Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dba8b538 by security tracker role at 2023-08-16T08:12:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2023-4374 (The WP Remote Users Sync plugin for WordPress is vulnerable to
unautho ...)
+ TODO: check
+CVE-2023-3958 (The WP Remote Users Sync plugin for WordPress is vulnerable to
Server ...)
+ TODO: check
+CVE-2023-39852 (Doctormms v1.0 was discovered to contain a SQL injection
vulnerability ...)
+ TODO: check
+CVE-2023-39851 (webchess v1.0 was discovered to contain a SQL injection
vulnerability ...)
+ TODO: check
+CVE-2023-39850 (Schoolmate v1.3 was discovered to contain multiple SQL
injection vulne ...)
+ TODO: check
+CVE-2023-39849 (Pikachu v1.0 was discovered to contain a SQL injection
vulnerability v ...)
+ TODO: check
+CVE-2023-39848 (DVWA v1.0 was discovered to contain a SQL injection
vulnerability via ...)
+ TODO: check
CVE-2023-4371 (A vulnerability was found in phpRecDB 1.3.1. It has been rated
as prob ...)
NOT-FOR-US: phpRecDB
CVE-2023-4369 (Insufficient data validation in Systems Extensions in Google
Chrome on ...)
@@ -3917,7 +3931,7 @@ CVE-2023-2636 (The AN_GradeBook WordPress plugin through
5.0.1 does not properly
NOT-FOR-US: WordPress plugin
CVE-2023-2579 (The InventoryPress WordPress plugin through 1.7 does not
sanitise and ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-2330 (The Caldera Forms Google Sheets Connector WordPress plugin
through 1.2 ...)
+CVE-2023-2330 (The Caldera Forms Google Sheets Connector WordPress plugin
before 1.3 ...)
NOT-FOR-US: WordPress plugin
CVE-2023-2329 (The WooCommerce Google Sheet Connector WordPress plugin before
1.3.6 d ...)
NOT-FOR-US: WordPress plugin
@@ -27655,8 +27669,8 @@ CVE-2023-26142
RESERVED
CVE-2023-26141
RESERVED
-CVE-2023-26140
- RESERVED
+CVE-2023-26140 (Versions of the package @excalidraw/excalidraw from 0.0.0 are
vulnerab ...)
+ TODO: check
CVE-2023-26139 (Versions of the package underscore-keypath from 0.0.11 are
vulnerable ...)
NOT-FOR-US: Node underscore-keypath
CVE-2023-26138 (All versions of the package drogonframework/drogon are
vulnerable to C ...)
@@ -55538,8 +55552,7 @@ CVE-2023-20566
RESERVED
CVE-2023-20565
RESERVED
-CVE-2023-20564
- RESERVED
+CVE-2023-20564 (Insufficient validation in the IOCTL (Input Output Control)
input buff ...)
NOT-FOR-US: AMD
CVE-2023-20563
RESERVED
@@ -55547,8 +55560,7 @@ CVE-2023-20562 (Insufficient validation in the IOCTL
(Input Output Control) inpu
NOT-FOR-US: AMD
CVE-2023-20561 (Insufficient validation of the IOCTL (Input Output Control)
input buff ...)
NOT-FOR-US: AMD
-CVE-2023-20560
- RESERVED
+CVE-2023-20560 (Insufficient validation of the IOCTL (Input Output Control)
input buff ...)
NOT-FOR-US: AMD
CVE-2023-20559 (Insufficient control flow management in AmdCpmGpioInitSmm may
allow a ...)
NOT-FOR-US: AMD
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dba8b5385a3b98754bd3389d1648066f5eeb0772
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dba8b5385a3b98754bd3389d1648066f5eeb0772
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
