Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e8b3c568 by Salvatore Bonaccorso at 2024-01-11T22:48:26+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,11 +13,11 @@ CVE-2024-22942 (TOTOLINK A3300R V17.0.0cu.557_B20221024 was
discovered to contai
CVE-2024-22199 (This package provides universal methods to use multiple
template engin ...)
TODO: check
CVE-2024-22198 (Nginx-UI is a web interface to manage Nginx configurations. It
is vuln ...)
- TODO: check
+ NOT-FOR-US: Nginx-UI
CVE-2024-22197 (Nginx-ui is online statistics for Server Indicators Monitor
CPU usage, ...)
- TODO: check
+ NOT-FOR-US: Nginx-UI
CVE-2024-22196 (Nginx-UI is an online statistics for Server Indicators Monitor
CPU usa ...)
- TODO: check
+ NOT-FOR-US: Nginx-UI
CVE-2024-0429 (A denial service vulnerability has been found on Hex Workshop
affectin ...)
NOT-FOR-US: Hex Workshop
CVE-2024-0425 (A vulnerability classified as critical was found in ForU CMS up
to 202 ...)
@@ -49,145 +49,145 @@ CVE-2024-0411 (A vulnerability was found in DeShang
DSMall up to 6.1.0. It has b
CVE-2024-0227 (Devise-Two-Factor does not throttle or otherwise restrict login
attemp ...)
TODO: check
CVE-2023-7071 (The Essential Blocks \u2013 Page Builder Gutenberg Blocks,
Patterns & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-7070 (The Email Encoder \u2013 Protect Email Addresses and Phone
Numbers plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-7048 (The My Sticky Bar plugin for WordPress is vulnerable to
Cross-Site Req ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-7019 (The LightStart \u2013 Maintenance Mode, Coming Soon and Landing
Page B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6994 (The List category posts plugin for WordPress is vulnerable to
Stored C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6990 (The Weaver Xtreme theme for WordPress is vulnerable to Stored
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6988 (The Colibri Page Builder plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6979 (The Customer Reviews for WooCommerce plugin for WordPress is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6938 (The Oxygen Builder plugin for WordPress is vulnerable to Stored
Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6934 (The Limit Login Attempts Reloaded plugin for WordPress is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6924 (The Photo Gallery by 10Web plugin for WordPress is vulnerable
to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6882 (The Simple Membership plugin for WordPress is vulnerable to
Reflected ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6878 (The Slick Social Share Buttons plugin for WordPress is
vulnerable to u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6875 (The POST SMTP Mailer \u2013 Email log, Delivery Failure
Notifications ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6855 (The Paid Memberships Pro \u2013 Content Restriction, User
Registration ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6828 (The Contact Form, Survey & Popup Form Plugin for WordPress
\u2013 ARF ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6782 (The AMP for WP \u2013 Accelerated Mobile Pages plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6781 (The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable
to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6776 (The 3D FlipBook plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6751 (The Hostinger plugin for WordPress is vulnerable to
unauthorized plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6742 (The Gallery Plugin for WordPress \u2013 Envira Photo Gallery
plugin fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6737 (The Enable Media Replace plugin for WordPress is vulnerable to
Reflect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6684 (The Ibtana \u2013 WordPress Website Builder plugin for
WordPress is vu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6645 (The Post Grid Combo \u2013 36+ Gutenberg Blocks plugin for
WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6638 (The GTG Product Feed for Shopping plugin for WordPress is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6637 (The CAOS | Host Google Analytics Locally plugin for WordPress
is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6636 (The Greenshift \u2013 animation and page builder blocks plugin
for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6634 (The LearnPress plugin for WordPress is vulnerable to Command
Injection ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6632 (The Happy Addons for Elementor plugin for WordPress is
vulnerable to R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6624 (The Import and export users and customers plugin for WordPress
is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6598 (The SpeedyCache plugin for WordPress is vulnerable to
unauthorized mod ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6583 (The Import and export users and customers plugin for WordPress
is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6582 (The ElementsKit Elementor addons plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6567 (The LearnPress plugin for WordPress is vulnerable to time-based
SQL In ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6561 (The Featured Image from URL (FIFU) plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6558 (The Export and Import Users and Customers plugin for WordPress
is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6556 (The FOX \u2013 Currency Switcher Professional for WooCommerce
plugin f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6554 (When access to the "admin" folder is not protected by some
external au ...)
TODO: check
CVE-2023-6504 (The User Profile Builder \u2013 Beautiful User Registration
Forms, Use ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6496 (The Manage Notification E-mails plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6369 (The Export WP Page to Static HTML/CSS plugin for WordPress is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6316 (The MW WP Form plugin for WordPress is vulnerable to arbitrary
file up ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6266 (The Backup Migration plugin for WordPress is vulnerable to
unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6244 (The EventON - WordPress Virtual Event Calendar Plugin plugin
for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6242 (The EventON - WordPress Virtual Event Calendar Plugin plugin
for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6220 (The Piotnet Forms plugin for WordPress is vulnerable to
arbitrary file ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5691 (The Chatbot for WordPress plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5504 (The BackWPup plugin for WordPress is vulnerable to Directory
Traversal ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5118 (The application is vulnerable to Stored Cross-Site Scripting
(XSS) in ...)
TODO: check
CVE-2023-52032 (TOTOlink EX1200T V4.1.2cu.5232_B20210713 was discovered to
contain a r ...)
- TODO: check
+ NOT-FOR-US: TOTOlink
CVE-2023-52031 (TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to
contain a rem ...)
- TODO: check
+ NOT-FOR-US: TOTOlink
CVE-2023-52030 (TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to
contain a rem ...)
- TODO: check
+ NOT-FOR-US: TOTOlink
CVE-2023-52029 (TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to
contain a rem ...)
- TODO: check
+ NOT-FOR-US: TOTOlink
CVE-2023-52028 (TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to
contain a rem ...)
- TODO: check
+ NOT-FOR-US: TOTOlink
CVE-2023-52027 (TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to
contain a rem ...)
- TODO: check
+ NOT-FOR-US: TOTOlink
CVE-2023-51989 (D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1
interface, ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2023-51987 (D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1
interface, ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2023-51984 (D-Link DIR-822+ V1.0.2 was found to contain a command
injection in Set ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2023-51751 (ScaleFusion 10.5.2 does not properly limit users to the Edge
applicati ...)
- TODO: check
+ NOT-FOR-US: ScaleFusion
CVE-2023-51750 (ScaleFusion 10.5.2 does not properly limit users to the Edge
applicati ...)
- TODO: check
+ NOT-FOR-US: ScaleFusion
CVE-2023-51749 (ScaleFusion 10.5.2 does not properly limit users to the Edge
applicati ...)
- TODO: check
+ NOT-FOR-US: ScaleFusion
CVE-2023-51748 (ScaleFusion 10.5.2 does not properly limit users to the Edge
applicati ...)
- TODO: check
+ NOT-FOR-US: ScaleFusion
CVE-2023-50671 (In exiftags 1.01, nikon_prop1 in nikon.c has a heap-based
buffer overf ...)
TODO: check
CVE-2023-50159 (In ScaleFusion (Windows Desktop App) agent v10.5.2, Kiosk mode
applica ...)
- TODO: check
+ NOT-FOR-US: ScaleFusion
CVE-2023-4962 (The Video PopUp plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4960 (The WCFM Marketplace plugin for WordPress is vulnerable to
Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4372 (The LiteSpeed Cache plugin for WordPress is vulnerable to
Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4248 (The GiveWP plugin for WordPress is vulnerable to Cross-Site
Request Fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4247 (The GiveWP plugin for WordPress is vulnerable to Cross-Site
Request Fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4246 (The GiveWP plugin for WordPress is vulnerable to Cross-Site
Request Fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-4958 (A vulnerability classified as problematic has been found in
qkmc-rk re ...)
TODO: check
CVE-2024-22195 (Jinja is an extensible templating engine. Special placeholders
in the ...)
@@ -547,7 +547,7 @@ CVE-2023-37934 (An allocation of resources without limits
or throttling vulnerab
CVE-2023-37932 (An improper limitation of a pathname to a restricted directory
('path ...)
NOT-FOR-US: FortiGuard
CVE-2023-31488 (Hyland Perceptive Filters releases before 2023-12-08 (e.g.,
11.4.0.264 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-49619 (Concurrent Execution using Shared Resource with Improper
Synchronizati ...)
NOT-FOR-US: Apache Answer
CVE-2024-21643 (IdentityModel Extensions for .NET provide assemblies for web
developer ...)
@@ -42530,7 +42530,7 @@ CVE-2023-29449 (JavaScript preprocessing, webhooks and
global scripts can cause
CVE-2023-29448
RESERVED
CVE-2023-29447 (An insufficiently protected credentials vulnerability in
KEPServerEX c ...)
- TODO: check
+ NOT-FOR-US: KEPServerEX
CVE-2023-29446 (An improper input validation vulnerability has been discovered
that co ...)
TODO: check
CVE-2023-29445 (An uncontrolled search path element vulnerability (DLL
hijacking) has ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e8b3c568c8ef525a920dba0e9e143e9b8b5798c8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e8b3c568c8ef525a920dba0e9e143e9b8b5798c8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
