Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5fd9ae0a by Moritz Muehlenhoff at 2023-06-09T10:44:07+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,75 +1,75 @@
CVE-2023-3177 (A vulnerability has been found in SourceCodester Lost and Found
Inform ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2023-3176 (A vulnerability, which was classified as critical, was found in
Source ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2023-3173 (Improper Restriction of Excessive Authentication Attempts in
GitHub re ...)
- TODO: check
+ - froxlor <itp> (bug #581792)
CVE-2023-3172 (Path Traversal in GitHub repository froxlor/froxlor prior to
2.0.20.)
- TODO: check
+ - froxlor <itp> (bug #581792)
CVE-2023-34364 (A buffer overflow was discovered in Progress DataDirect
Connect for OD ...)
- TODO: check
+ NOT-FOR-US: Progress DataDirect Connect for ODBC
CVE-2023-34363 (An issue was discovered in Progress DataDirect Connect for
ODBC before ...)
- TODO: check
+ NOT-FOR-US: Progress DataDirect Connect for ODBC
CVE-2023-34243 (TGstation is a toolset to manage production BYOND servers. In
affected ...)
- TODO: check
+ NOT-FOR-US: TGstation
CVE-2023-34233 (The Snowflake Connector for Python provides an interface for
developin ...)
- TODO: check
+ NOT-FOR-US: Snowflake connector for Python
CVE-2023-34232 (snowflake-connector-nodejs, a NodeJS driver for Snowflake, is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: Snowflake connector for NodeJS
CVE-2023-34230 (snowflake-connector-net, the Snowflake Connector for .NET, is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: Snowflake connector for .NET
CVE-2023-34112 (JavaCPP Presets is a project providing Java distributions of
native C+ ...)
- TODO: check
+ NOT-FOR-US: JavaCPP Presents
CVE-2023-32751 (Pydio Cells through 4.1.2 allows XSS. Pydio Cells implements
the downl ...)
- TODO: check
+ NOT-FOR-US: Pydio Cells
CVE-2023-2897 (The Brizy Page Builder plugin for WordPress is vulnerable to IP
Addres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2896 (The WP EasyCart plugin for WordPress is vulnerable to
Cross-Site Reque ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2895 (The WP EasyCart plugin for WordPress is vulnerable to
Cross-Site Reque ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2894 (The WP EasyCart plugin for WordPress is vulnerable to
Cross-Site Reque ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2893 (The WP EasyCart plugin for WordPress is vulnerable to
Cross-Site Reque ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2892 (The WP EasyCart plugin for WordPress is vulnerable to
Cross-Site Reque ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2891 (The WP EasyCart plugin for WordPress is vulnerable to
Cross-Site Reque ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2767 (The WordPress File Upload and WordPress File Upload Pro plugins
for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2764 (The Draw Attention plugin for WordPress is vulnerable to
unauthorized ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2688 (The WordPress File Upload and WordPress File Upload Pro plugins
for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2607 (The Multiple Page Generator Plugin for WordPress is vulnerable
to time ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2604 (The Team Circle Image Slider With Lightbox plugin for WordPress
is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2599 (The Active Directory Integration plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2584 (The PixelYourSite plugin for WordPress is vulnerable to Stored
Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2558 (The WPCS \u2013 WordPress Currency Switcher Professional plugin
for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2557 (The WPCS \u2013 WordPress Currency Switcher Professional plugin
for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2556 (The WPCS \u2013 WordPress Currency Switcher Professional plugin
for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2555 (The WPCS \u2013 WordPress Currency Switcher Professional plugin
for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2526 (The Easy Google Maps plugin for WordPress is vulnerable to
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2484 (The Active Directory Integration plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2452 (The Advanced Woo Search plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2450 (The FiboSearch - AJAX Search for WooCommerce plugin for
WordPress is v ...)
- TODO: check
+ NOT-FOR-US: Woocommerce plugin
CVE-2023-2414 (The Online Booking & Scheduling Calendar for WordPress by vcita
plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2402 (The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for
WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-3164
- tiff <unfixed> (unimportant)
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/542
@@ -104,7 +104,7 @@ CVE-2023-34567 (Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn
was discovered to co
CVE-2023-34566 (Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to
contain ...)
NOT-FOR-US: Tenda
CVE-2023-34231 (gosnowflake is th Snowflake Golang driver. Prior to version
1.6.19, a ...)
- TODO: check
+ NOT-FOR-US: Snowflake connector for GO
CVE-2023-34096 (Thruk is a multibackend monitoring webinterface which
currently suppor ...)
NOT-FOR-US: Thruk
CVE-2023-33660 (A heap buffer overflow vulnerability exists in NanoMQ 0.17.2.
The vuln ...)
@@ -570,11 +570,11 @@ CVE-2023-XXXX [RUSTSEC-2023-0041]
NOTE: https://github.com/bluejekyll/trust-dns/pull/1952
NOTE:
https://github.com/bluejekyll/trust-dns/commit/217974c0544483efe0c648befabb25bf88242716
CVE-2023-3027 (The grc-policy-propagator allows security escalation within the
cluste ...)
- TODO: check
+ NOT-FOR-US: grc-policy-propagator
CVE-2023-34103 (Avo is an open source ruby on rails admin panel creation
framework. In ...)
- TODO: check
+ NOT-FOR-US: Avo
CVE-2023-34102 (Avo is an open source ruby on rails admin panel creation
framework. Th ...)
- TODO: check
+ NOT-FOR-US: Avo
CVE-2023-33410 (Minical 1.0.0 and earlier contains a CSV injection
vulnerability which ...)
NOT-FOR-US: Minical
CVE-2023-33409 (Minical 1.0.0 is vulnerable to Cross Site Request Forgery
(CSRF) via m ...)
@@ -592,7 +592,7 @@ CVE-2023-22450 (In Advantech WebAccss/SCADA v9.1.3 and
prior, there is an arbitr
CVE-2018-25087 (A vulnerability classified as problematic was found in
Arborator Serve ...)
NOT-FOR-US: Arborator
CVE-2017-20185 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in
Fuzzy SWM ...)
- TODO: check
+ NOT-FOR-US: Fuzzy SWMP
CVE-2015-10117 (A vulnerability, which was classified as problematic, was
found in Gra ...)
NOT-FOR-US: WordPress plugin
CVE-2015-10116 (A vulnerability classified as problematic has been found in
RealFavico ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fd9ae0afbf8e198cb6f45438b8f4ed5e124ca1b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fd9ae0afbf8e198cb6f45438b8f4ed5e124ca1b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
