[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bbad9f5e by security tracker role at 2023-12-26T20:12:10+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,6 +1,86 @@
-CVE-2023-51467
+CVE-2023-6268 (The JSON Content Importer WordPress plugin before 1.5.4 does not sanit ...)
+	TODO: check
+CVE-2023-6250 (The BestWebSoft's Like & Share WordPress plugin before 2.74 discloses  ...)
+	TODO: check
+CVE-2023-6166 (The Quiz Maker WordPress plugin before 6.4.9.5 does not escape generat ...)
+	TODO: check
+CVE-2023-6155 (The Quiz Maker WordPress plugin before 6.4.9.5 does not adequately aut ...)
+	TODO: check
+CVE-2023-6114 (The Duplicator WordPress plugin before 1.5.7.1, Duplicator Pro WordPre ...)
+	TODO: check
+CVE-2023-5991 (The Hotel Booking Lite WordPress plugin before 4.8.5 does not validate ...)
+	TODO: check
+CVE-2023-5980 (The BSK Forms Blacklist WordPress plugin before 3.7 does not sanitise  ...)
+	TODO: check
+CVE-2023-5939 (The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin bef ...)
+	TODO: check
+CVE-2023-5931 (The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin bef ...)
+	TODO: check
+CVE-2023-5674 (The WP Mail Log WordPress plugin before 1.1.3 does not properly saniti ...)
+	TODO: check
+CVE-2023-5673 (The WP Mail Log WordPress plugin before 1.1.3 does not properly valida ...)
+	TODO: check
+CVE-2023-5672 (The WP Mail Log WordPress plugin before 1.1.3 does not properly valida ...)
+	TODO: check
+CVE-2023-5645 (The WP Mail Log WordPress plugin before 1.1.3 does not properly saniti ...)
+	TODO: check
+CVE-2023-5644 (The WP Mail Log WordPress plugin before 1.1.3 does not correctly autho ...)
+	TODO: check
+CVE-2023-5203 (The WP Sessions Time Monitoring Full Automatic WordPress plugin before ...)
+	TODO: check
+CVE-2023-5180 (An issue was discovered in Open Design Alliance Drawings SDK before 20 ...)
+	TODO: check
+CVE-2023-52086 (resumable.php (aka PHP backend for resumable.js) 0.1.4 before 3c6dbf5  ...)
+	TODO: check
+CVE-2023-51107 (A floating point exception (divide-by-zero) vulnerability was discover ...)
+	TODO: check
+CVE-2023-51106 (A floating point exception (divide-by-zero) vulnerability was discover ...)
+	TODO: check
+CVE-2023-51105 (A floating point exception (divide-by-zero) vulnerability was discover ...)
+	TODO: check
+CVE-2023-51104 (A floating point exception (divide-by-zero) vulnerability was discover ...)
+	TODO: check
+CVE-2023-51103 (A floating point exception (divide-by-zero) vulnerability was discover ...)
+	TODO: check
+CVE-2023-51102 (Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow  ...)
+	TODO: check
+CVE-2023-51101 (Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow  ...)
+	TODO: check
+CVE-2023-51100 (Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injecti ...)
+	TODO: check
+CVE-2023-51099 (Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injecti ...)
+	TODO: check
+CVE-2023-51098 (Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injecti ...)
+	TODO: check
+CVE-2023-51097 (Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow  ...)
+	TODO: check
+CVE-2023-51095 (Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow vi ...)
+	TODO: check
+CVE-2023-51094 (Tenda M3 V1.0.0.12(4856) was discovered to contain a Command Execution ...)
+	TODO: check
+CVE-2023-51093 (Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow vi ...)
+	TODO: check
+CVE-2023-51092 (Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow vi ...)
+	TODO: check
+CVE-2023-51091 (Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow vi ...)
+	TODO: check
+CVE-2023-51090 (Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow vi ...)
+	TODO: check
+CVE-2023-49949 (Passwork before 6.2.0 allows remote authenticated users to bypass 2FA  ...)
+	TODO: check
+CVE-2023-45251
+	REJECTED
+CVE-2023-43851
+	REJECTED
+CVE-2015-10127 (A vulnerability was found in PlusCaptcha Plugin up to 2.0.6 on WordPre ...)
+	TODO: check
+CVE-2014-125109 (A vulnerability was found in BestWebSoft Portfolio Plugin up to 2.27.  ...)
+	TODO: check
+CVE-2012-10017 (A vulnerability was found in BestWebSoft Portfolio Plugin up to 2.04 o ...)
+	TODO: check
+CVE-2023-51467 (The vulnerability allows attackers to bypass authentication to achieve ...)
 	NOT-FOR-US: Apache OFBiz
-CVE-2023-50968
+CVE-2023-50968 (Arbitrary file properties reading vulnerability in Apache Software Fou ...)
 	NOT-FOR-US: Apache OFBiz
 CVE-2023-7111 (A vulnerability, which was classified as critical, was found in code-p ...)
 	NOT-FOR-US: code-projects Library Management System
@@ -11677,7 +11757,8 @@ CVE-2023-38190 (An issue was discovered in SuperWebMailer 9.00.0.01710. It allow
 	NOT-FOR-US: SuperWebMailer
 CVE-2023-32786 (In Langchain through 0.0.155, prompt injection allows an attacker to f ...)
 	NOT-FOR-US: Langchain
-CVE-2023-32785 (In Langchain through 0.0.155, prompt injection allows execution of arb ...)
+CVE-2023-32785
+	REJECTED
 	NOT-FOR-US: Langchain
 CVE-2023-5690 (Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa ...)
 	NOT-FOR-US: Modoboa



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bbad9f5ea1c5d6f3407b82f41ab902b0186adae6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bbad9f5ea1c5d6f3407b82f41ab902b0186adae6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231226/dbb78a0b/attachment.htm>