[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c2490cdf by Moritz Muehlenhoff at 2023-11-15T09:53:00+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,69 +15,69 @@ CVE-2023-4889 (The Shareaholic plugin for WordPress is vulnerable to Stored Cros
 CVE-2023-48217 (Statamic is a flat-first, Laravel + Git powered CMS designed for build ...)
 	NOT-FOR-US: Statamic CMS
 CVE-2023-47678 (An improper access control vulnerability exists in RT-AC87U all versio ...)
-	TODO: check
+	NOT-FOR-US: ASUSTeK
 CVE-2023-47641 (aiohttp is an asynchronous HTTP client/server framework for asyncio an ...)
 	TODO: check
 CVE-2023-47640 (DataHub is an open-source metadata platform. The HMAC signature for Da ...)
-	TODO: check
+	NOT-FOR-US: DataHub
 CVE-2023-47631 (vantage6 is a framework to manage and deploy privacy enhancing technol ...)
-	TODO: check
+	NOT-FOR-US: vantage6
 CVE-2023-47630 (Kyverno is a policy engine designed for Kubernetes. An issue was found ...)
-	TODO: check
+	NOT-FOR-US: Kyverno
 CVE-2023-47627 (aiohttp is an asynchronous HTTP client/server framework for asyncio an ...)
 	TODO: check
 CVE-2023-47586 (Multiple heap-based buffer overflow vulnerabilities exist in V-Server  ...)
-	TODO: check
+	NOT-FOR-US: FUJI
 CVE-2023-47585 (Out-of-bounds read vulnerability exists in V-Server V4.0.18.0 and earl ...)
-	TODO: check
+	NOT-FOR-US: FUJI
 CVE-2023-47584 (Out-of-bounds write vulnerability exists in V-Server V4.0.18.0 and ear ...)
-	TODO: check
+	NOT-FOR-US: FUJI
 CVE-2023-47583 (Multiple out-of-bounds read vulnerabilities exist in TELLUS Simulator  ...)
-	TODO: check
+	NOT-FOR-US: FUJI
 CVE-2023-47582 (Access of uninitialized pointer vulnerability exists in TELLUS V4.0.17 ...)
-	TODO: check
+	NOT-FOR-US: FUJI
 CVE-2023-47581 (Out-of-bounds read vulnerability exists in TELLUS V4.0.17.0 and earlie ...)
-	TODO: check
+	NOT-FOR-US: FUJI
 CVE-2023-47580 (Multiple improper restriction of operations within the bounds of a mem ...)
-	TODO: check
+	NOT-FOR-US: FUJI
 CVE-2023-47549 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability on302 respo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47547 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPFactor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47546 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerabilityin Walte ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47545 (Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Fat ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47544 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Atarim Visu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47533 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in wpde ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47532 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Themeum  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47528 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sajj ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47524 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability (requiresPH ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47522 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Photo Fe ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47520 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Michael  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47518 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Matthew  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47517 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in SendPres ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47446 (Pre-School Enrollment version 1.0 is vulnerable to Cross Site Scriptin ...)
-	TODO: check
+	NOT-FOR-US: Pre-School Enrollment
 CVE-2023-47445 (Pre-School Enrollment version 1.0 is vulnerable to SQL Injection via t ...)
-	TODO: check
+	NOT-FOR-US: Pre-School Enrollment version
 CVE-2023-47309 (Nukium nkmgls before version 3.0.2 is vulnerable to Cross Site Scripti ...)
-	TODO: check
+	NOT-FOR-US: Nukium nkmgls
 CVE-2023-47308 (In the module "Newsletter Popup PRO with Voucher/Coupon code" (newslet ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop addon
 CVE-2023-47130 (Yii is an open source PHP web framework. yiisoft/yii before version 1. ...)
-	TODO: check
+	- yii <itp> (bug #597899)
 CVE-2023-47125 (TYPO3 is an open source PHP based web content management system releas ...)
-	TODO: check
+	NOT-FOR-US: TYPO3
 CVE-2023-46672 (An issue was identified by Elastic whereby sensitive information is re ...)
 	TODO: check
 CVE-2023-46582 (SQL injection vulnerability in Inventory Management v.1.0 allows a loc ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c2490cdffab061b0e80494e870971aa502d4325b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c2490cdffab061b0e80494e870971aa502d4325b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231115/1a68c787/attachment.htm>