security impact by the rails team CVE-2022-3703 (All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prio ...) NOT-FOR-US: ETIC Telecom Remote Access Server (RAS) -CVE-2022-3702 - RESERVED -CVE-2022-3701 - RESERVED -CVE-2022-3700 - RESERVED +CVE-2022-3702 (A denial of service vulnerability was reported in Lenovo Vantage Hardw ...) + TODO: check +CVE-2022-3701 (A privilege elevation vulnerability was reported in the Lenovo Vantage ...) + TODO: check +CVE-2022-3700 (A Time of Check Time of Use (TOCTOU) vulnerability was reported in the ...) + TODO: check CVE-2022-3699 (A privilege escalation vulnerability was reported in the Lenovo Hardwa ...) NOT-FOR-US: Lenovo CVE-2022-3698 (A denial of service vulnerability was reported in the Lenovo HardwareS ...) @@ -68852,8 +68902,8 @@ CVE-2022-3683 (A vulnerability exists in the SDM600 API web services authorizati NOT-FOR-US: ABB SDM600 CVE-2022-3682 (A vulnerability exists in the SDM600 file permission validation. An a ...) NOT-FOR-US: ABB SDM600 -CVE-2022-3681 - RESERVED +CVE-2022-3681 (A vulnerability has been identified in the MR2600 router v1.0.18 and e ...) + TODO: check CVE-2022-43746 RESERVED CVE-2022-43745 @@ -69837,8 +69887,8 @@ CVE-2022-3613 (An issue has been discovered in GitLab CE/EE affecting all versio - gitlab 15.10.8+ds1-2 CVE-2022-3612 RESERVED -CVE-2022-3611 - RESERVED +CVE-2022-3611 (An information disclosure vulnerability has been identified in the Len ...) + TODO: check CVE-2022-3610 (The Jeeng Push Notifications WordPress plugin before 2.0.4 does not sa ...) NOT-FOR-US: WordPress plugin CVE-2022-3609 (The GetYourGuide Ticketing WordPress plugin before 1.0.4 does not sani ...) @@ -72604,8 +72654,8 @@ CVE-2022-38451 (A directory traversal vulnerability exists in the httpd update.c NOT-FOR-US: FreshTomato CVE-2022-38091 RESERVED -CVE-2022-3429 - RESERVED +CVE-2022-3429 (A denial-of-service vulnerability was found in the firmware used in Le ...) + TODO: check CVE-2022-3428 RESERVED CVE-2022-3427 (The Corner Ad plugin for WordPress is vulnerable to Cross-Site Request ...) @@ -93306,10 +93356,10 @@ CVE-2022-34889 (This vulnerability allows local attackers to escalate privileges NOT-FOR-US: Parallels CVE-2022-34888 (The Remote Mount feature can potentially be abused by valid, authentic ...) NOT-FOR-US: Lenovo -CVE-2022-34887 - RESERVED -CVE-2022-34886 - RESERVED +CVE-2022-34887 (Standard users can directly operate and set printer configuration info ...) + TODO: check +CVE-2022-34886 (A remote code execution vulnerability was found in the firmware used i ...) + TODO: check CVE-2022-34885 (An improper input sanitization vulnerability in the Motorola MR2600 ro ...) NOT-FOR-US: Motorola CVE-2022-34884 (A buffer overflow exists in the Remote Presence subsystem which can po ...) -- cgit v1.2.3