[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Jun 9 09:44:31 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5fd9ae0a by Moritz Muehlenhoff at 2023-06-09T10:44:07+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,75 +1,75 @@
CVE-2023-3177 (A vulnerability has been found in SourceCodester Lost and Found Inform ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2023-3176 (A vulnerability, which was classified as critical, was found in Source ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2023-3173 (Improper Restriction of Excessive Authentication Attempts in GitHub re ...)
- TODO: check
+ - froxlor <itp> (bug #581792)
CVE-2023-3172 (Path Traversal in GitHub repository froxlor/froxlor prior to 2.0.20.)
- TODO: check
+ - froxlor <itp> (bug #581792)
CVE-2023-34364 (A buffer overflow was discovered in Progress DataDirect Connect for OD ...)
- TODO: check
+ NOT-FOR-US: Progress DataDirect Connect for ODBC
CVE-2023-34363 (An issue was discovered in Progress DataDirect Connect for ODBC before ...)
- TODO: check
+ NOT-FOR-US: Progress DataDirect Connect for ODBC
CVE-2023-34243 (TGstation is a toolset to manage production BYOND servers. In affected ...)
- TODO: check
+ NOT-FOR-US: TGstation
CVE-2023-34233 (The Snowflake Connector for Python provides an interface for developin ...)
- TODO: check
+ NOT-FOR-US: Snowflake connector for Python
CVE-2023-34232 (snowflake-connector-nodejs, a NodeJS driver for Snowflake, is vulnerab ...)
- TODO: check
+ NOT-FOR-US: Snowflake connector for NodeJS
CVE-2023-34230 (snowflake-connector-net, the Snowflake Connector for .NET, is vulnerab ...)
- TODO: check
+ NOT-FOR-US: Snowflake connector for .NET
CVE-2023-34112 (JavaCPP Presets is a project providing Java distributions of native C+ ...)
- TODO: check
+ NOT-FOR-US: JavaCPP Presents
CVE-2023-32751 (Pydio Cells through 4.1.2 allows XSS. Pydio Cells implements the downl ...)
- TODO: check
+ NOT-FOR-US: Pydio Cells
CVE-2023-2897 (The Brizy Page Builder plugin for WordPress is vulnerable to IP Addres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2896 (The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Reque ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2895 (The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Reque ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2894 (The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Reque ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2893 (The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Reque ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2892 (The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Reque ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2891 (The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Reque ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2767 (The WordPress File Upload and WordPress File Upload Pro plugins for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2764 (The Draw Attention plugin for WordPress is vulnerable to unauthorized ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2688 (The WordPress File Upload and WordPress File Upload Pro plugins for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2607 (The Multiple Page Generator Plugin for WordPress is vulnerable to time ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2604 (The Team Circle Image Slider With Lightbox plugin for WordPress is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2599 (The Active Directory Integration plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2584 (The PixelYourSite plugin for WordPress is vulnerable to Stored Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2558 (The WPCS \u2013 WordPress Currency Switcher Professional plugin for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2557 (The WPCS \u2013 WordPress Currency Switcher Professional plugin for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2556 (The WPCS \u2013 WordPress Currency Switcher Professional plugin for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2555 (The WPCS \u2013 WordPress Currency Switcher Professional plugin for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2526 (The Easy Google Maps plugin for WordPress is vulnerable to Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2484 (The Active Directory Integration plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2452 (The Advanced Woo Search plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2450 (The FiboSearch - AJAX Search for WooCommerce plugin for WordPress is v ...)
- TODO: check
+ NOT-FOR-US: Woocommerce plugin
CVE-2023-2414 (The Online Booking & Scheduling Calendar for WordPress by vcita plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2402 (The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-3164
- tiff <unfixed> (unimportant)
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/542
@@ -104,7 +104,7 @@ CVE-2023-34567 (Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to co
CVE-2023-34566 (Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain ...)
NOT-FOR-US: Tenda
CVE-2023-34231 (gosnowflake is th Snowflake Golang driver. Prior to version 1.6.19, a ...)
- TODO: check
+ NOT-FOR-US: Snowflake connector for GO
CVE-2023-34096 (Thruk is a multibackend monitoring webinterface which currently suppor ...)
NOT-FOR-US: Thruk
CVE-2023-33660 (A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vuln ...)
@@ -570,11 +570,11 @@ CVE-2023-XXXX [RUSTSEC-2023-0041]
NOTE: https://github.com/bluejekyll/trust-dns/pull/1952
NOTE: https://github.com/bluejekyll/trust-dns/commit/217974c0544483efe0c648befabb25bf88242716
CVE-2023-3027 (The grc-policy-propagator allows security escalation within the cluste ...)
- TODO: check
+ NOT-FOR-US: grc-policy-propagator
CVE-2023-34103 (Avo is an open source ruby on rails admin panel creation framework. In ...)
- TODO: check
+ NOT-FOR-US: Avo
CVE-2023-34102 (Avo is an open source ruby on rails admin panel creation framework. Th ...)
- TODO: check
+ NOT-FOR-US: Avo
CVE-2023-33410 (Minical 1.0.0 and earlier contains a CSV injection vulnerability which ...)
NOT-FOR-US: Minical
CVE-2023-33409 (Minical 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF) via m ...)
@@ -592,7 +592,7 @@ CVE-2023-22450 (In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitr
CVE-2018-25087 (A vulnerability classified as problematic was found in Arborator Serve ...)
NOT-FOR-US: Arborator
CVE-2017-20185 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Fuzzy SWM ...)
- TODO: check
+ NOT-FOR-US: Fuzzy SWMP
CVE-2015-10117 (A vulnerability, which was classified as problematic, was found in Gra ...)
NOT-FOR-US: WordPress plugin
CVE-2015-10116 (A vulnerability classified as problematic has been found in RealFavico ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fd9ae0afbf8e198cb6f45438b8f4ed5e124ca1b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fd9ae0afbf8e198cb6f45438b8f4ed5e124ca1b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230609/3742872e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list