[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Nov 13 08:12:03 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
238e87a2 by security tracker role at 2023-11-13T08:11:52+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,65 @@
+CVE-2023-5747 (Bashis, a Security Researcher at IPVM has found a flaw that allows for ...)
+ TODO: check
+CVE-2023-5741 (The POWR plugin for WordPress is vulnerable to Stored Cross-Site Scrip ...)
+ TODO: check
+CVE-2023-5037
+ REJECTED
+CVE-2023-4775 (The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross ...)
+ TODO: check
+CVE-2023-47669 (Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs User Pro ...)
+ TODO: check
+CVE-2023-47652 (Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto ...)
+ TODO: check
+CVE-2023-47516 (Cross-Site Request Forgery (CSRF) vulnerability in Stark Digital Categ ...)
+ TODO: check
+CVE-2023-47230 (Cross-Site Request Forgery (CSRF) vulnerability in Cimatti Consulting ...)
+ TODO: check
+CVE-2023-47163 (Remarshal prior to v0.17.1 expands YAML alias nodes unlimitedly, hence ...)
+ TODO: check
+CVE-2023-46638 (Cross-Site Request Forgery (CSRF) vulnerability in Webcodin WCP OpenWe ...)
+ TODO: check
+CVE-2023-46636 (Cross-Site Request Forgery (CSRF) vulnerability in David St\xf6ckl Cus ...)
+ TODO: check
+CVE-2023-46634 (Cross-Site Request Forgery (CSRF) vulnerability in phoeniixx Custom My ...)
+ TODO: check
+CVE-2023-46629 (Cross-Site Request Forgery (CSRF) vulnerability in themelocation Remov ...)
+ TODO: check
+CVE-2023-46625 (Cross-Site Request Forgery (CSRF) vulnerability in DAEXT Autolinks Man ...)
+ TODO: check
+CVE-2023-46620 (Cross-Site Request Forgery (CSRF) vulnerability in Fluenx DeepL API tr ...)
+ TODO: check
+CVE-2023-46619 (Cross-Site Request Forgery (CSRF) vulnerability in WebDorado WDSocialW ...)
+ TODO: check
+CVE-2023-46618 (Cross-Site Request Forgery (CSRF) vulnerability in Bala Krishna, Serge ...)
+ TODO: check
+CVE-2023-46207 (Server-Side Request Forgery (SSRF) vulnerability in StylemixThemes Mot ...)
+ TODO: check
+CVE-2023-46201 (Cross-Site Request Forgery (CSRF) vulnerability in Jeff Sherk Auto Log ...)
+ TODO: check
+CVE-2023-41239 (Server-Side Request Forgery (SSRF) vulnerability in Blubrry PowerPress ...)
+ TODO: check
+CVE-2023-38515 (Server-Side Request Forgery (SSRF) vulnerability in Andy Moyle Church ...)
+ TODO: check
+CVE-2023-38364 (IBM CICS TX Advanced 10.1 is vulnerable to cross-site scripting. This ...)
+ TODO: check
+CVE-2023-38363 ([PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATF ...)
+ TODO: check
+CVE-2023-37978 (Server-Side Request Forgery (SSRF) vulnerability in Dimitar Ivanov HTT ...)
+ TODO: check
+CVE-2023-35041 (Cross-Site Request Forgery (CSRF) vulnerability leading to Local File ...)
+ TODO: check
+CVE-2023-34384 (Cross-Site Request Forgery (CSRF) vulnerability in Kebo Kebo Twitter F ...)
+ TODO: check
+CVE-2023-34378 (Cross-Site Request Forgery (CSRF) vulnerability in scriptburn.Com WP H ...)
+ TODO: check
+CVE-2023-34013 (Server-Side Request Forgery (SSRF) vulnerability in Poll Maker Team Po ...)
+ TODO: check
+CVE-2023-33207 (Cross-Site Request Forgery (CSRF) vulnerability in Krzysztof Wielog\xf ...)
+ TODO: check
+CVE-2023-32588 (Cross-Site Request Forgery (CSRF) vulnerability in BRANDbrilliance Pos ...)
+ TODO: check
+CVE-2023-32583 (Cross-Site Request Forgery (CSRF) vulnerability in Prashant Walke WP A ...)
+ TODO: check
CVE-2023-6084 (A vulnerability was found in Tongda OA 2017 up to 11.9 and classified ...)
NOT-FOR-US: Tongda OA
CVE-2023-47037 (We failed to applyCVE-2023-40611 in 2.7.1 and this vulnerability was m ...)
@@ -26034,8 +26096,8 @@ CVE-2023-31221 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-31220 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WP-EXPER ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-31219
- RESERVED
+CVE-2023-31219 (Server-Side Request Forgery (SSRF) vulnerability in WPChill Download M ...)
+ TODO: check
CVE-2023-31218 (Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripti ...)
NOT-FOR-US: WordPress plugin
CVE-2023-31217 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
@@ -31130,8 +31192,8 @@ CVE-2023-29427 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in TM
NOT-FOR-US: WordPress plugin
CVE-2023-29426 (Cross-Site Request Forgery (CSRF) vulnerability in Robert Schulz (sprd ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-29425
- RESERVED
+CVE-2023-29425 (Cross-Site Request Forgery (CSRF) vulnerability in plainware.Com Shift ...)
+ TODO: check
CVE-2023-29424 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Plai ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29423 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI W ...)
@@ -31867,8 +31929,8 @@ CVE-2023-29246 (An attacker who has gained access to an admin account can perfor
NOT-FOR-US: Apache OpenMeetings
CVE-2023-29239
RESERVED
-CVE-2023-29238
- RESERVED
+CVE-2023-29238 (Cross-Site Request Forgery (CSRF) vulnerability in Whydonate Whydonate ...)
+ TODO: check
CVE-2023-29237
RESERVED
CVE-2023-29236 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cththeme ...)
@@ -32730,8 +32792,8 @@ CVE-2023-28989 (Cross-Site Request Forgery (CSRF) vulnerability in weDevs Happy
NOT-FOR-US: WordPress plugin
CVE-2023-28988 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI W ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28987
- RESERVED
+CVE-2023-28987 (Cross-Site Request Forgery (CSRF) vulnerability in Wpmet Wp Ultimate R ...)
+ TODO: check
CVE-2023-28986 (Cross-Site Request Forgery (CSRF) vulnerability in wp.Insider, wpaffil ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28985 (An Improper Validation of Syntactic Correctness of Input vulnerability ...)
@@ -32972,8 +33034,8 @@ CVE-2023-28932 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-28931 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Neve ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28930
- RESERVED
+CVE-2023-28930 (Cross-Site Request Forgery (CSRF) vulnerability in Robin Phillips Mobi ...)
+ TODO: check
CVE-2023-28929 (Trend Micro Security 2021, 2022, and 2023 (Consumer) are vulnerable to ...)
NOT-FOR-US: Trend Micro
CVE-2023-28928
@@ -33848,12 +33910,12 @@ CVE-2023-28698 (Wade Graphic Design FANTSY has a vulnerability of insufficient a
NOT-FOR-US: Wade Graphic Design FANTSY
CVE-2023-28697 (Moxa MiiNePort E1 has a vulnerability of insufficient access control. ...)
NOT-FOR-US: Moxa
-CVE-2023-28696
- RESERVED
+CVE-2023-28696 (Cross-Site Request Forgery (CSRF) vulnerability in Harish Chouhan, The ...)
+ TODO: check
CVE-2023-28695 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Drew ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28694
- RESERVED
+CVE-2023-28694 (Cross-Site Request Forgery (CSRF) vulnerability in Wbcom Designs Wbcom ...)
+ TODO: check
CVE-2023-28693 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Balasahe ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28692 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kevo ...)
@@ -34083,8 +34145,8 @@ CVE-2023-28620 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-28619
RESERVED
-CVE-2023-28618
- RESERVED
+CVE-2023-28618 (Cross-Site Request Forgery (CSRF) vulnerability in Marios Alexandrou E ...)
+ TODO: check
CVE-2023-28391
RESERVED
CVE-2023-27927 (An authenticated malicious user could acquire the simple mail transfer ...)
@@ -34473,14 +34535,14 @@ CVE-2023-28500 (A Java insecure deserialization vulnerability in Adobe LiveCycle
NOT-FOR-US: Adobe
CVE-2023-28499 (Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in sim ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28498
- RESERVED
-CVE-2023-28497
- RESERVED
+CVE-2023-28498 (Cross-Site Request Forgery (CSRF) vulnerability in MotoPress Hotel Boo ...)
+ TODO: check
+CVE-2023-28497 (Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow ...)
+ TODO: check
CVE-2023-28496 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SMTP ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28495
- RESERVED
+CVE-2023-28495 (Cross-Site Request Forgery (CSRF) vulnerability in MyThemeShop WP Shor ...)
+ TODO: check
CVE-2023-28494
RESERVED
CVE-2023-28493 (Auth (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability ...)
@@ -34848,10 +34910,10 @@ CVE-2023-28422 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability i
NOT-FOR-US: WooCommerce plugin
CVE-2023-28421
RESERVED
-CVE-2023-28420
- RESERVED
-CVE-2023-28419
- RESERVED
+CVE-2023-28420 (Cross-Site Request Forgery (CSRF) vulnerability in Leo Caseiro Custom ...)
+ TODO: check
+CVE-2023-28419 (Cross-Site Request Forgery (CSRF) vulnerability in Stranger Studios Fo ...)
+ TODO: check
CVE-2023-28418 (Auth. (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability ...)
NOT-FOR-US: WordPress theme
CVE-2023-28417
@@ -35692,10 +35754,10 @@ CVE-2023-28175 (Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0,
NOT-FOR-US: Bosch
CVE-2023-28174 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in eLig ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-28173
- RESERVED
-CVE-2023-28172
- RESERVED
+CVE-2023-28173 (Cross-Site Request Forgery (CSRF) vulnerability in Amit Agarwal Google ...)
+ TODO: check
+CVE-2023-28172 (Cross-Site Request Forgery (CSRF) vulnerability in flippercode WordPre ...)
+ TODO: check
CVE-2023-28171 (Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in ...)
NOT-FOR-US: WordPress theme
CVE-2023-28170
@@ -35704,8 +35766,8 @@ CVE-2023-28169 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-28168
RESERVED
-CVE-2023-28167
- RESERVED
+CVE-2023-28167 (Cross-Site Request Forgery (CSRF) vulnerability in Vsourz Digital CF7 ...)
+ TODO: check
CVE-2023-28166 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Aakif Ka ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28165
@@ -35951,8 +36013,8 @@ CVE-2023-28136
RESERVED
CVE-2023-28135
RESERVED
-CVE-2023-28134
- RESERVED
+CVE-2023-28134 (Local attacker can escalate privileges on affected installations of Ch ...)
+ TODO: check
CVE-2023-28133 (Local privilege escalation in Check Point Endpoint Security Client (ve ...)
NOT-FOR-US: Check Point Endpoint Security Client
CVE-2023-28132
@@ -37501,8 +37563,8 @@ CVE-2023-27634 (Cross-Site Request Forgery (CSRF) vulnerability allows arbitrary
NOT-FOR-US: Shingo Intrepidity
CVE-2023-27633
RESERVED
-CVE-2023-27632
- RESERVED
+CVE-2023-27632 (Cross-Site Request Forgery (CSRF) vulnerability in mmrs151 Daily Praye ...)
+ TODO: check
CVE-2023-27631 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27630
@@ -37519,8 +37581,8 @@ CVE-2023-27625
RESERVED
CVE-2023-27624 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marc ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-27623
- RESERVED
+CVE-2023-27623 (Cross-Site Request Forgery (CSRF) vulnerability in Jens T\xf6rnell WP ...)
+ TODO: check
CVE-2023-27622 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Abel ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27621 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MrDe ...)
@@ -37543,8 +37605,8 @@ CVE-2023-27613 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Mo
NOT-FOR-US: WordPress plugin
CVE-2023-27612 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-27611
- RESERVED
+CVE-2023-27611 (Cross-Site Request Forgery (CSRF) vulnerability in audrasjb Reusable B ...)
+ TODO: check
CVE-2023-27610 (Auth. (admin+) SQL Injection (SQLi) vulnerability in TransbankDevelope ...)
NOT-FOR-US: TransbankDevelopers Transbank Webpay
CVE-2023-27609
@@ -38106,36 +38168,36 @@ CVE-2023-27447
RESERVED
CVE-2023-27446
RESERVED
-CVE-2023-27445
- RESERVED
+CVE-2023-27445 (Cross-Site Request Forgery (CSRF) vulnerability in Meril Inc. Blog Flo ...)
+ TODO: check
CVE-2023-27444
RESERVED
CVE-2023-27443 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27442
RESERVED
-CVE-2023-27441
- RESERVED
+CVE-2023-27441 (Cross-Site Request Forgery (CSRF) vulnerability in gl_SPICE New Adman ...)
+ TODO: check
CVE-2023-27440
RESERVED
CVE-2023-27439 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in gl_S ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-27438
- RESERVED
+CVE-2023-27438 (Cross-Site Request Forgery (CSRF) vulnerability in Evgen Yurchenko WP ...)
+ TODO: check
CVE-2023-27437
RESERVED
-CVE-2023-27436
- RESERVED
+CVE-2023-27436 (Cross-Site Request Forgery (CSRF) vulnerability in Louis Reingold Eleg ...)
+ TODO: check
CVE-2023-27435 (Cross-Site Request Forgery (CSRF) vulnerability in Sami Ahmed Siddiqui ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-27434
- RESERVED
+CVE-2023-27434 (Cross-Site Request Forgery (CSRF) vulnerability in WPGrim Classic Edit ...)
+ TODO: check
CVE-2023-27433 (Cross-Site Request Forgery (CSRF) vulnerability in YAS Global Team Mak ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27432 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WpSimple ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-27431
- RESERVED
+CVE-2023-27431 (Cross-Site Request Forgery (CSRF) vulnerability in ThemeHunk Big Store ...)
+ TODO: check
CVE-2023-27430 (Cross-Site Request Forgery (CSRF) vulnerability in Ramon Fincken Mass ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27429 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Auto ...)
@@ -38160,10 +38222,10 @@ CVE-2023-27420 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ev
NOT-FOR-US: WordPress theme
CVE-2023-27419 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest ...)
NOT-FOR-US: WordPress theme
-CVE-2023-27418
- RESERVED
-CVE-2023-27417
- RESERVED
+CVE-2023-27418 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Side Me ...)
+ TODO: check
+CVE-2023-27417 (Cross-Site Request Forgery (CSRF) vulnerability in Timo Reith Affiliat ...)
+ TODO: check
CVE-2023-27416 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Deco ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27415 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Them ...)
@@ -40354,8 +40416,8 @@ CVE-2023-1026 (The WP Meta SEO plugin for WordPress is vulnerable to unauthorize
NOT-FOR-US: WP Meta SEO plugin for WordPress
CVE-2019-25105 (A vulnerability, which was classified as problematic, was found in dro ...)
NOT-FOR-US: dro.pm
-CVE-2023-26543
- RESERVED
+CVE-2023-26543 (Cross-Site Request Forgery (CSRF) vulnerability in Aleksandr Guidrevit ...)
+ TODO: check
CVE-2023-26542
RESERVED
CVE-2023-26541 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex ...)
@@ -40378,8 +40440,8 @@ CVE-2023-26533
RESERVED
CVE-2023-26532
RESERVED
-CVE-2023-26531
- RESERVED
+CVE-2023-26531 (Cross-Site Request Forgery (CSRF) vulnerability in \u95ea\u7535\u535a ...)
+ TODO: check
CVE-2023-26530 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Paul Keh ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26529 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Dupe ...)
@@ -40392,8 +40454,8 @@ CVE-2023-26526
RESERVED
CVE-2023-26525
RESERVED
-CVE-2023-26524
- RESERVED
+CVE-2023-26524 (Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz An ...)
+ TODO: check
CVE-2023-26523
RESERVED
CVE-2023-26522
@@ -40404,16 +40466,16 @@ CVE-2023-26520
RESERVED
CVE-2023-26519 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-26518
- RESERVED
+CVE-2023-26518 (Cross-Site Request Forgery (CSRF) vulnerability in AccessPress Themes ...)
+ TODO: check
CVE-2023-26517 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jeff ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-26516
- RESERVED
+CVE-2023-26516 (Cross-Site Request Forgery (CSRF) vulnerability in WPIndeed Debug Assi ...)
+ TODO: check
CVE-2023-26515 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ko T ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-26514
- RESERVED
+CVE-2023-26514 (Cross-Site Request Forgery (CSRF) vulnerability in WPGrim Dynamic XML ...)
+ TODO: check
CVE-2023-26513 (Excessive Iteration vulnerability in Apache Software Foundation Apache ...)
NOT-FOR-US: Apache Sling
CVE-2023-26512 (CWE-502 Deserialization of Untrusted Dataat therabbitmq-connector plug ...)
@@ -48694,8 +48756,8 @@ CVE-2023-23802 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT
NOT-FOR-US: WordPress plugin
CVE-2023-23801 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Really Si ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23800
- RESERVED
+CVE-2023-23800 (Server-Side Request Forgery (SSRF) vulnerability in Vova Anokhin WP Sh ...)
+ TODO: check
CVE-2023-23799 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Leon ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23798 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
@@ -49129,8 +49191,8 @@ CVE-2023-23686 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabi
NOT-FOR-US: WordPress plugin
CVE-2023-23685 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23684
- RESERVED
+CVE-2023-23684 (Server-Side Request Forgery (SSRF) vulnerability in WPGraphQL.This iss ...)
+ TODO: check
CVE-2023-23683 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ozan ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23682 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Snap ...)
@@ -62561,8 +62623,8 @@ CVE-2022-45837 (Reflected Cross-Site Scripting (XSS) vulnerability in Denis \u5f
NOT-FOR-US: WordPress plugin
CVE-2022-45836 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in W3 Eden, ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-45835
- RESERVED
+CVE-2022-45835 (Server-Side Request Forgery (SSRF) vulnerability in PhonePe PhonePe Pa ...)
+ TODO: check
CVE-2022-45834
RESERVED
CVE-2022-45833 (Auth. Path Traversal vulnerability in Easy WP SMTP plugin <= 1.5.1 on ...)
@@ -125849,6 +125911,7 @@ CVE-2022-24601 (Luocms v2.0 is affected by SQL Injection in /admin/manager/admin
CVE-2022-24600 (Luocms v2.0 is affected by SQL Injection through /admin/login.php. An ...)
NOT-FOR-US: Luocms
CVE-2022-24599 (In autofile Audio File Library 0.3.6, there exists one memory leak vul ...)
+ {DLA-3650-1}
- audiofile <unfixed> (bug #1008017)
[bookworm] - audiofile <no-dsa> (Minor issue)
[bullseye] - audiofile <no-dsa> (Minor issue)
@@ -309078,6 +309141,7 @@ CVE-2019-13149 (An issue was discovered in TRENDnet TEW-827DRU firmware before 2
CVE-2019-13148 (An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11 ...)
NOT-FOR-US: TRENDnet TEW-827DRU firmware
CVE-2019-13147 (In Audio File Library (aka audiofile) 0.3.6, there exists one NULL poi ...)
+ {DLA-3650-1}
- audiofile <unfixed> (low; bug #931343)
[bookworm] - audiofile <no-dsa> (Minor issue)
[bullseye] - audiofile <ignored> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/238e87a2a47189b4c8190d516d66d8ebfb3a4735
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/238e87a2a47189b4c8190d516d66d8ebfb3a4735
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231113/38c68cb6/attachment.htm>
More information about the debian-security-tracker-commits
mailing list