Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f157bca7 by Salvatore Bonaccorso at 2023-11-30T21:37:52+01:00
Process more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -153,7 +153,7 @@ CVE-2023-48331 (Cross-Site Request Forgery (CSRF)
vulnerability in Stormhill Med
CVE-2023-48330 (Cross-Site Request Forgery (CSRF) vulnerability in Mike Strand
Bulk Co ...)
NOT-FOR-US: WordPress plugin
CVE-2023-48329 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48328 (Cross-Site Request Forgery (CSRF) vulnerability in Imagely
WordPress G ...)
NOT-FOR-US: WordPress plugin
CVE-2023-48326 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
@@ -281,11 +281,11 @@ CVE-2023-34388 (AnImproper Authentication vulnerability
in the Schweitzer Engine
CVE-2023-34030 (Cross-Site Request Forgery (CSRF) vulnerability in Really
Simple Plugi ...)
NOT-FOR-US: WordPress plugin
CVE-2023-34018 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33333 (Cross-Site Request Forgery (CSRF) vulnerability in Really
Simple Plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32291 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49620 (Before DolphinScheduler version 3.1.0, the login user could
delete UDF ...)
NOT-FOR-US: Apache DolphinScheduler
CVE-2023-49733 (Improper Restriction of XML External Entity Reference
vulnerability in ...)
@@ -29235,9 +29235,9 @@ CVE-2023-31179 (AgilePoint NX v8.0 SU2.2 & SU2.3 - Path
traversal -Vulnerability
CVE-2023-31178 (AgilePoint NX v8.0 SU2.2 & SU2.3 \u2013 Arbitrary File
DeleteVulnerabi ...)
NOT-FOR-US: AgilePoint
CVE-2023-31177 (An Improper Neutralization of Input During Web Page Generation
('Cross ...)
- TODO: check
+ NOT-FOR-US: Schweitzer Engineering Laboratories SEL-451
CVE-2023-31176 (An Insufficient Entropy vulnerability in the Schweitzer
Engineering La ...)
- TODO: check
+ NOT-FOR-US: Schweitzer Engineering Laboratories SEL-451
CVE-2023-31175 (An Execution with Unnecessary Privileges vulnerability in the
Schweitz ...)
NOT-FOR-US: Schweitzer Engineering Laboratories
CVE-2023-31174 (A Cross-Site Request Forgery (CSRF) vulnerability in the
Schweitzer En ...)
@@ -29396,13 +29396,13 @@ CVE-2023-2269 (A denial of service problem was found,
due to a possible recursiv
CVE-2023-2268 (Plane version 0.7.1 allows an unauthenticated attacker to view
all sto ...)
NOT-FOR-US: Plane
CVE-2023-2267 (An Improper Input Validation vulnerability in Schweitzer
Engineering L ...)
- TODO: check
+ NOT-FOR-US: Schweitzer Engineering Laboratories SEL-411L
CVE-2023-2266 (AnImproper neutralization of input during web page generation
in the S ...)
- TODO: check
+ NOT-FOR-US: Schweitzer Engineering Laboratories SEL-411L
CVE-2023-2265 (AnImproper Restriction of Rendered UI Layers or Frames in the
Schweitz ...)
- TODO: check
+ NOT-FOR-US: Schweitzer Engineering Laboratories SEL-411L
CVE-2023-2264 (An improper input validation vulnerability in the Schweitzer
Engineeri ...)
- TODO: check
+ NOT-FOR-US: Schweitzer Engineering Laboratories SEL-411L
CVE-2023-2263 (The Rockwell Automation Kinetix 5700 DC Bus Power Supply Series
A is v ...)
NOT-FOR-US: Rockwell Automation
CVE-2023-2262 (A buffer overflow vulnerability exists in the Rockwell
Automation sele ...)
@@ -43492,7 +43492,7 @@ CVE-2023-26535 (Cross-Site Request Forgery (CSRF)
vulnerability in WPPOOL Sheets
CVE-2023-26534 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in OneW ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26533 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-26532 (Cross-Site Request Forgery (CSRF) vulnerability in AccessPress
Themes ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26531 (Cross-Site Request Forgery (CSRF) vulnerability in
\u95ea\u7535\u535a ...)
@@ -48144,7 +48144,7 @@ CVE-2023-25059 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2023-25058 (Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm
Force Sc ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25057 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25056 (Cross-Site Request Forgery (CSRF) vulnerability in SlickRemix
Feed The ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25055 (Cross-Site Request Forgery (CSRF) vulnerability in Amit
Agarwal Google ...)
@@ -167212,7 +167212,7 @@ CVE-2021-36808 (A local attacker could bypass the app
password using a race cond
CVE-2021-36807 (An authenticated user could potentially execute code via an
SQLi vulne ...)
NOT-FOR-US: Sophos
CVE-2021-36806 (A reflected XSS vulnerability allows an open redirect when the
victim ...)
- TODO: check
+ NOT-FOR-US: Sophos
CVE-2020-36431 (Unicorn Engine 1.0.2 has an out-of-bounds write in
helper_wfe_arm.)
NOT-FOR-US: Unicorn Engine
CVE-2020-36430 (libass 0.15.x before 0.15.1 has a heap-based buffer overflow
in decode ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f157bca7ddd50f3b30e6d3f369ac5d284c2fcf01
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f157bca7ddd50f3b30e6d3f369ac5d284c2fcf01
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
