[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Nov 22 20:33:11 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e8431998 by Salvatore Bonaccorso at 2023-11-22T21:32:42+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,109 +1,109 @@
CVE-2023-6265 (Draytek Vigor2960 v1.5.1.4 and v1.5.1.5 are vulnerable to directory tr ...)
- TODO: check
+ NOT-FOR-US: Draytek Vigor2960
CVE-2023-6264 (Information leak in Content-Security-Policy header in Devolutions Serv ...)
- TODO: check
+ NOT-FOR-US: Devolutions Server
CVE-2023-6263 (An issue was discovered in Network Optix NxCloud before 23.1.0.40440.I ...)
- TODO: check
+ NOT-FOR-US: Network Optix NxCloud
CVE-2023-6253 (A saved encryption key in the Uninstaller in Digital Guardian's Agent ...)
- TODO: check
+ NOT-FOR-US: Digital Guardian's Agent
CVE-2023-6252 (Path traversal vulnerability in Chalemelon Power framework, affecting ...)
- TODO: check
+ NOT-FOR-US: Chalemelon Power framework
CVE-2023-6189 (Missing access permissions checks inthe M-Files serverbefore 23.11.1 ...)
- TODO: check
+ NOT-FOR-US: M-Files
CVE-2023-6164 (The MainWP Dashboard \u2013 WordPress Manager for Multiple Websites M ...)
TODO: check
CVE-2023-6160 (The LifterLMS \u2013 WordPress LMS Plugin for eLearning plugin for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6157 (Improper neutralization of livestatus command delimiters in ajax_searc ...)
- check-mk <removed>
CVE-2023-6156 (Improper neutralization of livestatus command delimiters in the availa ...)
- check-mk <removed>
CVE-2023-6117 (A possibility of unwanted server memory consumption was detected throu ...)
- TODO: check
+ NOT-FOR-US: M-Files
CVE-2023-6011 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: DECE Software Geodi
CVE-2023-6009 (The UserPro plugin for WordPress is vulnerable to privilege escalation ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6008 (The UserPro plugin for WordPress is vulnerable to Cross-Site Request F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6007 (The UserPro plugin for WordPress is vulnerable to unauthorized access ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5983 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Botanik Software Pharmacy Automation
CVE-2023-5921 (Improper Enforcement of Behavioral Workflow vulnerability in DECE Soft ...)
- TODO: check
+ NOT-FOR-US: DECE Software Geodi
CVE-2023-5822 (The Drag and Drop Multiple File Upload - Contact Form 7 plugin for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5815 (The News & Blog Designer Pack \u2013 WordPress Blog Plugin \u2014 (Blo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5742 (The EasyRotator for WordPress plugin for WordPress is vulnerable to St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5715 (The Website Optimization \u2013 Plerdy plugin for WordPress is vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5708 (The WP Post Columns plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5706 (The VK Blocks plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5704 (The CPO Shortcodes plugin for WordPress is vulnerable to Stored Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5667 (The Tab Ultimate plugin for WordPress is vulnerable to Stored Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5664 (The Garden Gnome Package plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5662 (The Sponsors plugin for WordPress is vulnerable to Stored Cross-Site S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5537 (The Delete Usermeta plugin for WordPress is vulnerable to Cross-Site R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5469 (The Drop Shadow Boxes plugin for WordPress is vulnerable to Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5466 (The Wp anything slider plugin for WordPress is vulnerable to SQL Injec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5465 (The Popup with fancybox plugin for WordPress is vulnerable to SQL Inje ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5419 (The Funnelforms Free plugin for WordPress is vulnerable to unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5417 (The Funnelforms Free plugin for WordPress is vulnerable to unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5416 (The Funnelforms Free plugin for WordPress is vulnerable to unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5415 (The Funnelforms Free plugin for WordPress is vulnerable to unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5411 (The Funnelforms Free plugin for WordPress is vulnerable to unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5387 (The Funnelforms Free plugin for WordPress is vulnerable to unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5386 (The Funnelforms Free plugin for WordPress is vulnerable to unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5385 (The Funnelforms Free plugin for WordPress is vulnerable to unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5383 (The Funnelforms Free plugin for WordPress is vulnerable to Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5382 (The Funnelforms Free plugin for WordPress is vulnerable to Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5338 (The Theme Blvd Shortcodes plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5314 (The WP EXtra plugin for WordPress is vulnerable to unauthorized access ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5234 (The Related Products for WooCommerce plugin for WordPress is vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5163 (The Weather Atlas Widget plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5128 (The TCD Google Maps plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5096 (The HTML filter and csv-file search plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5048 (The WDContactFormBuilder plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5047 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: DRD Fleet Leasing DRDrive
CVE-2023-4726 (The Ultimate Dashboard plugin for WordPress is vulnerable to Stored Cr ...)
TODO: check
CVE-2023-4686 (The WP Customer Reviews plugin for WordPress is vulnerable to Sensitiv ...)
TODO: check
CVE-2023-48705 (Nautobot is a Network Source of Truth and Network Automation Platform ...)
- TODO: check
+ NOT-FOR-US: Nautobot
CVE-2023-48646 (Zoho ManageEngine RecoveryManager Plus before 6070 allows admin users ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2023-48106 (Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an ...)
TODO: check
CVE-2023-47825 (Cross-Site Request Forgery (CSRF) vulnerability in TienCOP WP EXtra pl ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e843199815a3179f06a5e13e5e27134db4766e63
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e843199815a3179f06a5e13e5e27134db4766e63
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231122/a6a3373b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list