Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
238e87a2 by security tracker role at 2023-11-13T08:11:52+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,65 @@
+CVE-2023-5747 (Bashis, a Security Researcher at IPVM has found a flaw that
allows for ...)
+ TODO: check
+CVE-2023-5741 (The POWR plugin for WordPress is vulnerable to Stored
Cross-Site Scrip ...)
+ TODO: check
+CVE-2023-5037
+ REJECTED
+CVE-2023-4775 (The Advanced iFrame plugin for WordPress is vulnerable to
Stored Cross ...)
+ TODO: check
+CVE-2023-47669 (Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs
User Pro ...)
+ TODO: check
+CVE-2023-47652 (Cross-Site Request Forgery (CSRF) vulnerability in Lucian
Apostol Auto ...)
+ TODO: check
+CVE-2023-47516 (Cross-Site Request Forgery (CSRF) vulnerability in Stark
Digital Categ ...)
+ TODO: check
+CVE-2023-47230 (Cross-Site Request Forgery (CSRF) vulnerability in Cimatti
Consulting ...)
+ TODO: check
+CVE-2023-47163 (Remarshal prior to v0.17.1 expands YAML alias nodes
unlimitedly, hence ...)
+ TODO: check
+CVE-2023-46638 (Cross-Site Request Forgery (CSRF) vulnerability in Webcodin
WCP OpenWe ...)
+ TODO: check
+CVE-2023-46636 (Cross-Site Request Forgery (CSRF) vulnerability in David
St\xf6ckl Cus ...)
+ TODO: check
+CVE-2023-46634 (Cross-Site Request Forgery (CSRF) vulnerability in phoeniixx
Custom My ...)
+ TODO: check
+CVE-2023-46629 (Cross-Site Request Forgery (CSRF) vulnerability in
themelocation Remov ...)
+ TODO: check
+CVE-2023-46625 (Cross-Site Request Forgery (CSRF) vulnerability in DAEXT
Autolinks Man ...)
+ TODO: check
+CVE-2023-46620 (Cross-Site Request Forgery (CSRF) vulnerability in Fluenx
DeepL API tr ...)
+ TODO: check
+CVE-2023-46619 (Cross-Site Request Forgery (CSRF) vulnerability in WebDorado
WDSocialW ...)
+ TODO: check
+CVE-2023-46618 (Cross-Site Request Forgery (CSRF) vulnerability in Bala
Krishna, Serge ...)
+ TODO: check
+CVE-2023-46207 (Server-Side Request Forgery (SSRF) vulnerability in
StylemixThemes Mot ...)
+ TODO: check
+CVE-2023-46201 (Cross-Site Request Forgery (CSRF) vulnerability in Jeff Sherk
Auto Log ...)
+ TODO: check
+CVE-2023-41239 (Server-Side Request Forgery (SSRF) vulnerability in Blubrry
PowerPress ...)
+ TODO: check
+CVE-2023-38515 (Server-Side Request Forgery (SSRF) vulnerability in Andy Moyle
Church ...)
+ TODO: check
+CVE-2023-38364 (IBM CICS TX Advanced 10.1 is vulnerable to cross-site
scripting. This ...)
+ TODO: check
+CVE-2023-38363 ([PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION]
on [PLATF ...)
+ TODO: check
+CVE-2023-37978 (Server-Side Request Forgery (SSRF) vulnerability in Dimitar
Ivanov HTT ...)
+ TODO: check
+CVE-2023-35041 (Cross-Site Request Forgery (CSRF) vulnerability leading to
Local File ...)
+ TODO: check
+CVE-2023-34384 (Cross-Site Request Forgery (CSRF) vulnerability in Kebo Kebo
Twitter F ...)
+ TODO: check
+CVE-2023-34378 (Cross-Site Request Forgery (CSRF) vulnerability in
scriptburn.Com WP H ...)
+ TODO: check
+CVE-2023-34013 (Server-Side Request Forgery (SSRF) vulnerability in Poll Maker
Team Po ...)
+ TODO: check
+CVE-2023-33207 (Cross-Site Request Forgery (CSRF) vulnerability in Krzysztof
Wielog\xf ...)
+ TODO: check
+CVE-2023-32588 (Cross-Site Request Forgery (CSRF) vulnerability in
BRANDbrilliance Pos ...)
+ TODO: check
+CVE-2023-32583 (Cross-Site Request Forgery (CSRF) vulnerability in Prashant
Walke WP A ...)
+ TODO: check
CVE-2023-6084 (A vulnerability was found in Tongda OA 2017 up to 11.9 and
classified ...)
NOT-FOR-US: Tongda OA
CVE-2023-47037 (We failed to applyCVE-2023-40611 in 2.7.1 and this
vulnerability was m ...)
@@ -26034,8 +26096,8 @@ CVE-2023-31221 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-31220 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
WP-EXPER ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-31219
- RESERVED
+CVE-2023-31219 (Server-Side Request Forgery (SSRF) vulnerability in WPChill
Download M ...)
+ TODO: check
CVE-2023-31218 (Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site
Scripti ...)
NOT-FOR-US: WordPress plugin
CVE-2023-31217 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
@@ -31130,8 +31192,8 @@ CVE-2023-29427 (Unauth. Reflected Cross-Site Scripting
(XSS) vulnerability in TM
NOT-FOR-US: WordPress plugin
CVE-2023-29426 (Cross-Site Request Forgery (CSRF) vulnerability in Robert
Schulz (sprd ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-29425
- RESERVED
+CVE-2023-29425 (Cross-Site Request Forgery (CSRF) vulnerability in
plainware.Com Shift ...)
+ TODO: check
CVE-2023-29424 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Plai ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29423 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in PI W ...)
@@ -31867,8 +31929,8 @@ CVE-2023-29246 (An attacker who has gained access to an
admin account can perfor
NOT-FOR-US: Apache OpenMeetings
CVE-2023-29239
RESERVED
-CVE-2023-29238
- RESERVED
+CVE-2023-29238 (Cross-Site Request Forgery (CSRF) vulnerability in Whydonate
Whydonate ...)
+ TODO: check
CVE-2023-29237
RESERVED
CVE-2023-29236 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Cththeme ...)
@@ -32730,8 +32792,8 @@ CVE-2023-28989 (Cross-Site Request Forgery (CSRF)
vulnerability in weDevs Happy
NOT-FOR-US: WordPress plugin
CVE-2023-28988 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in PI W ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28987
- RESERVED
+CVE-2023-28987 (Cross-Site Request Forgery (CSRF) vulnerability in Wpmet Wp
Ultimate R ...)
+ TODO: check
CVE-2023-28986 (Cross-Site Request Forgery (CSRF) vulnerability in wp.Insider,
wpaffil ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28985 (An Improper Validation of Syntactic Correctness of Input
vulnerability ...)
@@ -32972,8 +33034,8 @@ CVE-2023-28932 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-28931 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Neve ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28930
- RESERVED
+CVE-2023-28930 (Cross-Site Request Forgery (CSRF) vulnerability in Robin
Phillips Mobi ...)
+ TODO: check
CVE-2023-28929 (Trend Micro Security 2021, 2022, and 2023 (Consumer) are
vulnerable to ...)
NOT-FOR-US: Trend Micro
CVE-2023-28928
@@ -33848,12 +33910,12 @@ CVE-2023-28698 (Wade Graphic Design FANTSY has a
vulnerability of insufficient a
NOT-FOR-US: Wade Graphic Design FANTSY
CVE-2023-28697 (Moxa MiiNePort E1 has a vulnerability of insufficient access
control. ...)
NOT-FOR-US: Moxa
-CVE-2023-28696
- RESERVED
+CVE-2023-28696 (Cross-Site Request Forgery (CSRF) vulnerability in Harish
Chouhan, The ...)
+ TODO: check
CVE-2023-28695 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Drew ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28694
- RESERVED
+CVE-2023-28694 (Cross-Site Request Forgery (CSRF) vulnerability in Wbcom
Designs Wbcom ...)
+ TODO: check
CVE-2023-28693 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Balasahe ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28692 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Kevo ...)
@@ -34083,8 +34145,8 @@ CVE-2023-28620 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-28619
RESERVED
-CVE-2023-28618
- RESERVED
+CVE-2023-28618 (Cross-Site Request Forgery (CSRF) vulnerability in Marios
Alexandrou E ...)
+ TODO: check
CVE-2023-28391
RESERVED
CVE-2023-27927 (An authenticated malicious user could acquire the simple mail
transfer ...)
@@ -34473,14 +34535,14 @@ CVE-2023-28500 (A Java insecure deserialization
vulnerability in Adobe LiveCycle
NOT-FOR-US: Adobe
CVE-2023-28499 (Auth. (author+) Stored Cross-Site Scripting (XSS)
vulnerability in sim ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28498
- RESERVED
-CVE-2023-28497
- RESERVED
+CVE-2023-28498 (Cross-Site Request Forgery (CSRF) vulnerability in MotoPress
Hotel Boo ...)
+ TODO: check
+CVE-2023-28497 (Cross-Site Request Forgery (CSRF) vulnerability in Tribulant
Slideshow ...)
+ TODO: check
CVE-2023-28496 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in SMTP ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28495
- RESERVED
+CVE-2023-28495 (Cross-Site Request Forgery (CSRF) vulnerability in MyThemeShop
WP Shor ...)
+ TODO: check
CVE-2023-28494
RESERVED
CVE-2023-28493 (Auth (subscriber+) Reflected Cross-Site Scripting (XSS)
vulnerability ...)
@@ -34848,10 +34910,10 @@ CVE-2023-28422 (Auth. (admin+) Stored Cross-site
Scripting (XSS) vulnerability i
NOT-FOR-US: WooCommerce plugin
CVE-2023-28421
RESERVED
-CVE-2023-28420
- RESERVED
-CVE-2023-28419
- RESERVED
+CVE-2023-28420 (Cross-Site Request Forgery (CSRF) vulnerability in Leo Caseiro
Custom ...)
+ TODO: check
+CVE-2023-28419 (Cross-Site Request Forgery (CSRF) vulnerability in Stranger
Studios Fo ...)
+ TODO: check
CVE-2023-28418 (Auth. (subscriber+) Reflected Cross-Site Scripting (XSS)
vulnerability ...)
NOT-FOR-US: WordPress theme
CVE-2023-28417
@@ -35692,10 +35754,10 @@ CVE-2023-28175 (Improper Authorization in SSH server
in Bosch VMS 11.0, 11.1.0,
NOT-FOR-US: Bosch
CVE-2023-28174 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in eLig ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28173
- RESERVED
-CVE-2023-28172
- RESERVED
+CVE-2023-28173 (Cross-Site Request Forgery (CSRF) vulnerability in Amit
Agarwal Google ...)
+ TODO: check
+CVE-2023-28172 (Cross-Site Request Forgery (CSRF) vulnerability in flippercode
WordPre ...)
+ TODO: check
CVE-2023-28171 (Auth. (subscriber+) Stored Cross-Site Scripting (XSS)
vulnerability in ...)
NOT-FOR-US: WordPress theme
CVE-2023-28170
@@ -35704,8 +35766,8 @@ CVE-2023-28169 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-28168
RESERVED
-CVE-2023-28167
- RESERVED
+CVE-2023-28167 (Cross-Site Request Forgery (CSRF) vulnerability in Vsourz
Digital CF7 ...)
+ TODO: check
CVE-2023-28166 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Aakif Ka ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28165
@@ -35951,8 +36013,8 @@ CVE-2023-28136
RESERVED
CVE-2023-28135
RESERVED
-CVE-2023-28134
- RESERVED
+CVE-2023-28134 (Local attacker can escalate privileges on affected
installations of Ch ...)
+ TODO: check
CVE-2023-28133 (Local privilege escalation in Check Point Endpoint Security
Client (ve ...)
NOT-FOR-US: Check Point Endpoint Security Client
CVE-2023-28132
@@ -37501,8 +37563,8 @@ CVE-2023-27634 (Cross-Site Request Forgery (CSRF)
vulnerability allows arbitrary
NOT-FOR-US: Shingo Intrepidity
CVE-2023-27633
RESERVED
-CVE-2023-27632
- RESERVED
+CVE-2023-27632 (Cross-Site Request Forgery (CSRF) vulnerability in mmrs151
Daily Praye ...)
+ TODO: check
CVE-2023-27631 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27630
@@ -37519,8 +37581,8 @@ CVE-2023-27625
RESERVED
CVE-2023-27624 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Marc ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-27623
- RESERVED
+CVE-2023-27623 (Cross-Site Request Forgery (CSRF) vulnerability in Jens
T\xf6rnell WP ...)
+ TODO: check
CVE-2023-27622 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Abel ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27621 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in MrDe ...)
@@ -37543,8 +37605,8 @@ CVE-2023-27613 (Unauth. Reflected Cross-Site Scripting
(XSS) vulnerability in Mo
NOT-FOR-US: WordPress plugin
CVE-2023-27612 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-27611
- RESERVED
+CVE-2023-27611 (Cross-Site Request Forgery (CSRF) vulnerability in audrasjb
Reusable B ...)
+ TODO: check
CVE-2023-27610 (Auth. (admin+) SQL Injection (SQLi) vulnerability in
TransbankDevelope ...)
NOT-FOR-US: TransbankDevelopers Transbank Webpay
CVE-2023-27609
@@ -38106,36 +38168,36 @@ CVE-2023-27447
RESERVED
CVE-2023-27446
RESERVED
-CVE-2023-27445
- RESERVED
+CVE-2023-27445 (Cross-Site Request Forgery (CSRF) vulnerability in Meril Inc.
Blog Flo ...)
+ TODO: check
CVE-2023-27444
RESERVED
CVE-2023-27443 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27442
RESERVED
-CVE-2023-27441
- RESERVED
+CVE-2023-27441 (Cross-Site Request Forgery (CSRF) vulnerability in gl_SPICE
New Adman ...)
+ TODO: check
CVE-2023-27440
RESERVED
CVE-2023-27439 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in gl_S ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-27438
- RESERVED
+CVE-2023-27438 (Cross-Site Request Forgery (CSRF) vulnerability in Evgen
Yurchenko WP ...)
+ TODO: check
CVE-2023-27437
RESERVED
-CVE-2023-27436
- RESERVED
+CVE-2023-27436 (Cross-Site Request Forgery (CSRF) vulnerability in Louis
Reingold Eleg ...)
+ TODO: check
CVE-2023-27435 (Cross-Site Request Forgery (CSRF) vulnerability in Sami Ahmed
Siddiqui ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-27434
- RESERVED
+CVE-2023-27434 (Cross-Site Request Forgery (CSRF) vulnerability in WPGrim
Classic Edit ...)
+ TODO: check
CVE-2023-27433 (Cross-Site Request Forgery (CSRF) vulnerability in YAS Global
Team Mak ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27432 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
WpSimple ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-27431
- RESERVED
+CVE-2023-27431 (Cross-Site Request Forgery (CSRF) vulnerability in ThemeHunk
Big Store ...)
+ TODO: check
CVE-2023-27430 (Cross-Site Request Forgery (CSRF) vulnerability in Ramon
Fincken Mass ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27429 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Auto ...)
@@ -38160,10 +38222,10 @@ CVE-2023-27420 (Unauth. Reflected Cross-Site
Scripting (XSS) vulnerability in Ev
NOT-FOR-US: WordPress theme
CVE-2023-27419 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Everest ...)
NOT-FOR-US: WordPress theme
-CVE-2023-27418
- RESERVED
-CVE-2023-27417
- RESERVED
+CVE-2023-27418 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company
Side Me ...)
+ TODO: check
+CVE-2023-27417 (Cross-Site Request Forgery (CSRF) vulnerability in Timo Reith
Affiliat ...)
+ TODO: check
CVE-2023-27416 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Deco ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27415 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Them ...)
@@ -40354,8 +40416,8 @@ CVE-2023-1026 (The WP Meta SEO plugin for WordPress is
vulnerable to unauthorize
NOT-FOR-US: WP Meta SEO plugin for WordPress
CVE-2019-25105 (A vulnerability, which was classified as problematic, was
found in dro ...)
NOT-FOR-US: dro.pm
-CVE-2023-26543
- RESERVED
+CVE-2023-26543 (Cross-Site Request Forgery (CSRF) vulnerability in Aleksandr
Guidrevit ...)
+ TODO: check
CVE-2023-26542
RESERVED
CVE-2023-26541 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Alex ...)
@@ -40378,8 +40440,8 @@ CVE-2023-26533
RESERVED
CVE-2023-26532
RESERVED
-CVE-2023-26531
- RESERVED
+CVE-2023-26531 (Cross-Site Request Forgery (CSRF) vulnerability in
\u95ea\u7535\u535a ...)
+ TODO: check
CVE-2023-26530 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Paul Keh ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26529 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Dupe ...)
@@ -40392,8 +40454,8 @@ CVE-2023-26526
RESERVED
CVE-2023-26525
RESERVED
-CVE-2023-26524
- RESERVED
+CVE-2023-26524 (Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech
Quiz An ...)
+ TODO: check
CVE-2023-26523
RESERVED
CVE-2023-26522
@@ -40404,16 +40466,16 @@ CVE-2023-26520
RESERVED
CVE-2023-26519 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Alex ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-26518
- RESERVED
+CVE-2023-26518 (Cross-Site Request Forgery (CSRF) vulnerability in AccessPress
Themes ...)
+ TODO: check
CVE-2023-26517 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Jeff ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-26516
- RESERVED
+CVE-2023-26516 (Cross-Site Request Forgery (CSRF) vulnerability in WPIndeed
Debug Assi ...)
+ TODO: check
CVE-2023-26515 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Ko T ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-26514
- RESERVED
+CVE-2023-26514 (Cross-Site Request Forgery (CSRF) vulnerability in WPGrim
Dynamic XML ...)
+ TODO: check
CVE-2023-26513 (Excessive Iteration vulnerability in Apache Software
Foundation Apache ...)
NOT-FOR-US: Apache Sling
CVE-2023-26512 (CWE-502 Deserialization of Untrusted Dataat
therabbitmq-connector plug ...)
@@ -48694,8 +48756,8 @@ CVE-2023-23802 (Cross-Site Request Forgery (CSRF)
vulnerability in HasThemes HT
NOT-FOR-US: WordPress plugin
CVE-2023-23801 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes
Really Si ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23800
- RESERVED
+CVE-2023-23800 (Server-Side Request Forgery (SSRF) vulnerability in Vova
Anokhin WP Sh ...)
+ TODO: check
CVE-2023-23799 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability
in Leon ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23798 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
@@ -49129,8 +49191,8 @@ CVE-2023-23686 (Auth. (contributor+) Stored Cross-Site
Scripting (XSS) vulnerabi
NOT-FOR-US: WordPress plugin
CVE-2023-23685 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23684
- RESERVED
+CVE-2023-23684 (Server-Side Request Forgery (SSRF) vulnerability in
WPGraphQL.This iss ...)
+ TODO: check
CVE-2023-23683 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Ozan ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23682 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Snap ...)
@@ -62561,8 +62623,8 @@ CVE-2022-45837 (Reflected Cross-Site Scripting (XSS)
vulnerability in Denis \u5f
NOT-FOR-US: WordPress plugin
CVE-2022-45836 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
W3 Eden, ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-45835
- RESERVED
+CVE-2022-45835 (Server-Side Request Forgery (SSRF) vulnerability in PhonePe
PhonePe Pa ...)
+ TODO: check
CVE-2022-45834
RESERVED
CVE-2022-45833 (Auth. Path Traversal vulnerability in Easy WP SMTP plugin <=
1.5.1 on ...)
@@ -125849,6 +125911,7 @@ CVE-2022-24601 (Luocms v2.0 is affected by SQL
Injection in /admin/manager/admin
CVE-2022-24600 (Luocms v2.0 is affected by SQL Injection through
/admin/login.php. An ...)
NOT-FOR-US: Luocms
CVE-2022-24599 (In autofile Audio File Library 0.3.6, there exists one memory
leak vul ...)
+ {DLA-3650-1}
- audiofile <unfixed> (bug #1008017)
[bookworm] - audiofile <no-dsa> (Minor issue)
[bullseye] - audiofile <no-dsa> (Minor issue)
@@ -309078,6 +309141,7 @@ CVE-2019-13149 (An issue was discovered in TRENDnet
TEW-827DRU firmware before 2
CVE-2019-13148 (An issue was discovered in TRENDnet TEW-827DRU firmware before
2.05B11 ...)
NOT-FOR-US: TRENDnet TEW-827DRU firmware
CVE-2019-13147 (In Audio File Library (aka audiofile) 0.3.6, there exists one
NULL poi ...)
+ {DLA-3650-1}
- audiofile <unfixed> (low; bug #931343)
[bookworm] - audiofile <no-dsa> (Minor issue)
[bullseye] - audiofile <ignored> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/238e87a2a47189b4c8190d516d66d8ebfb3a4735
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/238e87a2a47189b4c8190d516d66d8ebfb3a4735
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
