Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8ddb100b by Salvatore Bonaccorso at 2023-07-18T22:22:50+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,81 +1,81 @@
CVE-2023-3743 (Ap Page Builder, in versions lower than 1.7.8.2, could allow a
remote ...)
- TODO: check
+ NOT-FOR-US: Ap Page Builder
CVE-2023-38326
REJECTED
CVE-2023-38257 (Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to
an insec ...)
- TODO: check
+ NOT-FOR-US: Iagona ScrutisWeb
CVE-2023-37973 (Cross-Site Request Forgery (CSRF) vulnerability in David
Pokorny Repla ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37892 (Cross-Site Request Forgery (CSRF) vulnerability in Kemal
YAZICI - Plug ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37889 (Cross-Site Request Forgery (CSRF) vulnerability in WPAdmin
WPAdmin AWS ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37788 (goproxy v1.1 was discovered to contain an issue which can lead
to a De ...)
TODO: check
CVE-2023-37758 (D-LINK DIR-815 v1.01 was discovered to contain a buffer
overflow via t ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2023-37481 (Fides is an open-source privacy engineering platform for
managing data ...)
TODO: check
CVE-2023-37480 (Fides is an open-source privacy engineering platform for
managing data ...)
TODO: check
CVE-2023-37477 (1Panel is an open source Linux server operation and
maintenance manage ...)
- TODO: check
+ NOT-FOR-US: 1Panel
CVE-2023-37387 (Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme
Classif ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37386 (Cross-Site Request Forgery (CSRF) vulnerability in Media
Library Helpe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37259 (matrix-react-sdk is a react-based SDK for inserting a Matrix
chat/voip ...)
TODO: check
CVE-2023-37143 (ChakraCore branch master cbb9b was discovered to contain a
segmentatio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-37142 (ChakraCore branch master cbb9b was discovered to contain a
segmentatio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-37141 (ChakraCore branch master cbb9b was discovered to contain a
segmentatio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-37140 (ChakraCore branch master cbb9b was discovered to contain a
segmentatio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-37139 (ChakraCore branch master cbb9b was discovered to contain a
stack overf ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36670 (A remotely exploitable command injection vulnerability was
found on th ...)
- TODO: check
+ NOT-FOR-US: Kratos NGC-IDU
CVE-2023-36669 (Missing Authentication for a Critical Function within the
Kratos NGC I ...)
- TODO: check
+ NOT-FOR-US: Kratos NGC-IDU
CVE-2023-36384 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
CodePeop ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36383 (Auth. (editor+) Stored Cross-Site Scripting (XSS)
vulnerability in Mag ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36120
REJECTED
CVE-2023-35763 (Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to
a crypto ...)
- TODO: check
+ NOT-FOR-US: Iagona ScrutisWeb
CVE-2023-35189 (Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to
a remote ...)
- TODO: check
+ NOT-FOR-US: Iagona ScrutisWeb
CVE-2023-34330 (AMI SPx contains a vulnerability in the BMC where a User may
cause a i ...)
- TODO: check
+ NOT-FOR-US: AMI SPx
CVE-2023-34329 (AMI SPx contains a vulnerability in BMC where a User may cause
an auth ...)
- TODO: check
+ NOT-FOR-US: AMI SPx
CVE-2023-34035 (Spring Security versions 5.8prior to 5.8.5, 6.0prior to
6.0.5,and 6.1p ...)
TODO: check
CVE-2023-33871 (Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to
a direct ...)
- TODO: check
+ NOT-FOR-US: Iagona ScrutisWeb
CVE-2023-33329 (Auth. (admin+) Reflected Cross-Site Scripting (XSS)
vulnerability in H ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33312 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
wppal Ea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33265 (In Hazelcast through 5.0.4, 5.1 through 5.1.6, and 5.2 through
5.2.3, ...)
TODO: check
CVE-2023-33231 (XSS attack was possible in DPA 2023.2 due to insufficient
input valida ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2023-32965 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
CRUDLab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-31441 (In NATO Communications and Information Agency anet (aka
Advisor Networ ...)
- TODO: check
+ NOT-FOR-US: NATO Communications and Information Agency anet
CVE-2023-2913 (An executable used in Rockwell Automation ThinManager
ThinServer can b ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2023-2433 (The YARPP plugin for WordPress is vulnerable to Stored
Cross-Site Scri ...)
NOT-FOR-US: YARPP plugin for WordPress
CVE-2021-4428 (A vulnerability has been found in what3words Autosuggest Plugin
up to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2020-36762 (A vulnerability was found in ONS Digital RAS Collection
Instrument up ...)
TODO: check
CVE-2018-25088 (A vulnerability, which was classified as critical, was found
in Blue Y ...)
@@ -8860,7 +8860,7 @@ CVE-2023-2265
CVE-2023-2264
RESERVED
CVE-2023-2263 (The Rockwell Automation Kinetix 5700 DC Bus Power Supply Series
A is v ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2023-2262
RESERVED
CVE-2023-2261 (The WP Activity Log plugin for WordPress is vulnerable to
authorizatio ...)
@@ -9472,7 +9472,7 @@ CVE-2023-30908
CVE-2023-30907
RESERVED
CVE-2023-30906 (The vulnerability could be locally exploited to allow
escalation of pr ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2023-30905 (The MC990 X and UV300 RMC component has and inadequate default
configu ...)
NOT-FOR-US: HPE
CVE-2023-30904 (A security vulnerability in HPE Insight Remote Support may
result in t ...)
@@ -11339,7 +11339,7 @@ CVE-2023-30385
CVE-2023-30384
RESERVED
CVE-2023-30383 (TP-LINK Archer C50v2 Archer C50(US)_V2_160801, TP-LINK Archer
C20v1 Ar ...)
- TODO: check
+ NOT-FOR-US: TP-LINK
CVE-2023-30382 (A buffer overflow in the component hl.exe of Valve Half-Life
up to 543 ...)
NOT-FOR-US: hl.exe of Valve Half-Life
CVE-2023-30381
@@ -11813,7 +11813,7 @@ CVE-2023-30155
CVE-2023-30154
RESERVED
CVE-2023-30153 (An SQL injection vulnerability in the Payplug (payplug) module
for Pre ...)
- TODO: check
+ NOT-FOR-US: PrestaShop module
CVE-2023-30152
RESERVED
CVE-2023-30151 (A SQL injection vulnerability in the Boxtal (envoimoinscher)
module fo ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8ddb100ba928b6d911f9d0fa0bbbdaa4f3fce0d4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8ddb100ba928b6d911f9d0fa0bbbdaa4f3fce0d4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
