Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 86feeac3 by Salvatore Bonaccorso at 2023-09-30T10:42:35+02:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,51 +1,51 @@ CVE-2023-5320 (Cross-site Scripting (XSS) - DOM in GitHub repository thorsten/phpmyfa ...) - TODO: check + NOT-FOR-US: phpmyfaq CVE-2023-5319 (Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpm ...) - TODO: check + NOT-FOR-US: phpmyfaq CVE-2023-5318 (Use of Hard-coded Credentials in GitHub repository microweber/microweb ...) - TODO: check + NOT-FOR-US: microweber CVE-2023-5317 (Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpm ...) - TODO: check + NOT-FOR-US: phpmyfaq CVE-2023-5316 (Cross-site Scripting (XSS) - DOM in GitHub repository thorsten/phpmyfa ...) - TODO: check + NOT-FOR-US: phpmyfaq CVE-2023-5298 (A vulnerability was found in Tongda OA 2017. It has been rated as crit ...) - TODO: check + NOT-FOR-US: Tongda OA CVE-2023-5297 (A vulnerability was found in Xinhu RockOA 2.3.2. It has been classifie ...) - TODO: check + NOT-FOR-US: Xinhu RockOA CVE-2023-5296 (A vulnerability was found in Xinhu RockOA 1.1/2.3.2/15.X3amdi and clas ...) - TODO: check + NOT-FOR-US: Xinhu RockOA CVE-2023-5295 (The Blog Filter plugin for WordPress is vulnerable to Stored Cross-Sit ...) - TODO: check + NOT-FOR-US: Blog Filter plugin for WordPress CVE-2023-5294 (A vulnerability has been found in ECshop 4.1.1 and classified as criti ...) - TODO: check + NOT-FOR-US: ECshop CVE-2023-5293 (A vulnerability, which was classified as critical, was found in ECshop ...) - TODO: check + NOT-FOR-US: ECshop CVE-2023-5227 (Unrestricted Upload of File with Dangerous Type in GitHub repository t ...) - TODO: check + NOT-FOR-US: phpmyfaq CVE-2023-5201 (The OpenHook plugin for WordPress is vulnerable to Remote Code Executi ...) - TODO: check + NOT-FOR-US: OpenHook plugin for WordPress CVE-2023-44270 (An issue was discovered in PostCSS before 8.4.31. It affects linters u ...) TODO: check CVE-2023-43711 (Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) v ...) - TODO: check + NOT-FOR-US: Os Commerce CVE-2023-43710 (Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) v ...) - TODO: check + NOT-FOR-US: Os Commerce CVE-2023-43709 (Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) v ...) - TODO: check + NOT-FOR-US: Os Commerce CVE-2023-43708 (Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) v ...) - TODO: check + NOT-FOR-US: Os Commerce CVE-2023-43707 (Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) v ...) - TODO: check + NOT-FOR-US: Os Commerce CVE-2023-43706 (Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) v ...) - TODO: check + NOT-FOR-US: Os Commerce CVE-2023-43705 (Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) v ...) - TODO: check + NOT-FOR-US: Os Commerce CVE-2023-43704 (Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) v ...) - TODO: check + NOT-FOR-US: Os Commerce CVE-2023-43703 (Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) v ...) - TODO: check + NOT-FOR-US: Os Commerce CVE-2023-43702 (Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) v ...) - TODO: check + NOT-FOR-US: Os Commerce CVE-2023-5289 (Allocation of Resources Without Limits or Throttling in GitHub reposit ...) - rdiffweb <itp> (bug #969974) CVE-2023-5288 (A remote unauthorized attacker may connect to the SIM1012, interact wi ...) @@ -107,7 +107,7 @@ CVE-2023-5259 (A vulnerability classified as problematic was found in ForU CMS. CVE-2023-5258 (A vulnerability classified as critical has been found in OpenRapid Rap ...) NOT-FOR-US: OpenRapid RapidCMS CVE-2023-5257 (A vulnerability was found in WhiteHSBG JNDIExploit 1.4 on Windows. It ...) - TODO: check + NOT-FOR-US: WhiteHSBG JNDIExploit CVE-2023-5196 (Mattermost fails to enforce character limits in all possible notificat ...) TODO: check CVE-2023-5195 (Mattermost fails to properly validate the permissions when soft deleti ...) @@ -119,29 +119,29 @@ CVE-2023-5193 (Mattermost fails to properly check permissions when retrieving a CVE-2023-5159 (Mattermost fails to properly verify the permissions when managing/upda ...) TODO: check CVE-2023-43944 (A Stored Cross Site Scripting (XSS) vulnerability was found in SourceC ...) - TODO: check + NOT-FOR-US: SourceCodester Task Management System CVE-2023-43909 (Hospital Management System thru commit 4770d was discovered to contain ...) - TODO: check + NOT-FOR-US: Hospital Management System CVE-2023-43655 (Composer is a dependency manager for PHP. Users publishing a composer. ...) TODO: check CVE-2023-41691 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Pensopay ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-41687 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-41666 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-41663 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Giovamba ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-41662 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ulf Benj ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-41661 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pres ...) NOT-FOR-US: WordPress plugin CVE-2023-41658 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirte ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-41657 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Grou ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-41655 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Andr ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-3413 (An issue has been discovered in GitLab affecting all versions starting ...) TODO: check CVE-2023-3024 (Forcing the Bluetooth LE stack to segment 'prepare write response' pac ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/86feeac3c29c30ae7bb376cdc48ac09b62d93590 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/86feeac3c29c30ae7bb376cdc48ac09b62d93590 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits