[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Oct 24 21:23:49 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e0ecbbf2 by Salvatore Bonaccorso at 2023-10-24T22:22:59+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,129 +1,129 @@
CVE-2023-5753 (Potential buffer overflows in the Bluetooth subsystem due to asserts b ...)
- TODO: check
+ NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr)
CVE-2023-5748 (Buffer copy without checking size of input ('Classic Buffer Overflow') ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2023-5745 (The Reusable Text Blocks plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5744 (The Very Simple Google Maps plugin for WordPress is vulnerable to Stor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5740 (The Live Chat with Facebook Messenger plugin for WordPress is vulnerab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5127 (The WP Font Awesome plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5126 (The Delete Me plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5110 (The BSK PDF Manager plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5085 (The Advanced Menu Widget plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46373 (TP-Link TL-WDR7660 2.0.30 has a stack overflow vulnerability via the f ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2023-46371 (TP-Link device TL-WDR7660 2.0.30 has a stack overflow vulnerability vi ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2023-46370 (Tenda W18E V16.01.0.8(1576) has a command injection vulnerability via ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-46369 (Tenda W18E V16.01.0.8(1576) contains a stack overflow vulnerability vi ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-46204 (Cross-Site Request Forgery (CSRF) vulnerability in Muller Digital Inc. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46202 (Cross-Site Request Forgery (CSRF) vulnerability in Jeff Sherk Auto Log ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46198 (Cross-Site Request Forgery (CSRF) vulnerability in Scientech It Soluti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46193 (Cross-Site Request Forgery (CSRF) vulnerability in Internet Marketing ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46191 (Cross-Site Request Forgery (CSRF) vulnerability in Niels van Renselaar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46190 (Cross-Site Request Forgery (CSRF) vulnerability in Novo-media Novo-Map ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46189 (Cross-Site Request Forgery (CSRF) vulnerability in Simple Calendar \u2 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46152 (Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF \u2 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46151 (Cross-Site Request Forgery (CSRF) vulnerability in AWESOME TOGI Produc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46150 (Cross-Site Request Forgery (CSRF) vulnerability in WP Military WP Radi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46128 (Nautobot is a Network Automation Platform built as a web application a ...)
- TODO: check
+ NOT-FOR-US: Nautobot
CVE-2023-46071 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ClickDat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46070 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Emmanuel ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46069 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46068 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in XQue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46010 (An issue in SeaCMS v.12.9 allows an attacker to execute arbitrary comm ...)
- TODO: check
+ NOT-FOR-US: SeaCMS
CVE-2023-45960 (An issue in dom4.j org.dom4.io.SAXReader v.2.1.4 and before allows a r ...)
TODO: check
CVE-2023-45837 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in XYDAC Ul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45835 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Libsyn L ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45833 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Lead ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45832 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mart ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45829 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45772 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Scribit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45770 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Fastwpsp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45769 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Alex Rav ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45768 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Step ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45767 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Woka ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45764 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45761 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Joovii S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45759 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Peter Ke ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45758 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45756 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Spider T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45755 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Budd ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45754 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in I Th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45750 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in POSIMYTH ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45747 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Syed ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45646 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45644 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Anur ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45640 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45637 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in EventPri ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45634 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Biztechc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-43510 (A vulnerability in the ClearPass Policy Manager web-basedmanagement in ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-43509 (A vulnerability in the web-based management interface ofClearPass Poli ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-43508 (Vulnerabilities in the web-based management interface ofClearPass Poli ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-43507 (A vulnerability in the web-based management interface ofClearPass Poli ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-43506 (A vulnerability in the ClearPass OnGuard Linux agent couldallow malici ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-42031 (IBM TXSeries for Multiplatforms, 8.1, 8.2, and 9.1, CICS TX Standard C ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-39924 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mitc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39619 (ReDos in NPMJS Node Email Check v.1.0.4 allows an attacker to cause a ...)
TODO: check
CVE-2023-39231 (PingFederate using the PingOne MFA adapter allows a new MFA device to ...)
- TODO: check
+ NOT-FOR-US: PingFederate
CVE-2023-5732 (An attacker could have created a malicious link using bidirectional ch ...)
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-46/#CVE-2023-5732
@@ -41921,7 +41921,7 @@ CVE-2023-25034 (Cross-Site Request Forgery (CSRF) vulnerability in BoLiQuan WP C
CVE-2023-25033 (Cross-Site Request Forgery (CSRF) vulnerability in Sumo Social Share B ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25032 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Prin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25031 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kibo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25030
@@ -66987,7 +66987,7 @@ CVE-2023-20275
CVE-2023-20274
RESERVED
CVE-2023-20273 (A vulnerability in the web UI feature of Cisco IOS XE Software could a ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20272
RESERVED
CVE-2023-20271
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0ecbbf213a3f47bec5aff23fbb63a272f01f81c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0ecbbf213a3f47bec5aff23fbb63a272f01f81c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231024/a6833b62/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list