Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 93eb48bb by Moritz Muehlenhoff at 2023-07-18T13:25:53+02:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -55,7 +55,7 @@ CVE-2023-3179 (The POST SMTP Mailer WordPress plugin before 2.5.7 does not have CVE-2023-3041 (The Autochat Automatic Conversation WordPress plugin through 1.1.7 doe ...) NOT-FOR-US: WordPress plugin CVE-2023-38434 (xHTTP 72f812d has a double free in close_connection in xhttp.c via a m ...) - TODO: check + NOT-FOR-US: xHTTP CVE-2023-38432 (An issue was discovered in the Linux kernel before 6.3.10. fs/smb/serv ...) - linux 6.3.11-1 [bullseye] - linux <not-affected> (Vulnerable code not present) @@ -119,29 +119,29 @@ CVE-2023-37770 (faust commit ee39a19 was discovered to contain a stack overflow CVE-2023-37769 (stress-test master commit e4c878 was discovered to contain a FPE vulne ...) TODO: check CVE-2023-37479 (Open Enclave is a hardware-agnostic open source library for developing ...) - TODO: check + NOT-FOR-US: Open Enclave CVE-2023-37476 (OpenRefine is a free, open source tool for data processing. A carefull ...) TODO: check CVE-2023-37475 (Hamba avro is a go lang encoder/decoder implementation of the avro cod ...) - TODO: check + NOT-FOR-US: Hamba avro CVE-2023-37461 (Metersphere is an opensource testing framework. Files uploaded to Mete ...) - TODO: check + NOT-FOR-US: Metersphere CVE-2023-37266 (CasaOS is an open-source Personal Cloud system. Unauthenticated attack ...) - TODO: check + NOT-FOR-US: CasaOS CVE-2023-37265 (CasaOS is an open-source Personal Cloud system. Due to a lack of IP ad ...) - TODO: check + NOT-FOR-US: CasaOS CVE-2023-36656 (Cross Site Scripting (XSS) vulnerability in Jaegertracing Jaeger UI be ...) - TODO: check + NOT-FOR-US: Jaegertracing UI CVE-2023-36514 (Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Shippin ...) - TODO: check + NOT-FOR-US: WooCommerce plugin CVE-2023-36513 (Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Automat ...) - TODO: check + NOT-FOR-US: WooCommerce plugin CVE-2023-36511 (Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooComm ...) - TODO: check + NOT-FOR-US: WooCommerce plugin CVE-2023-35880 (Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooComm ...) - TODO: check + NOT-FOR-US: WooCommerce plugin CVE-2023-35818 (An issue was discovered on Espressif ESP32 3.0 (ESP32_rev300 ROM) devi ...) - TODO: check + NOT-FOR-US: Expressif CVE-2023-35096 (Cross-Site Request Forgery (CSRF) vulnerability in myCred plugin <=2.5 ...) NOT-FOR-US: WordPress plugin CVE-2023-35089 (Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugi ...) @@ -187,7 +187,7 @@ CVE-2023-2959 (Authentication Bypass by Primary Weakness vulnerability in Oliva CVE-2023-2958 (Authorization Bypass Through User-Controlled Key vulnerability in Orig ...) NOT-FOR-US: Origin Software ATS Pro CVE-2023-2912 (Use After Free vulnerability in Secomea SiteManager Embedded allows Ob ...) - TODO: check + NOT-FOR-US: Secomea SiteManager Embedded CVE-2023-2701 (The Gravity Forms WordPress plugin before 2.7.5 does not escape genera ...) NOT-FOR-US: WordPress plugin CVE-2023-2636 (The AN_GradeBook WordPress plugin through 5.0.1 does not properly sani ...) @@ -88902,7 +88902,7 @@ CVE-2022-30860 (FUDforum 3.1.2 is vulnerable to Remote Code Execution through Up CVE-2022-30859 RESERVED CVE-2022-30858 (An issue was discovered in ngiflib 0.4. There is SEGV in SDL_LoadAnima ...) - TODO: check + NOT-FOR-US: ngiflib CVE-2022-30857 RESERVED CVE-2022-30856 @@ -128379,7 +128379,7 @@ CVE-2021-43074 (An improper verification of cryptographic signature vulnerabilit CVE-2021-43073 (A improper neutralization of special elements used in an os command (' ...) NOT-FOR-US: FortiGuard CVE-2021-43072 (A buffer copy without checking size of input ('classic buffer overflow ...) - TODO: check + NOT-FOR-US: Fortinet CVE-2021-43071 (A heap-based buffer overflow in Fortinet FortiWeb version 6.4.1 and 6. ...) NOT-FOR-US: FortiGuard CVE-2021-43070 (Multiple relative path traversal vulnerabilities [CWE-23] in FortiWLM ...) @@ -144379,11 +144379,11 @@ CVE-2021-37388 (A buffer overflow in D-Link DIR-615 C2 3.03WW. The ping_ipaddr p CVE-2021-37387 RESERVED CVE-2021-37386 (Furukawa 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3 were dis ...) - TODO: check + NOT-FOR-US: Furukawa CVE-2021-37385 RESERVED CVE-2021-37384 (A remote command execution (RCE) vulnerability in the web interface co ...) - TODO: check + NOT-FOR-US: Furukawa CVE-2021-37383 RESERVED CVE-2021-37382 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93eb48bbbfc883945c3ac1ea7174820909bd3ffa -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93eb48bbbfc883945c3ac1ea7174820909bd3ffa You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits