Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
82321fd6 by Salvatore Bonaccorso at 2023-07-18T22:56:12+02:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -18667,15 +18667,15 @@ CVE-2023-28025
CVE-2023-28024
RESERVED
CVE-2023-28023 (A cross site request forgery vulnerability in the BigFix WebUI
Softwar ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-28022
RESERVED
CVE-2023-28021 (The BigFix WebUI uses weak cipher suites.)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-28020 (URL redirection in Login page in HCL BigFix WebUI allows
malicious use ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-28019 (Insufficient validation in Bigfix WebUI API App site version <
14 allo ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-28018
RESERVED
CVE-2023-28017
@@ -26230,7 +26230,7 @@ CVE-2023-25484 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2023-25483
RESERVED
CVE-2023-25482 (Cross-Site Request Forgery (CSRF) vulnerability in Mike Martel
WP Tile ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25481 (Cross-Site Request Forgery (CSRF) vulnerability in Podlove
Podlove Sub ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25480
@@ -26244,11 +26244,11 @@ CVE-2023-25477
CVE-2023-25476
RESERVED
CVE-2023-25475 (Cross-Site Request Forgery (CSRF) vulnerability in Vladimir
Prelovac S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25474 (Cross-Site Request Forgery (CSRF) vulnerability in Csaba Kissi
About M ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25473 (Cross-Site Request Forgery (CSRF) vulnerability in Miro
Mannino Flickr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25472 (Cross-Site Request Forgery (CSRF) vulnerability in Podlove
Podlove Pod ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25471
@@ -27316,7 +27316,7 @@ CVE-2023-25038 (Cross-Site Request Forgery (CSRF)
vulnerability in 984.Ru For th
CVE-2023-25037
RESERVED
CVE-2023-25036 (Cross-Site Request Forgery (CSRF) vulnerability in
akhlesh-nagar, a.An ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25035
RESERVED
CVE-2023-25034 (Cross-Site Request Forgery (CSRF) vulnerability in BoLiQuan WP
Clean U ...)
@@ -29420,7 +29420,7 @@ CVE-2023-24392 (Unauth. Reflected Cross-Site Scripting
(XSS) vulnerability in I
CVE-2023-24391
RESERVED
CVE-2023-24390 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in WeSe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-24389
RESERVED
CVE-2023-24388 (Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt
Booking ca ...)
@@ -31414,7 +31414,7 @@ CVE-2023-23662
CVE-2023-23661
RESERVED
CVE-2023-23660 (Auth. (subscriber+) SQL Injection (SQLi) vulnerability in
MainWP MainW ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23659 (Cross-Site Request Forgery (CSRF) vulnerability in MainWP
Matomo Exten ...)
NOT-FOR-US: MainWP Matomo Extension
CVE-2023-23658
@@ -39715,7 +39715,7 @@ CVE-2022-47423 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2022-47422 (Cross-Site Request Forgery (CSRF) vulnerability in HM Plugin
Accept St ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47421 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Repu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47420
RESERVED
CVE-2022-47419 (An XSS vulnerability was discovered in the Mayan EDMS DMS.
Successful ...)
@@ -40606,7 +40606,7 @@ CVE-2022-47171 (Improper Neutralization of Input During
Web Page Generation ('Cr
CVE-2022-47170 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Unli ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47169 (Cross-Site Request Forgery (CSRF) vulnerability in StaxWP
Visibility L ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47168
RESERVED
CVE-2022-47167 (Cross-Site Request Forgery (CSRF) vulnerability in Aram
Kocharyan Cray ...)
@@ -41468,7 +41468,7 @@ CVE-2022-46859
CVE-2022-46858 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Amin A.R ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46857 (Cross-Site Request Forgery (CSRF) vulnerability in SiteAlert
plugin <= ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-46856 (Cross-Site Request Forgery (CSRF) vulnerability in ORION
Woocommerce P ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46855 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
@@ -44650,7 +44650,7 @@ CVE-2022-45830
CVE-2022-45829 (Auth. Path Traversal vulnerability inEasy WP SMTP plugin <=
1.5.1 atWo ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45828 (Cross-Site Request Forgery (CSRF) vulnerability in NooTheme
Noo Timeta ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45827 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Gall ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45826
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82321fd62e1305270e6cd20d93eb9600caadb664
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82321fd62e1305270e6cd20d93eb9600caadb664
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
