[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Nov 3 20:22:57 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8823299e by Salvatore Bonaccorso at 2023-11-03T21:22:32+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,47 +1,47 @@
 CVE-2023-5946 (The Digirisk plugin for WordPress is vulnerable to Reflected Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5945 (The video carousel slider with lightbox plugin for WordPress is vulner ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5707 (The SEO Slider plugin for WordPress is vulnerable to Stored Cross-Site ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5088 (A bug in QEMU could cause a guest I/O operation otherwise addressed to ...)
 	TODO: check
 CVE-2023-4769 (A SSRF vulnerability has been found in ManageEngine Desktop Central af ...)
-	TODO: check
+	NOT-FOR-US: ManageEngine Desktop Central
 CVE-2023-4768 (A CRLF injection vulnerability has been found in ManageEngine Desktop  ...)
-	TODO: check
+	NOT-FOR-US: ManageEngine Desktop Central
 CVE-2023-4767 (A CRLF injection vulnerability has been found in ManageEngine Desktop  ...)
-	TODO: check
+	NOT-FOR-US: ManageEngine Desktop Central
 CVE-2023-4592 (A Cross-Site Scripting vulnerability has been detected in WPN-XM Serve ...)
-	TODO: check
+	NOT-FOR-US: WPN-XM Serverstack
 CVE-2023-4591 (A local file inclusion vulnerability has been found in WPN-XM Serverst ...)
-	TODO: check
+	NOT-FOR-US: WPN-XM Serverstack
 CVE-2023-4043 (In Eclipse Parsson before versions 1.1.4 and 1.0.5, Parsing JSON from  ...)
 	TODO: check
 CVE-2023-46980 (An issue in Best Courier Management System v.1.0 allows a remote attac ...)
-	TODO: check
+	NOT-FOR-US: Best Courier Management System
 CVE-2023-46947 (Subrion 4.2.1 has a remote command execution vulnerability in the back ...)
-	TODO: check
+	NOT-FOR-US: Subrion
 CVE-2023-46404 (PCRS <= 3.11 (d0de1e) \u201cQuestions\u201d page and \u201cCode editor ...)
-	TODO: check
+	NOT-FOR-US: PCRS
 CVE-2023-41726 (Ivanti Avalanche Incorrect Default Permissions allows Local Privilege  ...)
-	TODO: check
+	NOT-FOR-US: Ivanti
 CVE-2023-41725 (Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Loc ...)
-	TODO: check
+	NOT-FOR-US: Ivanti
 CVE-2023-41652 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: David F. Carr RSVPMaker rsvpmaker
 CVE-2023-3277 (The MStore API plugin for WordPress is vulnerable to Unauthorized Acco ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-39301 (A server-side request forgery (SSRF) vulnerability has been reported t ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2023-39299 (A path traversal vulnerability has been reported to affect Music Stati ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2023-36529 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress theme
 CVE-2023-34383 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: weDevs WP Project Manager wedevs-project-manager
 CVE-2023-34179 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: Groundhogg
 CVE-2023-32508 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
 	TODO: check
 CVE-2023-32121 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
@@ -49011,9 +49011,9 @@ CVE-2023-23371 (A cleartext transmission of sensitive information vulnerability
 CVE-2023-23370 (An insufficiently protected credentials vulnerability has been reporte ...)
 	NOT-FOR-US: QNAP
 CVE-2023-23369 (An OS command injection vulnerability has been reported to affect seve ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2023-23368 (An OS command injection vulnerability has been reported to affect seve ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2023-23367
 	RESERVED
 CVE-2023-23366 (A path traversal vulnerability has been reported to affect Music Stati ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8823299edb8c68c591fa75ef45ada177110a431b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8823299edb8c68c591fa75ef45ada177110a431b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231103/7d98936b/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list