[Git][security-tracker-team/security-tracker][master] automatic update

Tue Jul 4 21:12:31 BST 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f10a528f by security tracker role at 2023-07-04T20:12:19+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,15 @@
+CVE-2023-3506 (A vulnerability was found in Active It Zone Active eCommerce CMS 6.5.0 ...)
+	TODO: check
+CVE-2023-3505 (A vulnerability was found in Onest CRM 1.0. It has been classified as  ...)
+	TODO: check
+CVE-2023-3504 (A vulnerability was found in SmartWeb Infotech Job Board 1.0 and class ...)
+	TODO: check
+CVE-2023-3503 (A vulnerability has been found in SourceCodester Shopping Website 1.0  ...)
+	TODO: check
+CVE-2023-3502 (A vulnerability, which was classified as critical, was found in Source ...)
+	TODO: check
+CVE-2023-31999 (All versions of @fastify/oauth2 used a statically generated state para ...)
+	TODO: check
 CVE-2023-3460 (The Ultimate Member WordPress plugin before 2.6.7 does not prevent vis ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-3139 (The Protect WP Admin WordPress plugin before 4.0 discloses the URL of  ...)
@@ -329,7 +341,7 @@ CVE-2023-2846 (Authentication Bypass by Capture-replay vulnerability in Mitsubis
 	NOT-FOR-US: Mitsubishi
 CVE-2023-2834 (The BookIt plugin for WordPress is vulnerable to authentication bypass ...)
 	NOT-FOR-US: BookIt plugin for WordPress
-CVE-2023-2974
+CVE-2023-2974 (A vulnerability was found in quarkus-core. This vulnerability occurs b ...)
 	NOT-FOR-US: Quarkus
 CVE-2023-3458 (A vulnerability was found in SourceCodester Shopping Website 1.0. It h ...)
 	NOT-FOR-US: SourceCodester Shopping Website
@@ -44622,7 +44634,7 @@ CVE-2022-3913 (Rapid7 Nexpose and InsightVM versions 6.6.82 through 6.6.177 fail
 	NOT-FOR-US: Rapid7
 CVE-2022-3912 (The User Registration WordPress plugin before 2.2.4.1 does not properl ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2022-3911 (The iubenda | All-in-one Compliance for GDPR / CCPA Cookie Consent + m ...)
+CVE-2022-3911 (The iubenda WordPress plugin before 3.3.3 does does not have authorisa ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-3910 (Use After Free vulnerability in Linux Kernel allows Privilege Escalati ...)
 	- linux 5.19.11-1
@@ -75567,7 +75579,7 @@ CVE-2022-2243 (An access control vulnerability in GitLab EE/CE affecting all ver
 	- gitlab 15.10.8+ds1-2
 CVE-2022-2242 (The KUKA SystemSoftware V/KSS in versions prior to 8.6.5 is prone to i ...)
 	NOT-FOR-US: Kuka
-CVE-2022-2241 (The Featured Image from URL (FIFU) WordPress plugin before 4.0.0 does  ...)
+CVE-2022-2241 (The Featured Image from URL (FIFU) WordPress plugin before 4.0.1 does  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-2240 (The Request a Quote WordPress plugin through 2.3.7 does not validate u ...)
 	NOT-FOR-US: WordPress plugin
@@ -88209,7 +88221,7 @@ CVE-2022-1600 (The YOP Poll WordPress plugin before 6.4.3 prioritizes getting a
 	NOT-FOR-US: WordPress plugin
 CVE-2022-1599 (The Admin Management Xtended WordPress plugin before 2.4.5 does not ha ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2022-1598 (The WPQA Builder WordPress plugin before 5.4 which is a companion to t ...)
+CVE-2022-1598 (The WPQA Builder WordPress plugin before 5.5 which is a companion to t ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-1597 (The WPQA Builder WordPress plugin before 5.4, used as a companion for  ...)
 	NOT-FOR-US: WordPress plugin



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f10a528f2e0afaae5afeae6933834ac7b27187fb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f10a528f2e0afaae5afeae6933834ac7b27187fb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230704/703d7e2d/attachment.htm>
