[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e742419c by security tracker role at 2023-11-18T08:11:25+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,41 @@
+CVE-2023-6187 (The Paid Memberships Pro plugin for WordPress is vulnerable to 
arbitra ...)
+       TODO: check
+CVE-2023-4214 (The AppPresser plugin for WordPress is vulnerable to 
unauthorized pass ...)
+       TODO: check
+CVE-2023-48295 (LibreNMS is an auto-discovering PHP/MySQL/SNMP based network 
monitorin ...)
+       TODO: check
+CVE-2023-48294 (LibreNMS is an auto-discovering PHP/MySQL/SNMP based network 
monitorin ...)
+       TODO: check
+CVE-2023-48238 (joaquimserafim/json-web-token is a javascript library use to 
interact  ...)
+       TODO: check
+CVE-2023-48028 (kodbox 1.46.01 has a security flaw that enables user 
enumeration. This ...)
+       TODO: check
+CVE-2023-48017 (Dreamer_cms 4.1.3 is vulnerable to Cross Site Request Forgery 
(CSRF) v ...)
+       TODO: check
+CVE-2023-46745 (LibreNMS is an auto-discovering PHP/MySQL/SNMP based network 
monitorin ...)
+       TODO: check
+CVE-2023-46402 (git-urls version 1.0.1 is vulnerable to ReDOS (Regular 
Expression Deni ...)
+       TODO: check
+CVE-2023-44796 (Cross Site Scripting (XSS) vulnerability in LimeSurvey before 
version  ...)
+       TODO: check
+CVE-2023-43177 (CrushFTP prior to 10.5.1 is vulnerable to Improperly 
Controlled Modifi ...)
+       TODO: check
+CVE-2023-40817 (OpenCRX version 5.2.0 is vulnerable to HTML injection via the 
Product  ...)
+       TODO: check
+CVE-2023-40816 (OpenCRX version 5.2.0 is vulnerable to HTML injection via 
Activity Mil ...)
+       TODO: check
+CVE-2023-40815 (OpenCRX version 5.2.0 is vulnerable to HTML injection via the 
Category ...)
+       TODO: check
+CVE-2023-40814 (OpenCRX version 5.2.0 is vulnerable to HTML injection via the 
Accounts ...)
+       TODO: check
+CVE-2023-40813 (OpenCRX version 5.2.0 is vulnerable to HTML injection via 
Activity Sav ...)
+       TODO: check
+CVE-2023-40812 (OpenCRX version 5.2.0 is vulnerable to HTML injection via the 
Accounts ...)
+       TODO: check
+CVE-2023-40810 (OpenCRX version 5.2.0 is vulnerable to HTML injection via 
Product Name ...)
+       TODO: check
+CVE-2023-40809 (OpenCRX version 5.2.0 is vulnerable to HTML injection via the 
Activity ...)
+       TODO: check
 CVE-2023-6188 (A vulnerability was found in GetSimpleCMS 3.3.16/3.4.0a. It has 
been r ...)
        NOT-FOR-US: GetSimpleCMS
 CVE-2023-6179 (Honeywell ProWatch, 4.5, including all Service Pack versions, 
contain  ...)
@@ -7449,7 +7487,7 @@ CVE-2023-44765 (A Cross Site Scripting (XSS) 
vulnerability in Concrete CMS v.9.2
        NOT-FOR-US: Concrete CMS
 CVE-2023-44764 (A Cross Site Scripting (XSS) vulnerability in Concrete CMS 
v.9.2.1 all ...)
        NOT-FOR-US: Concrete CMS
-CVE-2023-44762 (A Cross Site Scripting (XSS) vulnerability in Concrete CMS 
v.9.2.1 all ...)
+CVE-2023-44762 (A Cross Site Scripting (XSS) vulnerability in Concrete CMS 
from versio ...)
        NOT-FOR-US: Concrete CMS
 CVE-2023-44761 (Multiple Cross Site Scripting (XSS) vulnerabilities in 
Concrete CMS v. ...)
        NOT-FOR-US: Concrete CMS



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e742419c78295cdb4b640bf0202cc2feea6770d2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e742419c78295cdb4b640bf0202cc2feea6770d2
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits