[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Nov 10 08:19:43 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
592d92ef by Salvatore Bonaccorso at 2023-11-10T09:19:17+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,63 +1,63 @@
CVE-2023-6073 (Attacker can perform a Denial of Service attack to crash the ICAS 3 IV ...)
- TODO: check
+ NOT-FOR-US: Volkswagen
CVE-2023-6069 (Improper Input Validation in GitHub repository froxlor/froxlor prior t ...)
- froxlor <itp> (bug #581792)
CVE-2023-5954 (HashiCorp Vault and Vault Enterprise inbound client requests triggerin ...)
- TODO: check
+ NOT-FOR-US: HashiCorp Vault
CVE-2023-4379 (An issue has been discovered in GitLab EE affecting all versions start ...)
TODO: check
CVE-2023-47800 (Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default pass ...)
- TODO: check
+ NOT-FOR-US: Natus NeuroWorks and SleepWorks
CVE-2023-47246 (In SysAid On-Premise before 23.3.36, a path traversal vulnerability le ...)
- TODO: check
+ NOT-FOR-US: SysAid
CVE-2023-46729 (sentry-javascript provides Sentry SDKs for JavaScript. An unsanitized ...)
TODO: check
CVE-2023-45167 (IBM AIX's 7.3 Python implementation could allow a non-privileged local ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-39796 (SQL injection vulnerability in the miniform module in WBCE CMS v.1.6.0 ...)
- TODO: check
+ NOT-FOR-US: WBCE CMS
CVE-2023-36024 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36014 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-34031 (Cross-Site Request Forgery (CSRF) vulnerability in Pascal Casier bbPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34025 (Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Hide Login ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34024 (Cross-Site Request Forgery (CSRF) vulnerability in Guillemant David WP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32794 (Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32745 (Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Automat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32744 (Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32739 (Cross-Site Request Forgery (CSRF) vulnerability in Web_Trendy WP Custo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32602 (Cross-Site Request Forgery (CSRF) vulnerability in LOKALYZE CALL ME NO ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32594 (Cross-Site Request Forgery (CSRF) vulnerability in Benedict B., Maciej ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32592 (Cross-Site Request Forgery (CSRF) vulnerability in Palasthotel by Edwa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32587 (Cross-Site Request Forgery (CSRF) vulnerability in WP Reactions, LLC W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32579 (Cross-Site Request Forgery (CSRF) vulnerability in Designs & Code Forg ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32512 (Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel ShortPix ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32502 (Cross-Site Request Forgery (CSRF) vulnerability in Sybre Waaijer Pro M ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32501 (Cross-Site Request Forgery (CSRF) vulnerability in E4J s.R.L. VikBooki ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32500 (Cross-Site Request Forgery (CSRF) vulnerability in xtemos WoodMart - M ...)
- TODO: check
+ NOT-FOR-US: WordPress Theme
CVE-2023-32125 (Cross-Site Request Forgery (CSRF) vulnerability in Daniel Powney Multi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32093 (Cross-Site Request Forgery (CSRF) vulnerability in Criss Swaim TPG Red ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32092 (Cross-Site Request Forgery (CSRF) vulnerability in PeepSo Community by ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6054 (A vulnerability, which was classified as critical, was found in Tongda ...)
NOT-FOR-US: Tongda OA
CVE-2023-6053 (A vulnerability, which was classified as critical, has been found in T ...)
@@ -25796,7 +25796,7 @@ CVE-2023-31237
CVE-2023-31236 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in unFo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-31235 (Cross-Site Request Forgery (CSRF) vulnerability in Roland Barker, xnau ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-31234
RESERVED
CVE-2023-31233 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Haoq ...)
@@ -26301,7 +26301,7 @@ CVE-2023-31095
CVE-2023-31094 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Lauri Ka ...)
NOT-FOR-US: WooCommerce plugin
CVE-2023-31093 (Cross-Site Request Forgery (CSRF) vulnerability in Chronosly Chronosly ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-31092
RESERVED
CVE-2023-31091 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Prad ...)
@@ -26311,11 +26311,11 @@ CVE-2023-31090
CVE-2023-31089
RESERVED
CVE-2023-31088 (Cross-Site Request Forgery (CSRF) vulnerability in Faraz Quazi Floatin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-31087 (Cross-Site Request Forgery (CSRF) vulnerability in JoomSky JS Job Mana ...)
NOT-FOR-US: WordPress plugin
CVE-2023-31086 (Cross-Site Request Forgery (CSRF) vulnerability in Igor Benic Simple G ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-31085 (An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel ...)
- linux <unfixed> (unimportant)
NOTE: https://lore.kernel.org/all/687864524.118195.1681799447034.JavaMail.zimbra@nod.at/
@@ -29566,7 +29566,7 @@ CVE-2023-29977
CVE-2023-29976
RESERVED
CVE-2023-29975 (An issue discovered in Pfsense CE version 2.6.0 allows attackers to ch ...)
- TODO: check
+ NOT-FOR-US: Pfsense CE
CVE-2023-29974 (An issue discovered in Pfsense CE version 2.6.0 allows attackers to co ...)
NOT-FOR-US: Pfsense CE
CVE-2023-29973 (Pfsense CE version 2.6.0 is vulnerable to No rate limit which can lead ...)
@@ -375018,7 +375018,7 @@ CVE-2018-8865 (In Lantech IDS 2102 2.0 and prior, a stack-based buffer overflow
CVE-2018-8864 (In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MH ...)
NOT-FOR-US: ATI Systems Emergency Mass Notification Systems devices
CVE-2018-8863 (The HTTP header in Philips EncoreAnywhere contains data an attacker ma ...)
- TODO: check
+ NOT-FOR-US: Philips EncoreAnywhere
CVE-2018-8862 (In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MH ...)
NOT-FOR-US: ATI Systems Emergency Mass Notification Systems devices
CVE-2018-8861 (Vulnerabilities within the Philips Brilliance CT kiosk environment (Br ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/592d92efa60c5097a54a5106abcc9a9123728b45
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/592d92efa60c5097a54a5106abcc9a9123728b45
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231110/3af248d1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list