Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: e8b3c568 by Salvatore Bonaccorso at 2024-01-11T22:48:26+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -13,11 +13,11 @@ CVE-2024-22942 (TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contai CVE-2024-22199 (This package provides universal methods to use multiple template engin ...) TODO: check CVE-2024-22198 (Nginx-UI is a web interface to manage Nginx configurations. It is vuln ...) - TODO: check + NOT-FOR-US: Nginx-UI CVE-2024-22197 (Nginx-ui is online statistics for Server Indicators Monitor CPU usage, ...) - TODO: check + NOT-FOR-US: Nginx-UI CVE-2024-22196 (Nginx-UI is an online statistics for Server Indicators Monitor CPU usa ...) - TODO: check + NOT-FOR-US: Nginx-UI CVE-2024-0429 (A denial service vulnerability has been found on Hex Workshop affectin ...) NOT-FOR-US: Hex Workshop CVE-2024-0425 (A vulnerability classified as critical was found in ForU CMS up to 202 ...) @@ -49,145 +49,145 @@ CVE-2024-0411 (A vulnerability was found in DeShang DSMall up to 6.1.0. It has b CVE-2024-0227 (Devise-Two-Factor does not throttle or otherwise restrict login attemp ...) TODO: check CVE-2023-7071 (The Essential Blocks \u2013 Page Builder Gutenberg Blocks, Patterns & ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-7070 (The Email Encoder \u2013 Protect Email Addresses and Phone Numbers plu ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-7048 (The My Sticky Bar plugin for WordPress is vulnerable to Cross-Site Req ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-7019 (The LightStart \u2013 Maintenance Mode, Coming Soon and Landing Page B ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6994 (The List category posts plugin for WordPress is vulnerable to Stored C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6990 (The Weaver Xtreme theme for WordPress is vulnerable to Stored Cross-Si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6988 (The Colibri Page Builder plugin for WordPress is vulnerable to Stored ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6979 (The Customer Reviews for WooCommerce plugin for WordPress is vulnerabl ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6938 (The Oxygen Builder plugin for WordPress is vulnerable to Stored Cross- ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6934 (The Limit Login Attempts Reloaded plugin for WordPress is vulnerable t ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6924 (The Photo Gallery by 10Web plugin for WordPress is vulnerable to Store ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6882 (The Simple Membership plugin for WordPress is vulnerable to Reflected ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6878 (The Slick Social Share Buttons plugin for WordPress is vulnerable to u ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6875 (The POST SMTP Mailer \u2013 Email log, Delivery Failure Notifications ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6855 (The Paid Memberships Pro \u2013 Content Restriction, User Registration ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6828 (The Contact Form, Survey & Popup Form Plugin for WordPress \u2013 ARF ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6782 (The AMP for WP \u2013 Accelerated Mobile Pages plugin for WordPress is ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6781 (The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Store ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6776 (The 3D FlipBook plugin for WordPress is vulnerable to Stored Cross-Sit ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6751 (The Hostinger plugin for WordPress is vulnerable to unauthorized plugi ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6742 (The Gallery Plugin for WordPress \u2013 Envira Photo Gallery plugin fo ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6737 (The Enable Media Replace plugin for WordPress is vulnerable to Reflect ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6684 (The Ibtana \u2013 WordPress Website Builder plugin for WordPress is vu ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6645 (The Post Grid Combo \u2013 36+ Gutenberg Blocks plugin for WordPress i ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6638 (The GTG Product Feed for Shopping plugin for WordPress is vulnerable t ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6637 (The CAOS | Host Google Analytics Locally plugin for WordPress is vulne ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6636 (The Greenshift \u2013 animation and page builder blocks plugin for Wor ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6634 (The LearnPress plugin for WordPress is vulnerable to Command Injection ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6632 (The Happy Addons for Elementor plugin for WordPress is vulnerable to R ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6624 (The Import and export users and customers plugin for WordPress is vuln ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6598 (The SpeedyCache plugin for WordPress is vulnerable to unauthorized mod ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6583 (The Import and export users and customers plugin for WordPress is vuln ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6582 (The ElementsKit Elementor addons plugin for WordPress is vulnerable to ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6567 (The LearnPress plugin for WordPress is vulnerable to time-based SQL In ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6561 (The Featured Image from URL (FIFU) plugin for WordPress is vulnerable ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6558 (The Export and Import Users and Customers plugin for WordPress is vuln ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6556 (The FOX \u2013 Currency Switcher Professional for WooCommerce plugin f ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6554 (When access to the "admin" folder is not protected by some external au ...) TODO: check CVE-2023-6504 (The User Profile Builder \u2013 Beautiful User Registration Forms, Use ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6496 (The Manage Notification E-mails plugin for WordPress is vulnerable to ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6369 (The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerab ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6316 (The MW WP Form plugin for WordPress is vulnerable to arbitrary file up ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6266 (The Backup Migration plugin for WordPress is vulnerable to unauthorize ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6244 (The EventON - WordPress Virtual Event Calendar Plugin plugin for WordP ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6242 (The EventON - WordPress Virtual Event Calendar Plugin plugin for WordP ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6220 (The Piotnet Forms plugin for WordPress is vulnerable to arbitrary file ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-5691 (The Chatbot for WordPress plugin for WordPress is vulnerable to Stored ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-5504 (The BackWPup plugin for WordPress is vulnerable to Directory Traversal ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-5118 (The application is vulnerable to Stored Cross-Site Scripting (XSS) in ...) TODO: check CVE-2023-52032 (TOTOlink EX1200T V4.1.2cu.5232_B20210713 was discovered to contain a r ...) - TODO: check + NOT-FOR-US: TOTOlink CVE-2023-52031 (TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a rem ...) - TODO: check + NOT-FOR-US: TOTOlink CVE-2023-52030 (TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a rem ...) - TODO: check + NOT-FOR-US: TOTOlink CVE-2023-52029 (TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a rem ...) - TODO: check + NOT-FOR-US: TOTOlink CVE-2023-52028 (TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a rem ...) - TODO: check + NOT-FOR-US: TOTOlink CVE-2023-52027 (TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a rem ...) - TODO: check + NOT-FOR-US: TOTOlink CVE-2023-51989 (D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, ...) - TODO: check + NOT-FOR-US: D-Link CVE-2023-51987 (D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, ...) - TODO: check + NOT-FOR-US: D-Link CVE-2023-51984 (D-Link DIR-822+ V1.0.2 was found to contain a command injection in Set ...) - TODO: check + NOT-FOR-US: D-Link CVE-2023-51751 (ScaleFusion 10.5.2 does not properly limit users to the Edge applicati ...) - TODO: check + NOT-FOR-US: ScaleFusion CVE-2023-51750 (ScaleFusion 10.5.2 does not properly limit users to the Edge applicati ...) - TODO: check + NOT-FOR-US: ScaleFusion CVE-2023-51749 (ScaleFusion 10.5.2 does not properly limit users to the Edge applicati ...) - TODO: check + NOT-FOR-US: ScaleFusion CVE-2023-51748 (ScaleFusion 10.5.2 does not properly limit users to the Edge applicati ...) - TODO: check + NOT-FOR-US: ScaleFusion CVE-2023-50671 (In exiftags 1.01, nikon_prop1 in nikon.c has a heap-based buffer overf ...) TODO: check CVE-2023-50159 (In ScaleFusion (Windows Desktop App) agent v10.5.2, Kiosk mode applica ...) - TODO: check + NOT-FOR-US: ScaleFusion CVE-2023-4962 (The Video PopUp plugin for WordPress is vulnerable to Stored Cross-Sit ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-4960 (The WCFM Marketplace plugin for WordPress is vulnerable to Stored Cros ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-4372 (The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-4248 (The GiveWP plugin for WordPress is vulnerable to Cross-Site Request Fo ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-4247 (The GiveWP plugin for WordPress is vulnerable to Cross-Site Request Fo ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-4246 (The GiveWP plugin for WordPress is vulnerable to Cross-Site Request Fo ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-4958 (A vulnerability classified as problematic has been found in qkmc-rk re ...) TODO: check CVE-2024-22195 (Jinja is an extensible templating engine. Special placeholders in the ...) @@ -547,7 +547,7 @@ CVE-2023-37934 (An allocation of resources without limits or throttling vulnerab CVE-2023-37932 (An improper limitation of a pathname to a restricted directory ('path ...) NOT-FOR-US: FortiGuard CVE-2023-31488 (Hyland Perceptive Filters releases before 2023-12-08 (e.g., 11.4.0.264 ...) - TODO: check + NOT-FOR-US: Cisco CVE-2023-49619 (Concurrent Execution using Shared Resource with Improper Synchronizati ...) NOT-FOR-US: Apache Answer CVE-2024-21643 (IdentityModel Extensions for .NET provide assemblies for web developer ...) @@ -42530,7 +42530,7 @@ CVE-2023-29449 (JavaScript preprocessing, webhooks and global scripts can cause CVE-2023-29448 RESERVED CVE-2023-29447 (An insufficiently protected credentials vulnerability in KEPServerEX c ...) - TODO: check + NOT-FOR-US: KEPServerEX CVE-2023-29446 (An improper input validation vulnerability has been discovered that co ...) TODO: check CVE-2023-29445 (An uncontrolled search path element vulnerability (DLL hijacking) has ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e8b3c568c8ef525a920dba0e9e143e9b8b5798c8 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e8b3c568c8ef525a920dba0e9e143e9b8b5798c8 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits