[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Aug 30 21:12:35 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f3d16446 by security tracker role at 2023-08-30T20:12:24+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,171 @@
+CVE-2023-4640 (The controller responsible for setting the logging level does not incl ...)
+ TODO: check
+CVE-2023-4624 (Server-Side Request Forgery (SSRF) in GitHub repository bookstackapp/b ...)
+ TODO: check
+CVE-2023-4600 (The AffiliateWP for WordPress is vulnerable to unauthorized modificati ...)
+ TODO: check
+CVE-2023-4571 (In Splunk IT Service Intelligence (ITSI) versions below 4.13.3 or 4.15 ...)
+ TODO: check
+CVE-2023-4209 (The POEditor WordPress plugin before 0.9.8 does not have CSRF checks i ...)
+ TODO: check
+CVE-2023-4150 (The User Activity Tracking and Log WordPress plugin before 4.0.9 does ...)
+ TODO: check
+CVE-2023-4109 (The Ninja Forms WordPress Ninja Forms Contact Form WordPress plugin be ...)
+ TODO: check
+CVE-2023-4036 (The Simple Blog Card WordPress plugin before 1.32 does not ensure that ...)
+ TODO: check
+CVE-2023-4035 (The Simple Blog Card WordPress plugin before 1.31 does not validate an ...)
+ TODO: check
+CVE-2023-4023 (The All Users Messenger WordPress plugin through 1.24 does not prevent ...)
+ TODO: check
+CVE-2023-4013 (The GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) WordPress plu ...)
+ TODO: check
+CVE-2023-41563 (Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.0 ...)
+ TODO: check
+CVE-2023-41562 (Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Te ...)
+ TODO: check
+CVE-2023-41561 (Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.0 ...)
+ TODO: check
+CVE-2023-41560 (Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack ov ...)
+ TODO: check
+CVE-2023-41559 (Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Te ...)
+ TODO: check
+CVE-2023-41558 (Tenda AC7 V1.0 V15.03.06.44 was discovered to contain a stack overflow ...)
+ TODO: check
+CVE-2023-41557 (Tenda AC7 V1.0 V15.03.06.44 and Tenda AC5 V1.0RTL_V15.03.06.28 were di ...)
+ TODO: check
+CVE-2023-41556 (Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Te ...)
+ TODO: check
+CVE-2023-41555 (Tenda AC7 V1.0 V15.03.06.44 was discovered to contain a stack overflow ...)
+ TODO: check
+CVE-2023-41554 (Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack ov ...)
+ TODO: check
+CVE-2023-41553 (Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.0 ...)
+ TODO: check
+CVE-2023-41552 (Tenda AC7 V1.0 V15.03.06.44 and Tenda AC9 V3.0 V15.03.06.42_multi were ...)
+ TODO: check
+CVE-2023-41539 (phpjabbers Business Directory Script 3.2 is vulnerable to SQL Injectio ...)
+ TODO: check
+CVE-2023-41538 (phpjabbers PHP Forum Script 3.0 is vulnerable to Cross Site Scripting ...)
+ TODO: check
+CVE-2023-41537 (phpjabbers Business Directory Script 3.2 is vulnerable to Cross Site S ...)
+ TODO: check
+CVE-2023-41039 (RestrictedPython is a restricted execution environment for Python to r ...)
+ TODO: check
+CVE-2023-40848 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Bu ...)
+ TODO: check
+CVE-2023-40847 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Bu ...)
+ TODO: check
+CVE-2023-40845 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Bu ...)
+ TODO: check
+CVE-2023-40844 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Bu ...)
+ TODO: check
+CVE-2023-40843 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Bu ...)
+ TODO: check
+CVE-2023-40842 (Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to B ...)
+ TODO: check
+CVE-2023-40841 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Bu ...)
+ TODO: check
+CVE-2023-40840 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Bu ...)
+ TODO: check
+CVE-2023-40839 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADF3C ...)
+ TODO: check
+CVE-2023-40838 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_3A1D0 ...)
+ TODO: check
+CVE-2023-40837 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADD50 ...)
+ TODO: check
+CVE-2023-40598 (In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attac ...)
+ TODO: check
+CVE-2023-40597 (In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an ...)
+ TODO: check
+CVE-2023-40596 (In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a ...)
+ TODO: check
+CVE-2023-40595 (In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an ...)
+ TODO: check
+CVE-2023-40594 (In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an ...)
+ TODO: check
+CVE-2023-40593 (In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious ...)
+ TODO: check
+CVE-2023-40592 (In Splunk Enterprise versions below 9.1.1, 9.0.6, and 8.2.12, an attac ...)
+ TODO: check
+CVE-2023-40582 (find-exec is a utility to discover available shell commands. Versions ...)
+ TODO: check
+CVE-2023-40184 (xrdp is an open source remote desktop protocol (RDP) server. In versio ...)
+ TODO: check
+CVE-2023-3992 (The PostX WordPress plugin before 3.0.6 does not sanitise and escape a ...)
+ TODO: check
+CVE-2023-3720 (The Upload Media By URL WordPress plugin before 1.0.8 does not have CS ...)
+ TODO: check
+CVE-2023-3501 (The FormCraft WordPress plugin before 1.2.7 does not sanitise and esca ...)
+ TODO: check
+CVE-2023-3356 (The Subscribers Text Counter WordPress plugin before 1.7.1 does not ha ...)
+ TODO: check
+CVE-2023-3136 (The MailArchiver plugin for WordPress is vulnerable to Stored Cross-Si ...)
+ TODO: check
+CVE-2023-35094 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
+ TODO: check
+CVE-2023-35092 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Abha ...)
+ TODO: check
+CVE-2023-34372 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Didi ...)
+ TODO: check
+CVE-2023-34187 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alan ...)
+ TODO: check
+CVE-2023-34184 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Bhavik P ...)
+ TODO: check
+CVE-2023-34183 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Vali ...)
+ TODO: check
+CVE-2023-34180 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in KAPlugin ...)
+ TODO: check
+CVE-2023-34176 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Chilexpr ...)
+ TODO: check
+CVE-2023-34175 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GrandSla ...)
+ TODO: check
+CVE-2023-34174 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in BBS e-Th ...)
+ TODO: check
+CVE-2023-34173 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex ...)
+ TODO: check
+CVE-2023-34172 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mile ...)
+ TODO: check
+CVE-2023-34032 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Pascal C ...)
+ TODO: check
+CVE-2023-34023 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Miled Wo ...)
+ TODO: check
+CVE-2023-34022 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rakib Ha ...)
+ TODO: check
+CVE-2023-34008 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in weDevs W ...)
+ TODO: check
+CVE-2023-34004 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
+ TODO: check
+CVE-2023-33929 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joaq ...)
+ TODO: check
+CVE-2023-33325 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Teplitsa ...)
+ TODO: check
+CVE-2023-33320 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Mohammad ...)
+ TODO: check
+CVE-2023-33317 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooComme ...)
+ TODO: check
+CVE-2023-33210 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in nuaj ...)
+ TODO: check
+CVE-2023-33208 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in gsmi ...)
+ TODO: check
+CVE-2023-32962 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in HasT ...)
+ TODO: check
+CVE-2023-32802 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooComme ...)
+ TODO: check
+CVE-2023-32801 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooComme ...)
+ TODO: check
+CVE-2023-32793 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
+ TODO: check
+CVE-2023-32746 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
+ TODO: check
+CVE-2023-32742 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in VeronaLa ...)
+ TODO: check
+CVE-2023-32740 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kunal Na ...)
+ TODO: check
+CVE-2023-32597 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirte ...)
+ TODO: check
+CVE-2023-32294 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Radi ...)
+ TODO: check
CVE-2023-4609
REJECTED
CVE-2023-4599 (The Slimstat Analytics plugin for WordPress is vulnerable to Stored Cr ...)
@@ -105,6 +273,7 @@ CVE-2023-4585
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4585
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4585
CVE-2023-4584
+ {DSA-5485-1}
- firefox-esr 115.2.0esr-1
- firefox 117.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4584
@@ -125,6 +294,7 @@ CVE-2023-4582
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-35/#CVE-2023-4582
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4582
CVE-2023-4581
+ {DSA-5485-1}
- firefox-esr 115.2.0esr-1
- firefox 117.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4581
@@ -165,18 +335,21 @@ CVE-2023-4576
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-35/#CVE-2023-4576
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4576
CVE-2023-4575
+ {DSA-5485-1}
- firefox-esr 115.2.0esr-1
- firefox 117.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4575
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-35/#CVE-2023-4575
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4575
CVE-2023-4574
+ {DSA-5485-1}
- firefox-esr 115.2.0esr-1
- firefox 117.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4574
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-35/#CVE-2023-4574
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4574
CVE-2023-4573
+ {DSA-5485-1}
- firefox-esr 115.2.0esr-1
- firefox 117.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4573
@@ -3267,7 +3440,8 @@ CVE-2023-4135 (A heap out-of-bounds memory read flaw was found in the virtual nv
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-CAN-21521
NOTE: Introduced by: https://gitlab.com/qemu-project/qemu/-/commit/73064edfb864743cde2c08f319609344af02aeb3 (v8.0.0-rc0)
NOTE: Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/ecb1b7b082d3b7dceff0e486a114502fc52c0fdf (v8.1.0-rc4)
-CVE-2023-39552 (PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to ...)
+CVE-2023-39552
+ REJECTED
NOT-FOR-US: PHPGurukul Online Security Guards Hiring System
CVE-2023-39551 (PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to ...)
NOT-FOR-US: PHPGurukul Online Security Guards Hiring System
@@ -5729,7 +5903,7 @@ CVE-2023-37268 (Warpgate is an SSH, HTTPS and MySQL bastion host for Linux that
NOT-FOR-US: Warpgate
CVE-2023-36818 (Discourse is an open source discussion platform. In affected versions ...)
NOT-FOR-US: Discourse
-CVE-2023-36811
+CVE-2023-36811 (borgbackup is an opensource, deduplicating archiver with compression a ...)
- borgbackup 1.2.5-1
NOTE: https://github.com/borgbackup/borg/security/advisories/GHSA-8fjr-hghr-4m99
NOTE: https://github.com/borgbackup/borg/commit/a2ee13fd341dcd004b4a06b17d6f2fc759327861
@@ -11112,7 +11286,7 @@ CVE-2023-32714 (In the Splunk App for Lookup File Editing versions below 4.0.1,
NOT-FOR-US: Splunk
CVE-2023-32713 (In Splunk App for Stream versions below 8.1.1, a low-privileged user c ...)
NOT-FOR-US: Splunk
-CVE-2023-32712 (In Splunk Enterprise versions below 9.1.0.2, 9.0.5.1, and 8.2.11.2, a ...)
+CVE-2023-32712 (In Splunk Enterprise versions below 9.1.0.2, 9.0.5.1, and 8.2.11.2, an ...)
NOT-FOR-US: Splunk
CVE-2023-32711 (In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, a Splun ...)
NOT-FOR-US: Splunk
@@ -16573,8 +16747,8 @@ CVE-2023-1984 (A vulnerability classified as critical was found in SourceCodeste
NOT-FOR-US: SourceCodester Complaint Management System
CVE-2023-1983 (A vulnerability was found in SourceCodester Sales Tracker Management S ...)
NOT-FOR-US: SourceCodester Sales Tracker Management System
-CVE-2023-1982
- RESERVED
+CVE-2023-1982 (The Front Editor WordPress plugin through 4.0.4 does not sanitize and ...)
+ TODO: check
CVE-2023-1981 (A vulnerability was found in the avahi library. This flaw allows an un ...)
{DLA-3414-1}
- avahi 0.8-10 (bug #1034594)
@@ -21790,8 +21964,8 @@ CVE-2023-28694
RESERVED
CVE-2023-28693 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Balasahe ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28692
- RESERVED
+CVE-2023-28692 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kevo ...)
+ TODO: check
CVE-2023-28691
RESERVED
CVE-2023-28690 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marc ...)
@@ -22795,8 +22969,8 @@ CVE-2023-28417
RESERVED
CVE-2023-28416
RESERVED
-CVE-2023-28415
- RESERVED
+CVE-2023-28415 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Xoot ...)
+ TODO: check
CVE-2023-28414 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Apex ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28413 (Directory traversal vulnerability in Snow Monkey Forms versions v5.0.6 ...)
@@ -25437,8 +25611,8 @@ CVE-2023-27623
RESERVED
CVE-2023-27622
RESERVED
-CVE-2023-27621
- RESERVED
+CVE-2023-27621 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MrDe ...)
+ TODO: check
CVE-2023-27620 (Auth. (contributor+) Stored Cross-site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27619 (Auth (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability ...)
@@ -26058,8 +26232,8 @@ CVE-2023-27428
RESERVED
CVE-2023-27427 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NTZA ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-27426
- RESERVED
+CVE-2023-27426 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Noti ...)
+ TODO: check
CVE-2023-27425 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jame ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27424 (Cross-Site Request Forgery (CSRF) vulnerability in Korol Yuriy aka Shr ...)
@@ -31875,8 +32049,8 @@ CVE-2023-25473 (Cross-Site Request Forgery (CSRF) vulnerability in Miro Mannino
NOT-FOR-US: WordPress plugin
CVE-2023-25472 (Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Pod ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-25471
- RESERVED
+CVE-2023-25471 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Webcodin ...)
+ TODO: check
CVE-2023-25470 (Cross-Site Request Forgery (CSRF) vulnerability in Anton Skorobogatov ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25469
@@ -31885,16 +32059,16 @@ CVE-2023-25468 (Cross-Site Request Forgery (CSRF) vulnerability in Reservation.S
NOT-FOR-US: WordPress plugin
CVE-2023-25467 (Cross-Site Request Forgery (CSRF) vulnerability in Daniel Mores, A. Hu ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-25466
- RESERVED
+CVE-2023-25466 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Mahlamus ...)
+ TODO: check
CVE-2023-25465
RESERVED
CVE-2023-25464 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Stre ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25463
RESERVED
-CVE-2023-25462
- RESERVED
+CVE-2023-25462 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP h ...)
+ TODO: check
CVE-2023-25461 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in nami ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25460 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Code ...)
@@ -31911,8 +32085,8 @@ CVE-2023-25455
RESERVED
CVE-2023-25454
RESERVED
-CVE-2023-25453
- RESERVED
+CVE-2023-25453 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ian Sado ...)
+ TODO: check
CVE-2023-25452 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mich ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25451 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPCh ...)
@@ -32976,8 +33150,8 @@ CVE-2023-25021 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-25020 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-25019
- RESERVED
+CVE-2023-25019 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Premio C ...)
+ TODO: check
CVE-2023-0657
RESERVED
CVE-2023-0656 (A Stack-based buffer overflow vulnerability in the SonicOS allows a re ...)
@@ -35031,16 +35205,16 @@ CVE-2023-24403 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-24402 (Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Veribo, Rol ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-24401
- RESERVED
+CVE-2023-24401 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Davi ...)
+ TODO: check
CVE-2023-24400 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Hu-ma ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24399 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24398 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Snap ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-24397
- RESERVED
+CVE-2023-24397 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Rese ...)
+ TODO: check
CVE-2023-24396 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in E4J ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24395 (Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Cont ...)
@@ -57982,8 +58156,8 @@ CVE-2023-20268
RESERVED
CVE-2023-20267
RESERVED
-CVE-2023-20266
- RESERVED
+CVE-2023-20266 (A vulnerability in Cisco Emergency Responder, Cisco Unified Communicat ...)
+ TODO: check
CVE-2023-20265
RESERVED
CVE-2023-20264
@@ -96616,8 +96790,8 @@ CVE-2022-29894 (Strapi v3.x.x versions and earlier contain a stored cross-site s
NOT-FOR-US: Strapi
CVE-2022-1602 (A potential security vulnerability has been identified in HP ThinPro 7 ...)
NOT-FOR-US: HP
-CVE-2022-1601
- RESERVED
+CVE-2022-1601 (The User Access Manager WordPress plugin before 2.2.18 prioritizes get ...)
+ TODO: check
CVE-2022-1600 (The YOP Poll WordPress plugin before 6.4.3 prioritizes getting a visit ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1599 (The Admin Management Xtended WordPress plugin before 2.4.5 does not ha ...)
@@ -163189,6 +163363,7 @@ CVE-2021-32294 (An issue was discovered in libgig through 20200507. A heap-buffe
CVE-2021-32293
RESERVED
CVE-2021-32292 (An issue was discovered in json-c through 0.15-20200726. A stack-buffe ...)
+ {DSA-5486-1}
- json-c 0.16-1
NOTE: https://github.com/json-c/json-c/issues/654
NOTE: https://github.com/json-c/json-c/pull/655
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3d1644601e1de406453c3e63a32f12d9b5067cf
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3d1644601e1de406453c3e63a32f12d9b5067cf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230830/4599aef1/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list