Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
af15616e by Salvatore Bonaccorso at 2024-02-06T14:45:29+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -175,65 +175,65 @@ CVE-2024-0221 (The Photo Gallery by 10Web \u2013
Mobile-Friendly Image Gallery p
CVE-2024-0202 (A security vulnerability has been identified in the cryptlib
cryptogra ...)
TODO: check
CVE-2023-7029 (The WordPress Button Plugin MaxButtons plugin for WordPress is
vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-7014 (The Author Box, Guest Author and Co-Authors for Your Posts
\u2013 Molo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6996 (The Display custom fields in the frontend \u2013 Post and User
Profile ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6989 (The Shield Security \u2013 Smart Bot Blocking & Intrusion
Prevention S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6985 (The 10Web AI Assistant \u2013 AI content writing assistant
plugin for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6983 (The Display custom fields in the frontend \u2013 Post and User
Profile ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6982 (The Display custom fields in the frontend \u2013 Post and User
Profile ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6963 (The Getwid \u2013 Gutenberg Blocks plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6959 (The Getwid \u2013 Gutenberg Blocks plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6953 (The PDF Generator For Fluent Forms \u2013 The Contact Form
Plugin plug ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6933 (The Better Search Replace plugin for WordPress is vulnerable to
PHP Ob ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6925 (The Unlimited Addons for WPBakery Page Builder plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6884 (This plugin for WordPress is vulnerable to Stored Cross-Site
Scripting ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6846 (The File Manager Pro plugin for WordPress is vulnerable to
Arbitrary F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6808 (The Booking for Appointments and Events Calendar \u2013 Amelia
plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6807 (The GeneratePress Premium plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6701 (The Advanced Custom Fields (ACF) plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6700 (The Cookie Information | Free GDPR Consent Solution plugin for
WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6635 (The EditorsKit plugin for WordPress is vulnerable to arbitrary
file up ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6557 (The The Events Calendar plugin for WordPress is vulnerable to
Sensitiv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6526 (The Meta Box \u2013 WordPress Custom Fields Framework plugin
for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6234 (Buffer overflow in CPCA Color LUT Resource Download process of
Office ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-6233 (Buffer overflow in SLP attribute request process of Office
Multifuncti ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-6232 (Buffer overflow in the Address Book username process in
authentication ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-6231 (Buffer overflow in WSD probe request process of Office
Multifunction P ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-6230 (Buffer overflow in the Address Book password process in
authentication ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-6229 (Buffer overflow in CPCA PDL Resource Download process of Office
Multif ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-52239 (The XML parser in Magic xpi Integration Platform 4.13.4 allows
XXE att ...)
- TODO: check
+ NOT-FOR-US: Magic xpi Integration Platform
CVE-2023-51951 (SQL Injection vulnerability in Stock Management System 1.0
allows a re ...)
- TODO: check
+ NOT-FOR-US: Stock Management System
CVE-2023-4637 (The WPvivid plugin for WordPress is vulnerable to unauthorized
access ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47889 (The Android application BINHDRM26 com.bdrm.superreboot 1.0.3,
exposes ...)
TODO: check
CVE-2023-47354 (An issue in the PowerOffWidgetReceiver function of Super
Reboot (Root) ...)
@@ -243,71 +243,71 @@ CVE-2023-47353 (An issue in the
com.oneed.dvr.service.DownloadFirmwareService co
CVE-2023-47022 (An issue in NCR Terminal Handler v.1.5.1 allows a remote
attacker to e ...)
TODO: check
CVE-2023-46360 (Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: Hardy Barth cPH2 eCharge Ladestation
CVE-2023-46359 (An OS command injection vulnerability in Hardy Barth cPH2
eCharge Lade ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-43536 (Transient DOS while parse fils IE with length equal to 1.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43535 (Memory corruption when negative display IDs are sent as input
while pr ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43534 (Memory corruption while validating the TID to Link Mapping
action requ ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43533 (Transient DOS in WLAN Firmware when the length of received
beacon is l ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43532 (Memory corruption while reading ACPI config through the user
mode app.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43523 (Transient DOS while processing 11AZ RTT management action
frame receiv ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43522 (Transient DOS while key unwrapping process, when the given
encrypted k ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43520 (Memory corruption when AP includes TID to link mapping IE in
the beaco ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43519 (Memory corruption in video while parsing the Videoinfo, when
the size ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43518 (Memory corruption in video while parsing invalid mp2 clip.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43517 (Memory corruption in Automotive Multimedia due to improper
access cont ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43516 (Memory corruption when malformed message payload is received
from firm ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43513 (Memory corruption while processing the event ring, the context
read po ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-34042 (The spring-security.xsd file inside the
spring-security-config jar is ...)
TODO: check
CVE-2023-33077 (Memory corruption in HLOS while converting from authorization
token to ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33076 (Memory corruption in Core when updating rollback version for
TA and OT ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33072 (Memory corruption in Core while processing control functions.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33069 (Memory corruption in Audio while processing the calibration
data retur ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33068 (Memory corruption in Audio while processing IIR config data
from AFE c ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33067 (Memory corruption in Audio while calling START command on host
voice P ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33065 (Information disclosure in Audio while accessing AVCS services
from ADS ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33064 (Transient DOS in Audio when invoking callback function of ASM
driver.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33060 (Transient DOS in Core when DDR memory check is called while
DDR is not ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33058 (Information disclosure in Modem while processing SIB5.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33057 (Transient DOS in Multi-Mode Call Processor while processing UE
policy ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33049 (Transient DOS in Multi-Mode Call Processor due to UE failure
because o ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33046 (Memory corruption in Trusted Execution Environment while
deinitializin ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-32479 (Dell Encryption, Dell Endpoint Security Suite Enterprise, and
Dell Sec ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-32474 (Dell Display Manager application, version 2.1.1.17 and prior,
contain ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-32454 (DUP framework version 4.9.4.36 and prior contains insecure
operation o ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-32451 (Dell Display Manager application, version 2.1.1.17, contains a
vulnera ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-24768 (1Panel is an open source Linux server operation and
maintenance manage ...)
NOT-FOR-US: 1Panel
CVE-2024-24762 (FastAPI is a web framework for building APIs with Python 3.8+
based on ...)
@@ -52403,7 +52403,7 @@ CVE-2023-28065 (Dell Command | Update, Dell Update, and
Alienware Update version
CVE-2023-28064 (Dell BIOS contains an Out-of-bounds Write vulnerability. An
unauthenti ...)
NOT-FOR-US: Dell
CVE-2023-28063 (Dell BIOS contains a Signed to Unsigned Conversion Error
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-28062 (Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper
access ...)
NOT-FOR-US: Dell
CVE-2023-28061 (Dell BIOS contains an improper input validation vulnerability.
A local ...)
@@ -52431,7 +52431,7 @@ CVE-2023-28051 (Dell Power Manager, versions 3.10 and
prior, contains an Imprope
CVE-2023-28050 (Dell BIOS contains an improper input validation vulnerability.
A local ...)
NOT-FOR-US: Dell
CVE-2023-28049 (Dell Command | Monitor, versions prior to 10.9, contain an
arbitrary f ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-28048
RESERVED
CVE-2023-28047 (Dell Display Manager, versions 2.1.0 and prior, contains an
arbitrary ...)
@@ -54753,7 +54753,7 @@ CVE-2023-27320 (Sudo before 1.9.13p2 has a double free
in the per-command chroot
CVE-2023-27319 (ONTAP Mediator versions prior to 1.7 are susceptible to a
vulnerabili ...)
NOT-FOR-US: NetApp
CVE-2023-27318 (StorageGRID (formerly StorageGRID Webscale) versions 11.6.0
through 1 ...)
- TODO: check
+ NOT-FOR-US: StorageGRID
CVE-2023-27317 (ONTAP 9 versions 9.12.1P8, 9.13.1P4, and 9.13.1P5 are
susceptible to a ...)
NOT-FOR-US: ONTAP
CVE-2023-27316 (SnapCenter versions 4.8 through 4.9 are susceptible to a
vulnerabilit ...)
@@ -59976,7 +59976,7 @@ CVE-2023-25547 (A CWE-863: Incorrect Authorization
vulnerability exists that cou
CVE-2023-25544 (Dell NetWorker versions 19.5 and earlier contain 'Apache
Tomcat' versi ...)
NOT-FOR-US: Dell
CVE-2023-25543 (Dell Power Manager, versions prior to 3.14, contain an
Improper Author ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-25542 (Dell Trusted Device Agent, versions prior to 5.3.0, contain(s)
an impr ...)
NOT-FOR-US: Dell
CVE-2023-25541
@@ -68452,11 +68452,11 @@ CVE-2023-22821
CVE-2023-22820
RESERVED
CVE-2023-22819 (An uncontrolled resource consumption vulnerability issue that
could ar ...)
- TODO: check
+ NOT-FOR-US: Western Digital
CVE-2023-22818 (Multiple DLL Search Order Hijack vulnerabilities were
addressed in the ...)
NOT-FOR-US: SanDisk Security Installer for Windows
CVE-2023-22817 (Server-side request forgery (SSRF) vulnerability that could
allow a ro ...)
- TODO: check
+ NOT-FOR-US: Western Digital
CVE-2023-22816 (A post-authentication remote command injection vulnerability
in a CGI ...)
NOT-FOR-US: Western Digital
CVE-2023-22815 (Post-authentication remote command injection vulnerability in
Western ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af15616e60fa94e77cd63c98fb88cb7e25885b54
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af15616e60fa94e77cd63c98fb88cb7e25885b54
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
