[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Oct 31 20:26:41 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ae1ac650 by Salvatore Bonaccorso at 2023-10-31T21:24:08+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,65 +1,65 @@
CVE-2023-5873 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimco ...)
- TODO: check
+ NOT-FOR-US: Pimcore
CVE-2023-5739 (Certain versions of HP PC Hardware Diagnostics Windows are potentially ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2023-5519 (The EventPrime WordPress plugin before 3.2.0 does not have CSRF checks ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5464 (The Jquery accordion slideshow plugin for WordPress is vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5458 (The CITS Support svg, webp Media and TTF,OTF File Upload WordPress plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5439 (The Wp photo text slider 50 plugin for WordPress is vulnerable to SQL ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5438 (The wp image slideshow plugin for WordPress is vulnerable to SQL Injec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5437 (The WP fade in text news plugin for WordPress is vulnerable to SQL Inj ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5436 (The Vertical marquee plugin for WordPress is vulnerable to SQL Injecti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5435 (The Up down image slideshow gallery plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5434 (The Superb slideshow gallery plugin for WordPress is vulnerable to SQL ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5433 (The Message ticker plugin for WordPress is vulnerable to SQL Injection ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5431 (The Left right image slideshow gallery plugin for WordPress is vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5430 (The Jquery news ticker plugin for WordPress is vulnerable to SQL Injec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5429 (The Information Reel plugin for WordPress is vulnerable to SQL Injecti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5428 (The Image vertical reel scroll slideshow plugin for WordPress is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5412 (The Image horizontal reel scroll slideshow plugin for WordPress is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5360 (The Royal Elementor Addons and Templates WordPress plugin before 1.3.7 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5307 (The Photos and Files Contest Gallery WordPress plugin before 21.2.8.1 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5243 (The Login Screen Manager WordPress plugin through 3.5.2 does not sanit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5238 (The EventPrime WordPress plugin before 3.2.0 does not sanitise and esc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5237 (The Memberlite Shortcodes WordPress plugin before 1.3.9 does not valid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5229 (The E2Pdf WordPress plugin before 1.20.20 does not sanitize and escape ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5211 (The Fattura24 WordPress plugin before 6.2.8 does not sanitize or escap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5116 (The Live updates from Excel plugin for WordPress is vulnerable to Stor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5114 (The idbbee plugin for WordPress is vulnerable to Stored Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5099 (The HTML filter and csv-file search plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5098 (The Campaign Monitor Forms by Optin Cat WordPress plugin before 2.5.6 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5073 (The iframe forms plugin for WordPress is vulnerable to Stored Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4836 (The WordPress File Sharing Plugin WordPress plugin before 2.0.5 does n ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4823 (The WP Meta and Date Remover WordPress plugin before 2.2.0 provides an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4390 (The Popup box WordPress plugin before 3.7.2 does not sanitize and esca ...)
TODO: check
CVE-2023-4251 (The EventPrime WordPress plugin before 3.2.0 does not have CSRF checks ...)
@@ -67,31 +67,31 @@ CVE-2023-4251 (The EventPrime WordPress plugin before 3.2.0 does not have CSRF c
CVE-2023-4250 (The EventPrime WordPress plugin before 3.2.0 does not sanitise and esc ...)
TODO: check
CVE-2023-46993 (In TOTOLINK A3300R V17.0.0cu.557_B20221024 when dealing with setLedCfg ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2023-46992 (TOTOLINK A3300R V17.0.0cu.557_B20221024 is vulnerable to Incorrect Acc ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2023-46979 (TOTOLINK X6000R V9.4.0cu.852_B20230719 was discovered to contain a com ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2023-46978 (TOTOLINK X6000R V9.4.0cu.852_B20230719 is vulnerable to Incorrect Acce ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2023-46977 (TOTOLINK LR1200GB V9.1.0u.6619_B20230130 was discovered to contain a s ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2023-46976 (TOTOLINK A3300R 17.0.0cu.557_B20221024 contains a command injection vi ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2023-46723 (lte-pic32-writer is a writer for PIC32 devices. In versions 0.0.1 and ...)
TODO: check
CVE-2023-46722 (The Pimcore Admin Classic Bundle provides a backend UI for Pimcore. Pr ...)
- TODO: check
+ NOT-FOR-US: Pimcore Admin Classic Bundle
CVE-2023-46622 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ollybach ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46313 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Katie Se ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46312 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Zaytech ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46256 (PX4-Autopilot provides PX4 flight control solution for drones. In vers ...)
- TODO: check
+ NOT-FOR-US: PX4-Autopilot
CVE-2023-46255 (SpiceDB is an open source, Google Zanzibar-inspired database for creat ...)
- TODO: check
+ NOT-FOR-US: SpiceDB
CVE-2023-46250 (pypdf is a free and open-source pure-python PDF library. An attacker w ...)
TODO: check
CVE-2023-46249 (authentik is an open-source Identity Provider. Prior to versions 2023. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae1ac65074a276c761eea9d7691d2ebd59d05481
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae1ac65074a276c761eea9d7691d2ebd59d05481
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231031/d15dae0d/attachment.htm>
More information about the debian-security-tracker-commits
mailing list