[Git][security-tracker-team/security-tracker][master] automatic update

Sun Dec 17 20:12:45 GMT 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8735143d by security tracker role at 2023-12-17T20:12:33+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,29 @@
+CVE-2023-6902 (A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2 ...)
+	TODO: check
+CVE-2023-6901 (A vulnerability, which was classified as critical, was found in codely ...)
+	TODO: check
+CVE-2023-6900 (A vulnerability, which was classified as critical, has been found in r ...)
+	TODO: check
+CVE-2023-6899 (A vulnerability classified as problematic was found in rmountjoy92 Das ...)
+	TODO: check
+CVE-2023-6898 (A vulnerability classified as critical has been found in SourceCodeste ...)
+	TODO: check
+CVE-2023-6896 (A vulnerability was found in SourceCodester Simple Image Stack Website ...)
+	TODO: check
+CVE-2023-50271 (A potential security vulnerability has been identified with HP-UX Syst ...)
+	TODO: check
+CVE-2023-49834 (Cross-Site Request Forgery (CSRF) vulnerability in realmag777 FOX \u20 ...)
+	TODO: check
+CVE-2023-49824 (Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite Produ ...)
+	TODO: check
+CVE-2023-49816 (Cross-Site Request Forgery (CSRF) vulnerability in Innovative Solution ...)
+	TODO: check
+CVE-2023-49775 (Cross-Site Request Forgery (CSRF) vulnerability in Denis Kobozev CSV I ...)
+	TODO: check
+CVE-2023-49769 (Cross-Site Request Forgery (CSRF) vulnerability in SoftLab Integrate G ...)
+	TODO: check
+CVE-2023-49751 (Cross-Site Request Forgery (CSRF) vulnerability in Ciprian Popescu Blo ...)
+	TODO: check
 CVE-2023-6895 (A vulnerability was found in Hikvision Intercom Broadcasting System 3. ...)
 	NOT-FOR-US: Hikvision Intercom Broadcasting System
 CVE-2023-6894 (A vulnerability was found in Hikvision Intercom Broadcasting System 3. ...)
@@ -9345,7 +9371,7 @@ CVE-2023-6478 (A flaw was found in xorg-server. A specially crafted request to R
 	NOTE: https://lists.x.org/archives/xorg-announce/2023-December/003435.html
 	NOTE: Fixed by: https://gitlab.freedesktop.org/xorg/xserver/-/commit/14f480010a93ff962fef66a16412fafff81ad632
 CVE-2023-6377 (A flaw was found in xorg-server. Querying or changing XKB button actio ...)
-	{DSA-5576-1 DLA-3686-1}
+	{DSA-5576-2 DSA-5576-1 DLA-3686-2 DLA-3686-1}
 	- xorg-server 2:21.1.10-1
 	- xwayland 2:23.2.3-1
 	[bookworm] - xwayland <no-dsa> (Minor issue; Xwayland shouldn't be running as root)
@@ -53842,8 +53868,8 @@ CVE-2023-24382 (Cross-Site Request Forgery (CSRF) vulnerability in Photon WP Mat
 	NOT-FOR-US: WordPress plugin
 CVE-2023-24381 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NsTh ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2023-24380
-	RESERVED
+CVE-2023-24380 (Cross-Site Request Forgery (CSRF) vulnerability in Webbjocke Simple Wp ...)
+	TODO: check
 CVE-2023-24379
 	RESERVED
 CVE-2023-24378 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8735143d0e9b36c364c269716107e12feb1265e5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8735143d0e9b36c364c269716107e12feb1265e5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231217/3a195d45/attachment.htm>
