[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Aug 31 16:39:27 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
95f6f807 by Moritz Muehlenhoff at 2023-08-31T17:38:36+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21,19 +21,19 @@ CVE-2023-4315 (The Woo Custom Emails for WordPress is vulnerable to Reflected Cr
CVE-2023-4245 (The WooCommerce PDF Invoice Builder for WordPress is vulnerable to una ...)
NOT-FOR-US: WordPress plugin
CVE-2023-4163 (In Brocade Fabric OS before v9.2.0a, a local authenticated privileged ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2023-4162 (A segmentation fault can occur in Brocade Fabric OS after Brocade Fab ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2023-4161 (The WooCommerce PDF Invoice Builder for WordPress is vulnerable to Cro ...)
- TODO: check
+ NOT-FOR-US: WooCommerce PDF Invoice Builder plugin for WordPress
CVE-2023-4160 (The WooCommerce PDF Invoice Builder plugin for WordPress is vulnerable ...)
NOT-FOR-US: WooCommerce PDF Invoice Builder plugin for WordPress
CVE-2023-4000 (The Waiting: One-click countdowns plugin for WordPress is vulnerable t ...)
NOT-FOR-US: Waiting: One-click countdowns plugin for WordPress
CVE-2023-41163 (A Reflected Cross-site scripting (XSS) vulnerability in the file manag ...)
- TODO: check
+ NOT-FOR-US: Usermin
CVE-2023-41041 (Graylog is a free and open log management platform. In a multi-node Gr ...)
- TODO: check
+ - graylog2 <itp> (bug #652273)
CVE-2023-41040 (GitPython is a python library used to interact with Git repositories. ...)
TODO: check
CVE-2023-3999 (The Waiting: One-click countdowns plugin for WordPress is vulnerable t ...)
@@ -45,7 +45,7 @@ CVE-2023-3677 (The WooCommerce PDF Invoice Builder plugin for WordPress is vulne
CVE-2023-3636 (The WP Project Manager plugin for WordPress is vulnerable to privilege ...)
NOT-FOR-US: WP Project Manager plugin for WordPress
CVE-2023-3489 (The firmwaredownload command on Brocade Fabric OS v9.2.0 could log th ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2023-3404 (The ProfileGrid plugin for WordPress is vulnerable to unauthorized dec ...)
NOT-FOR-US: ProfileGrid plugin for WordPress
CVE-2023-3162 (The Stripe Payment Plugin for WooCommerce plugin for WordPress is vuln ...)
@@ -61,15 +61,15 @@ CVE-2023-39136 (An unhandled edge case in the component _sanitizedPath of ZipArc
CVE-2023-39135 (An issue in Zip Swift v2.1.2 allows attackers to execute a path traver ...)
TODO: check
CVE-2023-38970 (Cross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru v.2.9.7 allo ...)
- TODO: check
+ NOT-FOR-US: Badaso
CVE-2023-31925 (Brocade SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2023-31714 (Chitor-CMS before v1.1.2 was discovered to contain multiple SQL inject ...)
- TODO: check
+ NOT-FOR-US: Chitor-CMS
CVE-2023-31424 (Brocade SANnav Web interface before Brocade SANnav v2.3.0 and v2.2.2a ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2023-31423 (Possible information exposure through log file vulnerability where se ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2023-2354 (The CHP Ads Block Detector plugin for WordPress is vulnerable to Store ...)
NOT-FOR-US: CHP Ads Block Detector plugin for WordPress
CVE-2023-2353 (The CHP Ads Block Detector plugin for WordPress is vulnerable to unaut ...)
@@ -144,7 +144,7 @@ CVE-2023-40844 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable
CVE-2023-40843 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Bu ...)
NOT-FOR-US: Tenda
CVE-2023-40842 (Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to B ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-40841 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Bu ...)
NOT-FOR-US: Tenda
CVE-2023-40840 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Bu ...)
@@ -315,11 +315,11 @@ CVE-2023-40787 (In SpringBlade V3.6.0 when executing SQL query, the parameters s
CVE-2023-3646 (On affected platforms running Arista EOS with mirroring to multiple de ...)
NOT-FOR-US: Arista
CVE-2023-3253 (An improper authorization vulnerability exists where an authenticated, ...)
- TODO: check
+ NOT-FOR-US: Nessus
CVE-2023-3252 (An arbitrary file write vulnerability exists where an authenticated, r ...)
- TODO: check
+ NOT-FOR-US: Nessus
CVE-2023-3251 (A pass-back vulnerability exists where an authenticated, remote attack ...)
- TODO: check
+ NOT-FOR-US: Nessus
CVE-2023-39678 (A cross-site scripting (XSS) vulnerability in the device web interface ...)
NOT-FOR-US: BDCOM OLT P3310D-2AC
CVE-2023-39663 (Mathjax up to v2.7.9 was discovered to contain two Regular expression ...)
@@ -336,7 +336,7 @@ CVE-2023-39522 (goauthentik is an open-source Identity Provider. In affected ver
CVE-2023-39268 (A memory corruption vulnerability in ArubaOS-Switch could lead to unau ...)
NOT-FOR-US: Aruba
CVE-2023-39267 (An authenticated remote code execution vulnerability exists in the com ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-39266 (A vulnerability in the ArubaOS-Switch web management interface could a ...)
NOT-FOR-US: Aruba
CVE-2023-38802 (FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/95f6f807948cc510cf26bdd801547406b1e27604
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/95f6f807948cc510cf26bdd801547406b1e27604
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230831/9e5a71f6/attachment.htm>
More information about the debian-security-tracker-commits
mailing list