Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
66aa4601 by Salvatore Bonaccorso at 2023-03-06T21:14:42+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10997,7 +10997,7 @@ CVE-2023-0379 (The Spotlight Social Feeds WordPress
plugin before 1.4.3 does not
CVE-2023-0378 (The Greenshift WordPress plugin before 5.0 does not validate
and escap ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0377 (The Scriptless Social Sharing WordPress plugin before 3.2.2
does not v ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0376
RESERVED
CVE-2023-0375 (The Easy Affiliate Links WordPress plugin before 3.7.1 does not
valida ...)
@@ -11594,7 +11594,7 @@ CVE-2023-23597
- firefox 109.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-01/#CVE-2023-23597
CVE-2023-0328 (The WPCode WordPress plugin before 2.0.7 does not have adequate
privil ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0327 (A vulnerability was found in saemorris TheRadSystem. It has
been class ...)
NOT-FOR-US: saemorris TheRadSystem
CVE-2023-0326
@@ -13022,7 +13022,7 @@ CVE-2023-0214 (A cross-site scripting vulnerability in
Skyhigh SWG in main relea
CVE-2023-0213
RESERVED
CVE-2023-0212 (The Advanced Recent Posts WordPress plugin through 0.6.14 does
not val ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0211
RESERVED
CVE-2022-4885 (A vulnerability has been found in sviehb jefferson up to 0.3
and class ...)
@@ -13529,7 +13529,7 @@ CVE-2023-0167
CVE-2023-0166 (The Product Slider for WooCommerce by PickPlugins WordPress
plugin bef ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0165 (The Cost Calculator WordPress plugin through 1.8 does not
validate and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0164 (OrangeScrum version 2.0.11 allows an authenticated external
attacker t ...)
NOT-FOR-US: OrangeScrum
CVE-2022-48253 (nhttpd in Nostromo before 2.1 is vulnerable to a path
traversal that m ...)
@@ -14649,7 +14649,7 @@ CVE-2023-0080 (The Customer Reviews for WooCommerce
WordPress plugin before 5.16
CVE-2023-0079
RESERVED
CVE-2023-0078 (The Resume Builder WordPress plugin through 3.1.1 does not
sanitize an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0077 (Integer overflow or wraparound vulnerability in CGI component
in Synol ...)
NOT-FOR-US: Synology
CVE-2022-4877 (A vulnerability has been found in snoyberg keter up to 1.8.1
and class ...)
@@ -14729,7 +14729,7 @@ CVE-2023-22620
CVE-2023-22619
RESERVED
CVE-2023-0076 (The Download Attachments WordPress plugin through 1.2.24 does
not vali ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0075 (The Amazon JS WordPress plugin through 0.10 does not validate
and esca ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0074 (The WP Social Widget WordPress plugin before 2.2.4 does not
validate a ...)
@@ -14743,19 +14743,19 @@ CVE-2023-0071 (The WP Tabs WordPress plugin before
2.1.17 does not validate and
CVE-2023-0070 (The ResponsiveVoice Text To Speech WordPress plugin through
1.7.6 does ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0069 (The WPaudio MP3 Player WordPress plugin through 4.0.2 does not
validat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0068 (The Product GTIN (EAN, UPC, ISBN) for WooCommerce WordPress
plugin thr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0067 (The Timed Content WordPress plugin before 2.73 does not
validate and e ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0066
RESERVED
CVE-2023-0065 (The i2 Pros & Cons WordPress plugin through 1.3.1 does not
validat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0064 (The eVision Responsive Column Layout Shortcodes WordPress
plugin throu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0063 (The WordPress Shortcodes WordPress plugin through 1.6.36 does
not vali ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0062 (The EAN for WooCommerce WordPress plugin before 4.4.3 does not
validat ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0061 (The Judge.me Product Reviews for WooCommerce WordPress plugin
before 1 ...)
@@ -21425,7 +21425,7 @@ CVE-2022-4330 (The WP Attachments WordPress plugin
through 5.0.5 does not saniti
CVE-2022-4329 (The Product list Widget for Woocommerce WordPress plugin
through 1.0 d ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4328 (The WooCommerce Checkout Field Manager WordPress plugin before
18.0 do ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-4327 (This issue does not bear any security risk as it's only
exploitable by ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4326 (Improper preservation of permissions vulnerability in Trellix
Endpoint ...)
@@ -22495,7 +22495,7 @@ CVE-2022-4267 (The Bulk Delete Users by Email WordPress
plugin through 1.2 does
CVE-2022-4266 (The Bulk Delete Users by Email WordPress plugin through 1.2
does not h ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4265 (The Replyable WordPress plugin before 2.2.10 does not validate
the cla ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-4264 (Incorrect Privilege Assignment in M-Files Web (Classic) in
M-Files bef ...)
NOT-FOR-US: M-Files
CVE-2022-4263
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/66aa4601a1f6be36a6ad29b8b32df92e9e845d06
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/66aa4601a1f6be36a6ad29b8b32df92e9e845d06
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
