Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c526f772 by security tracker role at 2023-07-10T20:12:45+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,137 @@
+CVE-2023-3605 (A vulnerability was found in PHPGurukul Online Shopping Portal
1.0. It ...)
+ TODO: check
+CVE-2023-3599 (A vulnerability was found in SourceCodester Best Fee Management
System ...)
+ TODO: check
+CVE-2023-3580 (Improper Handling of Additional Special Element in GitHub
repository s ...)
+ TODO: check
+CVE-2023-3579 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2023-3578 (A vulnerability classified as critical was found in DedeCMS
5.7.109. A ...)
+ TODO: check
+CVE-2023-3574 (Improper Authorization in GitHub repository
pimcore/customer-data-fram ...)
+ TODO: check
+CVE-2023-3273 (Improper Access Control in the SICK ICR890-4 could allow an
unauthenti ...)
+ TODO: check
+CVE-2023-3272 (Cleartext Transmission of Sensitive Information in the SICK
ICR890-4 c ...)
+ TODO: check
+CVE-2023-3271 (Improper Access Control in the SICK ICR890-4 could allow an
unauthenti ...)
+ TODO: check
+CVE-2023-3270 (Exposure of Sensitive Information to an Unauthorized Actor in
the SICK ...)
+ TODO: check
+CVE-2023-3225 (The Float menu WordPress plugin before 5.0.3 does not sanitise
and esc ...)
+ TODO: check
+CVE-2023-3219 (The EventON WordPress plugin before 2.1.2 does not validate
that the e ...)
+ TODO: check
+CVE-2023-3209 (The MStore API WordPress plugin before 3.9.7 does not secure
most of i ...)
+ TODO: check
+CVE-2023-3175 (The AI ChatBot WordPress plugin before 4.6.1 does not
adequately escap ...)
+ TODO: check
+CVE-2023-3131 (The MStore API WordPress plugin before 3.9.7 does not secure
most of i ...)
+ TODO: check
+CVE-2023-3129 (The URL Shortify WordPress plugin before 1.7.0 does not
sanitise and e ...)
+ TODO: check
+CVE-2023-3118 (The Export All URLs WordPress plugin before 4.6 does not
sanitise and ...)
+ TODO: check
+CVE-2023-3077 (The MStore API WordPress plugin before 3.9.8 does not sanitise
and esc ...)
+ TODO: check
+CVE-2023-3076 (The MStore API WordPress plugin before 3.9.9 does not prevent
visitors ...)
+ TODO: check
+CVE-2023-37712 (Tenda AC1206 V15.03.06.23, F1202 V1.2.0.20(408), and FH1202
V1.2.0.20( ...)
+ TODO: check
+CVE-2023-37711 (Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were
discovered to con ...)
+ TODO: check
+CVE-2023-37710 (Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were
discovered to con ...)
+ TODO: check
+CVE-2023-37707 (Tenda FH1203 V2.0.1.6 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2023-37706 (Tenda FH1203 V2.0.1.6 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2023-37705 (Tenda FH1203 V2.0.1.6 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2023-37704 (Tenda FH1203 V2.0.1.6 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2023-37703 (Tenda FH1203 V2.0.1.6 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2023-37702 (Tenda FH1203 V2.0.1.6 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2023-37701 (Tenda FH1203 V2.0.1.6 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2023-37700 (Tenda FH1203 V2.0.1.6 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2023-37392 (Cross-Site Request Forgery (CSRF) vulnerability in Deepak
Anand WP Dum ...)
+ TODO: check
+CVE-2023-37277 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
+ TODO: check
+CVE-2023-37153 (KodExplorer 4.51 contains a Cross-Site Scripting (XSS)
vulnerability i ...)
+ TODO: check
+CVE-2023-37152 (Projectworlds Online Art Gallery Project 1.0 allows
unauthenticated us ...)
+ TODO: check
+CVE-2023-37151 (Sourcecodester Online Pizza Ordering System v1.0 allows the
upload of ...)
+ TODO: check
+CVE-2023-37150 (Sourcecodester Online Pizza Ordering System v1.0 has a
Cross-site scri ...)
+ TODO: check
+CVE-2023-36940 (Cross Site Scripting (XSS) vulnerability in PHPGurukul Online
Fire Rep ...)
+ TODO: check
+CVE-2023-36939 (Cross-Site Scripting (XSS) vulnerability in Hostel Management
System v ...)
+ TODO: check
+CVE-2023-36936 (Cross-Site Scripting (XSS) vulnerability in PHPGurukul Online
Security ...)
+ TODO: check
+CVE-2023-36691 (Cross-Site Request Forgery (CSRF) vulnerability in Albert
Peschar Webw ...)
+ TODO: check
+CVE-2023-36376 (Cross-Site Scripting (XSS) vulnerability in Hostel Management
System v ...)
+ TODO: check
+CVE-2023-36375 (Cross Site Scripting vulnerability in Hostel Management System
v2.1 al ...)
+ TODO: check
+CVE-2023-35912 (Cross-Site Request Forgery (CSRF) vulnerability in WP Zone
Potent Dona ...)
+ TODO: check
+CVE-2023-35699 (Cleartext Storage on Disk in the SICK ICR890-4 could allow an
unauthen ...)
+ TODO: check
+CVE-2023-35698 (Observable Response Discrepancy in the SICK ICR890-4 could
allow a rem ...)
+ TODO: check
+CVE-2023-35697 (Improper Restriction of Excessive Authentication Attempts in
the SICK ...)
+ TODO: check
+CVE-2023-35696 (Unauthenticated endpoints in the SICK ICR890-4 could allow an
unauthen ...)
+ TODO: check
+CVE-2023-34432 (A heap buffer overflow vulnerability was found in sox, in the
lsx_read ...)
+ TODO: check
+CVE-2023-34347 (Delta Electronics InfraSuite Device Master versions prior to
1.0.7 con ...)
+ TODO: check
+CVE-2023-34318 (A heap buffer overflow vulnerability was found in sox, in the
startrea ...)
+ TODO: check
+CVE-2023-34316 (An attacker could bypass the latest Delta Electronics
InfraSuite Devic ...)
+ TODO: check
+CVE-2023-32627 (A floating point exception vulnerability was found in sox, in
the read ...)
+ TODO: check
+CVE-2023-30765 (Delta Electronics InfraSuite Device Master versions prior to
1.0.7 con ...)
+ TODO: check
+CVE-2023-2967 (The TinyMCE Custom Styles WordPress plugin before 1.1.4 does
not sanit ...)
+ TODO: check
+CVE-2023-2964 (The Simple Iframe WordPress plugin before 1.2.0 does not
properly vali ...)
+ TODO: check
+CVE-2023-2796 (The EventON WordPress plugin before 2.1.2 lacks authentication
and aut ...)
+ TODO: check
+CVE-2023-2709 (The AN_GradeBook WordPress plugin through 5.0.1 does not
sanitise and ...)
+ TODO: check
+CVE-2023-2635 (The Call Now Accessibility Button WordPress plugin before 1.1
does not ...)
+ TODO: check
+CVE-2023-2578 (The Buy Me a Coffee WordPress plugin before 3.7 does not
sanitise and ...)
+ TODO: check
+CVE-2023-2529 (The Enable SVG Uploads WordPress plugin through 2.1.5 does not
sanitis ...)
+ TODO: check
+CVE-2023-2495 (The Greeklish-permalink WordPress plugin through 3.3 does not
implemen ...)
+ TODO: check
+CVE-2023-2493 (The All In One Redirection WordPress plugin before 2.2.0 does
not prop ...)
+ TODO: check
+CVE-2023-26590 (A floating point exception vulnerability was found in sox, in
the lsx_ ...)
+ TODO: check
+CVE-2016-15034 (A vulnerability was found in Dynacase Webdesk and classified
as critic ...)
+ TODO: check
+CVE-2015-10121 (A vulnerability has been found in Beeliked Microsite Plugin up
to 1.0. ...)
+ TODO: check
+CVE-2015-10120 (A vulnerability, which was classified as problematic, was
found in WDS ...)
+ TODO: check
+CVE-2015-10119 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
CVE-2023-XXXX [spip: Use a dedicated function to clean author data when
preparing a session]
- spip 4.1.11+dfsg-1
[bookworm] - spip <no-dsa> (Minor issue)
@@ -151,9 +285,9 @@ CVE-2023-33664 (ai-dev aicombinationsonfly before v0.3.1
was discovered to conta
NOT-FOR-US: ai-dev aicombinationsonfly
CVE-2023-32183 (Incorrect Default Permissions vulnerability in the openSUSE
Tumbleweed ...)
NOT-FOR-US: hawk2 as packaged by SuSE
-CVE-2023-34442
+CVE-2023-34442 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
NOT-FOR-US: Apache Camel JIRA
-CVE-2023-35887
+CVE-2023-35887 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
NOT-FOR-US: Apache Mina SSHD
CVE-2023-33008 (Deserialization of Untrusted Data vulnerability in Apache
Software Fou ...)
NOT-FOR-US: Apache Johnzon
@@ -5849,14 +5983,14 @@ CVE-2023-2458 (Use after free in ChromeOS Camera in
Google Chrome on ChromeOS pr
NOT-FOR-US: Google Chrome on ChromeOS
CVE-2023-2457 (Out of bounds write in ChromeOS Audio Server in Google Chrome
on Chrom ...)
NOT-FOR-US: Google Chrome on ChromeOS
-CVE-2023-32254
+CVE-2023-32254 (A flaw was found in the Linux kernel's ksmbd, a
high-performance in-ke ...)
{DSA-5448-1}
- linux 6.3.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/30210947a343b6b3ca13adc9bfc88e1543e16dd5 (6.4-rc1)
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-CAN-20592/
-CVE-2023-32250
+CVE-2023-32250 (A flaw was found in the Linux kernel's ksmbd, a
high-performance in-ke ...)
{DSA-5448-1}
- linux 6.3.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -8931,14 +9065,14 @@ CVE-2023-2031 (The Locatoraid Store Locator plugin for
WordPress is vulnerable t
NOT-FOR-US: WordPress plugin
CVE-2023-2030
RESERVED
-CVE-2023-2029
- RESERVED
-CVE-2023-2028
- RESERVED
+CVE-2023-2029 (The PrePost SEO WordPress plugin through 3.0 does not properly
sanitiz ...)
+ TODO: check
+CVE-2023-2028 (The Call Now Accessibility Button WordPress plugin before 1.1
does not ...)
+ TODO: check
CVE-2023-2027 (The ZM Ajax Login & Register plugin for WordPress is vulnerable
to aut ...)
NOT-FOR-US: ZM Ajax Login & Register plugin for WordPress
-CVE-2023-2026
- RESERVED
+CVE-2023-2026 (The Image Protector WordPress plugin through 1.1 does not
properly san ...)
+ TODO: check
CVE-2023-2025 (OpenBlue Enterprise Manager Data Collector versions prior to
3.2.5.75 ...)
NOT-FOR-US: OpenBlue Enterprise Manager Data Collector
CVE-2023-2024 (Improper authentication in OpenBlue Enterprise Manager Data
Collector ...)
@@ -12979,8 +13113,8 @@ CVE-2023-29097
RESERVED
CVE-2023-29096
RESERVED
-CVE-2023-29095
- RESERVED
+CVE-2023-29095 (Auth. (admin+) SQL Injection (SQLi) vulnerability in David F.
Carr RSV ...)
+ TODO: check
CVE-2023-29094 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability
in PI W ...)
NOT-FOR-US: WordPress plugin
CVE-2023-29093 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
@@ -12992,8 +13126,8 @@ CVE-2023-1782 (HashiCorp Nomad and Nomad Enterprise
versions 1.5.0 up to 1.5.2 a
NOTE:
https://discuss.hashicorp.com/t/hcsec-2023-13-nomad-unauthenticated-client-agent-http-request-privilege-escalation/52375
CVE-2023-1781
RESERVED
-CVE-2023-1780
- RESERVED
+CVE-2023-1780 (The Companion Sitemap Generator WordPress plugin before 4.5.3
does not ...)
+ TODO: check
CVE-2023-1779 (Exposure of Sensitive Information to an unauthorized actor
vulnerabili ...)
NOT-FOR-US: MB Connect Lines
CVE-2023-1778 (This vulnerability exists in GajShield Data Security Firewall
firmware ...)
@@ -13359,8 +13493,8 @@ CVE-2023-28997 (The Nextcloud Desktop Client is a tool
to synchronize files from
NOTE:
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4p33-rw27-j5fc
CVE-2023-28996
RESERVED
-CVE-2023-28995
- RESERVED
+CVE-2023-28995 (Cross-Site Request Forgery (CSRF) vulnerability in Keith
Solomon Confi ...)
+ TODO: check
CVE-2023-28994
RESERVED
CVE-2023-28993 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Ignazio ...)
@@ -13371,14 +13505,14 @@ CVE-2023-28991 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-28990
RESERVED
-CVE-2023-28989
- RESERVED
+CVE-2023-28989 (Cross-Site Request Forgery (CSRF) vulnerability in weDevs
Happy Addons ...)
+ TODO: check
CVE-2023-28988 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in PI W ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28987
RESERVED
-CVE-2023-28986
- RESERVED
+CVE-2023-28986 (Cross-Site Request Forgery (CSRF) vulnerability in wp.Insider,
wpaffil ...)
+ TODO: check
CVE-2023-28985
RESERVED
CVE-2023-28984 (A Use After Free vulnerability in the Layer 2 Address Learning
Manager ...)
@@ -14233,8 +14367,8 @@ CVE-2023-1599
RESERVED
CVE-2023-1598
REJECTED
-CVE-2023-1597
- RESERVED
+CVE-2023-1597 (The tagDiv Cloud Library WordPress plugin before 2.7 does not
have aut ...)
+ TODO: check
CVE-2023-1596 (The tagDiv Composer WordPress plugin before 4.0 does not
sanitise and ...)
NOT-FOR-US: WordPress plugin
CVE-2023-1595 (A vulnerability has been found in novel-plus 3.6.2 and
classified as c ...)
@@ -17568,8 +17702,8 @@ CVE-2023-1210
RESERVED
CVE-2023-1209 (Cross-Site Scripting (XSS) vulnerabilities exist in ServiceNow
records ...)
NOT-FOR-US: ServiceNow
-CVE-2023-1208
- RESERVED
+CVE-2023-1208 (This HTTP Headers WordPress plugin before 1.18.11 allows
arbitrary dat ...)
+ TODO: check
CVE-2023-1207 (This HTTP Headers WordPress plugin before 1.18.8 has an import
functio ...)
NOT-FOR-US: WordPress plugin
CVE-2023-1206 (A hash collision flaw was found in the IPv6 connection lookup
table in ...)
@@ -18098,8 +18232,7 @@ CVE-2023-27636
RESERVED
CVE-2023-1184 (A vulnerability, which was classified as problematic, has been
found i ...)
NOT-FOR-US: ECshop
-CVE-2023-1183
- RESERVED
+CVE-2023-1183 (A flaw was found in the Libreoffice package. An attacker can
craft an ...)
{DSA-5437-1 DSA-5436-1 DLA-3468-1 DLA-3467-1}
- hsqldb 2.7.2-1
- hsqldb1.8.0 1.8.0.10+dfsg-12
@@ -18874,8 +19007,8 @@ CVE-2023-1121 (The Simple Giveaways WordPress plugin
before 2.45.1 does not sani
NOT-FOR-US: WordPress plugin
CVE-2023-1120 (The Simple Giveaways WordPress plugin before 2.45.1 does not
sanitise ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-1119
- RESERVED
+CVE-2023-1119 (The WP-Optimize WordPress plugin before 3.2.13, SrbTransLatin
WordPres ...)
+ TODO: check
CVE-2023-1118 (A flaw use after free in the Linux kernel integrated infrared
receiver ...)
{DLA-3404-1 DLA-3403-1}
- linux 6.1.20-1
@@ -24487,8 +24620,8 @@ CVE-2023-25480
RESERVED
CVE-2023-25479 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Podl ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-25478
- RESERVED
+CVE-2023-25478 (Cross-Site Request Forgery (CSRF) vulnerability in Jason Rouet
Weather ...)
+ TODO: check
CVE-2023-25477
RESERVED
CVE-2023-25476
@@ -27639,8 +27772,8 @@ CVE-2023-24407
RESERVED
CVE-2023-24406 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Mune ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-24405
- RESERVED
+CVE-2023-24405 (Cross-Site Request Forgery (CSRF) vulnerability in Scott
Paterson Cont ...)
+ TODO: check
CVE-2023-24404 (Reflected Cross-Site Scripting (XSS) vulnerability in VryaSage
Marketi ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24403 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in WP F ...)
@@ -27659,8 +27792,8 @@ CVE-2023-24397
RESERVED
CVE-2023-24396 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in E4J ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-24395
- RESERVED
+CVE-2023-24395 (Cross-Site Request Forgery (CSRF) vulnerability in Scott
Paterson Cont ...)
+ TODO: check
CVE-2023-24394
RESERVED
CVE-2023-24393
@@ -28626,8 +28759,8 @@ CVE-2023-23995 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-23994 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Marc ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23993
- RESERVED
+CVE-2023-23993 (Cross-Site Request Forgery (CSRF) vulnerability in
LionScripts.Com Lio ...)
+ TODO: check
CVE-2023-23992 (Cross-Site Request Forgery (CSRF) vulnerability in AutomatorWP
plugin ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23991
@@ -28928,8 +29061,8 @@ CVE-2023-23899 (Cross-Site Request Forgery (CSRF)
vulnerability in HasThemes Ext
NOT-FOR-US: WordPress plugin
CVE-2023-23898 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23897
- RESERVED
+CVE-2023-23897 (Cross-Site Request Forgery (CSRF) vulnerability in Ozette
Plugins Simp ...)
+ TODO: check
CVE-2023-23896
RESERVED
CVE-2023-23895
@@ -28984,8 +29117,8 @@ CVE-2023-23871
RESERVED
CVE-2023-23870 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in wpde ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23869
- RESERVED
+CVE-2023-23869 (Cross-Site Request Forgery (CSRF) vulnerability in Amit
Agarwal Google ...)
+ TODO: check
CVE-2023-23868
RESERVED
CVE-2023-23867 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
@@ -29172,8 +29305,8 @@ CVE-2023-23806 (Auth. (admin+) StoredCross-Site
Scripting (XSS) vulnerability in
NOT-FOR-US: WordPress plugin
CVE-2023-23805
RESERVED
-CVE-2023-23804
- RESERVED
+CVE-2023-23804 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes
HT Feed p ...)
+ TODO: check
CVE-2023-23803
RESERVED
CVE-2023-23802 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes
HT Easy G ...)
@@ -29206,8 +29339,8 @@ CVE-2023-23789 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-23788 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Flor ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23787
- RESERVED
+CVE-2023-23787 (Cross-Site Request Forgery (CSRF) vulnerability in Premmerce
Premmerce ...)
+ TODO: check
CVE-2023-23786 (Auth. (editor+) Stored Cross-Site Scripting (XSS)
vulnerability in Chr ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23785 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in DgCu ...)
@@ -30735,8 +30868,8 @@ CVE-2022-48255 (There is a system command injection
vulnerability in BiSheng-WNM
NOT-FOR-US: Huawei
CVE-2022-48254 (There is a data processing error vulnerability in Leia-B29
2.0.0.49(M0 ...)
NOT-FOR-US: Huawei
-CVE-2023-23348
- RESERVED
+CVE-2023-23348 (HCL Launch could disclose sensitive information if a manual
edit of a ...)
+ TODO: check
CVE-2023-23347
RESERVED
CVE-2023-23346
@@ -32962,10 +33095,10 @@ CVE-2023-22697
RESERVED
CVE-2023-22696 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-22695
- RESERVED
-CVE-2023-22694
- RESERVED
+CVE-2023-22695 (Cross-Site Request Forgery (CSRF) vulnerability in Hiroaki
Miyashita C ...)
+ TODO: check
+CVE-2023-22694 (Cross-Site Request Forgery (CSRF) vulnerability in Arian
Khosravi, Nor ...)
+ TODO: check
CVE-2023-22693 (Cross-Site Request Forgery (CSRF) vulnerability in conlabzgmbh
WP Goog ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22692 (Cross-Site Request Forgery (CSRF) vulnerability in Jeroen
Peters Name ...)
@@ -33006,8 +33139,8 @@ CVE-2023-22675
RESERVED
CVE-2023-22674
RESERVED
-CVE-2023-22673
- RESERVED
+CVE-2023-22673 (Cross-Site Request Forgery (CSRF) vulnerability in MageNet
Website Mon ...)
+ TODO: check
CVE-2023-22672
RESERVED
CVE-2023-0104 (The listed versions for Weintek EasyBuilder Pro are vulnerable
to a Zi ...)
@@ -41421,7 +41554,7 @@ CVE-2022-4245
RESERVED
CVE-2022-4244
RESERVED
-CVE-2022-4243 (The ImageInject WordPress plugin through TODO does not sanitise
and es ...)
+CVE-2022-4243 (The ImageInject WordPress plugin through 1.17 does not sanitise
and es ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4242 (The WP Google Review Slider WordPress plugin before 11.6 does
not sani ...)
NOT-FOR-US: WordPress plugin
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c526f772f4aa01aa581b029585ff3dc349713968
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c526f772f4aa01aa581b029585ff3dc349713968
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
