[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Jul 7 21:57:17 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6e85c774 by Moritz Muehlenhoff at 2023-07-07T22:53:27+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,79 +1,79 @@
 CVE-2023-3544 (A vulnerability was found in GZ Scripts Time Slot Booking Calendar PHP ...)
-	TODO: check
+	NOT-FOR-US: GZ Scripts
 CVE-2023-3543 (A vulnerability was found in GZ Scripts Availability Booking Calendar  ...)
-	TODO: check
+	NOT-FOR-US: GZ Scripts
 CVE-2023-3542 (A vulnerability was found in ThinuTech ThinuCMS 1.5 and classified as  ...)
-	TODO: check
+	NOT-FOR-US: ThinuCMS
 CVE-2023-3541 (A vulnerability has been found in ThinuTech ThinuCMS 1.5 and classifie ...)
-	TODO: check
+	NOT-FOR-US: ThinuCMS
 CVE-2023-3540 (A vulnerability, which was classified as problematic, was found in Sim ...)
-	TODO: check
+	NOT-FOR-US: SimplePHPscripts
 CVE-2023-3539 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: SimplePHPscripts
 CVE-2023-3538 (A vulnerability classified as problematic was found in SimplePHPscript ...)
-	TODO: check
+	NOT-FOR-US: SimplePHPscripts
 CVE-2023-3537 (A vulnerability classified as problematic has been found in SimplePHPs ...)
-	TODO: check
+	NOT-FOR-US: SimplePHPscripts
 CVE-2023-3536 (A vulnerability was found in SimplePHPscripts Funeral Script PHP 3.1.  ...)
-	TODO: check
+	NOT-FOR-US: SimplePHPscripts
 CVE-2023-3535 (A vulnerability was found in SimplePHPscripts FAQ Script PHP 2.3. It h ...)
-	TODO: check
+	NOT-FOR-US: SimplePHPscripts
 CVE-2023-3534 (A vulnerability was found in SourceCodester Shopping Website 1.0. It h ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2023-37308 (Zoho ManageEngine ADAudit Plus before 7100 allows XSS via the username ...)
-	TODO: check
+	NOT-FOR-US: Zoho
 CVE-2023-37264 (Tekton Pipelines project provides k8s-style resources for declaring CI ...)
-	TODO: check
+	NOT-FOR-US: Tekton Pipelines
 CVE-2023-37173 (TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a co ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2023-37172 (TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a co ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2023-37171 (TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a co ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2023-37170 (TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain an u ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2023-37149 (TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a comm ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2023-37148 (TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a comm ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2023-37146 (TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a comm ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2023-37145 (TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a comm ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2023-37144 (Tenda AC10 v15.03.06.26 was discovered to contain a command injection  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-37067 (Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account ...)
-	TODO: check
+	NOT-FOR-US: Chamilo LMS
 CVE-2023-37066 (Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account ...)
-	TODO: check
+	NOT-FOR-US: Chamilo LMS
 CVE-2023-37065 (Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account ...)
-	TODO: check
+	NOT-FOR-US: Chamilo LMS
 CVE-2023-37064 (Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account ...)
-	TODO: check
+	NOT-FOR-US: Chamilo LMS
 CVE-2023-37063 (Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account ...)
-	TODO: check
+	NOT-FOR-US: Chamilo LMS
 CVE-2023-37062 (Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account ...)
-	TODO: check
+	NOT-FOR-US: Chamilo LMS
 CVE-2023-37061 (Chamilo 1.11.x up to 1.11.20 allows users with an admin privilege acco ...)
-	TODO: check
+	NOT-FOR-US: Chamilo LMS
 CVE-2023-36994 (In TravianZ 8.3.4 and 8.3.3, Incorrect Access Control in the installat ...)
-	TODO: check
+	NOT-FOR-US: TravianZ
 CVE-2023-36993 (The cryptographically insecure random number generator being used in T ...)
-	TODO: check
+	NOT-FOR-US: TravianZ
 CVE-2023-36992 (PHP injection in TravianZ 8.3.4 and 8.3.3 in the config editor in the  ...)
-	TODO: check
+	NOT-FOR-US: TravianZ
 CVE-2023-36256 (The Online Examination System Project 1.0 version is vulnerable to Cro ...)
-	TODO: check
+	NOT-FOR-US: Online Examination System Project
 CVE-2023-36201 (An issue in JerryscriptProject jerryscript v.3.0.0 allows an attacker  ...)
 	TODO: check
 CVE-2023-34197 (Zoho ManageEngine ServiceDesk Plus before 14202, ServiceDesk Plus MSP  ...)
-	TODO: check
+	NOT-FOR-US: Zoho
 CVE-2023-33715 (A buffer overflow in ACDSee Free v2.0.2.227 allows attackers to cause  ...)
-	TODO: check
+	NOT-FOR-US: ACDSee
 CVE-2023-33664 (ai-dev aicombinationsonfly before v0.3.1 was discovered to contain a S ...)
-	TODO: check
+	NOT-FOR-US: ai-dev aicombinationsonfly
 CVE-2023-32183 (Incorrect Default Permissions vulnerability in the openSUSE Tumbleweed ...)
-	TODO: check
+	NOT-FOR-US: hawk2 as packaged by SuSE
 CVE-2023-34442
 	NOT-FOR-US: Apache Camel JIRA
 CVE-2023-35887
@@ -10321,7 +10321,7 @@ CVE-2023-30000
 CVE-2023-29999
 	RESERVED
 CVE-2023-29998 (A Cross-site scripting (XSS) vulnerability in the content editor in Gi ...)
-	TODO: check
+	NOT-FOR-US: Gis3W g3w-suite
 CVE-2023-29997
 	RESERVED
 CVE-2023-29996 (In NanoMQ v0.15.0-0, segment fault with Null Pointer Dereference occur ...)
@@ -17564,7 +17564,7 @@ CVE-2023-27847 (SQL injection vulnerability found in PrestaShop xipblog v.2.0.1
 CVE-2023-27846
 	RESERVED
 CVE-2023-27845 (SQL injection vulnerability found in PrestaShop lekerawen_ocs before v ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop
 CVE-2023-27844 (SQL injection vulnerability found in PrestaShopleurlrewrite v.1.0 and  ...)
 	NOT-FOR-US: PrestaShop
 CVE-2023-27843 (SQL injection vulnerability found in PrestaShop askforaquote v.5.4.2 a ...)
@@ -24979,7 +24979,7 @@ CVE-2023-25203
 CVE-2023-25202
 	RESERVED
 CVE-2023-25201 (Cross Site Request Forgery (CSRF) vulnerability in MultiTech Conduit A ...)
-	TODO: check
+	NOT-FOR-US: MultiTech Conduit AP MTCAP2-L4E1
 CVE-2023-25200
 	RESERVED
 CVE-2023-25199



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e85c774fc3ae68703ff6e3a578680f4db2fdefb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e85c774fc3ae68703ff6e3a578680f4db2fdefb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230707/bc3fe2ba/attachment.htm>

More information about the debian-security-tracker-commits mailing list