Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: d89913d3 by Salvatore Bonaccorso at 2023-11-30T21:27:38+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,285 +1,285 @@ CVE-2023-6439 (A vulnerability classified as problematic was found in ZenTao PMS 18.8 ...) - TODO: check + NOT-FOR-US: ZenTao PMS CVE-2023-6438 (A vulnerability classified as problematic has been found in IceCMS 2.0 ...) - TODO: check + NOT-FOR-US: IceCMS CVE-2023-6435 (A vulnerability has been discovered in BigProf Online Invoicing System ...) - TODO: check + NOT-FOR-US: BigProf Online Invoicing System CVE-2023-6434 (A vulnerability has been discovered in BigProf Online Invoicing System ...) - TODO: check + NOT-FOR-US: BigProf Online Invoicing System CVE-2023-6433 (A vulnerability has been discovered in BigProf Online Invoicing System ...) - TODO: check + NOT-FOR-US: BigProf Online Invoicing System CVE-2023-6432 (A vulnerability has been discovered in BigProf Online Invoicing System ...) - TODO: check + NOT-FOR-US: BigProf Online Invoicing System CVE-2023-6431 (A vulnerability has been discovered in BigProf Online Invoicing System ...) - TODO: check + NOT-FOR-US: BigProf Online Invoicing System CVE-2023-6430 (A vulnerability has been discovered in BigProf Online Invoicing System ...) - TODO: check + NOT-FOR-US: BigProf Online Invoicing System CVE-2023-6429 (A vulnerability has been discovered in BigProf Online Invoicing System ...) - TODO: check + NOT-FOR-US: BigProf Online Invoicing System CVE-2023-6428 (A vulnerability has been discovered in BigProf Online Invoicing System ...) - TODO: check + NOT-FOR-US: BigProf Online Invoicing System CVE-2023-6427 (A vulnerability has been discovered in BigProf Online Invoicing System ...) - TODO: check + NOT-FOR-US: BigProf Online Invoicing System CVE-2023-6426 (A vulnerability has been discovered in BigProf Online Invoicing System ...) - TODO: check + NOT-FOR-US: BigProf Online Invoicing System CVE-2023-6425 (A vulnerability has been discovered in BigProf Online Clinic Managemen ...) - TODO: check + NOT-FOR-US: BigProf Online Clinic Management System CVE-2023-6424 (A vulnerability has been discovered in BigProf Online Clinic Managemen ...) - TODO: check + NOT-FOR-US: BigProf Online Clinic Management System CVE-2023-6423 (A vulnerability has been discovered in BigProf Online Clinic Managemen ...) - TODO: check + NOT-FOR-US: BigProf Online Clinic Management System CVE-2023-6422 (A vulnerability has been discovered in BigProf Online Clinic Managemen ...) - TODO: check + NOT-FOR-US: BigProf Online Clinic Management System CVE-2023-6420 (A vulnerability has been reported in Voovi Social Networking Script ve ...) - TODO: check + NOT-FOR-US: Voovi Social Networking Script CVE-2023-6419 (A vulnerability has been reported in Voovi Social Networking Script ve ...) - TODO: check + NOT-FOR-US: Voovi Social Networking Script CVE-2023-6418 (A vulnerability has been reported in Voovi Social Networking Script th ...) - TODO: check + NOT-FOR-US: Voovi Social Networking Script CVE-2023-6417 (A vulnerability has been reported in Voovi Social Networking Script th ...) - TODO: check + NOT-FOR-US: Voovi Social Networking Script CVE-2023-6416 (A vulnerability has been reported in Voovi Social Networking Script th ...) - TODO: check + NOT-FOR-US: Voovi Social Networking Script CVE-2023-6415 (A vulnerability has been reported in Voovi Social Networking Script th ...) - TODO: check + NOT-FOR-US: Voovi Social Networking Script CVE-2023-6414 (A vulnerability has been reported in Voovi Social Networking Script th ...) - TODO: check + NOT-FOR-US: Voovi Social Networking Script CVE-2023-6413 (A vulnerability has been reported in Voovi Social Networking Script th ...) - TODO: check + NOT-FOR-US: Voovi Social Networking Script CVE-2023-6412 (A vulnerability has been reported in Voovi Social Networking Script th ...) - TODO: check + NOT-FOR-US: Voovi Social Networking Script CVE-2023-6411 (A vulnerability has been reported in Voovi Social Networking Script th ...) - TODO: check + NOT-FOR-US: Voovi Social Networking Script CVE-2023-6410 (A vulnerability has been reported in Voovi Social Networking Script th ...) - TODO: check + NOT-FOR-US: Voovi Social Networking Script CVE-2023-6402 (A vulnerability, which was classified as critical, was found in PHPGur ...) - TODO: check + NOT-FOR-US: PHPGurukul CVE-2023-6401 (A vulnerability classified as problematic was found in NotePad++ up to ...) - TODO: check + NOT-FOR-US: NotePad++ CVE-2023-6376 (Henschen & Associates court document management software does not suff ...) - TODO: check + NOT-FOR-US: Henschen & Associates court document management software CVE-2023-6375 (Tyler Technologies Court Case Management Plus may store backups in a l ...) - TODO: check + NOT-FOR-US: Tyler Technologies Court Case Management Plus CVE-2023-6360 (The 'My Calendar' WordPress Plugin, version < 3.4.22 is affected by an ...) - TODO: check + NOT-FOR-US: WordPress Plugin CVE-2023-6354 (Tyler Technologies Magistrate Court Case Management Plus allows an una ...) - TODO: check + NOT-FOR-US: Tyler Technologies Magistrate Court Case Management Plus CVE-2023-6353 (Tyler Technologies Civil and Criminal Electronic Filing allows an unau ...) - TODO: check + NOT-FOR-US: Tyler Technologies Civil and Criminal Electronic Filing CVE-2023-6352 (The default configuration of Aquaforest TIFF Server allows access to a ...) - TODO: check + NOT-FOR-US: Aquaforest TIFF Server CVE-2023-6344 (Tyler Technologies Court Case Management Plus allows a remote, unauthe ...) - TODO: check + NOT-FOR-US: Tyler Technologies Court Case Management Plus CVE-2023-6343 (Tyler Technologies Court Case Management Plus allows a remote, unauthe ...) - TODO: check + NOT-FOR-US: Tyler Technologies Court Case Management Plus CVE-2023-6342 (Tyler Technologies Court Case Management Plus allows a remote attacker ...) - TODO: check + NOT-FOR-US: Tyler Technologies Court Case Management Plus CVE-2023-6341 (Catalis (previously Icon Software) CMS360 allows a remote, unauthentic ...) - TODO: check + NOT-FOR-US: Catalis (previously Icon Software) CMS360 CVE-2023-6137 (Cross-Site Request Forgery (CSRF) vulnerability in finnj Frontier Post ...) - TODO: check + NOT-FOR-US: finnj Frontier Post CVE-2023-6136 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: Bowo Debug Log Manager CVE-2023-6071 (An Improper Neutralization of Special Elements used in a command vulne ...) - TODO: check + NOT-FOR-US: Trellix CVE-2023-6027 (A critical flaw has been identified in elijaa/phpmemcachedadmin affect ...) TODO: check CVE-2023-6026 (A Path traversal vulnerability has been reported in elijaa/phpmemcache ...) TODO: check CVE-2023-5966 (An authenticated privileged attacker could upload a specially crafted ...) - TODO: check + NOT-FOR-US: EspoCRM CVE-2023-5965 (An authenticated privileged attacker could upload a specially crafted ...) - TODO: check + NOT-FOR-US: EspoCRM CVE-2023-5803 (Cross-Site Request Forgery (CSRF) vulnerability in Business Directory ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-4770 (An uncontrolled search path element vulnerability has been found on 4D ...) TODO: check CVE-2023-48964 (Tenda i6 V1.0.0.8(3856) is vulnerable to Buffer Overflow via /goform/W ...) - TODO: check + NOT-FOR-US: Tenda CVE-2023-48963 (Tenda i6 V1.0.0.8(3856) is vulnerable to Buffer Overflow via /goform/w ...) - TODO: check + NOT-FOR-US: Tenda CVE-2023-48914 (Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forg ...) - TODO: check + NOT-FOR-US: Dreamer CMS CVE-2023-48913 (Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forg ...) - TODO: check + NOT-FOR-US: Dreamer CMS CVE-2023-48912 (Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forg ...) - TODO: check + NOT-FOR-US: Dreamer CMS CVE-2023-48812 (In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file sub_4119A0 ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2023-48811 (In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2023-48810 (In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2023-48808 (In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2023-48807 (In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2023-48806 (In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2023-48805 (In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2023-48804 (In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2023-48803 (In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2023-48802 (In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2023-48754 (Cross-Site Request Forgery (CSRF) vulnerability in Wap Nepal Delete Po ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48752 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48749 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48748 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48746 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48744 (Cross-Site Request Forgery (CSRF) vulnerability in Offshore Web Master ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48743 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48742 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48737 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48336 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48334 (Cross-Site Request Forgery (CSRF) vulnerability in DAEXT League Table ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48333 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48331 (Cross-Site Request Forgery (CSRF) vulnerability in Stormhill Media MyB ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48330 (Cross-Site Request Forgery (CSRF) vulnerability in Mike Strand Bulk Co ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48329 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) TODO: check CVE-2023-48328 (Cross-Site Request Forgery (CSRF) vulnerability in Imagely WordPress G ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48326 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48323 (Cross-Site Request Forgery (CSRF) vulnerability in Awesome Support Tea ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48322 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48321 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48320 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48317 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48289 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48284 (Cross-Site Request Forgery (CSRF) vulnerability in WebToffee Decorator ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48283 (Cross-Site Request Forgery (CSRF) vulnerability in PressTigers Simple ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48282 (Cross-Site Request Forgery (CSRF) vulnerability in Andrea Landonio Tax ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48281 (Cross-Site Request Forgery (CSRF) vulnerability in Super Blog Me Broke ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48279 (Cross-Site Request Forgery (CSRF) vulnerability in Seraphinite Solutio ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48278 (Cross-Site Request Forgery (CSRF) vulnerability in Nitin Rathod WP For ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48272 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-47877 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-47876 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-47875 (Cross-Site Request Forgery (CSRF) vulnerability in Perfmatters allows ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-47872 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-47870 (Cross-Site Request Forgery (CSRF), Missing Authorization vulnerability ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-47854 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-47853 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-47851 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-47850 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-47848 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-47844 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-47827 (Incorrect Authorization vulnerability in NicheAddons Events Addon for ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-47777 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-47645 (Cross-Site Request Forgery (CSRF) vulnerability in RegistrationMagic R ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-47521 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-47505 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-46820 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-46086 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-45834 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-45609 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-45066 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-45050 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-44150 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-44143 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-41735 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-41136 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-41128 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-41127 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-40680 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-40674 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-40662 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-40600 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-40211 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-39921 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-38474 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-38400 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-37972 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-37890 (Missing Authorization vulnerability in WPOmnia KB Support \u2013 WordP ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-37868 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-37867 (Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Yet ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-36685 (Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force US ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-36682 (Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force US ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-36523 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-36507 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-34390 (An input validation vulnerability in the Schweitzer Engineering Labora ...) - TODO: check + NOT-FOR-US: Schweitzer Engineering Laboratories CVE-2023-34389 (An allocation of resources without limits or throttling vulnerability ...) - TODO: check + NOT-FOR-US: Schweitzer Engineering Laboratories CVE-2023-34388 (AnImproper Authentication vulnerability in the Schweitzer Engineering ...) - TODO: check + NOT-FOR-US: Schweitzer Engineering Laboratories CVE-2023-34030 (Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugi ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-34018 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) TODO: check CVE-2023-33333 (Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugi ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d89913d36623c233a7ab55f905ab214150d4581c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d89913d36623c233a7ab55f905ab214150d4581c You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits