[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Feb 6 13:45:59 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
af15616e by Salvatore Bonaccorso at 2024-02-06T14:45:29+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -175,65 +175,65 @@ CVE-2024-0221 (The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery p
CVE-2024-0202 (A security vulnerability has been identified in the cryptlib cryptogra ...)
TODO: check
CVE-2023-7029 (The WordPress Button Plugin MaxButtons plugin for WordPress is vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-7014 (The Author Box, Guest Author and Co-Authors for Your Posts \u2013 Molo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6996 (The Display custom fields in the frontend \u2013 Post and User Profile ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6989 (The Shield Security \u2013 Smart Bot Blocking & Intrusion Prevention S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6985 (The 10Web AI Assistant \u2013 AI content writing assistant plugin for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6983 (The Display custom fields in the frontend \u2013 Post and User Profile ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6982 (The Display custom fields in the frontend \u2013 Post and User Profile ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6963 (The Getwid \u2013 Gutenberg Blocks plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6959 (The Getwid \u2013 Gutenberg Blocks plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6953 (The PDF Generator For Fluent Forms \u2013 The Contact Form Plugin plug ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6933 (The Better Search Replace plugin for WordPress is vulnerable to PHP Ob ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6925 (The Unlimited Addons for WPBakery Page Builder plugin for WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6884 (This plugin for WordPress is vulnerable to Stored Cross-Site Scripting ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6846 (The File Manager Pro plugin for WordPress is vulnerable to Arbitrary F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6808 (The Booking for Appointments and Events Calendar \u2013 Amelia plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6807 (The GeneratePress Premium plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6701 (The Advanced Custom Fields (ACF) plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6700 (The Cookie Information | Free GDPR Consent Solution plugin for WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6635 (The EditorsKit plugin for WordPress is vulnerable to arbitrary file up ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6557 (The The Events Calendar plugin for WordPress is vulnerable to Sensitiv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6526 (The Meta Box \u2013 WordPress Custom Fields Framework plugin for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6234 (Buffer overflow in CPCA Color LUT Resource Download process of Office ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-6233 (Buffer overflow in SLP attribute request process of Office Multifuncti ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-6232 (Buffer overflow in the Address Book username process in authentication ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-6231 (Buffer overflow in WSD probe request process of Office Multifunction P ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-6230 (Buffer overflow in the Address Book password process in authentication ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-6229 (Buffer overflow in CPCA PDL Resource Download process of Office Multif ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-52239 (The XML parser in Magic xpi Integration Platform 4.13.4 allows XXE att ...)
- TODO: check
+ NOT-FOR-US: Magic xpi Integration Platform
CVE-2023-51951 (SQL Injection vulnerability in Stock Management System 1.0 allows a re ...)
- TODO: check
+ NOT-FOR-US: Stock Management System
CVE-2023-4637 (The WPvivid plugin for WordPress is vulnerable to unauthorized access ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47889 (The Android application BINHDRM26 com.bdrm.superreboot 1.0.3, exposes ...)
TODO: check
CVE-2023-47354 (An issue in the PowerOffWidgetReceiver function of Super Reboot (Root) ...)
@@ -243,71 +243,71 @@ CVE-2023-47353 (An issue in the com.oneed.dvr.service.DownloadFirmwareService co
CVE-2023-47022 (An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to e ...)
TODO: check
CVE-2023-46360 (Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier is vulnerable ...)
- TODO: check
+ NOT-FOR-US: Hardy Barth cPH2 eCharge Ladestation
CVE-2023-46359 (An OS command injection vulnerability in Hardy Barth cPH2 eCharge Lade ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-43536 (Transient DOS while parse fils IE with length equal to 1.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43535 (Memory corruption when negative display IDs are sent as input while pr ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43534 (Memory corruption while validating the TID to Link Mapping action requ ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43533 (Transient DOS in WLAN Firmware when the length of received beacon is l ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43532 (Memory corruption while reading ACPI config through the user mode app.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43523 (Transient DOS while processing 11AZ RTT management action frame receiv ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43522 (Transient DOS while key unwrapping process, when the given encrypted k ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43520 (Memory corruption when AP includes TID to link mapping IE in the beaco ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43519 (Memory corruption in video while parsing the Videoinfo, when the size ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43518 (Memory corruption in video while parsing invalid mp2 clip.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43517 (Memory corruption in Automotive Multimedia due to improper access cont ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43516 (Memory corruption when malformed message payload is received from firm ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43513 (Memory corruption while processing the event ring, the context read po ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-34042 (The spring-security.xsd file inside the spring-security-config jar is ...)
TODO: check
CVE-2023-33077 (Memory corruption in HLOS while converting from authorization token to ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33076 (Memory corruption in Core when updating rollback version for TA and OT ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33072 (Memory corruption in Core while processing control functions.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33069 (Memory corruption in Audio while processing the calibration data retur ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33068 (Memory corruption in Audio while processing IIR config data from AFE c ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33067 (Memory corruption in Audio while calling START command on host voice P ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33065 (Information disclosure in Audio while accessing AVCS services from ADS ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33064 (Transient DOS in Audio when invoking callback function of ASM driver.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33060 (Transient DOS in Core when DDR memory check is called while DDR is not ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33058 (Information disclosure in Modem while processing SIB5.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33057 (Transient DOS in Multi-Mode Call Processor while processing UE policy ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33049 (Transient DOS in Multi-Mode Call Processor due to UE failure because o ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33046 (Memory corruption in Trusted Execution Environment while deinitializin ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-32479 (Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Sec ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-32474 (Dell Display Manager application, version 2.1.1.17 and prior, contain ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-32454 (DUP framework version 4.9.4.36 and prior contains insecure operation o ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-32451 (Dell Display Manager application, version 2.1.1.17, contains a vulnera ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-24768 (1Panel is an open source Linux server operation and maintenance manage ...)
NOT-FOR-US: 1Panel
CVE-2024-24762 (FastAPI is a web framework for building APIs with Python 3.8+ based on ...)
@@ -52403,7 +52403,7 @@ CVE-2023-28065 (Dell Command | Update, Dell Update, and Alienware Update version
CVE-2023-28064 (Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenti ...)
NOT-FOR-US: Dell
CVE-2023-28063 (Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-28062 (Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access ...)
NOT-FOR-US: Dell
CVE-2023-28061 (Dell BIOS contains an improper input validation vulnerability. A local ...)
@@ -52431,7 +52431,7 @@ CVE-2023-28051 (Dell Power Manager, versions 3.10 and prior, contains an Imprope
CVE-2023-28050 (Dell BIOS contains an improper input validation vulnerability. A local ...)
NOT-FOR-US: Dell
CVE-2023-28049 (Dell Command | Monitor, versions prior to 10.9, contain an arbitrary f ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-28048
RESERVED
CVE-2023-28047 (Dell Display Manager, versions 2.1.0 and prior, contains an arbitrary ...)
@@ -54753,7 +54753,7 @@ CVE-2023-27320 (Sudo before 1.9.13p2 has a double free in the per-command chroot
CVE-2023-27319 (ONTAP Mediator versions prior to 1.7 are susceptible to a vulnerabili ...)
NOT-FOR-US: NetApp
CVE-2023-27318 (StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 1 ...)
- TODO: check
+ NOT-FOR-US: StorageGRID
CVE-2023-27317 (ONTAP 9 versions 9.12.1P8, 9.13.1P4, and 9.13.1P5 are susceptible to a ...)
NOT-FOR-US: ONTAP
CVE-2023-27316 (SnapCenter versions 4.8 through 4.9 are susceptible to a vulnerabilit ...)
@@ -59976,7 +59976,7 @@ CVE-2023-25547 (A CWE-863: Incorrect Authorization vulnerability exists that cou
CVE-2023-25544 (Dell NetWorker versions 19.5 and earlier contain 'Apache Tomcat' versi ...)
NOT-FOR-US: Dell
CVE-2023-25543 (Dell Power Manager, versions prior to 3.14, contain an Improper Author ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-25542 (Dell Trusted Device Agent, versions prior to 5.3.0, contain(s) an impr ...)
NOT-FOR-US: Dell
CVE-2023-25541
@@ -68452,11 +68452,11 @@ CVE-2023-22821
CVE-2023-22820
RESERVED
CVE-2023-22819 (An uncontrolled resource consumption vulnerability issue that could ar ...)
- TODO: check
+ NOT-FOR-US: Western Digital
CVE-2023-22818 (Multiple DLL Search Order Hijack vulnerabilities were addressed in the ...)
NOT-FOR-US: SanDisk Security Installer for Windows
CVE-2023-22817 (Server-side request forgery (SSRF) vulnerability that could allow a ro ...)
- TODO: check
+ NOT-FOR-US: Western Digital
CVE-2023-22816 (A post-authentication remote command injection vulnerability in a CGI ...)
NOT-FOR-US: Western Digital
CVE-2023-22815 (Post-authentication remote command injection vulnerability in Western ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af15616e60fa94e77cd63c98fb88cb7e25885b54
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af15616e60fa94e77cd63c98fb88cb7e25885b54
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240206/bbbbb86c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list