Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b239a420 by Salvatore Bonaccorso at 2024-01-05T21:36:11+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,89 +1,89 @@
CVE-2024-0247 (A vulnerability classified as critical was found in CodeAstro
Online F ...)
- TODO: check
+ NOT-FOR-US: CodeAstro Online Food Ordering System
CVE-2024-0246 (A vulnerability classified as problematic has been found in
IceWarp 12 ...)
- TODO: check
+ NOT-FOR-US: IceWarp
CVE-2023-52151 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52149 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company
Floatin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52148 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52146 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52145 (Cross-Site Request Forgery (CSRF) vulnerability in Marios
Alexandrou R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52143 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52136 (Cross-Site Request Forgery (CSRF) vulnerability in Smash
Balloon Custo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52130 (Cross-Site Request Forgery (CSRF) vulnerability in wp.Insider,
wpaffil ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52129 (Cross-Site Request Forgery (CSRF) vulnerability in Michael
Winkler tea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52128 (Cross-Site Request Forgery (CSRF) vulnerability in WhiteWP
White Label ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52127 (Cross-Site Request Forgery (CSRF) vulnerability in WPClever
WPC Produc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52126 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52125 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52124 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52123 (Cross-Site Request Forgery (CSRF) vulnerability in WPChill
Strong Test ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52122 (Cross-Site Request Forgery (CSRF) vulnerability in PressTigers
Simple ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52121 (Cross-Site Request Forgery (CSRF) vulnerability in NitroPack
Inc. Nitr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52120 (Cross-Site Request Forgery (CSRF) vulnerability in Basix
NEX-Forms \u2 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52119 (Cross-Site Request Forgery (CSRF) vulnerability in Icegram
Icegram Eng ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51678 (Cross-Site Request Forgery (CSRF) vulnerability in Doofinder
Doofinder ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51673 (Cross-Site Request Forgery (CSRF) vulnerability in Designful
Stylish P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51668 (Cross-Site Request Forgery (CSRF) vulnerability in WP Zone
Inline Imag ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51539 (Cross-Site Request Forgery (CSRF) vulnerability in
Apollo13Themes Apol ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51538 (Cross-Site Request Forgery (CSRF) vulnerability in Awesome
Support Tea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51535 (Cross-Site Request Forgery (CSRF) vulnerability in
\u0421leanTalk - An ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50991 (Buffer Overflow vulnerability in Tenda i29 versions 1.0
V1.0.0.5 and 1 ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-50027 (SQL Injection vulnerability in Buy Addons
baproductzoommagnifier modul ...)
- TODO: check
+ NOT-FOR-US: PrestaShop module
CVE-2023-47560 (An OS command injection vulnerability has been reported to
affect QuMa ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-47559 (A cross-site scripting (XSS) vulnerability has been reported
to affect ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-47219 (A SQL injection vulnerability has been reported to affect
QuMagie. If ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-45044 (A buffer copy without checking size of input vulnerability has
been re ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-45043 (A buffer copy without checking size of input vulnerability has
been re ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-45042 (A buffer copy without checking size of input vulnerability has
been re ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-45041 (A buffer copy without checking size of input vulnerability has
been re ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-45040 (A buffer copy without checking size of input vulnerability has
been re ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-45039 (A buffer copy without checking size of input vulnerability has
been re ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-41289 (An OS command injection vulnerability has been reported to
affect Qcal ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-41288 (An OS command injection vulnerability has been reported to
affect Vide ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-41287 (A SQL injection vulnerability has been reported to affect
Video Statio ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-39296 (A prototype pollution vulnerability has been reported to
affect severa ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-39294 (An OS command injection vulnerability has been reported to
affect seve ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2024-22088 (Lotos WebServer through 0.1.1 (commit 3eb36cc) has a
use-after-free in ...)
NOT-FOR-US: Lotos WebServer
CVE-2024-22087 (route in main.c in Pico HTTP Server in C through f3b69a6 has
an sprint ...)
@@ -69329,7 +69329,7 @@ CVE-2022-46841 (Cross-Site Request Forgery (CSRF)
vulnerability in Soflyy Oxygen
CVE-2022-46840
RESERVED
CVE-2022-46839 (Unrestricted Upload of File with Dangerous Type vulnerability
in JS He ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-46838
RESERVED
CVE-2022-4391 (The Vision Interactive For WordPress plugin through 1.5.3 does
not san ...)
@@ -100851,7 +100851,7 @@ CVE-2022-36679 (Simple Task Scheduling System v1.0
was discovered to contain a S
CVE-2022-36678 (Simple Task Scheduling System v1.0 was discovered to contain a
SQL inj ...)
NOT-FOR-US: Simple Task Scheduling System
CVE-2022-36677 (Obsidian Mind Map v1.1.0 allows attackers to execute arbitrary
code vi ...)
- TODO: check
+ NOT-FOR-US: Obsidian
CVE-2022-36676 (Simple Task Scheduling System v1.0 was discovered to contain a
SQL inj ...)
NOT-FOR-US: Simple Task Scheduling System
CVE-2022-36675 (Simple Task Scheduling System v1.0 was discovered to contain a
SQL inj ...)
@@ -262041,7 +262041,7 @@ CVE-2020-13881 (In support.c in pam_tacplus 1.3.8
through 1.5.1, the TACACS+ sha
NOTE:
https://github.com/kravietz/pam_tacplus/commit/4a9852c31c2fd0c0e72fbb689a586aabcfb11cb0
NOTE: https://github.com/kravietz/pam_tacplus/issues/149
CVE-2020-13880 (IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+1cbf
heap-bas ...)
- TODO: check
+ NOT-FOR-US: IrfanView B3D PlugIns
CVE-2020-13879 (IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+214f
heap-bas ...)
NOT-FOR-US: IrfanView B3D PlugIns
CVE-2020-13878 (IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+27ef
heap-bas ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b239a420c96625e45dab85c7c17ba214f5523632
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b239a420c96625e45dab85c7c17ba214f5523632
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
