[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dafe289f by Salvatore Bonaccorso at 2023-09-27T10:52:48+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,37 +1,37 @@
 CVE-2023-5183 (Unsafe deserialization of untrusted JSON allows execution of arbitrary ...)
-	TODO: check
+	NOT-FOR-US: Illumio
 CVE-2023-4934 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: Usta" AYBS
 CVE-2023-4737 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: Hedef Tracking Admin Panel
 CVE-2023-4423 (The WP Event Manager \u2013 Events Calendar, Registrations, Sell Ticke ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-44216 (PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU de ...)
 	TODO: check
 CVE-2023-44044 (Super Store Finder v3.6 and below was discovered to contain a SQL inje ...)
-	TODO: check
+	NOT-FOR-US: Super Store Finder
 CVE-2023-44043 (A stored cross-site scripting (XSS) vulnerability in /settings/index.p ...)
-	TODO: check
+	NOT-FOR-US: Black Cat CMS
 CVE-2023-44042 (A stored cross-site scripting (XSS) vulnerability in /settings/index.p ...)
-	TODO: check
+	NOT-FOR-US: Black Cat CMS
 CVE-2023-43825 (Relative path traversal vulnerability in Shihonkanri Plus Ver9.0.3 and ...)
-	TODO: check
+	NOT-FOR-US: Shihonkanri Plus
 CVE-2023-43645 (OpenFGA is an authorization/permission engine built for developers and ...)
-	TODO: check
+	NOT-FOR-US: OpenFGA
 CVE-2023-43381 (SQL Injection vulnerability in Tianchoy Blog v.1.8.8 allows a remote a ...)
-	TODO: check
+	NOT-FOR-US: Tianchoy Blog
 CVE-2023-43331 (A cross-site scripting (XSS) vulnerability in the Add User function of ...)
-	TODO: check
+	NOT-FOR-US: Small CRM
 CVE-2023-43291 (Deserialization of Untrusted Data in emlog pro v.2.1.15 and earlier al ...)
-	TODO: check
+	NOT-FOR-US: emlog
 CVE-2023-43263 (A Cross-site scripting (XSS) vulnerability in Froala Editor v.4.1.1 al ...)
-	TODO: check
+	NOT-FOR-US: Froala Editor
 CVE-2023-43232 (A stored cross-site scripting (XSS) vulnerability in the Website colum ...)
-	TODO: check
+	NOT-FOR-US: DedeBIZ
 CVE-2023-43187 (A remote code execution (RCE) vulnerability in the xmlrpc.php endpoint ...)
-	TODO: check
+	NOT-FOR-US: NodeBB
 CVE-2023-43154 (In Macrob7 Macs Framework Content Management System (CMS) 1.1.4f, loos ...)
-	TODO: check
+	NOT-FOR-US: Macrob7 Macs Framework Content Management System (CMS)
 CVE-2023-42820 (JumpServer is an open source bastion host. This vulnerability is due t ...)
 	TODO: check
 CVE-2023-42819 (JumpServer is an open source bastion host. Logged-in users can access  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dafe289f3319a1ded9b2aa9309ffa5d89147e71f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dafe289f3319a1ded9b2aa9309ffa5d89147e71f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230927/82e965b0/attachment.htm>