Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
57917e90 by Salvatore Bonaccorso at 2023-04-17T22:12:44+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6538,7 +6538,7 @@ CVE-2023-1475 (A vulnerability, which was classified as
critical, has been found
CVE-2023-1474 (A vulnerability classified as critical was found in
SourceCodester Aut ...)
NOT-FOR-US: SourceCodester Automatic Question Paper Generator System
CVE-2023-1473 (The Slider, Gallery, and Carousel by MetaSlider WordPress
plugin 3.29. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1472 (The RapidLoad Power-Up for Autoptimize plugin for WordPress is
vulnera ...)
NOT-FOR-US: RapidLoad Power-Up for Autoptimize plugin for WordPress
CVE-2023-1471 (The WP Popup Banners plugin for WordPress is vulnerable to SQL
Injecti ...)
@@ -6646,7 +6646,7 @@ CVE-2023-1429 (Cross-site Scripting (XSS) - Reflected in
GitHub repository pimco
CVE-2023-1428
RESERVED
CVE-2023-1427 (- The Photo Gallery by 10Web WordPress plugin before 1.8.15 did
not en ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1426 (The WP Tiles WordPress plugin through 1.1.2 does not ensure
that posts ...)
NOT-FOR-US: WordPress plugin
CVE-2023-1425 (The WordPress CRM, Email & Marketing Automation for
WordPress | Aw ...)
@@ -6990,7 +6990,7 @@ CVE-2023-1415 (A vulnerability was found in Simple Art
Gallery 1.0. It has been
CVE-2023-1414
RESERVED
CVE-2023-1413 (The WP VR WordPress plugin before 8.2.9 does not sanitise and
escape s ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1412 (An unprivileged (non-admin) user can exploit an Improper Access
Contro ...)
NOT-FOR-US: Cloudflare WARP
CVE-2023-1411
@@ -7719,11 +7719,11 @@ CVE-2023-1375
CVE-2023-1374 (The Solidres plugin for WordPress is vulnerable to Stored
Cross-Site S ...)
NOT-FOR-US: Solidres plugin for WordPress
CVE-2023-1373 (The W4 Post List WordPress plugin before 2.4.6 does not escape
some UR ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1372 (The WH Testimonials plugin for WordPress is vulnerable to
Stored Cross ...)
NOT-FOR-US: WH Testimonials plugin for WordPress
CVE-2023-1371 (The W4 Post List WordPress plugin before 2.4.6 does not ensure
that pa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1370 ([Json-smart](https://netplex.github.io/json-smart/) is a
performance f ...)
{DLA-3373-1}
- json-smart <unfixed> (bug #1033474)
@@ -8171,7 +8171,7 @@ CVE-2023-1333 (The RapidLoad Power-Up for Autoptimize
plugin for WordPress is vu
CVE-2023-1332
RESERVED
CVE-2023-1331 (The Redirection WordPress plugin before 1.1.5 does not have
CSRF check ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1330 (The Redirection WordPress plugin before 1.1.4 does not add
nonce verif ...)
NOT-FOR-US: WordPress plugin
CVE-2023-1329
@@ -8183,7 +8183,7 @@ CVE-2023-1327 (Netgear RAX30 (AX2400), prior to version
1.0.6.74, was affected b
CVE-2023-1326 (A privilege escalation attack was found in apport-cli 2.26.0
and earli ...)
NOT-FOR-US: Apport
CVE-2023-1325 (The Easy Forms for Mailchimp WordPress plugin before 6.8.7 does
not va ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1324
RESERVED
CVE-2023-1323
@@ -8383,7 +8383,7 @@ CVE-2023-1284
CVE-2023-1283 (Code Injection in GitHub repository builderio/qwik prior to
0.21.0. ...)
NOT-FOR-US: qwik
CVE-2023-1282 (The Drag and Drop Multiple File Upload PRO - Contact Form 7
Standard W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1281 (Use After Free vulnerability in Linux kernel traffic control
index fil ...)
- linux 6.1.15-1
NOTE: https://kernel.dance/#ee059170b1f7e94e55fa6cadee544e176a6e59c2
@@ -8496,7 +8496,7 @@ CVE-2023-1276 (A vulnerability, which was classified as
critical, has been found
CVE-2023-1275 (A vulnerability classified as problematic was found in
SourceCodester ...)
NOT-FOR-US: SourceCodester Phone Shop Sales Managements System
CVE-2023-1274 (The Pricing Tables For WPBakery Page Builder (formerly Visual
Composer ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1273
RESERVED
CVE-2023-1272
@@ -13870,7 +13870,7 @@ CVE-2023-0891
CVE-2023-0890 (The WordPress Shortcodes Plugin — Shortcodes Ultimate
WordPress ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0889 (Themeflection Numbers WordPress plugin before 2.0.1 does not
have auth ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0888 (An improper neutralization of directives in dynamically
evaluated code ...)
NOT-FOR-US: Space Battery Pack SP with Wi-Fi
CVE-2023-0887 (A vulnerability was found in phjounin TFTPD64-SE 4.64 and
classified a ...)
@@ -15093,9 +15093,9 @@ CVE-2023-0767
CVE-2023-0766
RESERVED
CVE-2023-0765 (The Gallery by BestWebSoft WordPress plugin before 4.7.0 does
not prop ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0764 (The Gallery by BestWebSoft WordPress plugin before 4.7.0 does
not perf ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0763
RESERVED
CVE-2023-0762
@@ -20232,7 +20232,7 @@ CVE-2023-0376
CVE-2023-0375 (The Easy Affiliate Links WordPress plugin before 3.7.1 does not
valida ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0374 (The W4 Post List WordPress plugin before 2.4.6 does not
validate and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0373 (The Lightweight Accordion WordPress plugin before 1.5.15 does
not vali ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0372 (The EmbedStories WordPress plugin before 0.7.5 does not
validate and e ...)
@@ -20312,7 +20312,7 @@ CVE-2023-23755
CVE-2023-23754
RESERVED
CVE-2023-0367 (The Pricing Tables For WPBakery Page Builder (formerly Visual
Composer ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0366 (The Loan Comparison WordPress plugin before 1.5.3 does not
validate an ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0365 (The React Webcam WordPress plugin through 1.2.0 does not
validate and ...)
@@ -21058,7 +21058,7 @@ CVE-2023-0279 (The Media Library Assistant WordPress
plugin before 3.06 does not
CVE-2023-0278 (The GeoDirectory WordPress plugin before 2.2.24 does not
properly sani ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0277 (The WC Fields Factory WordPress plugin through 4.1.5 does not
properly ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0276
RESERVED
CVE-2023-0275 (The Easy Accept Payments for PayPal WordPress plugin before
4.9.10 doe ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57917e90cef52262c04a1a181c7e233bb71e99a6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57917e90cef52262c04a1a181c7e233bb71e99a6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
