[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jun 29 21:33:38 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
93db18b5 by Salvatore Bonaccorso at 2023-06-29T22:33:14+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2023-3458 (A vulnerability was found in SourceCodester Shopping Website 1.0. It h ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Shopping Website
 CVE-2023-3457 (A vulnerability was found in SourceCodester Shopping Website 1.0. It h ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Shopping Website
 CVE-2023-37256 (An issue was discovered in the Cargo extension for MediaWiki through 1 ...)
 	TODO: check
 CVE-2023-37255 (An issue was discovered in the CheckUser extension for MediaWiki throu ...)
@@ -19,9 +19,9 @@ CVE-2023-36487 (The password reset function in ILIAS 7.0_beta1 through 7.20 and
 CVE-2023-36484 (ILIAS 7.21 and 8.0_beta1 through 8.2 is vulnerable to reflected Cross- ...)
 	TODO: check
 CVE-2023-36471 (Xwiki commons is the common modules used by other XWiki top level proj ...)
-	TODO: check
+	NOT-FOR-US: Xwiki
 CVE-2023-35938 (Tuleap is a Free & Open Source Suite to improve management of software ...)
-	TODO: check
+	NOT-FOR-US: Tuleap
 CVE-2023-35830 (STW (aka Sensor-Technik Wiedemann) TCG-4 Connectivity Module Deploymen ...)
 	TODO: check
 CVE-2023-34849 (An unauthorized command injection vulnerability exists in the ActionLo ...)
@@ -29,23 +29,23 @@ CVE-2023-34849 (An unauthorized command injection vulnerability exists in the Ac
 CVE-2023-34844 (Play With Docker < 0.0.2 has an insecure CAP_SYS_ADMIN privileged mode ...)
 	TODO: check
 CVE-2023-34735 (Property Cloud Platform Management Center 1.0 is vulnerable to error-b ...)
-	TODO: check
+	NOT-FOR-US: Property Cloud Platform Management Center
 CVE-2023-34658 (Telegram v9.6.3 on iOS allows attackers to hide critical information o ...)
 	TODO: check
 CVE-2023-34656 (An issue was discovered with the JSESSION IDs in Xiamen Si Xin Communi ...)
-	TODO: check
+	NOT-FOR-US: Xiamen Si Xin Communication Technology Video management system
 CVE-2023-34599 (Multiple Cross-Site Scripting (XSS) vulnerabilities have been identifi ...)
 	TODO: check
 CVE-2023-34598 (Gibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) where it' ...)
 	TODO: check
 CVE-2023-34487 (itsourcecode Online Hotel Management System Project In PHP v1.0.0 is v ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Online Hotel Management System Project
 CVE-2023-34486 (itsourcecode Online Hotel Management System Project In PHP v1.0.0 is v ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Online Hotel Management System Project
 CVE-2023-33466 (Orthanc before 1.12.0 allows authenticated users with access to the Or ...)
 	TODO: check
 CVE-2023-33277 (The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and ...)
-	TODO: check
+	NOT-FOR-US: Gira Giersiepen Gira KNX/IP-Router
 CVE-2023-33190 (Sealos is an open source cloud operating system distribution based on  ...)
 	TODO: check
 CVE-2023-XXXX [Heap overwrite in PGS subtitle overlay decoder]
@@ -81,35 +81,35 @@ CVE-2023-36474 (Interactsh is an open-source tool for detecting out-of-band inte
 CVE-2023-34843 (Traggo Server 0.3.0 is vulnerable to directory traversal via a crafted ...)
 	TODO: check
 CVE-2023-34834 (A Directory Browsing vulnerability in MCL-Net version 4.3.5.8788 webse ...)
-	TODO: check
+	NOT-FOR-US: MCL-Net
 CVE-2023-34831 (The "Submission Web Form" of Turnitin LTI tool/plugin version 1.3 is a ...)
 	TODO: check
 CVE-2023-34738 (Chemex through 3.7.1 is vulnerable to arbitrary file upload.)
 	TODO: check
 CVE-2023-34736 (Guantang Equipment Management System version 4.12 is vulnerable to Arb ...)
-	TODO: check
+	NOT-FOR-US: Guantang Equipment Management System
 CVE-2023-34734 (Annet AC Centralized Management Platform 1.02.040 is vulnerable to Sto ...)
-	TODO: check
+	NOT-FOR-US: Annet AC Centralized Management Platform
 CVE-2023-34652 (PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site S ...)
-	TODO: check
+	NOT-FOR-US: PHPgurukl Hostel Management System
 CVE-2023-34651 (PHPgurukl Hospital Management System v.1.0 is vulnerable to Cross Site ...)
-	TODO: check
+	NOT-FOR-US: PHPgurukl Hostel Management System
 CVE-2023-34650 (PHPgurukl Small CRM v.1.0 is vulnerable to Cross Site Scripting (XSS).)
-	TODO: check
+	NOT-FOR-US: PHPgurukl Small CRM
 CVE-2023-34648 (A Cross Site Scripting vulnerability in PHPgurukl User Registration Lo ...)
-	TODO: check
+	NOT-FOR-US: PHPgurukl User Registration Login and User Management System
 CVE-2023-34647 (PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site S ...)
-	TODO: check
+	NOT-FOR-US: PHPgurukl Hostel Management System
 CVE-2023-33661 (Multiple cross-site scripting (XSS) vulnerabilities were discovered in ...)
-	TODO: check
+	NOT-FOR-US: Church CRM
 CVE-2023-32610 (Mailform Pro CGI 4.3.1.2 and earlier allows a remote unauthenticated a ...)
 	TODO: check
 CVE-2023-32224 (D-Link DSL-224 firmware version 3.0.10 CWE-307: Improper Restriction o ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2023-32223 (D-Link DSL-224 firmware version 3.0.10 allows post authentication comm ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2023-32222 (D-Link DSL-G256DG version vBZ_1.00.27 web management interface allows  ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2023-2982 (The WordPress Social Login and Register (Discord, Google, Twitter, Lin ...)
 	NOT-FOR-US: WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress
 CVE-2023-3450 (A vulnerability was found in Ruijie RG-BCR860 2.5.13 and classified as ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93db18b50683dabfd6fbec6e8fbf6b22aa252e58

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93db18b50683dabfd6fbec6e8fbf6b22aa252e58
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230629/c14027e1/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list