[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Apr 7 21:48:51 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cc98109d by Salvatore Bonaccorso at 2023-04-07T22:48:09+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -53,17 +53,17 @@ CVE-2023-29505
CVE-2023-28393
RESERVED
CVE-2023-1942 (A vulnerability has been found in SourceCodester Online Computer and L ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Online Computer and Laptop Store
CVE-2023-1941 (A vulnerability, which was classified as critical, has been found in S ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Simple and Beautiful Shopping Cart System
CVE-2023-1940 (A vulnerability classified as critical was found in SourceCodester Sim ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Simple and Beautiful Shopping Cart System
CVE-2023-1939
RESERVED
CVE-2023-1938
RESERVED
CVE-2023-1937 (A vulnerability, which was classified as problematic, was found in zhe ...)
- TODO: check
+ NOT-FOR-US: zhenfeng13 My-Blog
CVE-2014-125095
RESERVED
CVE-2013-10025
@@ -103,17 +103,17 @@ CVE-2023-29480
CVE-2023-29479
RESERVED
CVE-2023-29478 (BiblioCraft before 2.4.6 does not sanitize path-traversal characters i ...)
- TODO: check
+ NOT-FOR-US: BiblioCraft
CVE-2023-29477
RESERVED
CVE-2023-29476
RESERVED
CVE-2023-29475 (inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Man ...)
- TODO: check
+ NOT-FOR-US: Unify
CVE-2023-29474 (inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Man ...)
- TODO: check
+ NOT-FOR-US: Unify
CVE-2023-29473 (webservice in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Ma ...)
- TODO: check
+ NOT-FOR-US: Unify
CVE-2023-29472
RESERVED
CVE-2023-29471
@@ -296,7 +296,7 @@ CVE-2023-1911
CVE-2023-1910
RESERVED
CVE-2023-1909 (A vulnerability, which was classified as critical, was found in PHPGur ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul BP Monitoring Management System
CVE-2023-1908 (A vulnerability was found in SourceCodester Simple Mobile Comparison W ...)
NOT-FOR-US: SourceCodester Simple Mobile Comparison Website
CVE-2023-1907
@@ -421,7 +421,7 @@ CVE-2023-29390
CVE-2023-29389 (Toyota RAV4 2021 vehicles automatically trust messages from other ECUs ...)
NOT-FOR-US: Toyota
CVE-2023-29388 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in impleCod ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-29387
RESERVED
CVE-2023-29386
@@ -846,7 +846,7 @@ CVE-2023-29238
CVE-2023-29237
RESERVED
CVE-2023-29236 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cththeme ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2023-29235
RESERVED
CVE-2023-29234
@@ -1071,11 +1071,11 @@ CVE-2023-29174
CVE-2023-29173
RESERVED
CVE-2023-29172 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Property ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-29171 (Unauth. Reflected Cross-site Scripting (XSS) vulnerability in Magic Po ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-29170 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in PI W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1807
RESERVED
CVE-2023-1806
@@ -1267,7 +1267,7 @@ CVE-2023-29096
CVE-2023-29095
RESERVED
CVE-2023-29094 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in PI W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-29093
RESERVED
CVE-2023-1783
@@ -1572,7 +1572,7 @@ CVE-2023-29019
CVE-2023-29018
RESERVED
CVE-2023-29017 (vm2 is a sandbox that can run untrusted code with whitelisted Node's b ...)
- TODO: check
+ NOT-FOR-US: Node vm2
CVE-2023-29016 (The Goobi viewer is a web application that allows digitised material t ...)
NOT-FOR-US: Goobi viewer
CVE-2023-29015 (The Goobi viewer is a web application that allows digitised material t ...)
@@ -1629,7 +1629,7 @@ CVE-2023-28995
CVE-2023-28994
RESERVED
CVE-2023-28993 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28992
RESERVED
CVE-2023-28991
@@ -2329,13 +2329,13 @@ CVE-2023-28794
CVE-2023-28793
RESERVED
CVE-2023-28792 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28791
RESERVED
CVE-2023-28790
RESERVED
CVE-2023-28789 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cimatti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28788
RESERVED
CVE-2023-28787
@@ -2351,7 +2351,7 @@ CVE-2023-28783
CVE-2023-28782
RESERVED
CVE-2023-28781 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Cimatti Con ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28780
RESERVED
CVE-2023-28779
@@ -2610,7 +2610,7 @@ CVE-2023-28714
CVE-2023-28712 (Osprey Pump Controller version 1.01 contains an unauthenticated comman ...)
NOT-FOR-US: Osprey Pump Controller
CVE-2023-28710 (Improper Input Validation vulnerability in Apache Software Foundation ...)
- TODO: check
+ NOT-FOR-US: Apache Airflow Spark Provider
CVE-2023-28654 (Osprey Pump Controller version 1.01 has a hidden administrative accoun ...)
NOT-FOR-US: Osprey Pump Controller
CVE-2023-28648 (Osprey Pump Controller version 1.01 inputs passed to a GET parameter a ...)
@@ -2660,9 +2660,9 @@ CVE-2023-28708 (When using the RemoteIpFilter with requests received from a reve
NOTE: https://github.com/apache/tomcat/commit/3b51230764da595bb19e8d0962dd8c69ab40dfab (9.0.72)
NOTE: https://github.com/apache/tomcat/commit/5b72c94e8b2c4ada63a1d91dc527bf4d8fd1f510 (8.5.86)
CVE-2023-28707 (Improper Input Validation vulnerability in Apache Software Foundation ...)
- TODO: check
+ NOT-FOR-US: Apache Airflow Drill Provider
CVE-2023-28706 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Apache Airflow Hive Provider
CVE-2023-28705
RESERVED
CVE-2023-28704
@@ -3276,7 +3276,7 @@ CVE-2023-28502 (Rocket Software UniData versions prior to 8.2.4 build 3003 and U
CVE-2023-28501 (Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVers ...)
NOT-FOR-US: Rocket Software UniData
CVE-2023-28500 (** UNSUPPORTED WHEN ASSIGNED ** A Java insecure deserialization vulner ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-28499
RESERVED
CVE-2023-28498
@@ -4846,7 +4846,7 @@ CVE-2023-28053
CVE-2023-28052
RESERVED
CVE-2023-28051 (Dell Power Manager, versions 3.10 and prior, contains an Improper Acce ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-28050
RESERVED
CVE-2023-28049
@@ -5766,25 +5766,25 @@ CVE-2023-27812
CVE-2023-27811
RESERVED
CVE-2023-27810 (H3C Magic R100 R100V100R005.bin was discovered to contain a stack over ...)
- TODO: check
+ NOT-FOR-US: H3C Magic R100
CVE-2023-27809
RESERVED
CVE-2023-27808 (H3C Magic R100 R100V100R005.bin was discovered to contain a stack over ...)
- TODO: check
+ NOT-FOR-US: H3C Magic R100
CVE-2023-27807 (H3C Magic R100 R100V100R005.bin was discovered to contain a stack over ...)
- TODO: check
+ NOT-FOR-US: H3C Magic R100
CVE-2023-27806 (H3C Magic R100 R100V100R005.bin was discovered to contain a stack over ...)
- TODO: check
+ NOT-FOR-US: H3C Magic R100
CVE-2023-27805 (H3C Magic R100 R100V100R005.bin was discovered to contain a stack over ...)
- TODO: check
+ NOT-FOR-US: H3C Magic R100
CVE-2023-27804 (H3C Magic R100 R100V100R005.bin was discovered to contain a stack over ...)
- TODO: check
+ NOT-FOR-US: H3C Magic R100
CVE-2023-27803 (H3C Magic R100 R100V100R005.bin was discovered to contain a stack over ...)
- TODO: check
+ NOT-FOR-US: H3C Magic R100
CVE-2023-27802 (H3C Magic R100 R100V100R005.bin was discovered to contain a stack over ...)
- TODO: check
+ NOT-FOR-US: H3C Magic R100
CVE-2023-27801 (H3C Magic R100 R100V100R005.bin was discovered to contain a stack over ...)
- TODO: check
+ NOT-FOR-US: H3C Magic R100
CVE-2023-27800
RESERVED
CVE-2023-27799
@@ -6184,7 +6184,7 @@ CVE-2023-27622
CVE-2023-27621
RESERVED
CVE-2023-27620 (Auth. (contributor+) Stored Cross-site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27619
RESERVED
CVE-2023-27618
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc98109df516dcd33c5a820cec3f6ea2b0767ca4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc98109df516dcd33c5a820cec3f6ea2b0767ca4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230407/7bb41c66/attachment.htm>
More information about the debian-security-tracker-commits
mailing list