[Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jul 10 21:43:48 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b24e897c by Salvatore Bonaccorso at 2023-07-10T22:43:15+02:00
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -19,45 +19,45 @@ CVE-2023-3271 (Improper Access Control in the SICK ICR890-4 could allow an unaut
CVE-2023-3270 (Exposure of Sensitive Information to an Unauthorized Actor in the SICK ...)
TODO: check
CVE-2023-3225 (The Float menu WordPress plugin before 5.0.3 does not sanitise and esc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-3219 (The EventON WordPress plugin before 2.1.2 does not validate that the e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-3209 (The MStore API WordPress plugin before 3.9.7 does not secure most of i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-3175 (The AI ChatBot WordPress plugin before 4.6.1 does not adequately escap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-3131 (The MStore API WordPress plugin before 3.9.7 does not secure most of i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-3129 (The URL Shortify WordPress plugin before 1.7.0 does not sanitise and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-3118 (The Export All URLs WordPress plugin before 4.6 does not sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-3077 (The MStore API WordPress plugin before 3.9.8 does not sanitise and esc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-3076 (The MStore API WordPress plugin before 3.9.9 does not prevent visitors ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37712 (Tenda AC1206 V15.03.06.23, F1202 V1.2.0.20(408), and FH1202 V1.2.0.20( ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-37711 (Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were discovered to con ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-37710 (Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were discovered to con ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-37707 (Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via t ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-37706 (Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via t ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-37705 (Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via t ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-37704 (Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via t ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-37703 (Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via t ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-37702 (Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via t ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-37701 (Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via t ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-37700 (Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via t ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-37392 (Cross-Site Request Forgery (CSRF) vulnerability in Deepak Anand WP Dum ...)
TODO: check
CVE-2023-37277 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
@@ -105,23 +105,23 @@ CVE-2023-32627 (A floating point exception vulnerability was found in sox, in th
CVE-2023-30765 (Delta Electronics InfraSuite Device Master versions prior to 1.0.7 con ...)
TODO: check
CVE-2023-2967 (The TinyMCE Custom Styles WordPress plugin before 1.1.4 does not sanit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2964 (The Simple Iframe WordPress plugin before 1.2.0 does not properly vali ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2796 (The EventON WordPress plugin before 2.1.2 lacks authentication and aut ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2709 (The AN_GradeBook WordPress plugin through 5.0.1 does not sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2635 (The Call Now Accessibility Button WordPress plugin before 1.1 does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2578 (The Buy Me a Coffee WordPress plugin before 3.7 does not sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2529 (The Enable SVG Uploads WordPress plugin through 2.1.5 does not sanitis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2495 (The Greeklish-permalink WordPress plugin through 3.3 does not implemen ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2493 (The All In One Redirection WordPress plugin before 2.2.0 does not prop ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-26590 (A floating point exception vulnerability was found in sox, in the lsx_ ...)
TODO: check
CVE-2016-15034 (A vulnerability was found in Dynacase Webdesk and classified as critic ...)
@@ -9067,13 +9067,13 @@ CVE-2023-2031 (The Locatoraid Store Locator plugin for WordPress is vulnerable t
CVE-2023-2030
RESERVED
CVE-2023-2029 (The PrePost SEO WordPress plugin through 3.0 does not properly sanitiz ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2028 (The Call Now Accessibility Button WordPress plugin before 1.1 does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2027 (The ZM Ajax Login & Register plugin for WordPress is vulnerable to aut ...)
NOT-FOR-US: ZM Ajax Login & Register plugin for WordPress
CVE-2023-2026 (The Image Protector WordPress plugin through 1.1 does not properly san ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2025 (OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 ...)
NOT-FOR-US: OpenBlue Enterprise Manager Data Collector
CVE-2023-2024 (Improper authentication in OpenBlue Enterprise Manager Data Collector ...)
@@ -13128,7 +13128,7 @@ CVE-2023-1782 (HashiCorp Nomad and Nomad Enterprise versions 1.5.0 up to 1.5.2 a
CVE-2023-1781
RESERVED
CVE-2023-1780 (The Companion Sitemap Generator WordPress plugin before 4.5.3 does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1779 (Exposure of Sensitive Information to an unauthorized actor vulnerabili ...)
NOT-FOR-US: MB Connect Lines
CVE-2023-1778 (This vulnerability exists in GajShield Data Security Firewall firmware ...)
@@ -14369,7 +14369,7 @@ CVE-2023-1599
CVE-2023-1598
REJECTED
CVE-2023-1597 (The tagDiv Cloud Library WordPress plugin before 2.7 does not have aut ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1596 (The tagDiv Composer WordPress plugin before 4.0 does not sanitise and ...)
NOT-FOR-US: WordPress plugin
CVE-2023-1595 (A vulnerability has been found in novel-plus 3.6.2 and classified as c ...)
@@ -17704,7 +17704,7 @@ CVE-2023-1210
CVE-2023-1209 (Cross-Site Scripting (XSS) vulnerabilities exist in ServiceNow records ...)
NOT-FOR-US: ServiceNow
CVE-2023-1208 (This HTTP Headers WordPress plugin before 1.18.11 allows arbitrary dat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1207 (This HTTP Headers WordPress plugin before 1.18.8 has an import functio ...)
NOT-FOR-US: WordPress plugin
CVE-2023-1206 (A hash collision flaw was found in the IPv6 connection lookup table in ...)
@@ -19009,7 +19009,7 @@ CVE-2023-1121 (The Simple Giveaways WordPress plugin before 2.45.1 does not sani
CVE-2023-1120 (The Simple Giveaways WordPress plugin before 2.45.1 does not sanitise ...)
NOT-FOR-US: WordPress plugin
CVE-2023-1119 (The WP-Optimize WordPress plugin before 3.2.13, SrbTransLatin WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1118 (A flaw use after free in the Linux kernel integrated infrared receiver ...)
{DLA-3404-1 DLA-3403-1}
- linux 6.1.20-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b24e897c05473b383120ba1461d261f2a756c7e2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b24e897c05473b383120ba1461d261f2a756c7e2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230710/7e566cb9/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list