From 8dd7679f67237b40883550e50db5f73b3ad07fe3 Mon Sep 17 00:00:00 2001 From: security tracker role Date: Mon, 28 Aug 2023 08:13:07 +0000 Subject: automatic update --- data/CVE/list | 86 ++++++++++++++++++++++++++++++++++++++++------------------- 1 file changed, 59 insertions(+), 27 deletions(-) (limited to 'data') diff --git a/data/CVE/list b/data/CVE/list index f38bf9e51e..03a0ab56ed 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,35 @@ +CVE-2023-4561 (Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s ...) + TODO: check +CVE-2023-4560 (Improper Authorization of Index Containing Sensitive Information in Gi ...) + TODO: check +CVE-2023-4559 (A vulnerability, which was classified as critical, has been found in B ...) + TODO: check +CVE-2023-4558 (A vulnerability classified as critical was found in SourceCodester Inv ...) + TODO: check +CVE-2023-4557 (A vulnerability classified as critical has been found in SourceCodeste ...) + TODO: check +CVE-2023-40195 (Deserialization of Untrusted Data, Inclusion of Functionality from Unt ...) + TODO: check +CVE-2023-38730 (IBM Storage Copy Data Management 2.2.0.0 through 2.2.19.0 uses weaker ...) + TODO: check +CVE-2023-38030 (Saho\u2019s attendance devices ADM100 and ADM-100FP have a vulnerabili ...) + TODO: check +CVE-2023-38029 (Saho\u2019s attendance devices ADM100 and ADM-100FP has insufficient f ...) + TODO: check +CVE-2023-38028 (Saho\u2019s attendance devices ADM100 and ADM-100FP have insufficient ...) + TODO: check +CVE-2023-38027 (SpotCam Co., Ltd. SpotCam Sense\u2019s hidden Telnet function has a vu ...) + TODO: check +CVE-2023-38026 (SpotCam Co., Ltd. SpotCam FHD 2 has a vulnerability of using hard-code ...) + TODO: check +CVE-2023-38025 (SpotCam Co., Ltd. SpotCam FHD 2\u2019s hidden Telnet function has a vu ...) + TODO: check +CVE-2023-38024 (SpotCam Co., Ltd. SpotCam FHD 2\u2019s hidden Telnet function has a vu ...) + TODO: check +CVE-2023-33852 (IBM Security Guardium 11.4 is vulnerable to SQL injection. A remote at ...) + TODO: check +CVE-2016-15035 (A vulnerability was found in Doc2k RE-Chat 1.0. It has been classified ...) + TODO: check CVE-2023-4556 (A vulnerability was found in SourceCodester Online Graduate Tracer Sys ...) NOT-FOR-US: SourceCodester Online Graduate Tracer System CVE-2023-4555 (A vulnerability has been found in SourceCodester Inventory Management ...) @@ -16255,12 +16287,12 @@ CVE-2023-30439 RESERVED CVE-2023-30438 (An internally discovered vulnerability in PowerVM on IBM Power9 and Po ...) NOT-FOR-US: IBM -CVE-2023-30437 - RESERVED -CVE-2023-30436 - RESERVED -CVE-2023-30435 - RESERVED +CVE-2023-30437 (IBM Security Guardium 11.3, 11.4, and 11.5 could allow an unauthorized ...) + TODO: check +CVE-2023-30436 (IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to cross-site ...) + TODO: check +CVE-2023-30435 (IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cro ...) + TODO: check CVE-2023-30434 (IBM Storage Scale (IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 ...) NOT-FOR-US: IBM CVE-2023-30433 (IBM Security Verify Access 10.0 could allow a remote attacker to condu ...) @@ -25038,8 +25070,7 @@ CVE-2023-27605 RESERVED CVE-2023-1178 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...) - gitlab 15.10.8+ds1-2 -CVE-2023-27604 - RESERVED +CVE-2023-27604 (Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a ...) NOT-FOR-US: Apache Airflow Sqoop Provider CVE-2023-27603 (In Apache Linkis <=1.3.1, due to the Manager module engineConn materia ...) NOT-FOR-US: Apache Linkis @@ -28628,12 +28659,12 @@ CVE-2023-26274 (IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. Thi NOT-FOR-US: IBM CVE-2023-26273 (IBM QRadar SIEM 7.5.0 could allow an authenticated user to perform una ...) NOT-FOR-US: IBM -CVE-2023-26272 - RESERVED -CVE-2023-26271 - RESERVED -CVE-2023-26270 - RESERVED +CVE-2023-26272 (IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager ...) + TODO: check +CVE-2023-26271 (IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager ...) + TODO: check +CVE-2023-26270 (IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager ...) + TODO: check CVE-2023-26269 (Apache James server version 3.7.3 and earlier provides a JMX managemen ...) NOT-FOR-US: Apache James CVE-2023-26268 (Design documents with matching document IDs, from databases on the sam ...) @@ -32796,8 +32827,8 @@ CVE-2023-24961 RESERVED CVE-2023-24960 (IBM InfoSphere Information Server 11.7 could allow a remote attacker t ...) NOT-FOR-US: IBM -CVE-2023-24959 - RESERVED +CVE-2023-24959 (IBM InfoSphere Information Systems 11.7 could expose information about ...) + TODO: check CVE-2023-24958 (A vulnerability in the IBM TS7700 Management Interface 8.51.2.12, 8.52 ...) NOT-FOR-US: IBM CVE-2023-24957 (IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0. ...) @@ -37342,8 +37373,8 @@ CVE-2023-23475 (IBM Infosphere Information Server 11.7 is vulnerable to cross-si NOT-FOR-US: IBM CVE-2023-23474 RESERVED -CVE-2023-23473 - RESERVED +CVE-2023-23473 (IBM InfoSphere Information Server 11.7 is vulnerable to cross-site req ...) + TODO: check CVE-2023-23472 RESERVED CVE-2023-23471 @@ -39270,8 +39301,8 @@ CVE-2023-22879 RESERVED CVE-2023-22878 (IBM InfoSphere Information Server 11.7 stores user credentials in plai ...) NOT-FOR-US: IBM -CVE-2023-22877 - RESERVED +CVE-2023-22877 (IBM InfoSphere Information Server 11.7 is potentially vulnerable to CS ...) + TODO: check CVE-2023-22876 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 a ...) NOT-FOR-US: IBM CVE-2023-22875 (IBM QRadar SIEM 7.4 and 7.5copies certificate key files used for SSL/T ...) @@ -57686,6 +57717,7 @@ CVE-2023-20199 (A vulnerability in Cisco Duo Two-Factor Authentication for macOS CVE-2023-20198 RESERVED CVE-2023-20197 (A vulnerability in the filesystem image parser for Hierarchical File S ...) + {DLA-3544-1} - clamav 1.0.2+dfsg-1 (bug #1050057) [bookworm] - clamav (clamav is updated via -updates) [bullseye] - clamav (clamav is updated via -updates) @@ -58270,18 +58302,18 @@ CVE-2022-43911 RESERVED CVE-2022-43910 (IBM Security Guardium 11.3 could allow a local user to escalate their ...) NOT-FOR-US: IBM -CVE-2022-43909 - RESERVED +CVE-2022-43909 (IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This ...) + TODO: check CVE-2022-43908 (IBM Security Guardium 11.3 could allow an authenticated user to cause ...) NOT-FOR-US: IBM -CVE-2022-43907 - RESERVED +CVE-2022-43907 (IBM Security Guardium 11.4 could allow a remote authenticated attacker ...) + TODO: check CVE-2022-43906 RESERVED CVE-2022-43905 RESERVED -CVE-2022-43904 - RESERVED +CVE-2022-43904 (IBM Security Guardium 11.3 and 11.4 could disclose sensitive informati ...) + TODO: check CVE-2022-43903 RESERVED CVE-2022-43902 (IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS is vulnerable to a denial ...) @@ -224708,7 +224740,7 @@ CVE-2020-19911 RESERVED CVE-2020-19910 RESERVED -CVE-2020-19909 (Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via cr ...) +CVE-2020-19909 (Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a ...) - curl 7.66.0-1 (unimportant) NOTE: https://github.com/curl/curl/pull/4166 NOTE: Fixed by: https://github.com/curl/curl/commit/db0a0dfb0eb41d39273b0590b992df58f38b9a4d (curl-7_66_0) -- cgit v1.2.3