[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Apr 6 17:25:39 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
471d0162 by Moritz Mühlenhoff at 2023-04-06T18:25:11+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15845,7 +15845,7 @@ CVE-2023-24023
CVE-2023-24022 (Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with ...)
NOT-FOR-US: Baicells
CVE-2023-0432 (The web configuration service of the affected device contains an authe ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2023-0431
RESERVED
CVE-2020-36655 (Yii Yii2 Gii before 2.2.2 allows remote attackers to execute arbitrary ...)
@@ -15907,7 +15907,7 @@ CVE-2023-23989
CVE-2023-23988
RESERVED
CVE-2023-23987 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPEv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23986
RESERVED
CVE-2023-23985
@@ -15923,11 +15923,11 @@ CVE-2023-23981 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2023-23980
RESERVED
CVE-2023-23979 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Q ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23978
RESERVED
CVE-2023-23977 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23976
RESERVED
CVE-2023-23975
@@ -15937,9 +15937,9 @@ CVE-2023-23974 (Cross-Site Request Forgery (CSRF) vulnerability in Fullworks Qui
CVE-2023-23973 (Cross-Site Request Forgery (CSRF) vulnerability in a3rev Software Cont ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23972 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Smpl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23971 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Code ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23970
RESERVED
CVE-2023-23907
@@ -16229,7 +16229,7 @@ CVE-2023-23880
CVE-2023-23879
RESERVED
CVE-2023-23878 (Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in fli ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23877
RESERVED
CVE-2023-23876
@@ -16245,7 +16245,7 @@ CVE-2023-23872
CVE-2023-23871
RESERVED
CVE-2023-23870 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in wpde ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23869
RESERVED
CVE-2023-23868
@@ -16401,7 +16401,7 @@ CVE-2023-23823
CVE-2023-23822
RESERVED
CVE-2023-23821 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23820
RESERVED
CVE-2023-23819
@@ -16413,7 +16413,7 @@ CVE-2023-23817
CVE-2023-23816
RESERVED
CVE-2023-23815 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23814
RESERVED
CVE-2023-23813
@@ -16535,7 +16535,7 @@ CVE-2023-0384
CVE-2023-0383
RESERVED
CVE-2023-0382 (User-controlled operations could have allowed Denial of Service in M-F ...)
- TODO: check
+ NOT-FOR-US: M-Files Server
CVE-2023-0381 (The GigPress WordPress plugin through 2.3.28 does not validate and esc ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0380 (The Easy Digital Downloads WordPress plugin before 3.1.0.5 does not va ...)
@@ -16659,7 +16659,7 @@ CVE-2023-0358 (Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV.
NOTE: https://huntr.dev/bounties/93e128ed-253f-4c42-81ff-fbac7fd8f355
NOTE: https://github.com/gpac/gpac/commit/9971fb125cf91cefd081a080c417b90bbe4a467b
CVE-2023-0357 (Helpy version 2.8.0 allows an unauthenticated remote attacker to explo ...)
- TODO: check
+ NOT-FOR-US: Helpy
CVE-2023-0356 (SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encry ...)
NOT-FOR-US: SOCOMEC MODULYS GP Netvision
CVE-2023-0355 (Akuvox E11 uses a hard-coded cryptographic key, which could allow an a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/471d01624ab209d9cb1be9dac5370117d8cfa0e4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/471d01624ab209d9cb1be9dac5370117d8cfa0e4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230406/e20a7b8c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list