[Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Aug 30 21:25:55 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ed2b7fd2 by Salvatore Bonaccorso at 2023-08-30T22:25:16+02:00
Process more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
CVE-2023-4640 (The controller responsible for setting the logging level does not incl ...)
TODO: check
CVE-2023-4624 (Server-Side Request Forgery (SSRF) in GitHub repository bookstackapp/b ...)
- TODO: check
+ NOT-FOR-US: bookstack
CVE-2023-4600 (The AffiliateWP for WordPress is vulnerable to unauthorized modificati ...)
- TODO: check
+ NOT-FOR-US: AffiliateWP for WordPress
CVE-2023-4571 (In Splunk IT Service Intelligence (ITSI) versions below 4.13.3 or 4.15 ...)
- TODO: check
+ NOT-FOR-US: Splunk
CVE-2023-4209 (The POEditor WordPress plugin before 0.9.8 does not have CSRF checks i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-4150 (The User Activity Tracking and Log WordPress plugin before 4.0.9 does ...)
@@ -45,11 +45,11 @@ CVE-2023-41553 (Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V1
CVE-2023-41552 (Tenda AC7 V1.0 V15.03.06.44 and Tenda AC9 V3.0 V15.03.06.42_multi were ...)
NOT-FOR-US: Tenda
CVE-2023-41539 (phpjabbers Business Directory Script 3.2 is vulnerable to SQL Injectio ...)
- TODO: check
+ NOT-FOR-US: PHPJabbers
CVE-2023-41538 (phpjabbers PHP Forum Script 3.0 is vulnerable to Cross Site Scripting ...)
- TODO: check
+ NOT-FOR-US: PHPJabbers
CVE-2023-41537 (phpjabbers Business Directory Script 3.2 is vulnerable to Cross Site S ...)
- TODO: check
+ NOT-FOR-US: PHPJabbers
CVE-2023-41039 (RestrictedPython is a restricted execution environment for Python to r ...)
TODO: check
CVE-2023-40848 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Bu ...)
@@ -75,19 +75,19 @@ CVE-2023-40838 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub
CVE-2023-40837 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADD50 ...)
NOT-FOR-US: Tenda
CVE-2023-40598 (In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attac ...)
- TODO: check
+ NOT-FOR-US: Splunk
CVE-2023-40597 (In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an ...)
- TODO: check
+ NOT-FOR-US: Splunk
CVE-2023-40596 (In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a ...)
- TODO: check
+ NOT-FOR-US: Splunk
CVE-2023-40595 (In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an ...)
- TODO: check
+ NOT-FOR-US: Splunk
CVE-2023-40594 (In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an ...)
- TODO: check
+ NOT-FOR-US: Splunk
CVE-2023-40593 (In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious ...)
- TODO: check
+ NOT-FOR-US: Splunk
CVE-2023-40592 (In Splunk Enterprise versions below 9.1.1, 9.0.6, and 8.2.12, an attac ...)
- TODO: check
+ NOT-FOR-US: Splunk
CVE-2023-40582 (find-exec is a utility to discover available shell commands. Versions ...)
TODO: check
CVE-2023-40184 (xrdp is an open source remote desktop protocol (RDP) server. In versio ...)
@@ -103,69 +103,69 @@ CVE-2023-3356 (The Subscribers Text Counter WordPress plugin before 1.7.1 does n
CVE-2023-3136 (The MailArchiver plugin for WordPress is vulnerable to Stored Cross-Si ...)
NOT-FOR-US: MailArchiver plugin for WordPress
CVE-2023-35094 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35092 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Abha ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34372 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Didi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34187 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alan ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34184 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Bhavik P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34183 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Vali ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34180 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in KAPlugin ...)
NOT-FOR-US: WordPress plugin
CVE-2023-34176 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Chilexpr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34175 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GrandSla ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34174 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in BBS e-Th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34173 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34172 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mile ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34032 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Pascal C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34023 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Miled Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34022 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rakib Ha ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34008 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in weDevs W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34004 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33929 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joaq ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33325 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Teplitsa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33320 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Mohammad ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33317 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooComme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33210 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in nuaj ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33208 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in gsmi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32962 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in HasT ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32802 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooComme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32801 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooComme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32793 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32746 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32742 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in VeronaLa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32740 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kunal Na ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32597 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32294 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Radi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4609
REJECTED
CVE-2023-4599 (The Slimstat Analytics plugin for WordPress is vulnerable to Stored Cr ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed2b7fd2f01ba9c4794065f5be01e6023ed74adc
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed2b7fd2f01ba9c4794065f5be01e6023ed74adc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230830/9486cc82/attachment.htm>
More information about the debian-security-tracker-commits
mailing list