[Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jul 18 21:56:43 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
82321fd6 by Salvatore Bonaccorso at 2023-07-18T22:56:12+02:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -18667,15 +18667,15 @@ CVE-2023-28025
CVE-2023-28024
RESERVED
CVE-2023-28023 (A cross site request forgery vulnerability in the BigFix WebUI Softwar ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-28022
RESERVED
CVE-2023-28021 (The BigFix WebUI uses weak cipher suites.)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-28020 (URL redirection in Login page in HCL BigFix WebUI allows malicious use ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-28019 (Insufficient validation in Bigfix WebUI API App site version < 14 allo ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-28018
RESERVED
CVE-2023-28017
@@ -26230,7 +26230,7 @@ CVE-2023-25484 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2023-25483
RESERVED
CVE-2023-25482 (Cross-Site Request Forgery (CSRF) vulnerability in Mike Martel WP Tile ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25481 (Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Sub ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25480
@@ -26244,11 +26244,11 @@ CVE-2023-25477
CVE-2023-25476
RESERVED
CVE-2023-25475 (Cross-Site Request Forgery (CSRF) vulnerability in Vladimir Prelovac S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25474 (Cross-Site Request Forgery (CSRF) vulnerability in Csaba Kissi About M ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25473 (Cross-Site Request Forgery (CSRF) vulnerability in Miro Mannino Flickr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25472 (Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Pod ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25471
@@ -27316,7 +27316,7 @@ CVE-2023-25038 (Cross-Site Request Forgery (CSRF) vulnerability in 984.Ru For th
CVE-2023-25037
RESERVED
CVE-2023-25036 (Cross-Site Request Forgery (CSRF) vulnerability in akhlesh-nagar, a.An ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25035
RESERVED
CVE-2023-25034 (Cross-Site Request Forgery (CSRF) vulnerability in BoLiQuan WP Clean U ...)
@@ -29420,7 +29420,7 @@ CVE-2023-24392 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I
CVE-2023-24391
RESERVED
CVE-2023-24390 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WeSe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-24389
RESERVED
CVE-2023-24388 (Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Booking ca ...)
@@ -31414,7 +31414,7 @@ CVE-2023-23662
CVE-2023-23661
RESERVED
CVE-2023-23660 (Auth. (subscriber+) SQL Injection (SQLi) vulnerability in MainWP MainW ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23659 (Cross-Site Request Forgery (CSRF) vulnerability in MainWP Matomo Exten ...)
NOT-FOR-US: MainWP Matomo Extension
CVE-2023-23658
@@ -39715,7 +39715,7 @@ CVE-2022-47423 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2022-47422 (Cross-Site Request Forgery (CSRF) vulnerability in HM Plugin Accept St ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47421 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Repu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47420
RESERVED
CVE-2022-47419 (An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful ...)
@@ -40606,7 +40606,7 @@ CVE-2022-47171 (Improper Neutralization of Input During Web Page Generation ('Cr
CVE-2022-47170 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Unli ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47169 (Cross-Site Request Forgery (CSRF) vulnerability in StaxWP Visibility L ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47168
RESERVED
CVE-2022-47167 (Cross-Site Request Forgery (CSRF) vulnerability in Aram Kocharyan Cray ...)
@@ -41468,7 +41468,7 @@ CVE-2022-46859
CVE-2022-46858 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Amin A.R ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46857 (Cross-Site Request Forgery (CSRF) vulnerability in SiteAlert plugin <= ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-46856 (Cross-Site Request Forgery (CSRF) vulnerability in ORION Woocommerce P ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46855 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
@@ -44650,7 +44650,7 @@ CVE-2022-45830
CVE-2022-45829 (Auth. Path Traversal vulnerability inEasy WP SMTP plugin <= 1.5.1 atWo ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45828 (Cross-Site Request Forgery (CSRF) vulnerability in NooTheme Noo Timeta ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45827 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gall ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45826
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82321fd62e1305270e6cd20d93eb9600caadb664
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82321fd62e1305270e6cd20d93eb9600caadb664
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230718/2f776051/attachment.htm>
More information about the debian-security-tracker-commits
mailing list