Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
99af4cf5 by Moritz Mühlenhoff at 2023-10-20T18:36:31+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,211 +1,211 @@
CVE-2023-5668 (The WhatsApp Share Button plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5656 (The AI ChatBot plugin for WordPress is vulnerable to
unauthorized use ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5655 (The AI ChatBot plugin for WordPress is vulnerable to Cross-Site
Reques ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5647 (The AI ChatBot plugin for WordPress is vulnerable to Arbitrary
File De ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5646 (The AI ChatBot for WordPress is vulnerable to Directory
Traversal in v ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5615 (The Skype Legacy Buttons plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5614 (The Theme Switcha plugin for WordPress is vulnerable to Stored
Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5613 (The Super Testimonials plugin for WordPress is vulnerable to
Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5602 (The Social Media Share Buttons & Social Sharing Icons plugin
for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5576 (The Migration, Backup, Staging - WPvivid plugin for WordPress
is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5534 (The AI ChatBot plugin for WordPress is vulnerable to Cross-Site
Reques ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5533 (The AI ChatBot plugin for WordPress is vulnerable to
unauthorized use ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5524 (Insufficient blacklisting in M-Files Web Companion before
release vers ...)
- TODO: check
+ NOT-FOR-US: M-Files
CVE-2023-5523 (Execution of downloaded content flaw in M-Files Web Companion
before r ...)
- TODO: check
+ NOT-FOR-US: M-Files
CVE-2023-5414 (The Icegram Express plugin for WordPress is vulnerable to
Directory Tr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5337 (The Contact form Form For All plugin for WordPress is
vulnerable to St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5308 (The Podcast Subscribe Buttons plugin for WordPress is
vulnerable to St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5292 (The Advanced Custom Fields: Extended plugin for WordPress is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5231 (The Magic Action Box plugin for WordPress is vulnerable to
Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5200 (The flowpaper plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5121 (The Migration, Backup, Staging \u2013 WPvivid plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5120 (The Migration, Backup, Staging \u2013 WPvivid plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5109 (The WP Mailto Links \u2013 Protect Email Addresses plugin for
WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5086 (The Copy Anything to Clipboard plugin for WordPress is
vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5071 (The Sitekit plugin for WordPress is vulnerable to Stored
Cross-Site Sc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5070 (The Social Media Share Buttons & Social Sharing Icons plugin
for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5050 (The Leaflet Map plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4999 (The Horizontal scrolling announcement plugin for WordPress is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4975 (The Website Builder by SeedProd plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4968 (The WPLegalPages plugin for WordPress is vulnerable to Stored
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4961 (The Poptin plugin for WordPress is vulnerable to Stored
Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4947 (The WooCommerce EAN Payment Gateway plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WooCommerce plugin
CVE-2023-4943 (The BEAR for WordPress is vulnerable to Missing Authorization
in versi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4942 (The BEAR for WordPress is vulnerable to Cross-Site Request
Forgery in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4941 (The BEAR for WordPress is vulnerable to Missing Authorization
in versi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4940 (The BEAR for WordPress is vulnerable to Cross-Site Request
Forgery in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4937 (The BEAR for WordPress is vulnerable to Cross-Site Request
Forgery in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4935 (The BEAR for WordPress is vulnerable to Cross-Site Request
Forgery in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4926 (The BEAR for WordPress is vulnerable to Cross-Site Request
Forgery in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4924 (The BEAR for WordPress is vulnerable to Missing Authorization
in versi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4923 (The BEAR for WordPress is vulnerable to Cross-Site Request
Forgery in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4920 (The BEAR for WordPress is vulnerable to Cross-Site Request
Forgery in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4919 (The iframe plugin for WordPress is vulnerable to Stored
Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4796 (The Booster for WooCommerce for WordPress is vulnerable to
Information ...)
- TODO: check
+ NOT-FOR-US: WooCommerce plugin
CVE-2023-4668 (The Ad Inserter for WordPress is vulnerable to Sensitive
Information E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4648 (The WP Customer Reviews plugin for WordPress is vulnerable to
Stored C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4598 (The Slimstat Analytics plugin for WordPress is vulnerable to
SQL Injec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4488 (The Dropbox Folder Share for WordPress is vulnerable to Local
File Inc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4482 (The Auto Amazon Links plugin for WordPress is vulnerable to
Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4402 (The Essential Blocks plugin for WordPress is vulnerable to PHP
Object ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4386 (The Essential Blocks plugin for WordPress is vulnerable to PHP
Object ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4274 (The Migration, Backup, Staging \u2013 WPvivid plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4271 (The Photospace Responsive plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4021 (The Modern Events Calendar lite plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46277 (please (aka pleaser) through 0.5.4 allows privilege escalation
through ...)
TODO: check
CVE-2023-46267 (Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before
1.6.4 al ...)
TODO: check
CVE-2023-46115 (Tauri is a framework for building binaries for all major
desktop platf ...)
- TODO: check
+ NOT-FOR-US: Tauri
CVE-2023-45823 (Artifact Hub is a web-based application that enables finding,
installi ...)
- TODO: check
+ NOT-FOR-US: Artifact Hub
CVE-2023-45822 (Artifact Hub is a web-based application that enables finding,
installi ...)
- TODO: check
+ NOT-FOR-US: Artifact Hub
CVE-2023-45821 (Artifact Hub is a web-based application that enables finding,
installi ...)
- TODO: check
+ NOT-FOR-US: Artifact Hub
CVE-2023-45819 (TinyMCE is an open source rich text editor. A cross-site
scripting (XS ...)
- TODO: check
+ - tinymce <removed>
CVE-2023-45818 (TinyMCE is an open source rich text editor. A mutation
cross-site scri ...)
- TODO: check
+ - tinymce <removed>
CVE-2023-45815 (ArchiveBox is an open source self-hosted web archiving system.
Any use ...)
- TODO: check
+ NOT-FOR-US: ArchiveBox
CVE-2023-45471 (The QAD Search Server is vulnerable to Stored Cross-Site
Scripting (XS ...)
- TODO: check
+ NOT-FOR-US: QAD Search Server
CVE-2023-45394 (Stored Cross-Site Scripting (XSS) vulnerability in the Company
field i ...)
- TODO: check
+ NOT-FOR-US: Small CRM
CVE-2023-45280 (Yamcs 5.8.6 allows XSS (issue 2 of 2). It comes with a Bucket
as its p ...)
- TODO: check
+ NOT-FOR-US: Yamcs
CVE-2023-45279 (Yamcs 5.8.6 allows XSS (issue 1 of 2). It comes with a Bucket
as its p ...)
- TODO: check
+ NOT-FOR-US: Yamcs
CVE-2023-44690 (Inadequate encryption strength in mycli 1.27.0 allows
attackers to vie ...)
TODO: check
CVE-2023-44385 (The Home Assistant Companion for iOS and macOS app up to
version 2023. ...)
- TODO: check
+ NOT-FOR-US: Home Assistant Companion
CVE-2023-43875 (Multiple Cross-Site Scripting (XSS) vulnerabilities in
installation of ...)
- TODO: check
+ NOT-FOR-US: Subrion CMS
CVE-2023-43359 (Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18
allows a ...)
- TODO: check
+ NOT-FOR-US: CMSmadesimple
CVE-2023-43345 (Cross-site scripting (XSS) vulnerability in opensolution Quick
CMS v.6 ...)
- TODO: check
+ NOT-FOR-US: Quick CMS
CVE-2023-43344 (Cross-site scripting (XSS) vulnerability in opensolution Quick
CMS v.6 ...)
- TODO: check
+ NOT-FOR-US: Quick CMS
CVE-2023-43342 (Cross-site scripting (XSS) vulnerability in opensolution Quick
CMS v.6 ...)
- TODO: check
+ NOT-FOR-US: Quick CMS
CVE-2023-43341 (Cross-site scripting (XSS) vulnerability in evolution evo
v.3.2.3 allo ...)
- TODO: check
+ NOT-FOR-US: Evolution CMS
CVE-2023-43340 (Cross-site scripting (XSS) vulnerability in evolution v.3.2.3
allows a ...)
- TODO: check
+ NOT-FOR-US: Evolution CMS
CVE-2023-41899 (Home assistant is an open source home automation. In affected
versions ...)
- TODO: check
+ NOT-FOR-US: Home assistant
CVE-2023-41898 (Home assistant is an open source home automation. The Home
Assistant C ...)
- TODO: check
+ NOT-FOR-US: Home assistant
CVE-2023-41897 (Home assistant is an open source home automation. Home
Assistant serve ...)
- TODO: check
+ NOT-FOR-US: Home assistant
CVE-2023-41896 (Home assistant is an open source home automation. Whilst
auditing the ...)
- TODO: check
+ NOT-FOR-US: Home assistant
CVE-2023-41895 (Home assistant is an open source home automation. The Home
Assistant l ...)
- TODO: check
+ NOT-FOR-US: Home assistant
CVE-2023-41894 (Home assistant is an open source home automation. The
assessment verif ...)
- TODO: check
+ NOT-FOR-US: Home assistant
CVE-2023-41893 (Home assistant is an open source home automation. The audit
team\u2019 ...)
- TODO: check
+ NOT-FOR-US: Home assistant
CVE-2023-40361 (SECUDOS Qiata (DOMOS OS) 4.13 has Insecure Permissions for the
preview ...)
- TODO: check
+ NOT-FOR-US: SECUDOS Qiata
CVE-2023-3998 (The wpDiscuz plugin for WordPress is vulnerable to unauthorized
modifi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-3996 (The ARMember Lite - Membership Plugin for WordPress is
vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-3869 (The wpDiscuz plugin for WordPress is vulnerable to unauthorized
modifi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39731 (The leakage of the client secret in Kaibutsunosato v13.6.1
allows atta ...)
- TODO: check
+ NOT-FOR-US: Kaibutsunosato
CVE-2023-39680 (Sollace Unicopia version 1.1.1 and before was discovered to
deserializ ...)
- TODO: check
+ NOT-FOR-US: Sollace Unicopia
CVE-2023-34052 (VMware Aria Operations for Logs contains a deserialization
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Vmware
CVE-2023-34051 (VMware Aria Operations for Logs contains an authentication
bypass vuln ...)
- TODO: check
+ NOT-FOR-US: Vmware
CVE-2023-2325 (Stored XSS Vulnerability in M-Files Classic Web versions before
23.10a ...)
- TODO: check
+ NOT-FOR-US: M-Files
CVE-2022-4954 (The Waiting: One-click countdowns plugin for WordPress is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-4418 (The Custom CSS, JS & PHP plugin for WordPress is vulnerable to
Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-4353 (The WooCommerce Dynamic Pricing and Discounts plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WooCommerce plugin
CVE-2020-36759 (The Woody code snippets plugin for WordPress is vulnerable to
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2020-36758 (The RSS Aggregator by Feedzy plugin for WordPress is
vulnerable to Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2020-36755 (The Customizr theme for WordPress is vulnerable to Cross-Site
Request ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2020-36754 (The Paid Memberships Pro plugin for WordPress is vulnerable
to Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2020-36753 (The Hueman theme for WordPress is vulnerable to Cross-Site
Request For ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2020-36751 (The Coupon Creator plugin for WordPress is vulnerable to
Cross-Site Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2020-36714 (The Brizy plugin for WordPress is vulnerable to authorization
bypass d ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2020-36706 (The Simple:Press \u2013 WordPress Forum Plugin for WordPress
is vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2020-36698 (The Security & Malware scan by CleanTalk plugin for WordPress
is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45802
- apache2 2.4.58-1
NOTE: https://www.openwall.com/lists/oss-security/2023/10/19/6
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99af4cf54129c358c480893f7c38c83f1d56a0e4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99af4cf54129c358c480893f7c38c83f1d56a0e4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
