Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8f39ad41 by Salvatore Bonaccorso at 2023-12-28T09:38:03+01:00
Adjust some older Textpattern CMS entries
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -23587,7 +23587,7 @@ CVE-2023-38044 (Improper Neutralization of Special
Elements used in an SQL Comma
CVE-2023-36499 (Netgear XR300 v1.0.3.78 was discovered to contain multiple
buffer over ...)
NOT-FOR-US: Netgear
CVE-2023-36220 (Directory Traversal vulnerability in Textpattern CMS v4.8.8
allows a r ...)
- NOT-FOR-US: Textpattern CMS
+ - textpattern <removed>
CVE-2023-36054 (lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before
1.20.2 an ...)
{DLA-3626-1}
- krb5 1.20.1-3 (bug #1043431)
@@ -150237,7 +150237,7 @@ CVE-2021-44084
CVE-2021-44083
RESERVED
CVE-2021-44082 (textpattern 4.8.7 is vulnerable to Cross Site Scripting (XSS)
via /tex ...)
- NOT-FOR-US: Textpattern CMS
+ - textpattern <removed>
CVE-2021-44081 (A buffer overflow vulnerability exists in the AMF of open5gs
2.1.4. Wh ...)
NOT-FOR-US: Open5GS
CVE-2021-44080 (A Command Injection vulnerability in httpd web server
(setup.cgi) in S ...)
@@ -162881,7 +162881,7 @@ CVE-2021-40660 (An issue was discovered in Delight
Nashorn Sandbox 0.2.0. There
CVE-2021-40659
RESERVED
CVE-2021-40658 (Textpattern 4.8.7 is affected by a HTML injection
vulnerability throug ...)
- NOT-FOR-US: Textpattern CMS
+ - textpattern <removed>
CVE-2021-40657
RESERVED
CVE-2021-40656 (libsixel before 1.10 is vulnerable to Buffer Overflow in
libsixel/src/ ...)
@@ -162927,7 +162927,7 @@ CVE-2021-40644 (An SQL Injection vulnerability exists
in oasys oa_system as of 9
CVE-2021-40643 (EyesOfNetwork before 07-07-2021 has a Remote Code Execution
vulnerabil ...)
NOT-FOR-US: EyesOfNetwork (EON)
CVE-2021-40642 (Textpattern CMS v4.8.7 and older vulnerability exists through
Sensitiv ...)
- NOT-FOR-US: Textpattern CMS
+ - textpattern <removed>
CVE-2021-40641
RESERVED
CVE-2021-40640
@@ -189822,7 +189822,7 @@ CVE-2021-30211 (Knowage Suite 7.3 is vulnerable to
Stored Cross-Site Scripting (
CVE-2021-30210
RESERVED
CVE-2021-30209 (Textpattern V4.8.4 contains an arbitrary file upload
vulnerability whe ...)
- NOT-FOR-US: Textpattern CMS
+ - textpattern <removed>
CVE-2021-30208
RESERVED
CVE-2021-30207
@@ -195617,9 +195617,9 @@ CVE-2021-28004
CVE-2021-28003
RESERVED
CVE-2021-28002 (A persistent cross-site scripting vulnerability was discovered
in the ...)
- NOT-FOR-US: Textpattern CMS
+ - textpattern <removed>
CVE-2021-28001 (A cross-site scripting vulnerability was discovered in the
Comments pa ...)
- NOT-FOR-US: Textpattern CMS
+ - textpattern <removed>
CVE-2021-28000 (A persistent cross-site scripting vulnerability was discovered
in Loca ...)
NOT-FOR-US: Local Services Search Engine Management System Project
CVE-2021-27999 (A SQL injection vulnerability was discovered in the editid
parameter i ...)
@@ -212254,7 +212254,7 @@ CVE-2020-35856 (SolarWinds Orion Platform before
2020.2.5 allows stored XSS atta
CVE-2020-35855
RESERVED
CVE-2020-35854 (Textpattern 4.8.4 is affected by cross-site scripting (XSS) in
the Bod ...)
- NOT-FOR-US: Textpattern CMS
+ - textpattern <removed>
CVE-2020-35853 (4images Image Gallery Management System 1.7.11 is affected by
cross-si ...)
NOT-FOR-US: 4images Image Gallery Management System
CVE-2020-35852 (Chatbox is affected by cross-site scripting (XSS). An attacker
has to ...)
@@ -220412,7 +220412,7 @@ CVE-2020-29460
CVE-2020-29459
RESERVED
CVE-2020-29458 (Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem.)
- NOT-FOR-US: Textpattern CMS
+ - textpattern <removed>
CVE-2020-29457 (A Privilege Elevation vulnerability in OPC UA .NET Standard
Stack 1.4. ...)
NOT-FOR-US: OPC UA .NET
CVE-2020-29456 (Multiple cross-site scripting (XSS) vulnerabilities in
Papermerge befo ...)
@@ -238935,7 +238935,7 @@ CVE-2020-23241 (Cross Site Scripting (XSS)
vulnerability in CMS Made Simple 2.2.
CVE-2020-23240 (Cross Site Scripting (XSS) vulnerablity in CMS Made Simple
2.2.14 via ...)
NOT-FOR-US: CMS Made Simple
CVE-2020-23239 (Cross Site Scripting (XSS) vulnerability in Textpattern CMS
4.8.1 via ...)
- NOT-FOR-US: Textpattern CMS
+ - textpattern <removed>
CVE-2020-23238 (Cross Site Scripting (XSS) vulnerability in Evolution CMS
2.0.2 via th ...)
NOT-FOR-US: Evolution CMS
CVE-2020-23237
@@ -246994,7 +246994,7 @@ CVE-2020-19512
CVE-2020-19511 (Cross Site Scriptiong vulnerability in Typesetter 5.1 via the
!1) clas ...)
NOT-FOR-US: Typesetter CMS
CVE-2020-19510 (Textpattern 4.7.3 contains an aribtrary file load via the
file_insert ...)
- NOT-FOR-US: Textpattern CMS
+ - textpattern <removed>
CVE-2020-19509
RESERVED
CVE-2020-19508
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f39ad410c9d53945c42a6328bfbb0f0ac9d70f5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f39ad410c9d53945c42a6328bfbb0f0ac9d70f5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
