[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Nov 6 20:54:33 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
31902233 by Salvatore Bonaccorso at 2023-11-06T21:53:40+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,95 +5,95 @@ CVE-2023-5968 (Mattermost fails to properly sanitize the user object when updati
CVE-2023-5967 (Mattermost fails to properly validate requests to the Calls plugin, al ...)
- mattermost-server <itp> (bug #823556)
CVE-2023-5964 (The 1E-Exchange-DisplayMessageinstruction that is part of the End-User ...)
- TODO: check
+ NOT-FOR-US: 1E-Exchange-DisplayMessageinstruction
CVE-2023-5963 (An issue has been discovered in GitLab EE with Advanced Search affecti ...)
TODO: check
CVE-2023-5950 (Rapid7 Velociraptor versions prior to 0.7.0-4 suffer from a reflected ...)
- TODO: check
+ NOT-FOR-US: Rapid7 Velociraptor
CVE-2023-5823 (Cross-Site Request Forgery (CSRF) vulnerability in ThemeKraft TK Googl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5777 (Weintek EasyBuilder Pro contains a vulnerability that, even when the p ...)
- TODO: check
+ NOT-FOR-US: Weintek EasyBuilder Pro
CVE-2023-5771 (Proofpoint Enterprise Protection contains a stored XSS vulnerability i ...)
- TODO: check
+ NOT-FOR-US: Proofpoint Enterprise Protection
CVE-2023-5719 (The Crimson 3.2 Windows-based configuration tool allows users with adm ...)
- TODO: check
+ NOT-FOR-US: Crimson
CVE-2023-4996 (Netskope was made aware of a security vulnerability in its NSClient pr ...)
- TODO: check
+ NOT-FOR-US: Netskope
CVE-2023-4535 (An out-of-bounds read vulnerability was found in OpenSC packages withi ...)
TODO: check
CVE-2023-47186 (Cross-Site Request Forgery (CSRF) vulnerability in Kadence WP Kadence ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47185 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in gVectors Te ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47184 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Prop ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47182 (Cross-Site Request Forgery (CSRF) leading to a Stored Cross-Site Scrip ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47177 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Yaki ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46824 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Om A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46823 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46822 (Unauth. Reflected Cross-Site Scripting') vulnerability in Visser Labs ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46821 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46783 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46782 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46781 (Cross-Site Request Forgery (CSRF) vulnerability in Roland Murg Current ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46780 (Cross-Site Request Forgery (CSRF) vulnerability in Alter plugin <=1.0 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46779 (Cross-Site Request Forgery (CSRF) vulnerability in EasyRecipe plugin < ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46778 (Cross-Site Request Forgery (CSRF) vulnerability in TheFreeWindows Auto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46777 (Cross-Site Request Forgery (CSRF) vulnerability in Custom Login Page | ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46776 (Cross-Site Request Forgery (CSRF) vulnerability in Serena Villa Auto E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46775 (Cross-Site Request Forgery (CSRF) vulnerability in Djo Original texts ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46732 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2023-46731 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2023-46728 (Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and ...)
TODO: check
CVE-2023-46254 (capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy ...)
TODO: check
CVE-2023-46251 (MyBB is a free and open source forum software. Custom MyCode (BBCode) ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2023-46084 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45830 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45827 (Dot diver is a lightweight, powerful, and dependency-free TypeScript u ...)
TODO: check
CVE-2023-45657 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45163 (The 1E-Exchange-CommandLinePing instruction that is part of the Networ ...)
- TODO: check
+ NOT-FOR-US: 1E-Exchange-CommandLinePing
CVE-2023-45161 (The 1E-Exchange-URLResponseTime instruction that is part of the Networ ...)
- TODO: check
+ NOT-FOR-US: 1E-Exchange-URLResponseTime
CVE-2023-45074 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45069 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45055 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45046 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45001 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44398 (Exiv2 is a C++ library and a command-line utility to read, write, dele ...)
TODO: check
CVE-2023-41685 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41378 (In certain conditions for Calico Typha (v3.26.2, v3.25.1 and below), a ...)
TODO: check
CVE-2023-40661 (Several memory vulnerabilities were identified within the OpenSC packa ...)
@@ -101,7 +101,7 @@ CVE-2023-40661 (Several memory vulnerabilities were identified within the OpenSC
CVE-2023-40660 (A flaw was found in OpenSC packages that allow a potential PIN bypass. ...)
TODO: check
CVE-2023-40609 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39345 (strapi is an open-source headless CMS. Versions prior to 4.13.1 did no ...)
TODO: check
CVE-2023-35911 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/31902233c545872801c2d49d35907c1b03bda54c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/31902233c545872801c2d49d35907c1b03bda54c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231106/e3a6254f/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list