[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jun 30 10:59:52 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
70f41a3c by Salvatore Bonaccorso at 2023-06-30T11:59:25+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
 CVE-2023-3477 (A vulnerability was found in RocketSoft Rocket LMS 1.7. It has been de ...)
-	TODO: check
+	NOT-FOR-US: RocketSoft Rocket LMS
 CVE-2023-3476 (A vulnerability was found in SimplePHPscripts GuestBook Script 2.2. It ...)
-	TODO: check
+	NOT-FOR-US: SimplePHPscripts GuestBook Script
 CVE-2023-3475 (A vulnerability was found in SimplePHPscripts Event Script 2.1 and cla ...)
-	TODO: check
+	NOT-FOR-US: SimplePHPscripts Event Script
 CVE-2023-3474 (A vulnerability has been found in SimplePHPscripts Simple Blog 3.2 and ...)
-	TODO: check
+	NOT-FOR-US: SimplePHPscripts Simple Blog
 CVE-2023-3473 (A vulnerability, which was classified as critical, was found in Campco ...)
-	TODO: check
+	NOT-FOR-US: Campcodes Retro Cellphone Online Store
 CVE-2023-3469 (Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/p ...)
-	TODO: check
+	NOT-FOR-US: phpmyfaq
 CVE-2023-3465 (A vulnerability was found in SimplePHPscripts Classified Ads Script 1. ...)
-	TODO: check
+	NOT-FOR-US: SimplePHPscripts Classified Ads Script
 CVE-2023-3464 (A vulnerability was found in SimplePHPscripts Classified Ads Script 1. ...)
-	TODO: check
+	NOT-FOR-US: SimplePHPscripts Classified Ads Script
 CVE-2023-3249 (The Web3 \u2013 Crypto wallet Login & NFT token gating plugin for Word ...)
 	NOT-FOR-US: Web3 Crypto wallet Login & NFT token gating plugin for WordPress
 CVE-2023-3063 (The SP Project & Document Manager plugin for WordPress is vulnerable t ...)
@@ -23,35 +23,35 @@ CVE-2023-36607 (The affected TBox RTUs are missing authorization for running som
 CVE-2023-36539 (Exposure of information intended to be encrypted by some Zoom clients  ...)
 	TODO: check
 CVE-2023-36470 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-36469 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-36468 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-36347 (A broken authentication mechanism in the endpoint excel.php of POS Cod ...)
-	TODO: check
+	NOT-FOR-US: POS Codekop
 CVE-2023-36146 (A Stored Cross-Site Scripting (XSS) vulnerability was found in Multila ...)
 	TODO: check
 CVE-2023-36143 (Maxprint Maxlink 1200G v3.4.11E has an OS command injection vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: Maxprint Maxlink 1200G
 CVE-2023-33336 (Reflected cross site scripting (XSS) vulnerability was discovered in S ...)
-	TODO: check
+	NOT-FOR-US: Sophos Web Appliance
 CVE-2023-32622 (Improper neutralization of special elements in WL-WN531AX2 firmware ve ...)
-	TODO: check
+	NOT-FOR-US: WL-WN531AX2 firmware
 CVE-2023-32621 (WL-WN531AX2 firmware versions prior to 2023526 allows an attacker with ...)
-	TODO: check
+	NOT-FOR-US: WL-WN531AX2 firmware
 CVE-2023-32620 (Improper authentication vulnerability in WL-WN531AX2 firmware versions ...)
-	TODO: check
+	NOT-FOR-US: WL-WN531AX2 firmware
 CVE-2023-32613 (Exposure of resource to wrong sphere issue exists in WL-WN531AX2 firmw ...)
-	TODO: check
+	NOT-FOR-US: WL-WN531AX2 firmware
 CVE-2023-32612 (Client-side enforcement of server-side security issue exists in WL-WN5 ...)
-	TODO: check
+	NOT-FOR-US: WL-WN531AX2 firmware
 CVE-2023-32608 (Directory traversal vulnerability in Pleasanter (Community Edition and ...)
 	TODO: check
 CVE-2023-32607 (Stored cross-site scripting vulnerability in Pleasanter (Community Edi ...)
 	TODO: check
 CVE-2023-2846 (Authentication Bypass by Capture-replay vulnerability in Mitsubishi El ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2023-2834 (The BookIt plugin for WordPress is vulnerable to authentication bypass ...)
 	NOT-FOR-US: BookIt plugin for WordPress
 CVE-2023-2974



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70f41a3c78b8f63cdddb380f96495eb66ed358eb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70f41a3c78b8f63cdddb380f96495eb66ed358eb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230630/81580877/attachment.htm>

More information about the debian-security-tracker-commits mailing list