[Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jul 10 21:53:21 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8bda3422 by Salvatore Bonaccorso at 2023-07-10T22:49:25+02:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,15 +1,15 @@
CVE-2023-3605 (A vulnerability was found in PHPGurukul Online Shopping Portal 1.0. It ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Online Shopping Portal
CVE-2023-3599 (A vulnerability was found in SourceCodester Best Fee Management System ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Best Fee Management System
CVE-2023-3580 (Improper Handling of Additional Special Element in GitHub repository s ...)
- TODO: check
+ NOT-FOR-US: squidex
CVE-2023-3579 (A vulnerability, which was classified as problematic, has been found i ...)
TODO: check
CVE-2023-3578 (A vulnerability classified as critical was found in DedeCMS 5.7.109. A ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2023-3574 (Improper Authorization in GitHub repository pimcore/customer-data-fram ...)
- TODO: check
+ NOT-FOR-US: pimcore customer-data-framework
CVE-2023-3273 (Improper Access Control in the SICK ICR890-4 could allow an unauthenti ...)
TODO: check
CVE-2023-3272 (Cleartext Transmission of Sensitive Information in the SICK ICR890-4 c ...)
@@ -59,31 +59,31 @@ CVE-2023-37701 (Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow
CVE-2023-37700 (Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via t ...)
NOT-FOR-US: Tenda
CVE-2023-37392 (Cross-Site Request Forgery (CSRF) vulnerability in Deepak Anand WP Dum ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37277 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2023-37153 (KodExplorer 4.51 contains a Cross-Site Scripting (XSS) vulnerability i ...)
TODO: check
CVE-2023-37152 (Projectworlds Online Art Gallery Project 1.0 allows unauthenticated us ...)
- TODO: check
+ NOT-FOR-US: Projectworlds Online Art Gallery Project
CVE-2023-37151 (Sourcecodester Online Pizza Ordering System v1.0 allows the upload of ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Online Pizza Ordering System
CVE-2023-37150 (Sourcecodester Online Pizza Ordering System v1.0 has a Cross-site scri ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Online Pizza Ordering System
CVE-2023-36940 (Cross Site Scripting (XSS) vulnerability in PHPGurukul Online Fire Rep ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Online Fire Reporting System
CVE-2023-36939 (Cross-Site Scripting (XSS) vulnerability in Hostel Management System v ...)
- TODO: check
+ NOT-FOR-US: Hostel Management System
CVE-2023-36936 (Cross-Site Scripting (XSS) vulnerability in PHPGurukul Online Security ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Online Security Guards Hiring System
CVE-2023-36691 (Cross-Site Request Forgery (CSRF) vulnerability in Albert Peschar Webw ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36376 (Cross-Site Scripting (XSS) vulnerability in Hostel Management System v ...)
- TODO: check
+ NOT-FOR-US: Hostel Management System
CVE-2023-36375 (Cross Site Scripting vulnerability in Hostel Management System v2.1 al ...)
- TODO: check
+ NOT-FOR-US: Hostel Management System
CVE-2023-35912 (Cross-Site Request Forgery (CSRF) vulnerability in WP Zone Potent Dona ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35699 (Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthen ...)
TODO: check
CVE-2023-35698 (Observable Response Discrepancy in the SICK ICR890-4 could allow a rem ...)
@@ -95,15 +95,15 @@ CVE-2023-35696 (Unauthenticated endpoints in the SICK ICR890-4 could allow an un
CVE-2023-34432 (A heap buffer overflow vulnerability was found in sox, in the lsx_read ...)
TODO: check
CVE-2023-34347 (Delta Electronics InfraSuite Device Master versions prior to 1.0.7 con ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics InfraSuite Device Master
CVE-2023-34318 (A heap buffer overflow vulnerability was found in sox, in the startrea ...)
TODO: check
CVE-2023-34316 (An attacker could bypass the latest Delta Electronics InfraSuite Devic ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics InfraSuite Device Master
CVE-2023-32627 (A floating point exception vulnerability was found in sox, in the read ...)
TODO: check
CVE-2023-30765 (Delta Electronics InfraSuite Device Master versions prior to 1.0.7 con ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics InfraSuite Device Master
CVE-2023-2967 (The TinyMCE Custom Styles WordPress plugin before 1.1.4 does not sanit ...)
NOT-FOR-US: WordPress plugin
CVE-2023-2964 (The Simple Iframe WordPress plugin before 1.2.0 does not properly vali ...)
@@ -129,9 +129,9 @@ CVE-2016-15034 (A vulnerability was found in Dynacase Webdesk and classified as
CVE-2015-10121 (A vulnerability has been found in Beeliked Microsite Plugin up to 1.0. ...)
TODO: check
CVE-2015-10120 (A vulnerability, which was classified as problematic, was found in WDS ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2015-10119 (A vulnerability, which was classified as problematic, has been found i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-XXXX [spip: Use a dedicated function to clean author data when preparing a session]
- spip 4.1.11+dfsg-1
[bookworm] - spip <no-dsa> (Minor issue)
@@ -13115,7 +13115,7 @@ CVE-2023-29097
CVE-2023-29096
RESERVED
CVE-2023-29095 (Auth. (admin+) SQL Injection (SQLi) vulnerability in David F. Carr RSV ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-29094 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in PI W ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29093 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -13495,7 +13495,7 @@ CVE-2023-28997 (The Nextcloud Desktop Client is a tool to synchronize files from
CVE-2023-28996
RESERVED
CVE-2023-28995 (Cross-Site Request Forgery (CSRF) vulnerability in Keith Solomon Confi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28994
RESERVED
CVE-2023-28993 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio ...)
@@ -13507,13 +13507,13 @@ CVE-2023-28991 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2023-28990
RESERVED
CVE-2023-28989 (Cross-Site Request Forgery (CSRF) vulnerability in weDevs Happy Addons ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28988 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI W ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28987
RESERVED
CVE-2023-28986 (Cross-Site Request Forgery (CSRF) vulnerability in wp.Insider, wpaffil ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28985
RESERVED
CVE-2023-28984 (A Use After Free vulnerability in the Layer 2 Address Learning Manager ...)
@@ -24622,7 +24622,7 @@ CVE-2023-25480
CVE-2023-25479 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Podl ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25478 (Cross-Site Request Forgery (CSRF) vulnerability in Jason Rouet Weather ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25477
RESERVED
CVE-2023-25476
@@ -27774,7 +27774,7 @@ CVE-2023-24407
CVE-2023-24406 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mune ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24405 (Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Cont ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-24404 (Reflected Cross-Site Scripting (XSS) vulnerability in VryaSage Marketi ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24403 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP F ...)
@@ -27794,7 +27794,7 @@ CVE-2023-24397
CVE-2023-24396 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in E4J ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24395 (Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Cont ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-24394
RESERVED
CVE-2023-24393
@@ -28761,7 +28761,7 @@ CVE-2023-23995 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2023-23994 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marc ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23993 (Cross-Site Request Forgery (CSRF) vulnerability in LionScripts.Com Lio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23992 (Cross-Site Request Forgery (CSRF) vulnerability in AutomatorWP plugin ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23991
@@ -29063,7 +29063,7 @@ CVE-2023-23899 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Ext
CVE-2023-23898 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23897 (Cross-Site Request Forgery (CSRF) vulnerability in Ozette Plugins Simp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23896
RESERVED
CVE-2023-23895
@@ -29119,7 +29119,7 @@ CVE-2023-23871
CVE-2023-23870 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in wpde ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23869 (Cross-Site Request Forgery (CSRF) vulnerability in Amit Agarwal Google ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23868
RESERVED
CVE-2023-23867 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
@@ -29307,7 +29307,7 @@ CVE-2023-23806 (Auth. (admin+) StoredCross-Site Scripting (XSS) vulnerability in
CVE-2023-23805
RESERVED
CVE-2023-23804 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Feed p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23803
RESERVED
CVE-2023-23802 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Easy G ...)
@@ -29341,7 +29341,7 @@ CVE-2023-23789 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2023-23788 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Flor ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23787 (Cross-Site Request Forgery (CSRF) vulnerability in Premmerce Premmerce ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23786 (Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Chr ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23785 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in DgCu ...)
@@ -30870,7 +30870,7 @@ CVE-2022-48255 (There is a system command injection vulnerability in BiSheng-WNM
CVE-2022-48254 (There is a data processing error vulnerability in Leia-B29 2.0.0.49(M0 ...)
NOT-FOR-US: Huawei
CVE-2023-23348 (HCL Launch could disclose sensitive information if a manual edit of a ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-23347
RESERVED
CVE-2023-23346
@@ -33097,9 +33097,9 @@ CVE-2023-22697
CVE-2023-22696 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22695 (Cross-Site Request Forgery (CSRF) vulnerability in Hiroaki Miyashita C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22694 (Cross-Site Request Forgery (CSRF) vulnerability in Arian Khosravi, Nor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22693 (Cross-Site Request Forgery (CSRF) vulnerability in conlabzgmbh WP Goog ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22692 (Cross-Site Request Forgery (CSRF) vulnerability in Jeroen Peters Name ...)
@@ -33141,7 +33141,7 @@ CVE-2023-22675
CVE-2023-22674
RESERVED
CVE-2023-22673 (Cross-Site Request Forgery (CSRF) vulnerability in MageNet Website Mon ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22672
RESERVED
CVE-2023-0104 (The listed versions for Weintek EasyBuilder Pro are vulnerable to a Zi ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8bda342279324119566e1645027ef5d1ed9db6f0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8bda342279324119566e1645027ef5d1ed9db6f0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230710/5f5735a5/attachment.htm>
More information about the debian-security-tracker-commits
mailing list