[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Aug 7 21:20:10 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fce0ea69 by Salvatore Bonaccorso at 2023-08-07T22:19:43+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,17 +9,17 @@ CVE-2023-4199 (A vulnerability, which was classified as critical, was found in S
 CVE-2023-3896 (Divide By Zero in vim/vim from9.0.1367-1 to9.0.1367-3)
 	TODO: check
 CVE-2023-3671 (The MultiParcels Shipping For WooCommerce WordPress plugin before 1.15 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-3650 (The Bubble Menu WordPress plugin before 3.0.5 does not sanitize and es ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-3575 (The Quiz And Survey Master WordPress plugin before 8.1.11 does not pro ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-3524 (The WPCode WordPress plugin before 2.0.13.1 does not escape generated  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-3492 (The WP Shopping Pages WordPress plugin through 1.14 does not have CSRF ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-3365 (The MultiParcels Shipping For WooCommerce WordPress plugin before 1.14 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-39550 (Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0. ...)
 	TODO: check
 CVE-2023-39524 (PrestaShop is an open source e-commerce web application. Prior to vers ...)
@@ -31,29 +31,29 @@ CVE-2023-39363 (Vyer is a Pythonic Smart Contract Language for the Ethereum Virt
 CVE-2023-39349 (Sentry is an error tracking and performance monitoring platform. Start ...)
 	TODO: check
 CVE-2023-38940 (Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) were di ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-38939 (Tenda F1202 V1.2.0.9 and FH1202 V1.2.0.9 were discovered to contain a  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-38938 (Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2. ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-38937 (Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06 ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-38936 (Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06. ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-38935 (Tenda AC1206 V15.03.06.23, AC8 V4 V16.03.34.06, AC5 V1.0 V15.03.06.28, ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-38934 (Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) was dis ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-38933 (Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-38932 (Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2. ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-38931 (Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06 ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-38930 (Tenda AC7 V1.0,V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0,V15.03.06.28, AC ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-38929 (Tenda 4G300 v1.01.42 was discovered to contain a stack overflow via th ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-38928 (Netgear R7100LG 1.0.0.78 was discovered to contain a command injection ...)
 	TODO: check
 CVE-2023-38926 (Netgear EX6200 v1.0.3.94 was discovered to contain a buffer overflow v ...)
@@ -95,7 +95,7 @@ CVE-2023-32783 (The event analysis component in Zoho ManageEngine ADAudit Plus 7
 CVE-2023-32090 (Pega platform clients who are using versions 6.1 through 7.3.1 may be  ...)
 	TODO: check
 CVE-2023-2843 (The MultiParcels Shipping For WooCommerce WordPress plugin before 1.14 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-4193 (A vulnerability has been found in SourceCodester Resort Reservation Sy ...)
 	NOT-FOR-US: SourceCodester Resort Reservation System
 CVE-2023-4192 (A vulnerability, which was classified as critical, was found in Source ...)
@@ -30249,7 +30249,7 @@ CVE-2023-0606 (Cross-site Scripting (XSS) - Reflected in GitHub repository ampac
 CVE-2023-0605 (The Auto Rename Media On Upload WordPress plugin before 1.1.0 does not ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0604 (The WP Food Manager WordPress plugin before 1.0.4 does not sanitise an ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0603 (The Sloth Logo Customizer WordPress plugin through 2.0.2 does not have ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0602 (The Twittee Text Tweet WordPress plugin through 1.0.8 does not properl ...)
@@ -178862,7 +178862,7 @@ CVE-2021-24918 (The Smash Balloon Social Post Feed WordPress plugin before 4.0.1
 CVE-2021-24917 (The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allow ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24916 (The Qubely WordPress plugin before 1.8.6 allows unauthenticated user t ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24915 (The Contest Gallery WordPress plugin before 13.1.0.6 does not have cap ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24914 (The Tawk.To Live Chat WordPress plugin before 0.6.0 does not have capa ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fce0ea69d948f79dbbd6709c0ccd551d6a8fe41f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fce0ea69d948f79dbbd6709c0ccd551d6a8fe41f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230807/66a7bb34/attachment.htm>

More information about the debian-security-tracker-commits mailing list