Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e9b9abcf by Salvatore Bonaccorso at 2023-11-27T21:37:51+01:00
Process some new NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,55 +1,56 @@
CVE-2023-6329 ([PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on
[PLATF ...)
- TODO: check
+ NOT-FOR-US: Control iD iDSecure
CVE-2023-6287 (Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance
before ...)
TODO: check
CVE-2023-6254 (A Vulnerability in OTRS AgentInterface and ExternalInterface
allows th ...)
- TODO: check
+ NOT-FOR-US: OTRS
+ NOTE: Issue is listed as specific to 8.x, so won't affect Znuny which
forked from 6.x
CVE-2023-6202 (Mattermost fails to perform proper authorization in the
/plugins/focal ...)
TODO: check
CVE-2023-5974 (The WPB Show Core WordPress plugin through 2.2 is vulnerable to
server ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5958 (The POST SMTP Mailer WordPress plugin before 2.7.1 does not
escape ema ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5942 (The Medialist WordPress plugin before 1.4.1 does not validate
and esca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5906 (The Job Manager & Career WordPress plugin before 1.4.4 contains
a vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5845 (The Simple Social Media Share Buttons WordPress plugin before
5.1.1 le ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5738 (The WordPress Backup & Migration WordPress plugin before 1.4.4
does no ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5737 (The WordPress Backup & Migration WordPress plugin before 1.4.4
does no ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5653 (The WassUp Real Time Analytics WordPress plugin through 1.9.4.5
does n ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5641 (The Martins Free & Easy SEO BackLink Link Building Network
WordPress p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5620 (The Web Push Notifications WordPress plugin before 4.35.0 does
not pre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5611 (The Seraphinite Accelerator WordPress plugin before 2.20.32
does not h ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5607 (An improper limitation of a path name to a restricted directory
(path ...)
- TODO: check
+ NOT-FOR-US: Trellix
CVE-2023-5604 (The Asgaros Forum WordPress plugin before 2.7.1 allows forum
administr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5560 (The WP-UserOnline WordPress plugin before 2.88.3 does not
sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5559 (The 10Web Booster WordPress plugin before 2.24.18 does not
validate th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5525 (The Limit Login Attempts Reloaded WordPress plugin before
2.25.26 is m ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5325 (The Woocommerce Vietnam Checkout WordPress plugin before 2.0.6
does no ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5239 (The Security & Malware scan by CleanTalk WordPress plugin
before 2.121 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5209 (The WordPress Online Booking and Scheduling Plugin WordPress
plugin be ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4931 (Uncontrolled search path element vulnerability in Plesk
Installer affe ...)
- TODO: check
+ NOT-FOR-US: Plesk Installer
CVE-2023-4922 (The WPB Show Core WordPress plugin through 2.2 is vulnerable to
a loca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4642 (The kk Star Ratings WordPress plugin before 5.4.6 does not
implement a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4590 (Buffer overflow vulnerability in Frhed hex editor, affecting
version 1 ...)
TODO: check
CVE-2023-4514 (The Mmm Simple File List WordPress plugin through 2.3 does not
validat ...)
@@ -61,15 +62,15 @@ CVE-2023-4252 (The EventPrime WordPress plugin through
3.2.9 specifies the price
CVE-2023-49316 (In Math/BinaryField.php in phpseclib before 3.0.34,
excessively large ...)
TODO: check
CVE-2023-49047 (Tenda AX1803 v1.0.0.1 contains a stack overflow via the
devName parame ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-49046 (Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows
a remote ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-49043 (Buffer Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows
a remot ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-49042 (Heap Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a
remote ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-49040 (An issue in Tneda AX1803 v.1.0.0.1 allows a remote attacker to
execute ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-49029 (Cross Site Scripting vulnerability in smpn1smg absis
v.2017-10-19 and ...)
TODO: check
CVE-2023-49028 (Cross Site Scripting vulnerability in smpn1smg absis
v.2017-10-19 and ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e9b9abcf554994458336972143aa2de36d48370c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e9b9abcf554994458336972143aa2de36d48370c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
