[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Nov 2 20:44:01 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c226fc9f by Salvatore Bonaccorso at 2023-11-02T21:43:30+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -31,77 +31,77 @@ CVE-2023-5875 (Mattermost Desktop fails to correctlyhandle permissions or prompt
CVE-2023-5860 (The Icons Font Loader plugin for WordPress is vulnerable to arbitrary ...)
NOT-FOR-US: WordPress plugin
CVE-2023-5846 (Franklin Fueling System TS-550 versions prior to 1.9.23.8960 are vulne ...)
- TODO: check
+ NOT-FOR-US: Franklin Fueling System TS-550
CVE-2023-5606 (The ChatBot for WordPress is vulnerable to Stored Cross-Site Scripting ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5035 (A vulnerability has been identified in PT-G503 Series firmware version ...)
- TODO: check
+ NOT-FOR-US: PT-G503 Series firmware
CVE-2023-4217 (A vulnerability has been identified in PT-G503 Series versions prior t ...)
- TODO: check
+ NOT-FOR-US: Moxa PT-G503 Series
CVE-2023-46925 (Reportico 7.1.21 is vulnerable to Cross Site Scripting (XSS).)
- TODO: check
+ NOT-FOR-US: Reportico
CVE-2023-46725 (FoodCoopShop is open source software for food coops and local shops. V ...)
- TODO: check
+ NOT-FOR-US: FoodCoopShop
CVE-2023-46475 (A Stored Cross-Site Scripting vulnerability was discovered in ZenTao 1 ...)
- TODO: check
+ NOT-FOR-US: ZenTao
CVE-2023-45347 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45346 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45345 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45344 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45343 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45342 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45341 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45340 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45339 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45338 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45337 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45336 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45335 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45334 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45333 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45332 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45331 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45330 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45329 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45328 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45327 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45326 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45325 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45324 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45323 (Online Food Ordering System v1.0 is vulnerable to multiple Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-43336 (Sangoma Technologies FreePBX before cdr 15.0.18, 16.0.40, 15.0.16, and ...)
- TODO: check
+ NOT-FOR-US: Sangoma FreePBX
CVE-2023-43193 (Submitty before v22.06.00 is vulnerable to Cross Site Scripting (XSS). ...)
- TODO: check
+ NOT-FOR-US: Submitty
CVE-2023-43087 (Dell PowerScale OneFS 8.2.x, 9.0.0.x-9.5.0.x contains an improper hand ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-43076 (Dell PowerScale OneFS 8.2.x,9.0.0.x-9.5.0.x contains a denial-of-servi ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-42802 (GLPI is a free asset and IT management software package. Starting in v ...)
TODO: check
CVE-2023-XXXX [VLC: OOW in MMS URL parsing]
@@ -31141,15 +31141,15 @@ CVE-2023-29049
CVE-2023-29048
RESERVED
CVE-2023-29047 (Imageconverter API endpoints provided methods that were not sufficient ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2023-29046 (Connections to external data sources, like e-mail autoconfiguration, w ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2023-29045 (Documents operations, in this case "drawing", could be manipulated to ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2023-29044 (Documents operations could be manipulated to contain invalid data type ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2023-29043 (Presentations may contain references to images, which are user-control ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2023-29042
REJECTED
CVE-2023-29041
@@ -39314,15 +39314,15 @@ CVE-2023-26458 (An information disclosure vulnerability exists in SAP Landscape
CVE-2023-26457 (SAP Content Server - version 7.53, does not sufficiently encode user-c ...)
NOT-FOR-US: SAP
CVE-2023-26456 (Users were able to set an arbitrary "product name" for OX Guard. The c ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2023-26455 (RMI was not requiring authentication when calling ChronosRMIService:se ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2023-26454 (Requests to fetch image metadata could be abused to include SQL querie ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2023-26453 (Requests to cache an image could be abused to include SQL queries that ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2023-26452 (Requests to cache an image and return its metadata could be abused to ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2023-26451 (Functions with insufficient randomness were used to generate authoriza ...)
NOT-FOR-US: OX App Suite
CVE-2023-26450 (The "OX Count" web service did not specify a media-type when processin ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c226fc9f25985b65ba144e97dceea4a943fc29a9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c226fc9f25985b65ba144e97dceea4a943fc29a9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231102/f6a57a47/attachment.htm>
More information about the debian-security-tracker-commits
mailing list