[Git][security-tracker-team/security-tracker][master] Process more NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f157bca7 by Salvatore Bonaccorso at 2023-11-30T21:37:52+01:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -153,7 +153,7 @@ CVE-2023-48331 (Cross-Site Request Forgery (CSRF) vulnerability in Stormhill Med
 CVE-2023-48330 (Cross-Site Request Forgery (CSRF) vulnerability in Mike Strand Bulk Co ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-48329 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-48328 (Cross-Site Request Forgery (CSRF) vulnerability in Imagely WordPress G ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-48326 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -281,11 +281,11 @@ CVE-2023-34388 (AnImproper Authentication vulnerability in the Schweitzer Engine
 CVE-2023-34030 (Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugi ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-34018 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-33333 (Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-32291 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-49620 (Before DolphinScheduler version 3.1.0, the login user could delete UDF ...)
 	NOT-FOR-US: Apache DolphinScheduler
 CVE-2023-49733 (Improper Restriction of XML External Entity Reference vulnerability in ...)
@@ -29235,9 +29235,9 @@ CVE-2023-31179 (AgilePoint NX v8.0 SU2.2 & SU2.3 - Path traversal -Vulnerability
 CVE-2023-31178 (AgilePoint NX v8.0 SU2.2 & SU2.3 \u2013 Arbitrary File DeleteVulnerabi ...)
 	NOT-FOR-US: AgilePoint
 CVE-2023-31177 (An Improper Neutralization of Input During Web Page Generation ('Cross ...)
-	TODO: check
+	NOT-FOR-US: Schweitzer Engineering Laboratories SEL-451
 CVE-2023-31176 (An Insufficient Entropy vulnerability in the Schweitzer Engineering La ...)
-	TODO: check
+	NOT-FOR-US: Schweitzer Engineering Laboratories SEL-451
 CVE-2023-31175 (An Execution with Unnecessary Privileges vulnerability in the Schweitz ...)
 	NOT-FOR-US: Schweitzer Engineering Laboratories
 CVE-2023-31174 (A Cross-Site Request Forgery (CSRF) vulnerability in the Schweitzer En ...)
@@ -29396,13 +29396,13 @@ CVE-2023-2269 (A denial of service problem was found, due to a possible recursiv
 CVE-2023-2268 (Plane version 0.7.1 allows an unauthenticated attacker to view all sto ...)
 	NOT-FOR-US: Plane
 CVE-2023-2267 (An Improper Input Validation vulnerability in Schweitzer Engineering L ...)
-	TODO: check
+	NOT-FOR-US: Schweitzer Engineering Laboratories SEL-411L
 CVE-2023-2266 (AnImproper neutralization of input during web page generation in the S ...)
-	TODO: check
+	NOT-FOR-US: Schweitzer Engineering Laboratories SEL-411L
 CVE-2023-2265 (AnImproper Restriction of Rendered UI Layers or Frames in the Schweitz ...)
-	TODO: check
+	NOT-FOR-US: Schweitzer Engineering Laboratories SEL-411L
 CVE-2023-2264 (An improper input validation vulnerability in the Schweitzer Engineeri ...)
-	TODO: check
+	NOT-FOR-US: Schweitzer Engineering Laboratories SEL-411L
 CVE-2023-2263 (The Rockwell Automation Kinetix 5700 DC Bus Power Supply Series A is v ...)
 	NOT-FOR-US: Rockwell Automation
 CVE-2023-2262 (A buffer overflow vulnerability exists in the Rockwell Automation sele ...)
@@ -43492,7 +43492,7 @@ CVE-2023-26535 (Cross-Site Request Forgery (CSRF) vulnerability in WPPOOL Sheets
 CVE-2023-26534 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in OneW ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-26533 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-26532 (Cross-Site Request Forgery (CSRF) vulnerability in AccessPress Themes  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-26531 (Cross-Site Request Forgery (CSRF) vulnerability in \u95ea\u7535\u535a  ...)
@@ -48144,7 +48144,7 @@ CVE-2023-25059 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
 CVE-2023-25058 (Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Sc ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-25057 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-25056 (Cross-Site Request Forgery (CSRF) vulnerability in SlickRemix Feed The ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-25055 (Cross-Site Request Forgery (CSRF) vulnerability in Amit Agarwal Google ...)
@@ -167212,7 +167212,7 @@ CVE-2021-36808 (A local attacker could bypass the app password using a race cond
 CVE-2021-36807 (An authenticated user could potentially execute code via an SQLi vulne ...)
 	NOT-FOR-US: Sophos
 CVE-2021-36806 (A reflected XSS vulnerability allows an open redirect when the victim  ...)
-	TODO: check
+	NOT-FOR-US: Sophos
 CVE-2020-36431 (Unicorn Engine 1.0.2 has an out-of-bounds write in helper_wfe_arm.)
 	NOT-FOR-US: Unicorn Engine
 CVE-2020-36430 (libass 0.15.x before 0.15.1 has a heap-based buffer overflow in decode ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f157bca7ddd50f3b30e6d3f369ac5d284c2fcf01

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f157bca7ddd50f3b30e6d3f369ac5d284c2fcf01
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231130/179d4d4a/attachment.htm>