[Git][security-tracker-team/security-tracker][master] Process some new NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Nov 27 20:38:20 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e9b9abcf by Salvatore Bonaccorso at 2023-11-27T21:37:51+01:00
Process some new NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,55 +1,56 @@
CVE-2023-6329 ([PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATF ...)
- TODO: check
+ NOT-FOR-US: Control iD iDSecure
CVE-2023-6287 (Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before ...)
TODO: check
CVE-2023-6254 (A Vulnerability in OTRS AgentInterface and ExternalInterface allows th ...)
- TODO: check
+ NOT-FOR-US: OTRS
+ NOTE: Issue is listed as specific to 8.x, so won't affect Znuny which forked from 6.x
CVE-2023-6202 (Mattermost fails to perform proper authorization in the /plugins/focal ...)
TODO: check
CVE-2023-5974 (The WPB Show Core WordPress plugin through 2.2 is vulnerable to server ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5958 (The POST SMTP Mailer WordPress plugin before 2.7.1 does not escape ema ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5942 (The Medialist WordPress plugin before 1.4.1 does not validate and esca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5906 (The Job Manager & Career WordPress plugin before 1.4.4 contains a vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5845 (The Simple Social Media Share Buttons WordPress plugin before 5.1.1 le ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5738 (The WordPress Backup & Migration WordPress plugin before 1.4.4 does no ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5737 (The WordPress Backup & Migration WordPress plugin before 1.4.4 does no ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5653 (The WassUp Real Time Analytics WordPress plugin through 1.9.4.5 does n ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5641 (The Martins Free & Easy SEO BackLink Link Building Network WordPress p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5620 (The Web Push Notifications WordPress plugin before 4.35.0 does not pre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5611 (The Seraphinite Accelerator WordPress plugin before 2.20.32 does not h ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5607 (An improper limitation of a path name to a restricted directory (path ...)
- TODO: check
+ NOT-FOR-US: Trellix
CVE-2023-5604 (The Asgaros Forum WordPress plugin before 2.7.1 allows forum administr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5560 (The WP-UserOnline WordPress plugin before 2.88.3 does not sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5559 (The 10Web Booster WordPress plugin before 2.24.18 does not validate th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5525 (The Limit Login Attempts Reloaded WordPress plugin before 2.25.26 is m ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5325 (The Woocommerce Vietnam Checkout WordPress plugin before 2.0.6 does no ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5239 (The Security & Malware scan by CleanTalk WordPress plugin before 2.121 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5209 (The WordPress Online Booking and Scheduling Plugin WordPress plugin be ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4931 (Uncontrolled search path element vulnerability in Plesk Installer affe ...)
- TODO: check
+ NOT-FOR-US: Plesk Installer
CVE-2023-4922 (The WPB Show Core WordPress plugin through 2.2 is vulnerable to a loca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4642 (The kk Star Ratings WordPress plugin before 5.4.6 does not implement a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4590 (Buffer overflow vulnerability in Frhed hex editor, affecting version 1 ...)
TODO: check
CVE-2023-4514 (The Mmm Simple File List WordPress plugin through 2.3 does not validat ...)
@@ -61,15 +62,15 @@ CVE-2023-4252 (The EventPrime WordPress plugin through 3.2.9 specifies the price
CVE-2023-49316 (In Math/BinaryField.php in phpseclib before 3.0.34, excessively large ...)
TODO: check
CVE-2023-49047 (Tenda AX1803 v1.0.0.1 contains a stack overflow via the devName parame ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-49046 (Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-49043 (Buffer Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remot ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-49042 (Heap Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-49040 (An issue in Tneda AX1803 v.1.0.0.1 allows a remote attacker to execute ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-49029 (Cross Site Scripting vulnerability in smpn1smg absis v.2017-10-19 and ...)
TODO: check
CVE-2023-49028 (Cross Site Scripting vulnerability in smpn1smg absis v.2017-10-19 and ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e9b9abcf554994458336972143aa2de36d48370c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e9b9abcf554994458336972143aa2de36d48370c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231127/61133012/attachment.htm>
More information about the debian-security-tracker-commits
mailing list