[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Dec 20 20:38:08 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f5e72a8a by Salvatore Bonaccorso at 2023-12-20T21:37:45+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,125 +1,125 @@
CVE-2023-7018 (Deserialization of Untrusted Data in GitHub repository huggingface/tra ...)
- TODO: check
+ NOT-FOR-US: Transformers
CVE-2023-6912 (Lack of protection against brute force attacks in M-Files Server befor ...)
- TODO: check
+ NOT-FOR-US: M-Files Server
CVE-2023-6910 (A vulnerable API method in M-Files Server before 23.12.13195.0 allows ...)
- TODO: check
+ NOT-FOR-US: M-Files Server
CVE-2023-6784 (A malicious user could potentially use the Sitefinity system for the d ...)
- TODO: check
+ NOT-FOR-US: Sitefinity CMS
CVE-2023-6769 (Stored XSS vulnerability in Amazing Little Poll, affecting versions 1. ...)
- TODO: check
+ NOT-FOR-US: Amazing Little Poll
CVE-2023-6768 (Authentication bypass vulnerability in Amazing Little Poll affecting v ...)
- TODO: check
+ NOT-FOR-US: Amazing Little Poll
CVE-2023-6562 (JPX Fragment List (flst) box vulnerability in Kakadu 7.9 allows an att ...)
- TODO: check
+ NOT-FOR-US: Kakadu
CVE-2023-5011 (Student Information System v1.0 is vulnerable to multiple Authenticate ...)
- TODO: check
+ NOT-FOR-US: Student Information System
CVE-2023-5010 (Student Information System v1.0 is vulnerable to multiple Authenticate ...)
- TODO: check
+ NOT-FOR-US: Student Information System
CVE-2023-5007 (Student Information System v1.0 is vulnerable to multiple Authenticate ...)
- TODO: check
+ NOT-FOR-US: Student Information System
CVE-2023-51462 (Adobe Experience Manager versions 6.5.18 and earlier are affected by a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-51461 (Adobe Experience Manager versions 6.5.18 and earlier are affected by a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-51460 (Adobe Experience Manager versions 6.5.18 and earlier are affected by a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-51459 (Adobe Experience Manager versions 6.5.18 and earlier are affected by a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-51458 (Adobe Experience Manager versions 6.5.18 and earlier are affected by a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-51457 (Adobe Experience Manager versions 6.5.18 and earlier are affected by a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-50628 (Buffer Overflow vulnerability in libming version 0.4.8, allows attacke ...)
- ming <removed>
CVE-2023-50249 (Sentry-Javascript is official Sentry SDKs for JavaScript. A ReDoS (Reg ...)
TODO: check
CVE-2023-50044 (Buffer Overflow vulnerability in Cesanta MJS version 2.22.0, allows at ...)
- TODO: check
+ NOT-FOR-US: Cesenta MJS
CVE-2023-49825 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49814 (Unrestricted Upload of File with Dangerous Type vulnerability in Symbi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49776 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49773 (Deserialization of Untrusted Data vulnerability in Tim Brattberg BCorp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49772 (Deserialization of Untrusted Data vulnerability in Phpbits Creative St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49752 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49272 (Hotel Management v1.0 is vulnerable to multiple authenticated Reflecte ...)
- TODO: check
+ NOT-FOR-US: Hotel Management
CVE-2023-49271 (Hotel Management v1.0 is vulnerable to multiple authenticated Reflecte ...)
- TODO: check
+ NOT-FOR-US: Hotel Management
CVE-2023-49270 (Hotel Management v1.0 is vulnerable to multiple authenticated Reflecte ...)
- TODO: check
+ NOT-FOR-US: Hotel Management
CVE-2023-49269 (Hotel Management v1.0 is vulnerable to multiple authenticated Reflecte ...)
- TODO: check
+ NOT-FOR-US: Hotel Management
CVE-2023-49166 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49161 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47990 (SQL Injection vulnerability in components/table_manager/html/edit_admi ...)
- TODO: check
+ NOT-FOR-US: CuppaCMS
CVE-2023-47852 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47784 (Unrestricted Upload of File with Dangerous Type vulnerability in Theme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47507 (Deserialization of Untrusted Data vulnerability in Master Slider Maste ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47236 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47118 (ClickHouse\xae is an open-source column-oriented database management s ...)
TODO: check
CVE-2023-46311 (Authorization Bypass Through User-Controlled Key vulnerability in gVec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46149 (Unrestricted Upload of File with Dangerous Type vulnerability in Themi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46147 (Deserialization of Untrusted Data vulnerability in Themify Themify Ult ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45603 (Unrestricted Upload of File with Dangerous Type vulnerability in Jeff ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41796 (Authorization Bypass Through User-Controlled Key vulnerability in WP S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40555 (Deserialization of Untrusted Data vulnerability in UX-themes Flatsome ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40204 (Unrestricted Upload of File with Dangerous Type vulnerability in Premi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40010 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-3742 (Insufficient policy enforcement in ADB in Google Chrome on ChromeOS pr ...)
TODO: check
CVE-2023-38519 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38513 (Authorization Bypass Through User-Controlled Key vulnerability in Jord ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37871 (Authorization Bypass Through User-Controlled Key vulnerability in WooC ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36520 (Authorization Bypass Through User-Controlled Key vulnerability in Mark ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35916 (Authorization Bypass Through User-Controlled Key vulnerability in Auto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35915 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35914 (Authorization Bypass Through User-Controlled Key vulnerability in WooC ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35895 (IBM Informix JDBC Driver 4.10 and 4.50 is susceptible to remote code e ...)
NOT-FOR-US: IBM
CVE-2023-35876 (Authorization Bypass Through User-Controlled Key vulnerability in WooC ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34385 (Unrestricted Upload of File with Dangerous Type vulnerability in Aksha ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34007 (Unrestricted Upload of File with Dangerous Type vulnerability in WPChi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33330 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33318 (Unrestricted Upload of File with Dangerous Type vulnerability in WooCo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33209 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32743 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32590 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2023-32128 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f5e72a8ac9e604c47500eacd59e3863ec84e7df3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f5e72a8ac9e604c47500eacd59e3863ec84e7df3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231220/c1a4c476/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list