[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Oct 3 21:42:38 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
147e0f96 by Salvatore Bonaccorso at 2023-10-03T22:42:11+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
CVE-2023-5353 (Improper Access Control in GitHub repository salesagility/suitecrm pri ...)
- TODO: check
+ NOT-FOR-US: suitecrm
CVE-2023-5351 (Cross-site Scripting (XSS) - Stored in GitHub repository salesagility/ ...)
- TODO: check
+ NOT-FOR-US: suitecrm
CVE-2023-5350 (SQL Injection in GitHub repository salesagility/suitecrm prior to 7.14 ...)
- TODO: check
+ NOT-FOR-US: suitecrm
CVE-2023-5255 (For certificates that utilize the auto-renew feature in Puppet Server, ...)
TODO: check
CVE-2023-4929 (All firmware versions of the NPort 5000 Series are affected by an impr ...)
- TODO: check
+ NOT-FOR-US: Moxa
CVE-2023-4886 (A sensitive information exposure vulnerability was found in foreman. C ...)
TODO: check
CVE-2023-4885 (Man in the Middle vulnerability, which could allow an attacker to inte ...)
@@ -43,33 +43,33 @@ CVE-2023-4098 (It has been identified that the web application does not correctl
CVE-2023-4097 (The file upload functionality is not implemented correctly and allows ...)
TODO: check
CVE-2023-43976 (An issue in CatoNetworks CatoClient before v.5.4.0 allows attackers to ...)
- TODO: check
+ NOT-FOR-US: CatoNetworks CatoClient
CVE-2023-42508 (JFrog Artifactory prior to version 7.66.0 is vulnerable to specific en ...)
- TODO: check
+ NOT-FOR-US: JFrog Artifactory
CVE-2023-41693 (Cross-Site Request Forgery (CSRF) vulnerability in edward_plainview My ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41244 (Cross-Site Request Forgery (CSRF) vulnerability in Buildfail Localize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40830 (Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index p ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-40558 (Cross-Site Request Forgery (CSRF) vulnerability in eMarket Design YouT ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40212 (Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Product ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40210 (Cross-Site Request Forgery (CSRF) vulnerability in Sean Barton (Tortoi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40202 (Cross-Site Request Forgery (CSRF) vulnerability in Hannes Etzelstorfer ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40201 (Cross-Site Request Forgery (CSRF) vulnerability inFuturioWP Futurio Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40199 (Cross-Site Request Forgery (CSRF) vulnerability in CRUDLab WP Like But ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40198 (Cross-Site Request Forgery (CSRF) vulnerability in Antsanchez Easy Coo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40009 (Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Pipes ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-3654 (cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwic ...)
- TODO: check
+ NOT-FOR-US: cashIT!
CVE-2023-3350 (A Cryptographic Issue vulnerability has been found on IBERMATICA RPS, ...)
TODO: check
CVE-2023-3349 (Information exposure vulnerability in IBERMATICA RPS 2019, which explo ...)
@@ -77,37 +77,37 @@ CVE-2023-3349 (Information exposure vulnerability in IBERMATICA RPS 2019, which
CVE-2023-3196 (This vulnerability could allow an attacker to store a malicious JavaSc ...)
TODO: check
CVE-2023-39989 (Cross-Site Request Forgery (CSRF) vulnerability in 99robots Header Foo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39923 (Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme The Pos ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39917 (Cross-Site Request Forgery (CSRF) vulnerability in Photo Gallery Team ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39165 (Cross-Site Request Forgery (CSRF) vulnerability in Fetch Designs Sign- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39159 (Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Fraud P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39158 (Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Banner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38398 (Cross-Site Request Forgery (CSRF) vulnerability in Taboola plugin <=2. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38396 (Cross-Site Request Forgery (CSRF) vulnerability in Alain Gonzalez plug ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38390 (Cross-Site Request Forgery (CSRF) vulnerability in Anshul Labs Mobile ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38381 (Cross-Site Request Forgery (CSRF) vulnerability in Cyle Conoly WP-FlyB ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37998 (Cross-Site Request Forgery (CSRF) vulnerability in Saas Disabler plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37996 (Cross-Site Request Forgery (CSRF) vulnerability in GTmetrix GTmetrix f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37992 (Cross-Site Request Forgery (CSRF) vulnerability in PressPage Entertain ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37991 (Cross-Site Request Forgery (CSRF) vulnerability in Monchito.Net WP Emo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37990 (Cross-Site Request Forgery (CSRF) vulnerability in Mike Perelink Pro p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37891 (Cross-Site Request Forgery (CSRF) vulnerability in OptiMonk OptiMonk: ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34970 (A local non-privileged user can make improper GPU processing operation ...)
TODO: check
CVE-2023-33200 (A local non-privileged user can make improper GPU processing operation ...)
@@ -125,9 +125,9 @@ CVE-2023-32670 (Cross-Site Scripting vulnerability in BuddyBoss 2.2.9 version
CVE-2023-32669 (Authorization bypass vulnerability in BuddyBoss 2.2.9 version, the exp ...)
TODO: check
CVE-2023-32091 (Cross-Site Request Forgery (CSRF) vulnerability in POEditor plugin <=0 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2830 (Cross-Site Request Forgery (CSRF) vulnerability in Trustindex.Io WP Te ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2681 (An SQL Injection vulnerability has been found on Jorani version 1.0.0. ...)
TODO: check
CVE-2023-2544 (Authorization bypass vulnerability in UPV PEIX, affecting the componen ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/147e0f962617b4a6628b58580a28f122c2cc21ae
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/147e0f962617b4a6628b58580a28f122c2cc21ae
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231003/96eb1bb1/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list