Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ae1ac650 by Salvatore Bonaccorso at 2023-10-31T21:24:08+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,65 +1,65 @@
CVE-2023-5873 (Cross-site Scripting (XSS) - Stored in GitHub repository
pimcore/pimco ...)
- TODO: check
+ NOT-FOR-US: Pimcore
CVE-2023-5739 (Certain versions of HP PC Hardware Diagnostics Windows are
potentially ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2023-5519 (The EventPrime WordPress plugin before 3.2.0 does not have CSRF
checks ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5464 (The Jquery accordion slideshow plugin for WordPress is
vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5458 (The CITS Support svg, webp Media and TTF,OTF File Upload
WordPress plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5439 (The Wp photo text slider 50 plugin for WordPress is vulnerable
to SQL ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5438 (The wp image slideshow plugin for WordPress is vulnerable to
SQL Injec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5437 (The WP fade in text news plugin for WordPress is vulnerable to
SQL Inj ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5436 (The Vertical marquee plugin for WordPress is vulnerable to SQL
Injecti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5435 (The Up down image slideshow gallery plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5434 (The Superb slideshow gallery plugin for WordPress is vulnerable
to SQL ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5433 (The Message ticker plugin for WordPress is vulnerable to SQL
Injection ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5431 (The Left right image slideshow gallery plugin for WordPress is
vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5430 (The Jquery news ticker plugin for WordPress is vulnerable to
SQL Injec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5429 (The Information Reel plugin for WordPress is vulnerable to SQL
Injecti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5428 (The Image vertical reel scroll slideshow plugin for WordPress
is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5412 (The Image horizontal reel scroll slideshow plugin for WordPress
is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5360 (The Royal Elementor Addons and Templates WordPress plugin
before 1.3.7 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5307 (The Photos and Files Contest Gallery WordPress plugin before
21.2.8.1 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5243 (The Login Screen Manager WordPress plugin through 3.5.2 does
not sanit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5238 (The EventPrime WordPress plugin before 3.2.0 does not sanitise
and esc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5237 (The Memberlite Shortcodes WordPress plugin before 1.3.9 does
not valid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5229 (The E2Pdf WordPress plugin before 1.20.20 does not sanitize and
escape ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5211 (The Fattura24 WordPress plugin before 6.2.8 does not sanitize
or escap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5116 (The Live updates from Excel plugin for WordPress is vulnerable
to Stor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5114 (The idbbee plugin for WordPress is vulnerable to Stored
Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5099 (The HTML filter and csv-file search plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5098 (The Campaign Monitor Forms by Optin Cat WordPress plugin before
2.5.6 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5073 (The iframe forms plugin for WordPress is vulnerable to Stored
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4836 (The WordPress File Sharing Plugin WordPress plugin before 2.0.5
does n ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4823 (The WP Meta and Date Remover WordPress plugin before 2.2.0
provides an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4390 (The Popup box WordPress plugin before 3.7.2 does not sanitize
and esca ...)
TODO: check
CVE-2023-4251 (The EventPrime WordPress plugin before 3.2.0 does not have CSRF
checks ...)
@@ -67,31 +67,31 @@ CVE-2023-4251 (The EventPrime WordPress plugin before 3.2.0
does not have CSRF c
CVE-2023-4250 (The EventPrime WordPress plugin before 3.2.0 does not sanitise
and esc ...)
TODO: check
CVE-2023-46993 (In TOTOLINK A3300R V17.0.0cu.557_B20221024 when dealing with
setLedCfg ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2023-46992 (TOTOLINK A3300R V17.0.0cu.557_B20221024 is vulnerable to
Incorrect Acc ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2023-46979 (TOTOLINK X6000R V9.4.0cu.852_B20230719 was discovered to
contain a com ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2023-46978 (TOTOLINK X6000R V9.4.0cu.852_B20230719 is vulnerable to
Incorrect Acce ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2023-46977 (TOTOLINK LR1200GB V9.1.0u.6619_B20230130 was discovered to
contain a s ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2023-46976 (TOTOLINK A3300R 17.0.0cu.557_B20221024 contains a command
injection vi ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2023-46723 (lte-pic32-writer is a writer for PIC32 devices. In versions
0.0.1 and ...)
TODO: check
CVE-2023-46722 (The Pimcore Admin Classic Bundle provides a backend UI for
Pimcore. Pr ...)
- TODO: check
+ NOT-FOR-US: Pimcore Admin Classic Bundle
CVE-2023-46622 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
ollybach ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46313 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Katie Se ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46312 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Zaytech ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46256 (PX4-Autopilot provides PX4 flight control solution for drones.
In vers ...)
- TODO: check
+ NOT-FOR-US: PX4-Autopilot
CVE-2023-46255 (SpiceDB is an open source, Google Zanzibar-inspired database
for creat ...)
- TODO: check
+ NOT-FOR-US: SpiceDB
CVE-2023-46250 (pypdf is a free and open-source pure-python PDF library. An
attacker w ...)
TODO: check
CVE-2023-46249 (authentik is an open-source Identity Provider. Prior to
versions 2023. ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae1ac65074a276c761eea9d7691d2ebd59d05481
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae1ac65074a276c761eea9d7691d2ebd59d05481
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
