Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 82321fd6 by Salvatore Bonaccorso at 2023-07-18T22:56:12+02:00 Process some more NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -18667,15 +18667,15 @@ CVE-2023-28025 CVE-2023-28024 RESERVED CVE-2023-28023 (A cross site request forgery vulnerability in the BigFix WebUI Softwar ...) - TODO: check + NOT-FOR-US: HCL CVE-2023-28022 RESERVED CVE-2023-28021 (The BigFix WebUI uses weak cipher suites.) - TODO: check + NOT-FOR-US: HCL CVE-2023-28020 (URL redirection in Login page in HCL BigFix WebUI allows malicious use ...) - TODO: check + NOT-FOR-US: HCL CVE-2023-28019 (Insufficient validation in Bigfix WebUI API App site version < 14 allo ...) - TODO: check + NOT-FOR-US: HCL CVE-2023-28018 RESERVED CVE-2023-28017 @@ -26230,7 +26230,7 @@ CVE-2023-25484 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i CVE-2023-25483 RESERVED CVE-2023-25482 (Cross-Site Request Forgery (CSRF) vulnerability in Mike Martel WP Tile ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-25481 (Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Sub ...) NOT-FOR-US: WordPress plugin CVE-2023-25480 @@ -26244,11 +26244,11 @@ CVE-2023-25477 CVE-2023-25476 RESERVED CVE-2023-25475 (Cross-Site Request Forgery (CSRF) vulnerability in Vladimir Prelovac S ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-25474 (Cross-Site Request Forgery (CSRF) vulnerability in Csaba Kissi About M ...) NOT-FOR-US: WordPress plugin CVE-2023-25473 (Cross-Site Request Forgery (CSRF) vulnerability in Miro Mannino Flickr ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-25472 (Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Pod ...) NOT-FOR-US: WordPress plugin CVE-2023-25471 @@ -27316,7 +27316,7 @@ CVE-2023-25038 (Cross-Site Request Forgery (CSRF) vulnerability in 984.Ru For th CVE-2023-25037 RESERVED CVE-2023-25036 (Cross-Site Request Forgery (CSRF) vulnerability in akhlesh-nagar, a.An ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-25035 RESERVED CVE-2023-25034 (Cross-Site Request Forgery (CSRF) vulnerability in BoLiQuan WP Clean U ...) @@ -29420,7 +29420,7 @@ CVE-2023-24392 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I CVE-2023-24391 RESERVED CVE-2023-24390 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WeSe ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-24389 RESERVED CVE-2023-24388 (Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Booking ca ...) @@ -31414,7 +31414,7 @@ CVE-2023-23662 CVE-2023-23661 RESERVED CVE-2023-23660 (Auth. (subscriber+) SQL Injection (SQLi) vulnerability in MainWP MainW ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-23659 (Cross-Site Request Forgery (CSRF) vulnerability in MainWP Matomo Exten ...) NOT-FOR-US: MainWP Matomo Extension CVE-2023-23658 @@ -39715,7 +39715,7 @@ CVE-2022-47423 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i CVE-2022-47422 (Cross-Site Request Forgery (CSRF) vulnerability in HM Plugin Accept St ...) NOT-FOR-US: WordPress plugin CVE-2022-47421 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Repu ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-47420 RESERVED CVE-2022-47419 (An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful ...) @@ -40606,7 +40606,7 @@ CVE-2022-47171 (Improper Neutralization of Input During Web Page Generation ('Cr CVE-2022-47170 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Unli ...) NOT-FOR-US: WordPress plugin CVE-2022-47169 (Cross-Site Request Forgery (CSRF) vulnerability in StaxWP Visibility L ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-47168 RESERVED CVE-2022-47167 (Cross-Site Request Forgery (CSRF) vulnerability in Aram Kocharyan Cray ...) @@ -41468,7 +41468,7 @@ CVE-2022-46859 CVE-2022-46858 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Amin A.R ...) NOT-FOR-US: WordPress plugin CVE-2022-46857 (Cross-Site Request Forgery (CSRF) vulnerability in SiteAlert plugin <= ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-46856 (Cross-Site Request Forgery (CSRF) vulnerability in ORION Woocommerce P ...) NOT-FOR-US: WordPress plugin CVE-2022-46855 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...) @@ -44650,7 +44650,7 @@ CVE-2022-45830 CVE-2022-45829 (Auth. Path Traversal vulnerability inEasy WP SMTP plugin <= 1.5.1 atWo ...) NOT-FOR-US: WordPress plugin CVE-2022-45828 (Cross-Site Request Forgery (CSRF) vulnerability in NooTheme Noo Timeta ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-45827 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gall ...) NOT-FOR-US: WordPress plugin CVE-2022-45826 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82321fd62e1305270e6cd20d93eb9600caadb664 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82321fd62e1305270e6cd20d93eb9600caadb664 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits