Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cc526000 by Salvatore Bonaccorso at 2023-05-31T10:49:48+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15,31 +15,31 @@ CVE-2023-33180 (Xibo is a content management system (CMS).
An SQL injection vuln
CVE-2023-33179 (Xibo is a content management system (CMS). An SQL injection
vulnerabil ...)
TODO: check
CVE-2023-32342 (IBM GSKit could allow a remote attacker to obtain sensitive
informatio ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-2999 (Cross-site Scripting (XSS) - Stored in GitHub repository
thorsten/phpm ...)
TODO: check
CVE-2023-2998 (Cross-site Scripting (XSS) - Stored in GitHub repository
thorsten/phpm ...)
TODO: check
CVE-2023-2987 (The Wordapp plugin for WordPress is vulnerable to authorization
bypass ...)
- TODO: check
+ NOT-FOR-US: Wordapp plugin for WordPress
CVE-2023-2952 (XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and
3.6.0 to 3 ...)
TODO: check
CVE-2023-2836 (The CRM Perks Forms plugin for WordPress is vulnerable to
Stored Cross ...)
- TODO: check
+ NOT-FOR-US: CRM Perks Forms plugin for WordPress
CVE-2023-2612 (Jean-Baptiste Cayrou discovered that the shiftfs file system in
the Ub ...)
TODO: check
CVE-2023-2549 (The Feather Login Page plugin for WordPress is vulnerable to
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: Feather Login Page plugin for WordPress
CVE-2023-2547 (The Feather Login Page plugin for WordPress is vulnerable to
unauthori ...)
- TODO: check
+ NOT-FOR-US: Feather Login Page plugin for WordPress
CVE-2023-2545 (The Feather Login Page plugin for WordPress is vulnerable to
unauthori ...)
- TODO: check
+ NOT-FOR-US: Feather Login Page plugin for WordPress
CVE-2023-2436 (The Blog-in-Blog plugin for WordPress is vulnerable to Stored
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: Blog-in-Blog plugin for WordPress
CVE-2023-2435 (The Blog-in-Blog plugin for WordPress is vulnerable to Local
File Incl ...)
- TODO: check
+ NOT-FOR-US: Blog-in-Blog plugin for WordPress
CVE-2023-2434 (The Nested Pages plugin for WordPress is vulnerable to
unauthorized lo ...)
- TODO: check
+ NOT-FOR-US: Nested Pages plugin for WordPress
CVE-2015-10107 (A vulnerability was found in Simplr Registration Form Plus+
Plugin up ...)
TODO: check
CVE-2014-125103 (A vulnerability was found in BestWebSoft Twitter Plugin up to
1.3.2 on ...)
@@ -2483,7 +2483,7 @@ CVE-2023-2306
CVE-2023-2305
RESERVED
CVE-2023-2304 (The Favorites plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: Favorites plugin for WordPress
CVE-2023-2303
RESERVED
CVE-2023-2302
@@ -9272,7 +9272,7 @@ CVE-2023-1663 (Coverity versions prior to 2023.3.2 are
vulnerable to forced brow
CVE-2023-1662
RESERVED
CVE-2023-1661 (The Display post meta, term meta, comment meta, and user meta
plugin f ...)
- TODO: check
+ NOT-FOR-US: Display post meta, term meta, comment meta, and user meta
plugin for WordPress
CVE-2023-1660 (The AI ChatBot WordPress plugin before 4.4.9 does not have
authorisati ...)
NOT-FOR-US: WordPress plugin
CVE-2023-1659
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc5260000d21a0e6d9002c689885f3f001ddcc27
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc5260000d21a0e6d9002c689885f3f001ddcc27
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
