Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
31902233 by Salvatore Bonaccorso at 2023-11-06T21:53:40+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,95 +5,95 @@ CVE-2023-5968 (Mattermost fails to properly sanitize the user
object when updati
CVE-2023-5967 (Mattermost fails to properly validate requests to the Calls
plugin, al ...)
- mattermost-server <itp> (bug #823556)
CVE-2023-5964 (The 1E-Exchange-DisplayMessageinstruction that is part of the
End-User ...)
- TODO: check
+ NOT-FOR-US: 1E-Exchange-DisplayMessageinstruction
CVE-2023-5963 (An issue has been discovered in GitLab EE with Advanced Search
affecti ...)
TODO: check
CVE-2023-5950 (Rapid7 Velociraptor versions prior to 0.7.0-4 suffer from a
reflected ...)
- TODO: check
+ NOT-FOR-US: Rapid7 Velociraptor
CVE-2023-5823 (Cross-Site Request Forgery (CSRF) vulnerability in ThemeKraft
TK Googl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5777 (Weintek EasyBuilder Pro contains a vulnerability that, even
when the p ...)
- TODO: check
+ NOT-FOR-US: Weintek EasyBuilder Pro
CVE-2023-5771 (Proofpoint Enterprise Protection contains a stored XSS
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: Proofpoint Enterprise Protection
CVE-2023-5719 (The Crimson 3.2 Windows-based configuration tool allows users
with adm ...)
- TODO: check
+ NOT-FOR-US: Crimson
CVE-2023-4996 (Netskope was made aware of a security vulnerability in its
NSClient pr ...)
- TODO: check
+ NOT-FOR-US: Netskope
CVE-2023-4535 (An out-of-bounds read vulnerability was found in OpenSC
packages withi ...)
TODO: check
CVE-2023-47186 (Cross-Site Request Forgery (CSRF) vulnerability in Kadence WP
Kadence ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47185 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in
gVectors Te ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47184 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Prop ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47182 (Cross-Site Request Forgery (CSRF) leading to a Stored
Cross-Site Scrip ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47177 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Yaki ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46824 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Om A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46823 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46822 (Unauth. Reflected Cross-Site Scripting') vulnerability in
Visser Labs ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46821 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46783 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46782 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46781 (Cross-Site Request Forgery (CSRF) vulnerability in Roland Murg
Current ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46780 (Cross-Site Request Forgery (CSRF) vulnerability in Alter
plugin <=1.0 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46779 (Cross-Site Request Forgery (CSRF) vulnerability in EasyRecipe
plugin < ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46778 (Cross-Site Request Forgery (CSRF) vulnerability in
TheFreeWindows Auto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46777 (Cross-Site Request Forgery (CSRF) vulnerability in Custom
Login Page | ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46776 (Cross-Site Request Forgery (CSRF) vulnerability in Serena
Villa Auto E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46775 (Cross-Site Request Forgery (CSRF) vulnerability in Djo
Original texts ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46732 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2023-46731 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2023-46728 (Squid is a caching proxy for the Web supporting HTTP, HTTPS,
FTP, and ...)
TODO: check
CVE-2023-46254 (capsule-proxy is a reverse proxy for Capsule kubernetes
multi-tenancy ...)
TODO: check
CVE-2023-46251 (MyBB is a free and open source forum software. Custom MyCode
(BBCode) ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2023-46084 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45830 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45827 (Dot diver is a lightweight, powerful, and dependency-free
TypeScript u ...)
TODO: check
CVE-2023-45657 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45163 (The 1E-Exchange-CommandLinePing instruction that is part of
the Networ ...)
- TODO: check
+ NOT-FOR-US: 1E-Exchange-CommandLinePing
CVE-2023-45161 (The 1E-Exchange-URLResponseTime instruction that is part of
the Networ ...)
- TODO: check
+ NOT-FOR-US: 1E-Exchange-URLResponseTime
CVE-2023-45074 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45069 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45055 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45046 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45001 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44398 (Exiv2 is a C++ library and a command-line utility to read,
write, dele ...)
TODO: check
CVE-2023-41685 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41378 (In certain conditions for Calico Typha (v3.26.2, v3.25.1 and
below), a ...)
TODO: check
CVE-2023-40661 (Several memory vulnerabilities were identified within the
OpenSC packa ...)
@@ -101,7 +101,7 @@ CVE-2023-40661 (Several memory vulnerabilities were
identified within the OpenSC
CVE-2023-40660 (A flaw was found in OpenSC packages that allow a potential PIN
bypass. ...)
TODO: check
CVE-2023-40609 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39345 (strapi is an open-source headless CMS. Versions prior to
4.13.1 did no ...)
TODO: check
CVE-2023-35911 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/31902233c545872801c2d49d35907c1b03bda54c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/31902233c545872801c2d49d35907c1b03bda54c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
