[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Oct 26 21:19:42 BST 2023



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6cb3a26b by Moritz Muehlenhoff at 2023-10-26T22:19:18+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19,7 +19,7 @@ CVE-2023-5791 (A vulnerability, which was classified as problematic, was found i
 CVE-2023-5790 (A vulnerability classified as critical was found in SourceCodester Fil ...)
 	NOT-FOR-US: SourceCodester File Manager App
 CVE-2023-5789 (A vulnerability classified as problematic has been found in Dragon Pat ...)
-	TODO: check
+	NOT-FOR-US: Dragon Path
 CVE-2023-5787 (A vulnerability was found in Shaanxi Chanming Education Technology Sco ...)
 	NOT-FOR-US: Shaanxi Chanming Education Technology Score Query System
 CVE-2023-5786 (A vulnerability was found in GeoServer GeoWebCache up to 1.15.1. It ha ...)
@@ -39,59 +39,59 @@ CVE-2023-5780 (A vulnerability classified as critical was found in Tongda OA 201
 CVE-2023-5754 (Sielco PolyEco1000 uses a weak set of default administrative credentia ...)
 	NOT-FOR-US: Sielco PolyEco1000
 CVE-2023-5624 (Under certain conditions, Nessus Network Monitor was found to not prop ...)
-	TODO: check
+	NOT-FOR-US: Nessus Network Monitor
 CVE-2023-5623 (NNM failed to properly set ACLs on its installation directory, which c ...)
-	TODO: check
+	NOT-FOR-US: Nessus Network Monitor
 CVE-2023-5622 (Under certain conditions, Nessus Network Monitor could allow a low pri ...)
-	TODO: check
+	NOT-FOR-US: Nessus Network Monitor
 CVE-2023-46748 (An authenticated SQL injection vulnerability exists in the BIG-IP Conf ...)
-	TODO: check
+	NOT-FOR-US: F5
 CVE-2023-46747 (Undisclosed requests may bypass configuration utility authentication,  ...)
-	TODO: check
+	NOT-FOR-US: F5
 CVE-2023-46666 (An issue was discovered when using Document Level Security and the SPO ...)
-	TODO: check
+	NOT-FOR-US: Elastic Sharepoint Online Python Connector
 CVE-2023-46664 (Sielco PolyEco1000 is vulnerable to an improper access control vulnera ...)
-	TODO: check
+	NOT-FOR-US: Sielco
 CVE-2023-46663 (Sielco PolyEco1000 is vulnerable to an attacker bypassing authorizatio ...)
-	TODO: check
+	NOT-FOR-US: Sielco
 CVE-2023-46662 (Sielco PolyEco1000 is vulnerable to an information disclosure vulnerab ...)
-	TODO: check
+	NOT-FOR-US: Sielco
 CVE-2023-46661 (Sielco PolyEco1000 is vulnerable to an attacker escalating their privi ...)
-	TODO: check
+	NOT-FOR-US: Sielco
 CVE-2023-46450 (Sourcecodester Free and Open Source inventory management system 1.0 is ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2023-46449 (Sourcecodester Free and Open Source inventory management system v1.0 i ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2023-46435 (Sourcecodester Packers and Movers Management System v1.0 is vulnerable ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2023-46238 (ZITADEL is an identity infrastructure management system. ZITADEL users ...)
-	TODO: check
+	NOT-FOR-US: ZITADEL
 CVE-2023-46234 (browserify-sign is a package to duplicate the functionality of node's  ...)
 	TODO: check
 CVE-2023-46094 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Conversi ...)
-	TODO: check
+	NOT-FOR-US: WooCommerce plugin
 CVE-2023-46090 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WebDorad ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-46088 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mamm ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-46081 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Lavacode La ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-46077 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Arrow Pl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-46076 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RedNao W ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-46075 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in wpdevart ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-46074 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Borbis M ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-46072 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Michael  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-45869 (ILIAS 7.25 (2023-09-12) allows any authenticated user to execute arbit ...)
-	TODO: check
+	NOT-FOR-US: ILIAS
 CVE-2023-45868 (The Learning Module in ILIAS 7.25 (2023-09-12 release) allows an attac ...)
-	TODO: check
+	NOT-FOR-US: ILIAS
 CVE-2023-45867 (ILIAS (2013-09-12 release) contains a medium-criticality Directory Tra ...)
-	TODO: check
+	NOT-FOR-US: ILIAS
 CVE-2023-45317 (The application interface allows users to perform certain actions via  ...)
 	TODO: check
 CVE-2023-45228 (The application suffers from improper access control when editing user ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6cb3a26bfce6974959b65e00533778dd00b0563a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6cb3a26bfce6974959b65e00533778dd00b0563a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231026/60c604f8/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list