Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
58f994e5 by Moritz Muehlenhoff at 2023-08-22T10:09:53+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2023-4456 (A flaw was found in openshift-logging LokiStack. The key used
for cach ...)
- TODO: check
+ NOT-FOR-US: LokiStack
CVE-2023-4455 (Cross-Site Request Forgery (CSRF) in GitHub repository
wallabag/wallab ...)
NOT-FOR-US: Wallabag
CVE-2023-4454 (Cross-Site Request Forgery (CSRF) in GitHub repository
wallabag/wallab ...)
@@ -11,7 +11,7 @@ CVE-2023-4417 (Improper access controls in the entry
duplication component in De
CVE-2023-4373 (Inadequate validation of permissions when employing remote
tools and m ...)
NOT-FOR-US: Devolutions Remote Desktop Manager
CVE-2023-40735 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: BUTTERFLY BUTTON
CVE-2023-40352 (McAfee Safe Connect before 2.16.1.126 may allow an adversary
with syst ...)
NOT-FOR-US: McAfee
CVE-2023-40068 (Cross-site scripting vulnerability in Advanced Custom Fields
versions ...)
@@ -25,13 +25,13 @@ CVE-2023-3667 (The Bit Assist WordPress plugin before 1.1.9
does not sanitise an
CVE-2023-3604 (The Change WP Admin Login WordPress plugin before 1.1.4
discloses the ...)
NOT-FOR-US: WordPress plugin
CVE-2023-3481 (Critters versions 0.0.17-0.0.19 have an issue when parsing the
HTML, w ...)
- TODO: check
+ NOT-FOR-US: Critters
CVE-2023-3366 (The MultiParcels Shipping For WooCommerce WordPress plugin
before 1.15 ...)
NOT-FOR-US: WordPress plugin
CVE-2023-39939 (SQL injection vulnerability in LuxCal Web Calendar prior to
5.2.3M (My ...)
NOT-FOR-US: LuxCal Web Calendar
CVE-2023-39660 (An issue in Gaberiele Venturi pandasai v.0.8.0 and before
allows a rem ...)
- TODO: check
+ NOT-FOR-US: Gaberiele Venturi pandasai
CVE-2023-39543 (Cross-site scripting vulnerability in LuxCal Web Calendar
prior to 5.2 ...)
NOT-FOR-US: LuxCal Web Calendar
CVE-2023-39106 (An issue in Nacos Group Nacos Spring Project v.1.1.1 and
before allows ...)
@@ -41,11 +41,11 @@ CVE-2023-39094 (Cross Site Scripting vulnerability in
ZeroWdd studentmanager v.1
CVE-2023-39061 (Cross Site Request Forgery (CSRF) vulnerability in Chamilo
v.1.11 thru ...)
NOT-FOR-US: Chamilo LMS
CVE-2023-38976 (An issue in weaviate v.1.20.0 allows a remote attacker to
cause a deni ...)
- TODO: check
+ NOT-FOR-US: weaviate
CVE-2023-38961 (Buffer Overflwo vulnerability in JerryScript Project
jerryscript v.3.0 ...)
TODO: check
CVE-2023-38899 (SQL injection vulnerability in berkaygediz O_Blog v.1.0 allows
a local ...)
- TODO: check
+ NOT-FOR-US: berkaygediz O_Blog
CVE-2023-38836 (File Upload vulnerability in BoidCMS v.2.0.0 allows a remote
attacker ...)
NOT-FOR-US: BoidCMS
CVE-2023-38158 (Microsoft Edge (Chromium-based) Information Disclosure
Vulnerability)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58f994e58a104d08af326968ecff876944693fae
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58f994e58a104d08af326968ecff876944693fae
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
