Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: aec4c65c by Salvatore Bonaccorso at 2023-12-29T21:29:06+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,7 +1,7 @@ CVE-2023-7171 (A vulnerability was found in Novel-Plus up to 4.2.0. It has been decla ...) - TODO: check + NOT-FOR-US: Novel-Plus CVE-2023-7166 (A vulnerability classified as problematic has been found in Novel-Plus ...) - TODO: check + NOT-FOR-US: Novel-Plus CVE-2023-7114 (Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths ...) - mattermost-server <itp> (bug #823556) CVE-2023-7113 (Mattermost version 8.1.6 and earlier fails to sanitize channel mention ...) @@ -13,105 +13,105 @@ CVE-2023-7079 (Sending specially crafted HTTP requests and inspector messages to CVE-2023-7078 (Sending specially crafted HTTP requests to Miniflare's server could re ...) TODO: check CVE-2023-52139 (Misskey is an open source, decentralized social media platform. Third- ...) - TODO: check + NOT-FOR-US: Misskey CVE-2023-52137 (The [`tj-actions/verify-changed-files`](https://github.com/tj-actions/ ...) - TODO: check + NOT-FOR-US: verify-changed-files tj-actions Github actions CVE-2023-52135 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51688 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51687 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51676 (Server-Side Request Forgery (SSRF) vulnerability in Leevio Happy Addon ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51675 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in A ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51663 (Hail is an open-source, general-purpose, Python-based data analysis to ...) TODO: check CVE-2023-51545 (Cross-Site Request Forgery (CSRF), Deserialization of Untrusted Data v ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51541 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51527 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51517 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51505 (Deserialization of Untrusted Data vulnerability in realmag777 Active P ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51475 (Unrestricted Upload of File with Dangerous Type vulnerability in IOSS ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51473 (Unrestricted Upload of File with Dangerous Type vulnerability in Pixel ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51470 (Deserialization of Untrusted Data vulnerability in Jacques Malgrange R ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51468 (Unrestricted Upload of File with Dangerous Type vulnerability in Jacqu ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51422 (Deserialization of Untrusted Data vulnerability in Saleswonder Team We ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51421 (Unrestricted Upload of File with Dangerous Type vulnerability in Soft8 ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51420 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51419 (Unrestricted Upload of File with Dangerous Type vulnerability in Berth ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51417 (Unrestricted Upload of File with Dangerous Type vulnerability in Joris ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51414 (Deserialization of Untrusted Data vulnerability in EnvialoSimple Env\x ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51412 (Unrestricted Upload of File with Dangerous Type vulnerability in Piotn ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51411 (Unrestricted Upload of File with Dangerous Type vulnerability in Shabt ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51410 (Unrestricted Upload of File with Dangerous Type vulnerability in WPVib ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51402 (Cross-Site Request Forgery (CSRF) vulnerability in Brain Storm Force U ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51399 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51397 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51396 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51378 (Cross-Site Request Forgery (CSRF) vulnerability in Rise Themes Rise Bl ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51374 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51373 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51372 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51371 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51361 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51358 (Cross-Site Request Forgery (CSRF) vulnerability in Bright Plugins Bloc ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51354 (Cross-Site Request Forgery (CSRF) vulnerability in WebbaPlugins Appoin ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50902 (Cross-Site Request Forgery (CSRF) vulnerability in WPExpertsio New Use ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50901 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50896 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50893 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50892 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50891 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50889 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50881 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50880 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50879 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50878 (Cross-Site Request Forgery (CSRF) vulnerability in InspireUI MStore AP ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50837 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50572 (An issue in the component GroovyEngine.execute of jline-groovy v3.24.1 ...) TODO: check CVE-2023-50571 (easy-rules-mvel v4.1.0 was discovered to contain a remote code executi ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aec4c65c1a89b0e5228b46f6c379701eaae3434d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aec4c65c1a89b0e5228b46f6c379701eaae3434d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits