Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: f157bca7 by Salvatore Bonaccorso at 2023-11-30T21:37:52+01:00 Process more NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -153,7 +153,7 @@ CVE-2023-48331 (Cross-Site Request Forgery (CSRF) vulnerability in Stormhill Med CVE-2023-48330 (Cross-Site Request Forgery (CSRF) vulnerability in Mike Strand Bulk Co ...) NOT-FOR-US: WordPress plugin CVE-2023-48329 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-48328 (Cross-Site Request Forgery (CSRF) vulnerability in Imagely WordPress G ...) NOT-FOR-US: WordPress plugin CVE-2023-48326 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) @@ -281,11 +281,11 @@ CVE-2023-34388 (AnImproper Authentication vulnerability in the Schweitzer Engine CVE-2023-34030 (Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugi ...) NOT-FOR-US: WordPress plugin CVE-2023-34018 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-33333 (Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugi ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-32291 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-49620 (Before DolphinScheduler version 3.1.0, the login user could delete UDF ...) NOT-FOR-US: Apache DolphinScheduler CVE-2023-49733 (Improper Restriction of XML External Entity Reference vulnerability in ...) @@ -29235,9 +29235,9 @@ CVE-2023-31179 (AgilePoint NX v8.0 SU2.2 & SU2.3 - Path traversal -Vulnerability CVE-2023-31178 (AgilePoint NX v8.0 SU2.2 & SU2.3 \u2013 Arbitrary File DeleteVulnerabi ...) NOT-FOR-US: AgilePoint CVE-2023-31177 (An Improper Neutralization of Input During Web Page Generation ('Cross ...) - TODO: check + NOT-FOR-US: Schweitzer Engineering Laboratories SEL-451 CVE-2023-31176 (An Insufficient Entropy vulnerability in the Schweitzer Engineering La ...) - TODO: check + NOT-FOR-US: Schweitzer Engineering Laboratories SEL-451 CVE-2023-31175 (An Execution with Unnecessary Privileges vulnerability in the Schweitz ...) NOT-FOR-US: Schweitzer Engineering Laboratories CVE-2023-31174 (A Cross-Site Request Forgery (CSRF) vulnerability in the Schweitzer En ...) @@ -29396,13 +29396,13 @@ CVE-2023-2269 (A denial of service problem was found, due to a possible recursiv CVE-2023-2268 (Plane version 0.7.1 allows an unauthenticated attacker to view all sto ...) NOT-FOR-US: Plane CVE-2023-2267 (An Improper Input Validation vulnerability in Schweitzer Engineering L ...) - TODO: check + NOT-FOR-US: Schweitzer Engineering Laboratories SEL-411L CVE-2023-2266 (AnImproper neutralization of input during web page generation in the S ...) - TODO: check + NOT-FOR-US: Schweitzer Engineering Laboratories SEL-411L CVE-2023-2265 (AnImproper Restriction of Rendered UI Layers or Frames in the Schweitz ...) - TODO: check + NOT-FOR-US: Schweitzer Engineering Laboratories SEL-411L CVE-2023-2264 (An improper input validation vulnerability in the Schweitzer Engineeri ...) - TODO: check + NOT-FOR-US: Schweitzer Engineering Laboratories SEL-411L CVE-2023-2263 (The Rockwell Automation Kinetix 5700 DC Bus Power Supply Series A is v ...) NOT-FOR-US: Rockwell Automation CVE-2023-2262 (A buffer overflow vulnerability exists in the Rockwell Automation sele ...) @@ -43492,7 +43492,7 @@ CVE-2023-26535 (Cross-Site Request Forgery (CSRF) vulnerability in WPPOOL Sheets CVE-2023-26534 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in OneW ...) NOT-FOR-US: WordPress plugin CVE-2023-26533 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-26532 (Cross-Site Request Forgery (CSRF) vulnerability in AccessPress Themes ...) NOT-FOR-US: WordPress plugin CVE-2023-26531 (Cross-Site Request Forgery (CSRF) vulnerability in \u95ea\u7535\u535a ...) @@ -48144,7 +48144,7 @@ CVE-2023-25059 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i CVE-2023-25058 (Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Sc ...) NOT-FOR-US: WordPress plugin CVE-2023-25057 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-25056 (Cross-Site Request Forgery (CSRF) vulnerability in SlickRemix Feed The ...) NOT-FOR-US: WordPress plugin CVE-2023-25055 (Cross-Site Request Forgery (CSRF) vulnerability in Amit Agarwal Google ...) @@ -167212,7 +167212,7 @@ CVE-2021-36808 (A local attacker could bypass the app password using a race cond CVE-2021-36807 (An authenticated user could potentially execute code via an SQLi vulne ...) NOT-FOR-US: Sophos CVE-2021-36806 (A reflected XSS vulnerability allows an open redirect when the victim ...) - TODO: check + NOT-FOR-US: Sophos CVE-2020-36431 (Unicorn Engine 1.0.2 has an out-of-bounds write in helper_wfe_arm.) NOT-FOR-US: Unicorn Engine CVE-2020-36430 (libass 0.15.x before 0.15.1 has a heap-based buffer overflow in decode ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f157bca7ddd50f3b30e6d3f369ac5d284c2fcf01 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f157bca7ddd50f3b30e6d3f369ac5d284c2fcf01 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits