[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Mar 6 20:15:32 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
66aa4601 by Salvatore Bonaccorso at 2023-03-06T21:14:42+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10997,7 +10997,7 @@ CVE-2023-0379 (The Spotlight Social Feeds WordPress plugin before 1.4.3 does not
CVE-2023-0378 (The Greenshift WordPress plugin before 5.0 does not validate and escap ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0377 (The Scriptless Social Sharing WordPress plugin before 3.2.2 does not v ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0376
RESERVED
CVE-2023-0375 (The Easy Affiliate Links WordPress plugin before 3.7.1 does not valida ...)
@@ -11594,7 +11594,7 @@ CVE-2023-23597
- firefox 109.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-01/#CVE-2023-23597
CVE-2023-0328 (The WPCode WordPress plugin before 2.0.7 does not have adequate privil ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0327 (A vulnerability was found in saemorris TheRadSystem. It has been class ...)
NOT-FOR-US: saemorris TheRadSystem
CVE-2023-0326
@@ -13022,7 +13022,7 @@ CVE-2023-0214 (A cross-site scripting vulnerability in Skyhigh SWG in main relea
CVE-2023-0213
RESERVED
CVE-2023-0212 (The Advanced Recent Posts WordPress plugin through 0.6.14 does not val ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0211
RESERVED
CVE-2022-4885 (A vulnerability has been found in sviehb jefferson up to 0.3 and class ...)
@@ -13529,7 +13529,7 @@ CVE-2023-0167
CVE-2023-0166 (The Product Slider for WooCommerce by PickPlugins WordPress plugin bef ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0165 (The Cost Calculator WordPress plugin through 1.8 does not validate and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0164 (OrangeScrum version 2.0.11 allows an authenticated external attacker t ...)
NOT-FOR-US: OrangeScrum
CVE-2022-48253 (nhttpd in Nostromo before 2.1 is vulnerable to a path traversal that m ...)
@@ -14649,7 +14649,7 @@ CVE-2023-0080 (The Customer Reviews for WooCommerce WordPress plugin before 5.16
CVE-2023-0079
RESERVED
CVE-2023-0078 (The Resume Builder WordPress plugin through 3.1.1 does not sanitize an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0077 (Integer overflow or wraparound vulnerability in CGI component in Synol ...)
NOT-FOR-US: Synology
CVE-2022-4877 (A vulnerability has been found in snoyberg keter up to 1.8.1 and class ...)
@@ -14729,7 +14729,7 @@ CVE-2023-22620
CVE-2023-22619
RESERVED
CVE-2023-0076 (The Download Attachments WordPress plugin through 1.2.24 does not vali ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0075 (The Amazon JS WordPress plugin through 0.10 does not validate and esca ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0074 (The WP Social Widget WordPress plugin before 2.2.4 does not validate a ...)
@@ -14743,19 +14743,19 @@ CVE-2023-0071 (The WP Tabs WordPress plugin before 2.1.17 does not validate and
CVE-2023-0070 (The ResponsiveVoice Text To Speech WordPress plugin through 1.7.6 does ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0069 (The WPaudio MP3 Player WordPress plugin through 4.0.2 does not validat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0068 (The Product GTIN (EAN, UPC, ISBN) for WooCommerce WordPress plugin thr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0067 (The Timed Content WordPress plugin before 2.73 does not validate and e ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0066
RESERVED
CVE-2023-0065 (The i2 Pros & Cons WordPress plugin through 1.3.1 does not validat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0064 (The eVision Responsive Column Layout Shortcodes WordPress plugin throu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0063 (The WordPress Shortcodes WordPress plugin through 1.6.36 does not vali ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0062 (The EAN for WooCommerce WordPress plugin before 4.4.3 does not validat ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0061 (The Judge.me Product Reviews for WooCommerce WordPress plugin before 1 ...)
@@ -21425,7 +21425,7 @@ CVE-2022-4330 (The WP Attachments WordPress plugin through 5.0.5 does not saniti
CVE-2022-4329 (The Product list Widget for Woocommerce WordPress plugin through 1.0 d ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4328 (The WooCommerce Checkout Field Manager WordPress plugin before 18.0 do ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-4327 (This issue does not bear any security risk as it's only exploitable by ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4326 (Improper preservation of permissions vulnerability in Trellix Endpoint ...)
@@ -22495,7 +22495,7 @@ CVE-2022-4267 (The Bulk Delete Users by Email WordPress plugin through 1.2 does
CVE-2022-4266 (The Bulk Delete Users by Email WordPress plugin through 1.2 does not h ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4265 (The Replyable WordPress plugin before 2.2.10 does not validate the cla ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-4264 (Incorrect Privilege Assignment in M-Files Web (Classic) in M-Files bef ...)
NOT-FOR-US: M-Files
CVE-2022-4263
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/66aa4601a1f6be36a6ad29b8b32df92e9e845d06
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/66aa4601a1f6be36a6ad29b8b32df92e9e845d06
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230306/c10edcb9/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list