Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f3d16446 by security tracker role at 2023-08-30T20:12:24+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,171 @@
+CVE-2023-4640 (The controller responsible for setting the logging level does
not incl ...)
+ TODO: check
+CVE-2023-4624 (Server-Side Request Forgery (SSRF) in GitHub repository
bookstackapp/b ...)
+ TODO: check
+CVE-2023-4600 (The AffiliateWP for WordPress is vulnerable to unauthorized
modificati ...)
+ TODO: check
+CVE-2023-4571 (In Splunk IT Service Intelligence (ITSI) versions below 4.13.3
or 4.15 ...)
+ TODO: check
+CVE-2023-4209 (The POEditor WordPress plugin before 0.9.8 does not have CSRF
checks i ...)
+ TODO: check
+CVE-2023-4150 (The User Activity Tracking and Log WordPress plugin before
4.0.9 does ...)
+ TODO: check
+CVE-2023-4109 (The Ninja Forms WordPress Ninja Forms Contact Form WordPress
plugin be ...)
+ TODO: check
+CVE-2023-4036 (The Simple Blog Card WordPress plugin before 1.32 does not
ensure that ...)
+ TODO: check
+CVE-2023-4035 (The Simple Blog Card WordPress plugin before 1.31 does not
validate an ...)
+ TODO: check
+CVE-2023-4023 (The All Users Messenger WordPress plugin through 1.24 does not
prevent ...)
+ TODO: check
+CVE-2023-4013 (The GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent)
WordPress plu ...)
+ TODO: check
+CVE-2023-41563 (Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5
US_AC5V1.0RTL_V15.03.0 ...)
+ TODO: check
+CVE-2023-41562 (Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0
V15.03.06.42_multi, and Te ...)
+ TODO: check
+CVE-2023-41561 (Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5
US_AC5V1.0RTL_V15.03.0 ...)
+ TODO: check
+CVE-2023-41560 (Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2023-41559 (Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0
V15.03.06.42_multi, and Te ...)
+ TODO: check
+CVE-2023-41558 (Tenda AC7 V1.0 V15.03.06.44 was discovered to contain a stack
overflow ...)
+ TODO: check
+CVE-2023-41557 (Tenda AC7 V1.0 V15.03.06.44 and Tenda AC5 V1.0RTL_V15.03.06.28
were di ...)
+ TODO: check
+CVE-2023-41556 (Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0
V15.03.06.42_multi, and Te ...)
+ TODO: check
+CVE-2023-41555 (Tenda AC7 V1.0 V15.03.06.44 was discovered to contain a stack
overflow ...)
+ TODO: check
+CVE-2023-41554 (Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2023-41553 (Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5
US_AC5V1.0RTL_V15.03.0 ...)
+ TODO: check
+CVE-2023-41552 (Tenda AC7 V1.0 V15.03.06.44 and Tenda AC9 V3.0
V15.03.06.42_multi were ...)
+ TODO: check
+CVE-2023-41539 (phpjabbers Business Directory Script 3.2 is vulnerable to SQL
Injectio ...)
+ TODO: check
+CVE-2023-41538 (phpjabbers PHP Forum Script 3.0 is vulnerable to Cross Site
Scripting ...)
+ TODO: check
+CVE-2023-41537 (phpjabbers Business Directory Script 3.2 is vulnerable to
Cross Site S ...)
+ TODO: check
+CVE-2023-41039 (RestrictedPython is a restricted execution environment for
Python to r ...)
+ TODO: check
+CVE-2023-40848 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is
vulnerable to Bu ...)
+ TODO: check
+CVE-2023-40847 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is
vulnerable to Bu ...)
+ TODO: check
+CVE-2023-40845 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is
vulnerable to Bu ...)
+ TODO: check
+CVE-2023-40844 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is
vulnerable to Bu ...)
+ TODO: check
+CVE-2023-40843 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is
vulnerable to Bu ...)
+ TODO: check
+CVE-2023-40842 (Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is
vulnerable to B ...)
+ TODO: check
+CVE-2023-40841 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is
vulnerable to Bu ...)
+ TODO: check
+CVE-2023-40840 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is
vulnerable to Bu ...)
+ TODO: check
+CVE-2023-40839 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function
'sub_ADF3C ...)
+ TODO: check
+CVE-2023-40838 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function
'sub_3A1D0 ...)
+ TODO: check
+CVE-2023-40837 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function
'sub_ADD50 ...)
+ TODO: check
+CVE-2023-40598 (In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1,
an attac ...)
+ TODO: check
+CVE-2023-40597 (In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and
9.1.1, an ...)
+ TODO: check
+CVE-2023-40596 (In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and
9.1.1, a ...)
+ TODO: check
+CVE-2023-40595 (In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and
9.1.1, an ...)
+ TODO: check
+CVE-2023-40594 (In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and
9.1.1, an ...)
+ TODO: check
+CVE-2023-40593 (In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a
malicious ...)
+ TODO: check
+CVE-2023-40592 (In Splunk Enterprise versions below 9.1.1, 9.0.6, and 8.2.12,
an attac ...)
+ TODO: check
+CVE-2023-40582 (find-exec is a utility to discover available shell commands.
Versions ...)
+ TODO: check
+CVE-2023-40184 (xrdp is an open source remote desktop protocol (RDP) server.
In versio ...)
+ TODO: check
+CVE-2023-3992 (The PostX WordPress plugin before 3.0.6 does not sanitise and
escape a ...)
+ TODO: check
+CVE-2023-3720 (The Upload Media By URL WordPress plugin before 1.0.8 does not
have CS ...)
+ TODO: check
+CVE-2023-3501 (The FormCraft WordPress plugin before 1.2.7 does not sanitise
and esca ...)
+ TODO: check
+CVE-2023-3356 (The Subscribers Text Counter WordPress plugin before 1.7.1 does
not ha ...)
+ TODO: check
+CVE-2023-3136 (The MailArchiver plugin for WordPress is vulnerable to Stored
Cross-Si ...)
+ TODO: check
+CVE-2023-35094 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
+ TODO: check
+CVE-2023-35092 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Abha ...)
+ TODO: check
+CVE-2023-34372 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Didi ...)
+ TODO: check
+CVE-2023-34187 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Alan ...)
+ TODO: check
+CVE-2023-34184 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Bhavik P ...)
+ TODO: check
+CVE-2023-34183 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Vali ...)
+ TODO: check
+CVE-2023-34180 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
KAPlugin ...)
+ TODO: check
+CVE-2023-34176 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Chilexpr ...)
+ TODO: check
+CVE-2023-34175 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
GrandSla ...)
+ TODO: check
+CVE-2023-34174 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
BBS e-Th ...)
+ TODO: check
+CVE-2023-34173 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Alex ...)
+ TODO: check
+CVE-2023-34172 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Mile ...)
+ TODO: check
+CVE-2023-34032 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Pascal C ...)
+ TODO: check
+CVE-2023-34023 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Miled Wo ...)
+ TODO: check
+CVE-2023-34022 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Rakib Ha ...)
+ TODO: check
+CVE-2023-34008 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
weDevs W ...)
+ TODO: check
+CVE-2023-34004 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
+ TODO: check
+CVE-2023-33929 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Joaq ...)
+ TODO: check
+CVE-2023-33325 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Teplitsa ...)
+ TODO: check
+CVE-2023-33320 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Mohammad ...)
+ TODO: check
+CVE-2023-33317 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
WooComme ...)
+ TODO: check
+CVE-2023-33210 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in nuaj ...)
+ TODO: check
+CVE-2023-33208 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in gsmi ...)
+ TODO: check
+CVE-2023-32962 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in HasT ...)
+ TODO: check
+CVE-2023-32802 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
WooComme ...)
+ TODO: check
+CVE-2023-32801 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
WooComme ...)
+ TODO: check
+CVE-2023-32793 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
+ TODO: check
+CVE-2023-32746 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
+ TODO: check
+CVE-2023-32742 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
VeronaLa ...)
+ TODO: check
+CVE-2023-32740 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Kunal Na ...)
+ TODO: check
+CVE-2023-32597 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
I Thirte ...)
+ TODO: check
+CVE-2023-32294 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Radi ...)
+ TODO: check
CVE-2023-4609
REJECTED
CVE-2023-4599 (The Slimstat Analytics plugin for WordPress is vulnerable to
Stored Cr ...)
@@ -105,6 +273,7 @@ CVE-2023-4585
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4585
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4585
CVE-2023-4584
+ {DSA-5485-1}
- firefox-esr 115.2.0esr-1
- firefox 117.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4584
@@ -125,6 +294,7 @@ CVE-2023-4582
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-35/#CVE-2023-4582
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4582
CVE-2023-4581
+ {DSA-5485-1}
- firefox-esr 115.2.0esr-1
- firefox 117.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4581
@@ -165,18 +335,21 @@ CVE-2023-4576
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-35/#CVE-2023-4576
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4576
CVE-2023-4575
+ {DSA-5485-1}
- firefox-esr 115.2.0esr-1
- firefox 117.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4575
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-35/#CVE-2023-4575
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4575
CVE-2023-4574
+ {DSA-5485-1}
- firefox-esr 115.2.0esr-1
- firefox 117.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4574
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-35/#CVE-2023-4574
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4574
CVE-2023-4573
+ {DSA-5485-1}
- firefox-esr 115.2.0esr-1
- firefox 117.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4573
@@ -3267,7 +3440,8 @@ CVE-2023-4135 (A heap out-of-bounds memory read flaw was
found in the virtual nv
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-CAN-21521
NOTE: Introduced by:
https://gitlab.com/qemu-project/qemu/-/commit/73064edfb864743cde2c08f319609344af02aeb3
(v8.0.0-rc0)
NOTE: Fixed by:
https://gitlab.com/qemu-project/qemu/-/commit/ecb1b7b082d3b7dceff0e486a114502fc52c0fdf
(v8.1.0-rc4)
-CVE-2023-39552 (PHPGurukul Online Security Guards Hiring System v.1.0 is
vulnerable to ...)
+CVE-2023-39552
+ REJECTED
NOT-FOR-US: PHPGurukul Online Security Guards Hiring System
CVE-2023-39551 (PHPGurukul Online Security Guards Hiring System v.1.0 is
vulnerable to ...)
NOT-FOR-US: PHPGurukul Online Security Guards Hiring System
@@ -5729,7 +5903,7 @@ CVE-2023-37268 (Warpgate is an SSH, HTTPS and MySQL
bastion host for Linux that
NOT-FOR-US: Warpgate
CVE-2023-36818 (Discourse is an open source discussion platform. In affected
versions ...)
NOT-FOR-US: Discourse
-CVE-2023-36811
+CVE-2023-36811 (borgbackup is an opensource, deduplicating archiver with
compression a ...)
- borgbackup 1.2.5-1
NOTE:
https://github.com/borgbackup/borg/security/advisories/GHSA-8fjr-hghr-4m99
NOTE:
https://github.com/borgbackup/borg/commit/a2ee13fd341dcd004b4a06b17d6f2fc759327861
@@ -11112,7 +11286,7 @@ CVE-2023-32714 (In the Splunk App for Lookup File
Editing versions below 4.0.1,
NOT-FOR-US: Splunk
CVE-2023-32713 (In Splunk App for Stream versions below 8.1.1, a
low-privileged user c ...)
NOT-FOR-US: Splunk
-CVE-2023-32712 (In Splunk Enterprise versions below 9.1.0.2, 9.0.5.1, and
8.2.11.2, a ...)
+CVE-2023-32712 (In Splunk Enterprise versions below 9.1.0.2, 9.0.5.1, and
8.2.11.2, an ...)
NOT-FOR-US: Splunk
CVE-2023-32711 (In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14,
a Splun ...)
NOT-FOR-US: Splunk
@@ -16573,8 +16747,8 @@ CVE-2023-1984 (A vulnerability classified as critical
was found in SourceCodeste
NOT-FOR-US: SourceCodester Complaint Management System
CVE-2023-1983 (A vulnerability was found in SourceCodester Sales Tracker
Management S ...)
NOT-FOR-US: SourceCodester Sales Tracker Management System
-CVE-2023-1982
- RESERVED
+CVE-2023-1982 (The Front Editor WordPress plugin through 4.0.4 does not
sanitize and ...)
+ TODO: check
CVE-2023-1981 (A vulnerability was found in the avahi library. This flaw
allows an un ...)
{DLA-3414-1}
- avahi 0.8-10 (bug #1034594)
@@ -21790,8 +21964,8 @@ CVE-2023-28694
RESERVED
CVE-2023-28693 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Balasahe ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28692
- RESERVED
+CVE-2023-28692 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Kevo ...)
+ TODO: check
CVE-2023-28691
RESERVED
CVE-2023-28690 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Marc ...)
@@ -22795,8 +22969,8 @@ CVE-2023-28417
RESERVED
CVE-2023-28416
RESERVED
-CVE-2023-28415
- RESERVED
+CVE-2023-28415 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Xoot ...)
+ TODO: check
CVE-2023-28414 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Apex ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28413 (Directory traversal vulnerability in Snow Monkey Forms
versions v5.0.6 ...)
@@ -25437,8 +25611,8 @@ CVE-2023-27623
RESERVED
CVE-2023-27622
RESERVED
-CVE-2023-27621
- RESERVED
+CVE-2023-27621 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in MrDe ...)
+ TODO: check
CVE-2023-27620 (Auth. (contributor+) Stored Cross-site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27619 (Auth (subscriber+) Reflected Cross-Site Scripting (XSS)
vulnerability ...)
@@ -26058,8 +26232,8 @@ CVE-2023-27428
RESERVED
CVE-2023-27427 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in NTZA ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-27426
- RESERVED
+CVE-2023-27426 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Noti ...)
+ TODO: check
CVE-2023-27425 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Jame ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27424 (Cross-Site Request Forgery (CSRF) vulnerability in Korol Yuriy
aka Shr ...)
@@ -31875,8 +32049,8 @@ CVE-2023-25473 (Cross-Site Request Forgery (CSRF)
vulnerability in Miro Mannino
NOT-FOR-US: WordPress plugin
CVE-2023-25472 (Cross-Site Request Forgery (CSRF) vulnerability in Podlove
Podlove Pod ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-25471
- RESERVED
+CVE-2023-25471 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Webcodin ...)
+ TODO: check
CVE-2023-25470 (Cross-Site Request Forgery (CSRF) vulnerability in Anton
Skorobogatov ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25469
@@ -31885,16 +32059,16 @@ CVE-2023-25468 (Cross-Site Request Forgery (CSRF)
vulnerability in Reservation.S
NOT-FOR-US: WordPress plugin
CVE-2023-25467 (Cross-Site Request Forgery (CSRF) vulnerability in Daniel
Mores, A. Hu ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-25466
- RESERVED
+CVE-2023-25466 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Mahlamus ...)
+ TODO: check
CVE-2023-25465
RESERVED
CVE-2023-25464 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Stre ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25463
RESERVED
-CVE-2023-25462
- RESERVED
+CVE-2023-25462 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in WP h ...)
+ TODO: check
CVE-2023-25461 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in nami ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25460 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Code ...)
@@ -31911,8 +32085,8 @@ CVE-2023-25455
RESERVED
CVE-2023-25454
RESERVED
-CVE-2023-25453
- RESERVED
+CVE-2023-25453 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Ian Sado ...)
+ TODO: check
CVE-2023-25452 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Mich ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25451 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in WPCh ...)
@@ -32976,8 +33150,8 @@ CVE-2023-25021 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-25020 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in
Kiboko Labs ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-25019
- RESERVED
+CVE-2023-25019 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Premio C ...)
+ TODO: check
CVE-2023-0657
RESERVED
CVE-2023-0656 (A Stack-based buffer overflow vulnerability in the SonicOS
allows a re ...)
@@ -35031,16 +35205,16 @@ CVE-2023-24403 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-24402 (Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in
Veribo, Rol ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-24401
- RESERVED
+CVE-2023-24401 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Davi ...)
+ TODO: check
CVE-2023-24400 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability
in Hu-ma ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24399 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24398 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Snap ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-24397
- RESERVED
+CVE-2023-24397 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Rese ...)
+ TODO: check
CVE-2023-24396 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in E4J ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24395 (Cross-Site Request Forgery (CSRF) vulnerability in Scott
Paterson Cont ...)
@@ -57982,8 +58156,8 @@ CVE-2023-20268
RESERVED
CVE-2023-20267
RESERVED
-CVE-2023-20266
- RESERVED
+CVE-2023-20266 (A vulnerability in Cisco Emergency Responder, Cisco Unified
Communicat ...)
+ TODO: check
CVE-2023-20265
RESERVED
CVE-2023-20264
@@ -96616,8 +96790,8 @@ CVE-2022-29894 (Strapi v3.x.x versions and earlier
contain a stored cross-site s
NOT-FOR-US: Strapi
CVE-2022-1602 (A potential security vulnerability has been identified in HP
ThinPro 7 ...)
NOT-FOR-US: HP
-CVE-2022-1601
- RESERVED
+CVE-2022-1601 (The User Access Manager WordPress plugin before 2.2.18
prioritizes get ...)
+ TODO: check
CVE-2022-1600 (The YOP Poll WordPress plugin before 6.4.3 prioritizes getting
a visit ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1599 (The Admin Management Xtended WordPress plugin before 2.4.5 does
not ha ...)
@@ -163189,6 +163363,7 @@ CVE-2021-32294 (An issue was discovered in libgig
through 20200507. A heap-buffe
CVE-2021-32293
RESERVED
CVE-2021-32292 (An issue was discovered in json-c through 0.15-20200726. A
stack-buffe ...)
+ {DSA-5486-1}
- json-c 0.16-1
NOTE: https://github.com/json-c/json-c/issues/654
NOTE: https://github.com/json-c/json-c/pull/655
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3d1644601e1de406453c3e63a32f12d9b5067cf
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3d1644601e1de406453c3e63a32f12d9b5067cf
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
