Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
93eb48bb by Moritz Muehlenhoff at 2023-07-18T13:25:53+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -55,7 +55,7 @@ CVE-2023-3179 (The POST SMTP Mailer WordPress plugin before
2.5.7 does not have
CVE-2023-3041 (The Autochat Automatic Conversation WordPress plugin through
1.1.7 doe ...)
NOT-FOR-US: WordPress plugin
CVE-2023-38434 (xHTTP 72f812d has a double free in close_connection in xhttp.c
via a m ...)
- TODO: check
+ NOT-FOR-US: xHTTP
CVE-2023-38432 (An issue was discovered in the Linux kernel before 6.3.10.
fs/smb/serv ...)
- linux 6.3.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -119,29 +119,29 @@ CVE-2023-37770 (faust commit ee39a19 was discovered to
contain a stack overflow
CVE-2023-37769 (stress-test master commit e4c878 was discovered to contain a
FPE vulne ...)
TODO: check
CVE-2023-37479 (Open Enclave is a hardware-agnostic open source library for
developing ...)
- TODO: check
+ NOT-FOR-US: Open Enclave
CVE-2023-37476 (OpenRefine is a free, open source tool for data processing. A
carefull ...)
TODO: check
CVE-2023-37475 (Hamba avro is a go lang encoder/decoder implementation of the
avro cod ...)
- TODO: check
+ NOT-FOR-US: Hamba avro
CVE-2023-37461 (Metersphere is an opensource testing framework. Files uploaded
to Mete ...)
- TODO: check
+ NOT-FOR-US: Metersphere
CVE-2023-37266 (CasaOS is an open-source Personal Cloud system.
Unauthenticated attack ...)
- TODO: check
+ NOT-FOR-US: CasaOS
CVE-2023-37265 (CasaOS is an open-source Personal Cloud system. Due to a lack
of IP ad ...)
- TODO: check
+ NOT-FOR-US: CasaOS
CVE-2023-36656 (Cross Site Scripting (XSS) vulnerability in Jaegertracing
Jaeger UI be ...)
- TODO: check
+ NOT-FOR-US: Jaegertracing UI
CVE-2023-36514 (Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce
Shippin ...)
- TODO: check
+ NOT-FOR-US: WooCommerce plugin
CVE-2023-36513 (Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce
Automat ...)
- TODO: check
+ NOT-FOR-US: WooCommerce plugin
CVE-2023-36511 (Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce
WooComm ...)
- TODO: check
+ NOT-FOR-US: WooCommerce plugin
CVE-2023-35880 (Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce
WooComm ...)
- TODO: check
+ NOT-FOR-US: WooCommerce plugin
CVE-2023-35818 (An issue was discovered on Espressif ESP32 3.0 (ESP32_rev300
ROM) devi ...)
- TODO: check
+ NOT-FOR-US: Expressif
CVE-2023-35096 (Cross-Site Request Forgery (CSRF) vulnerability in myCred
plugin <=2.5 ...)
NOT-FOR-US: WordPress plugin
CVE-2023-35089 (Cross-Site Request Forgery (CSRF) vulnerability in Really
Simple Plugi ...)
@@ -187,7 +187,7 @@ CVE-2023-2959 (Authentication Bypass by Primary Weakness
vulnerability in Oliva
CVE-2023-2958 (Authorization Bypass Through User-Controlled Key vulnerability
in Orig ...)
NOT-FOR-US: Origin Software ATS Pro
CVE-2023-2912 (Use After Free vulnerability in Secomea SiteManager Embedded
allows Ob ...)
- TODO: check
+ NOT-FOR-US: Secomea SiteManager Embedded
CVE-2023-2701 (The Gravity Forms WordPress plugin before 2.7.5 does not escape
genera ...)
NOT-FOR-US: WordPress plugin
CVE-2023-2636 (The AN_GradeBook WordPress plugin through 5.0.1 does not
properly sani ...)
@@ -88902,7 +88902,7 @@ CVE-2022-30860 (FUDforum 3.1.2 is vulnerable to Remote
Code Execution through Up
CVE-2022-30859
RESERVED
CVE-2022-30858 (An issue was discovered in ngiflib 0.4. There is SEGV in
SDL_LoadAnima ...)
- TODO: check
+ NOT-FOR-US: ngiflib
CVE-2022-30857
RESERVED
CVE-2022-30856
@@ -128379,7 +128379,7 @@ CVE-2021-43074 (An improper verification of
cryptographic signature vulnerabilit
CVE-2021-43073 (A improper neutralization of special elements used in an os
command (' ...)
NOT-FOR-US: FortiGuard
CVE-2021-43072 (A buffer copy without checking size of input ('classic buffer
overflow ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2021-43071 (A heap-based buffer overflow in Fortinet FortiWeb version
6.4.1 and 6. ...)
NOT-FOR-US: FortiGuard
CVE-2021-43070 (Multiple relative path traversal vulnerabilities [CWE-23] in
FortiWLM ...)
@@ -144379,11 +144379,11 @@ CVE-2021-37388 (A buffer overflow in D-Link DIR-615
C2 3.03WW. The ping_ipaddr p
CVE-2021-37387
RESERVED
CVE-2021-37386 (Furukawa 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3
were dis ...)
- TODO: check
+ NOT-FOR-US: Furukawa
CVE-2021-37385
RESERVED
CVE-2021-37384 (A remote command execution (RCE) vulnerability in the web
interface co ...)
- TODO: check
+ NOT-FOR-US: Furukawa
CVE-2021-37383
RESERVED
CVE-2021-37382
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93eb48bbbfc883945c3ac1ea7174820909bd3ffa
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93eb48bbbfc883945c3ac1ea7174820909bd3ffa
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
