Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
849b83f8 by Salvatore Bonaccorso at 2023-09-26T10:39:09+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2023-5135 (The Simple Cloudflare Turnstile plugin for
WordPress is vulnerabl
CVE-2023-5129 (With a specially crafted WebP lossless file, libwebp may write
data ou ...)
TODO: check
CVE-2023-4565 (Broadcast permission control vulnerability in the framework
module. Su ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-4506 (The Active Directory Integration / LDAP Integration plugin for
WordPre ...)
NOT-FOR-US: Active Directory Integration / LDAP Integration plugin for
WordPress
CVE-2023-4505 (The Staff / Employee Business Directory for Active Directory
plugin fo ...)
@@ -19,17 +19,17 @@ CVE-2023-4259 (Two potential buffer overflow
vulnerabilities at the following lo
CVE-2023-4258 (In Bluetooth mesh implementation If provisionee has a public
key that ...)
TODO: check
CVE-2023-43457 (An issue in Service Provider Management System v.1.0 allows a
remote a ...)
- TODO: check
+ NOT-FOR-US: Service Provider Management System
CVE-2023-43326 (mooSocial v3.1.8 was discovered to contain a cross-site
scripting (XSS ...)
- TODO: check
+ NOT-FOR-US: mooSocial
CVE-2023-43325 (A reflected cross-site scripting (XSS) vulnerability in the
data[redir ...)
- TODO: check
+ NOT-FOR-US: mooSocial
CVE-2023-43278 (A Cross-Site Request Forgery (CSRF) in admin_manager.php of
Seacms up ...)
- TODO: check
+ NOT-FOR-US: Seacms
CVE-2023-43132 (szvone vmqphp <=1.13 is vulnerable to SQL Injection.
Unauthorized remo ...)
- TODO: check
+ NOT-FOR-US: szvone vmqphp
CVE-2023-42426 (Cross-site scripting (XSS) vulnerability in Froala Froala
Editor v.4.1 ...)
- TODO: check
+ NOT-FOR-US: Froala Froala Editor
CVE-2023-41861 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Restrict ...)
TODO: check
CVE-2023-41860 (Unauth. Cross-Site Scripting (XSS) vulnerability in TravelMap
plugin < ...)
@@ -39,23 +39,23 @@ CVE-2023-41312 (Permission control vulnerability in the
audio module. Successful
CVE-2023-41311 (Permission control vulnerability in the audio module.
Successful explo ...)
TODO: check
CVE-2023-41310 (Keep-alive vulnerability in the sticky broadcast mechanism.
Successful ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-41309 (Permission control vulnerability in the
MediaPlaybackController module ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-41308 (Screenshot vulnerability in the input module. Successful
exploitation ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-41307 (Memory overwriting vulnerability in the security module.
Successful ex ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-41306 (Vulnerability of mutex management in the bone voice ID trusted
applica ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-41305 (Vulnerability of 5G messages being sent without being
encrypted in a V ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-3767 (An OS command injection vulnerability has been found on EasyPHP
Webse ...)
TODO: check
CVE-2023-38907 (An issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and
Tapo Applic ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2022-48606 (Stability-related vulnerability in the binder background
management an ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-5166 (Docker Desktop before 4.23.0 allows Access Token theft via a
crafted e ...)
NOT-FOR-US: Docker Desktop
CVE-2023-5165 (Docker Desktop before 4.23.0 allows an unprivileged user to
bypass Enh ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/849b83f85672333235df530bda9aa3d8243ab7fc
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/849b83f85672333235df530bda9aa3d8243ab7fc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
