[Git][security-tracker-team/security-tracker][master] Process several NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Dec 19 08:19:20 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
70e33bd2 by Salvatore Bonaccorso at 2023-12-19T09:18:52+01:00
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,77 +1,77 @@
 CVE-2023-6940 (with only one user interaction(download a malicious config), attackers ...)
-	TODO: check
+	NOT-FOR-US: mlflow
 CVE-2023-6488 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPre ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6355 (Incorrect selection of fuse values in the Controller 7000 platform all ...)
-	TODO: check
+	NOT-FOR-US: Gallagher
 CVE-2023-6315 (Out-of-bouds read vulnerability in FPWin Pro version 7.7.0.0 and all p ...)
-	TODO: check
+	NOT-FOR-US: FPWin Pro
 CVE-2023-6314 (Stack-based buffer overflow in FPWin Pro version 7.7.0.0 and all previ ...)
-	TODO: check
+	NOT-FOR-US: FPWin Pro
 CVE-2023-5432 (The Jquery news ticker plugin for WordPress is vulnerable to Stored Cr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5413 (The Image horizontal reel scroll slideshow plugin for WordPress is vul ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-49821 (Cross-Site Request Forgery (CSRF) vulnerability in LiveChat LiveChat \ ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-49819 (Deserialization of Untrusted Data vulnerability in Gordon B\xf6hme, An ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-49763 (Cross-Site Request Forgery (CSRF) vulnerability in Creatomatic Ltd CSp ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-49761 (Cross-Site Request Forgery (CSRF) vulnerability in Gravity Master Prod ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-49760 (Cross-Site Request Forgery (CSRF) vulnerability in Giannopoulos Kostas ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-49759 (Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team WooDi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-49163 (Cross-Site Request Forgery (CSRF) vulnerability in Michael Winkler tea ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-49155 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-49153 (Cross-Site Request Forgery (CSRF) vulnerability in Saiful Islam Add to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-49148 (Cross-Site Request Forgery (CSRF) vulnerability in Kulwant Nagi Affili ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-48781 (Cross-Site Request Forgery (CSRF) vulnerability in Marketing Rapel MkR ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-48778 (Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Product  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-48773 (Cross-Site Request Forgery (CSRF) vulnerability in WP Doctor WooCommer ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-48772 (Cross-Site Request Forgery (CSRF) vulnerability in Arul Prasad J Preve ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-48769 (Cross-Site Request Forgery (CSRF) vulnerability in Blue Coral Chat Bub ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-48768 (Cross-Site Request Forgery (CSRF) vulnerability in CodeAstrology Team  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-48751 (Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47754 (Missing Authorization vulnerability in Clever plugins Delete Duplicate ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47558 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47530 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47506 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-46686 (A reliance on untrusted inputs in a security decision could be exploit ...)
-	TODO: check
+	NOT-FOR-US: Gallagher
 CVE-2023-46212 (Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-46154 (Deserialization of Untrusted Data vulnerability in E2Pdf.Com E2Pdf \u2 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-44982 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-42015 (IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7,  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-41967 (Sensitive information uncleared after debug/power state transition in  ...)
-	TODO: check
+	NOT-FOR-US: Gallagher
 CVE-2023-40691 (IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1,  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-34168 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-33331 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2019-25157 (A vulnerability was found in Ethex Contracts. It has been classified a ...)
 	TODO: check
 CVE-2014-125107 (A vulnerability was found in Corveda PHPSandbox 1.3.4 and classified a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70e33bd28587643031097595befc45a74d1a1fae

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70e33bd28587643031097595befc45a74d1a1fae
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231219/e4e47097/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list