[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri May 12 20:06:48 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
97352946 by Salvatore Bonaccorso at 2023-05-12T21:06:20+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2023-32243 (Improper Authentication vulnerability in WPDeveloper Essential Addons ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32059 (Vyper is a Pythonic smart contract language for the Ethereum virtual m ...)
NOT-FOR-US: Vyper
CVE-2023-32058 (Vyper is a Pythonic smart contract language for the Ethereum virtual m ...)
@@ -1114,7 +1114,7 @@ CVE-2023-31148 (An Improper Input Validation vulnerability in the Schweitzer E
CVE-2023-31147
RESERVED
CVE-2023-31146 (Vyper is a Pythonic smart contract language for the Ethereum virtual m ...)
- TODO: check
+ NOT-FOR-US: Vyper
CVE-2023-31145
RESERVED
CVE-2023-31144 (Craft CMS is a content management system. Starting in version 3.0.0 an ...)
@@ -3607,7 +3607,7 @@ CVE-2023-30396
CVE-2023-30395
RESERVED
CVE-2023-30394 (MoveIT v1.1.11 was discovered to contain a cross-site scripting (XSS) ...)
- TODO: check
+ NOT-FOR-US: MoveIT
CVE-2023-30393
RESERVED
CVE-2023-30392
@@ -3735,7 +3735,7 @@ CVE-2023-30332
CVE-2023-30331 (An issue in the render function of beetl v3.15.0 allows attackers to e ...)
NOT-FOR-US: beetl
CVE-2023-30330 (SoftExpert (SE) Excellence Suite 2.x versions before 2.1.3 is vulnerab ...)
- TODO: check
+ NOT-FOR-US: SoftExpert (SE) Excellence Suite
CVE-2023-30329
RESERVED
CVE-2023-30328 (An issue in the helper tool of Mailbutler GmbH Shimo VPN Client for ma ...)
@@ -3887,7 +3887,7 @@ CVE-2023-30258
CVE-2023-30257 (A buffer overflow in the component /proc/ftxxxx-debug of FiiO M6 Build ...)
NOT-FOR-US: FiiO M6
CVE-2023-30256 (Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 all ...)
- TODO: check
+ NOT-FOR-US: Webkil QloApps
CVE-2023-30255
RESERVED
CVE-2023-30254
@@ -4015,7 +4015,7 @@ CVE-2023-30194 (Prestashop posstaticfooter <= 1.0.0 is vulnerable to SQL Injecti
CVE-2023-30193
RESERVED
CVE-2023-30192 (Prestashop possearchproducts 1.7 is vulnerable to SQL Injection via Po ...)
- TODO: check
+ NOT-FOR-US: Prestashop
CVE-2023-30191
RESERVED
CVE-2023-30190
@@ -4827,9 +4827,9 @@ CVE-2023-29811
CVE-2023-29810
RESERVED
CVE-2023-29809 (SQL injection vulnerability found in Maximilian Vogt companymaps (cmap ...)
- TODO: check
+ NOT-FOR-US: Maximilian Vogt companymaps (cmaps)
CVE-2023-29808 (Cross Site Scripting (XSS) vulnerability in vogtmh cmaps (companymaps) ...)
- TODO: check
+ NOT-FOR-US: Maximilian Vogt companymaps (cmaps)
CVE-2023-29807
RESERVED
CVE-2023-29806
@@ -4863,9 +4863,9 @@ CVE-2023-29793
CVE-2023-29792
RESERVED
CVE-2023-29791 (kodbox <= 1.37 is vulnerable to Cross Site Scripting (XSS) via the deb ...)
- TODO: check
+ NOT-FOR-US: kodbox
CVE-2023-29790 (kodbox 1.2.x through 1.3.7 has a Sensitive Information Leakage issue.)
- TODO: check
+ NOT-FOR-US: kodbox
CVE-2023-29789
RESERVED
CVE-2023-29788
@@ -6311,33 +6311,33 @@ CVE-2023-29288
CVE-2023-29287
RESERVED
CVE-2023-29286 (Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-29285 (Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-29284 (Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-29283 (Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-29282 (Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-29281 (Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-29280 (Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-29279 (Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-29278 (Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-29277 (Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-29276 (Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-29275 (Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-29274 (Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-29273 (Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-1860 (A vulnerability was found in Keysight IXIA Hawkeye 3.3.16.28. It has b ...)
NOT-FOR-US: Keysight IXIA Hawkeye
CVE-2023-1859
@@ -6438,7 +6438,7 @@ CVE-2023-29248
CVE-2023-29247 (Task instance details page in the UI is vulnerable to a stored XSS.Thi ...)
- airflow <itp> (bug #819700)
CVE-2023-29246 (An attacker who has gained access to an admin account can perform RCE ...)
- TODO: check
+ NOT-FOR-US: Apache OpenMeetings
CVE-2023-29239
RESERVED
CVE-2023-29238
@@ -7179,7 +7179,7 @@ CVE-2023-1712 (Use of Hard-coded, Security-relevant Constants in GitHub reposito
CVE-2023-1711
RESERVED
CVE-2023-29032 (An attacker that has gained access to certain private information can ...)
- TODO: check
+ NOT-FOR-US: Apache OpenMeetings
CVE-2023-29031 (A cross site scripting vulnerability was discovered in Rockwell Automa ...)
NOT-FOR-US: Rockwell Automation
CVE-2023-29030 (A cross site scripting vulnerability was discovered in Rockwell Automa ...)
@@ -7502,7 +7502,7 @@ CVE-2023-1674 (A vulnerability was found in SourceCodester School Registration a
CVE-2023-1673
RESERVED
CVE-2023-28936 (Attacker can access arbitrary recording/room Vendor: The Apache Softw ...)
- TODO: check
+ NOT-FOR-US: Apache OpenMeetings
CVE-2023-28935 (** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Ele ...)
NOT-FOR-US: Apache UIMA UICC
CVE-2023-28744
@@ -9523,15 +9523,15 @@ CVE-2023-28363
CVE-2023-28362
RESERVED
CVE-2023-28361 (A Cross-site WebSocket Hijacking (CSWSH) vulnerability found in UniFi ...)
- TODO: check
+ NOT-FOR-US: UniFi OS
CVE-2023-28360 (An omission of security-relevant information vulnerability exists in B ...)
TODO: check
CVE-2023-28359 (A NoSQL injection vulnerability has been identified in the listEmojiCu ...)
- TODO: check
+ NOT-FOR-US: Rocket.Chat
CVE-2023-28358 (A vulnerability has been discovered in Rocket.Chat where a markdown pa ...)
- TODO: check
+ NOT-FOR-US: Rocket.Chat
CVE-2023-28357 (A vulnerability has been identified in Rocket.Chat, where the ACL chec ...)
- TODO: check
+ NOT-FOR-US: Rocket.Chat
CVE-2023-28356 (A vulnerability has been identified where a maliciously crafted messag ...)
TODO: check
CVE-2023-28355
@@ -9748,7 +9748,7 @@ CVE-2022-48404
CVE-2022-48403
RESERVED
CVE-2023-28325 (An improper authorization vulnerability exists in Rocket.Chat <6.0 tha ...)
- TODO: check
+ NOT-FOR-US: Rocket.Chat
CVE-2023-28324
RESERVED
CVE-2023-28323
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9735294633706cf108ad7766c64062f3b309f686
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9735294633706cf108ad7766c64062f3b309f686
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230512/0df4d3fe/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list