[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Aug 16 09:12:27 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dba8b538 by security tracker role at 2023-08-16T08:12:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2023-4374 (The WP Remote Users Sync plugin for WordPress is vulnerable to unautho ...)
+ TODO: check
+CVE-2023-3958 (The WP Remote Users Sync plugin for WordPress is vulnerable to Server ...)
+ TODO: check
+CVE-2023-39852 (Doctormms v1.0 was discovered to contain a SQL injection vulnerability ...)
+ TODO: check
+CVE-2023-39851 (webchess v1.0 was discovered to contain a SQL injection vulnerability ...)
+ TODO: check
+CVE-2023-39850 (Schoolmate v1.3 was discovered to contain multiple SQL injection vulne ...)
+ TODO: check
+CVE-2023-39849 (Pikachu v1.0 was discovered to contain a SQL injection vulnerability v ...)
+ TODO: check
+CVE-2023-39848 (DVWA v1.0 was discovered to contain a SQL injection vulnerability via ...)
+ TODO: check
CVE-2023-4371 (A vulnerability was found in phpRecDB 1.3.1. It has been rated as prob ...)
NOT-FOR-US: phpRecDB
CVE-2023-4369 (Insufficient data validation in Systems Extensions in Google Chrome on ...)
@@ -3917,7 +3931,7 @@ CVE-2023-2636 (The AN_GradeBook WordPress plugin through 5.0.1 does not properly
NOT-FOR-US: WordPress plugin
CVE-2023-2579 (The InventoryPress WordPress plugin through 1.7 does not sanitise and ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-2330 (The Caldera Forms Google Sheets Connector WordPress plugin through 1.2 ...)
+CVE-2023-2330 (The Caldera Forms Google Sheets Connector WordPress plugin before 1.3 ...)
NOT-FOR-US: WordPress plugin
CVE-2023-2329 (The WooCommerce Google Sheet Connector WordPress plugin before 1.3.6 d ...)
NOT-FOR-US: WordPress plugin
@@ -27655,8 +27669,8 @@ CVE-2023-26142
RESERVED
CVE-2023-26141
RESERVED
-CVE-2023-26140
- RESERVED
+CVE-2023-26140 (Versions of the package @excalidraw/excalidraw from 0.0.0 are vulnerab ...)
+ TODO: check
CVE-2023-26139 (Versions of the package underscore-keypath from 0.0.11 are vulnerable ...)
NOT-FOR-US: Node underscore-keypath
CVE-2023-26138 (All versions of the package drogonframework/drogon are vulnerable to C ...)
@@ -55538,8 +55552,7 @@ CVE-2023-20566
RESERVED
CVE-2023-20565
RESERVED
-CVE-2023-20564
- RESERVED
+CVE-2023-20564 (Insufficient validation in the IOCTL (Input Output Control) input buff ...)
NOT-FOR-US: AMD
CVE-2023-20563
RESERVED
@@ -55547,8 +55560,7 @@ CVE-2023-20562 (Insufficient validation in the IOCTL (Input Output Control) inpu
NOT-FOR-US: AMD
CVE-2023-20561 (Insufficient validation of the IOCTL (Input Output Control) input buff ...)
NOT-FOR-US: AMD
-CVE-2023-20560
- RESERVED
+CVE-2023-20560 (Insufficient validation of the IOCTL (Input Output Control) input buff ...)
NOT-FOR-US: AMD
CVE-2023-20559 (Insufficient control flow management in AmdCpmGpioInitSmm may allow a ...)
NOT-FOR-US: AMD
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dba8b5385a3b98754bd3389d1648066f5eeb0772
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dba8b5385a3b98754bd3389d1648066f5eeb0772
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230816/e2a82cae/attachment.htm>
More information about the debian-security-tracker-commits
mailing list