Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e0ecbbf2 by Salvatore Bonaccorso at 2023-10-24T22:22:59+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,129 +1,129 @@
CVE-2023-5753 (Potential buffer overflows in the Bluetooth subsystem due to
asserts b ...)
- TODO: check
+ NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr)
CVE-2023-5748 (Buffer copy without checking size of input ('Classic Buffer
Overflow') ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2023-5745 (The Reusable Text Blocks plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5744 (The Very Simple Google Maps plugin for WordPress is vulnerable
to Stor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5740 (The Live Chat with Facebook Messenger plugin for WordPress is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5127 (The WP Font Awesome plugin for WordPress is vulnerable to
Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5126 (The Delete Me plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5110 (The BSK PDF Manager plugin for WordPress is vulnerable to
Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5085 (The Advanced Menu Widget plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46373 (TP-Link TL-WDR7660 2.0.30 has a stack overflow vulnerability
via the f ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2023-46371 (TP-Link device TL-WDR7660 2.0.30 has a stack overflow
vulnerability vi ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2023-46370 (Tenda W18E V16.01.0.8(1576) has a command injection
vulnerability via ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-46369 (Tenda W18E V16.01.0.8(1576) contains a stack overflow
vulnerability vi ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-46204 (Cross-Site Request Forgery (CSRF) vulnerability in Muller
Digital Inc. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46202 (Cross-Site Request Forgery (CSRF) vulnerability in Jeff Sherk
Auto Log ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46198 (Cross-Site Request Forgery (CSRF) vulnerability in Scientech
It Soluti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46193 (Cross-Site Request Forgery (CSRF) vulnerability in Internet
Marketing ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46191 (Cross-Site Request Forgery (CSRF) vulnerability in Niels van
Renselaar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46190 (Cross-Site Request Forgery (CSRF) vulnerability in Novo-media
Novo-Map ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46189 (Cross-Site Request Forgery (CSRF) vulnerability in Simple
Calendar \u2 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46152 (Cross-Site Request Forgery (CSRF) vulnerability in realmag777
WOLF \u2 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46151 (Cross-Site Request Forgery (CSRF) vulnerability in AWESOME
TOGI Produc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46150 (Cross-Site Request Forgery (CSRF) vulnerability in WP Military
WP Radi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46128 (Nautobot is a Network Automation Platform built as a web
application a ...)
- TODO: check
+ NOT-FOR-US: Nautobot
CVE-2023-46071 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
ClickDat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46070 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Emmanuel ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46069 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46068 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in XQue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46010 (An issue in SeaCMS v.12.9 allows an attacker to execute
arbitrary comm ...)
- TODO: check
+ NOT-FOR-US: SeaCMS
CVE-2023-45960 (An issue in dom4.j org.dom4.io.SAXReader v.2.1.4 and before
allows a r ...)
TODO: check
CVE-2023-45837 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
XYDAC Ul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45835 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Libsyn L ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45833 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Lead ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45832 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Mart ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45829 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45772 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Scribit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45770 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Fastwpsp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45769 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Alex Rav ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45768 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Step ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45767 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Woka ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45764 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Gopi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45761 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Joovii S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45759 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Peter Ke ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45758 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Marc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45756 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Spider T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45755 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Budd ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45754 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in I Th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45750 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
POSIMYTH ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45747 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Syed ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45646 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45644 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Anur ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45640 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45637 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
EventPri ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45634 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Biztechc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-43510 (A vulnerability in the ClearPass Policy Manager
web-basedmanagement in ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-43509 (A vulnerability in the web-based management interface
ofClearPass Poli ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-43508 (Vulnerabilities in the web-based management interface
ofClearPass Poli ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-43507 (A vulnerability in the web-based management interface
ofClearPass Poli ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-43506 (A vulnerability in the ClearPass OnGuard Linux agent
couldallow malici ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-42031 (IBM TXSeries for Multiplatforms, 8.1, 8.2, and 9.1, CICS TX
Standard C ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-39924 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Mitc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39619 (ReDos in NPMJS Node Email Check v.1.0.4 allows an attacker to
cause a ...)
TODO: check
CVE-2023-39231 (PingFederate using the PingOne MFA adapter allows a new MFA
device to ...)
- TODO: check
+ NOT-FOR-US: PingFederate
CVE-2023-5732 (An attacker could have created a malicious link using
bidirectional ch ...)
- firefox-esr <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-46/#CVE-2023-5732
@@ -41921,7 +41921,7 @@ CVE-2023-25034 (Cross-Site Request Forgery (CSRF)
vulnerability in BoLiQuan WP C
CVE-2023-25033 (Cross-Site Request Forgery (CSRF) vulnerability in Sumo Social
Share B ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25032 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Prin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25031 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Kibo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25030
@@ -66987,7 +66987,7 @@ CVE-2023-20275
CVE-2023-20274
RESERVED
CVE-2023-20273 (A vulnerability in the web UI feature of Cisco IOS XE Software
could a ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20272
RESERVED
CVE-2023-20271
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0ecbbf213a3f47bec5aff23fbb63a272f01f81c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0ecbbf213a3f47bec5aff23fbb63a272f01f81c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
