[Git][security-tracker-team/security-tracker][master] Process several NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Aug 18 21:22:03 BST 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e3eb0473 by Salvatore Bonaccorso at 2023-08-18T22:21:37+02:00
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,67 +1,67 @@
 CVE-2023-4422 (Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/co ...)
-	TODO: check
+	NOT-FOR-US: Cockpit Content Platform (different from src:cockpit)
 CVE-2023-4415 (A vulnerability was found in Ruijie RG-EW1200G 07161417 r483. It has b ...)
-	TODO: check
+	NOT-FOR-US: Ruijie
 CVE-2023-4414 (A vulnerability was found in Beijing Baichuo Smart S85F Management Pla ...)
-	TODO: check
+	NOT-FOR-US: Beijing Baichuo Smart S85F Management Platform
 CVE-2023-4413 (A vulnerability was found in rkhunter Rootkit Hunter 1.4.4/1.4.6. It h ...)
 	TODO: check
 CVE-2023-4412 (A vulnerability was found in TOTOLINK EX1200L EN_V9.3.5u.6146_B2020102 ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2023-4411 (A vulnerability has been found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20 ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2023-4410 (A vulnerability, which was classified as critical, was found in TOTOLI ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2023-4409 (A vulnerability, which was classified as critical, has been found in N ...)
-	TODO: check
+	NOT-FOR-US: NBS&HappySoftWeChat
 CVE-2023-4407 (A vulnerability classified as critical was found in Codecanyon Credit  ...)
-	TODO: check
+	NOT-FOR-US: Codecanyon Credit Lite
 CVE-2023-40072 (OS command injection vulnerability in WAB-S600-PS all versions, and WA ...)
-	TODO: check
+	NOT-FOR-US: WAB-S600-PS
 CVE-2023-40069 (OS command injection vulnerability in ELECOM wireless LAN routers allo ...)
-	TODO: check
+	NOT-FOR-US: ELECOM wireless LAN routers
 CVE-2023-39944 (OS command injection vulnerability in WRC-F1167ACF all versions, and W ...)
-	TODO: check
+	NOT-FOR-US: WRC-F1167ACF
 CVE-2023-39455 (OS command injection vulnerability in ELECOM wireless LAN routers allo ...)
-	TODO: check
+	NOT-FOR-US: ELECOM wireless LAN routers
 CVE-2023-39454 (Buffer overflow vulnerability in WRC-X1800GS-B v1.13 and earlier, WRC- ...)
-	TODO: check
+	NOT-FOR-US: WRC-X1800GS-B
 CVE-2023-39445 (Hidden functionality vulnerability in LAN-WH300N/RE all versions provi ...)
-	TODO: check
+	NOT-FOR-US: LAN-WH300N/RE
 CVE-2023-39416 (Proself Enterprise/Standard Edition Ver5.61 and earlier, Proself Gatew ...)
-	TODO: check
+	NOT-FOR-US: Proself Enterprise/Standard Edition
 CVE-2023-39415 (Improper authentication vulnerability in Proself Enterprise/Standard E ...)
-	TODO: check
+	NOT-FOR-US: Proself Enterprise/Standard Edition
 CVE-2023-38911 (A Cross-Site Scripting (XSS) vulnerability in CSZ CMS 1.3.0 allows att ...)
-	TODO: check
+	NOT-FOR-US: CSZ CMS
 CVE-2023-38910 (CSZ CMS 1.3.0 is vulnerable to cross-site scripting (XSS), which allow ...)
-	TODO: check
+	NOT-FOR-US: CSZ CMS
 CVE-2023-38890 (Online Shopping Portal Project 3.1 allows remote attackers to execute  ...)
-	TODO: check
+	NOT-FOR-US: Online Shopping Portal Project
 CVE-2023-38576 (Hidden functionality vulnerability in LAN-WH300N/RE all versions provi ...)
-	TODO: check
+	NOT-FOR-US: LAN-WH300N/RE
 CVE-2023-38132 (LAN-W451NGR all versions provided by LOGITEC CORPORATION contains an i ...)
-	TODO: check
+	NOT-FOR-US: LAN-W451NGR
 CVE-2023-35991 (Hidden functionality vulnerability in LOGITEC wireless LAN routers all ...)
-	TODO: check
+	NOT-FOR-US: LOGITEC wireless LAN routers
 CVE-2023-32626 (Hidden functionality vulnerability in LAN-W300N/RS all versions, and L ...)
-	TODO: check
+	NOT-FOR-US: LAN-W300N/PR5
 CVE-2023-32130 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Dani ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-32122 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Spiffy P ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-32109 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-32108 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-32107 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Photo Ga ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-32106 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Fahad Ma ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-32105 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ollybach ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-32103 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-4040 (The Stripe Payment Plugin for WooCommerce plugin for WordPress is vuln ...)
 	NOT-FOR-US: Stripe Payment Plugin for WooCommerce plugin for WordPress
 CVE-2023-40171 (Dispatch is an open source security incident management tool. The serv ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3eb04739fe18903ae0ef97c98f2d4c67911b633

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3eb04739fe18903ae0ef97c98f2d4c67911b633
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230818/ec1fc124/attachment.htm>


More information about the debian-security-tracker-commits mailing list