From ef9b27109a075997ad84cc7f58f26e0ddc08cc8c Mon Sep 17 00:00:00 2001 From: security tracker role Date: Sat, 28 Oct 2023 08:11:41 +0000 Subject: automatic update --- data/CVE/list | 100 +++++++++++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 88 insertions(+), 12 deletions(-) (limited to 'data') diff --git a/data/CVE/list b/data/CVE/list index c9ed39561b..aebbd1258e 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,79 @@ +CVE-2023-5834 (HashiCorp Vagrant's Windows installer targeted a custom location with ...) + TODO: check +CVE-2023-5830 (A vulnerability classified as critical has been found in ColumbiaSoft ...) + TODO: check +CVE-2023-46587 (Buffer Overflow vulnerability in XnView Classic v.2.51.5 allows a loca ...) + TODO: check +CVE-2023-46570 (An out-of-bounds read in radare2 v.5.8.9 and before exists in the prin ...) + TODO: check +CVE-2023-46569 (An out-of-bounds read in radare2 v.5.8.9 and before exists in the prin ...) + TODO: check +CVE-2023-46510 (An issue in ZIONCOM (Hong Kong) Technology Limited A7000R v.4.1cu.4154 ...) + TODO: check +CVE-2023-46509 (An issue in Contec SolarView Compact v.6.0 and before allows an attack ...) + TODO: check +CVE-2023-46490 (SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker ...) + TODO: check +CVE-2023-46468 (An issue in juzawebCMS v.3.4 and before allows a remote attacker to ex ...) + TODO: check +CVE-2023-46467 (Cross Site Scripting vulnerability in juzawebCMS v.3.4 and before allo ...) + TODO: check +CVE-2023-46215 (Insertion of Sensitive Information into Log File vulnerability in Apac ...) + TODO: check +CVE-2023-46211 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...) + TODO: check +CVE-2023-46209 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in G5Theme ...) + TODO: check +CVE-2023-46208 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Stylemix ...) + TODO: check +CVE-2023-46200 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Step ...) + TODO: check +CVE-2023-44480 (Leave Management System Project v1.0 is vulnerable to multiple Authent ...) + TODO: check +CVE-2023-43322 (ZPE Systems, Inc Nodegrid OS v5.0.0 to v5.0.17, v5.2.0 to v5.2.19, v5. ...) + TODO: check +CVE-2023-40140 (In android_view_InputDevice_create of android_view_InputDevice.cpp, th ...) + TODO: check +CVE-2023-40139 (In FillUi of FillUi.java, there is a possible way to view another user ...) + TODO: check +CVE-2023-40138 (In FillUi of FillUi.java, there is a possible way to view another user ...) + TODO: check +CVE-2023-40137 (In multiple functions of DialogFillUi.java, there is a possible way to ...) + TODO: check +CVE-2023-40136 (In setHeader of DialogFillUi.java, there is a possible way to view ano ...) + TODO: check +CVE-2023-40135 (In applyCustomDescription of SaveUi.java, there is a possible way to v ...) + TODO: check +CVE-2023-40134 (In isFullScreen of FillUi.java, there is a possible way to view anothe ...) + TODO: check +CVE-2023-40133 (In multiple locations of DialogFillUi.java, there is a possible way to ...) + TODO: check +CVE-2023-40131 (In GpuService of GpuService.cpp, there is a possible use after free du ...) + TODO: check +CVE-2023-40130 (In onBindingDied of CallRedirectionProcessor.java, there is a possible ...) + TODO: check +CVE-2023-40129 (In build_read_multi_rsp of gatt_sr.cc, there is a possible out of boun ...) + TODO: check +CVE-2023-40128 (In several functions of xmlregexp.c, there is a possible out of bounds ...) + TODO: check +CVE-2023-40127 (In multiple locations, there is a possible way to access screenshots d ...) + TODO: check +CVE-2023-40125 (In onCreate of ApnEditor.java, there is a possible way for a Guest use ...) + TODO: check +CVE-2023-40123 (In updateActionViews of PipMenuView.java, there is a possible bypass o ...) + TODO: check +CVE-2023-40121 (In appendEscapedSQLString of DatabaseUtils.java, there is a possible S ...) + TODO: check +CVE-2023-40120 (In multiple locations, there is a possible way to bypass user notifica ...) + TODO: check +CVE-2023-40117 (In resetSettingsLocked of SettingsProvider.java, there is a possible l ...) + TODO: check +CVE-2023-40116 (In onTaskAppeared of PipTaskOrganizer.java, there is a possible way to ...) + TODO: check +CVE-2023-35794 (An issue was discovered in Cassia Access Controller 2.1.1.2303271039. ...) + TODO: check +CVE-2023-32738 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alka ...) + TODO: check CVE-2023-5829 (A vulnerability was found in code-projects Admission Management System ...) NOT-FOR-US: code-projects Admission Management System CVE-2023-5828 (A vulnerability was found in Nanning Ontall Longxing Industrial Develo ...) @@ -867,7 +943,7 @@ CVE-2023-39619 (ReDos in NPMJS Node Email Check v.1.0.4 allows an attacker to ca CVE-2023-39231 (PingFederate using the PingOne MFA adapter allows a new MFA device to ...) NOT-FOR-US: PingFederate CVE-2023-5732 (An attacker could have created a malicious link using bidirectional ch ...) - {DSA-5535-1 DLA-3632-1} + {DSA-5538-1 DSA-5535-1 DLA-3632-1} - firefox-esr 115.4.0esr-1 - thunderbird 1:115.4.1-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-46/#CVE-2023-5732 @@ -876,7 +952,7 @@ CVE-2023-5731 (Memory safety bugs present in Firefox 118. Some of these bugs sho - firefox 119.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-45/#CVE-2023-5731 CVE-2023-5730 (Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thun ...) - {DSA-5535-1 DLA-3632-1} + {DSA-5538-1 DSA-5535-1 DLA-3632-1} - firefox 119.0-1 - firefox-esr 115.4.0esr-1 - thunderbird 1:115.4.1-1 @@ -887,7 +963,7 @@ CVE-2023-5729 (A malicious web site can enter fullscreen mode while simultaneous - firefox 119.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-45/#CVE-2023-5729 CVE-2023-5728 (During garbage collection extra operations were performed on a object ...) - {DSA-5535-1 DLA-3632-1} + {DSA-5538-1 DSA-5535-1 DLA-3632-1} - firefox 119.0-1 - firefox-esr 115.4.0esr-1 - thunderbird 1:115.4.1-1 @@ -909,7 +985,7 @@ CVE-2023-5726 (A website could have obscured the full screen notification by usi NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-46/#CVE-2023-5726 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/#CVE-2023-5726 CVE-2023-5725 (A malicious installed WebExtension could open arbitrary URLs, which un ...) - {DSA-5535-1 DLA-3632-1} + {DSA-5538-1 DSA-5535-1 DLA-3632-1} - firefox 119.0-1 - firefox-esr 115.4.0esr-1 - thunderbird 1:115.4.1-1 @@ -917,7 +993,7 @@ CVE-2023-5725 (A malicious installed WebExtension could open arbitrary URLs, whi NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-46/#CVE-2023-5725 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/#CVE-2023-5725 CVE-2023-5724 (Drivers are not always robust to extremely large draw calls and in som ...) - {DSA-5535-1 DLA-3632-1} + {DSA-5538-1 DSA-5535-1 DLA-3632-1} - firefox 119.0-1 - firefox-esr 115.4.0esr-1 - thunderbird 1:115.4.1-1 @@ -931,7 +1007,7 @@ CVE-2023-5722 (Using iterative requests an attacker was able to learn the size o - firefox 119.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-45/#CVE-2023-5722 CVE-2023-5721 (It was possible for certain browser prompts and dialogs to be activate ...) - {DSA-5535-1 DLA-3632-1} + {DSA-5538-1 DSA-5535-1 DLA-3632-1} - firefox 119.0-1 - firefox-esr 115.4.0esr-1 - thunderbird 1:115.4.1-1 @@ -93523,12 +93599,12 @@ CVE-2022-34835 (In Das U-Boot through 2022.07-rc5, an integer signedness error a [buster] - u-boot (Minor issue) NOTE: https://lists.denx.de/pipermail/u-boot/2022-June/486113.html NOTE: https://source.denx.de/u-boot/u-boot/-/commit/8f8c04bf1ebbd2f72f1643e7ad9617dafa6e5409 (v2022.07-rc6) -CVE-2022-34834 - RESERVED -CVE-2022-34833 - RESERVED -CVE-2022-34832 - RESERVED +CVE-2022-34834 (An issue was discovered in VERMEG AgileReporter 21.3. Attackers can ga ...) + TODO: check +CVE-2022-34833 (An issue was discovered in VERMEG AgileReporter 21.3. An admin can ent ...) + TODO: check +CVE-2022-34832 (An issue was discovered in VERMEG AgileReporter 21.3. XXE can occur vi ...) + TODO: check CVE-2022-34831 (An issue was discovered in Keyfactor PrimeKey EJBCA before 7.9.0, rela ...) NOT-FOR-US: Keyfactor CVE-2022-34830 (An Arm product family through 2022-06-29 has a TOCTOU Race Condition t ...) -- cgit v1.2.3