[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jan 5 20:36:43 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b239a420 by Salvatore Bonaccorso at 2024-01-05T21:36:11+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,89 +1,89 @@
CVE-2024-0247 (A vulnerability classified as critical was found in CodeAstro Online F ...)
- TODO: check
+ NOT-FOR-US: CodeAstro Online Food Ordering System
CVE-2024-0246 (A vulnerability classified as problematic has been found in IceWarp 12 ...)
- TODO: check
+ NOT-FOR-US: IceWarp
CVE-2023-52151 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52149 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Floatin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52148 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52146 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52145 (Cross-Site Request Forgery (CSRF) vulnerability in Marios Alexandrou R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52143 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52136 (Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Custo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52130 (Cross-Site Request Forgery (CSRF) vulnerability in wp.Insider, wpaffil ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52129 (Cross-Site Request Forgery (CSRF) vulnerability in Michael Winkler tea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52128 (Cross-Site Request Forgery (CSRF) vulnerability in WhiteWP White Label ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52127 (Cross-Site Request Forgery (CSRF) vulnerability in WPClever WPC Produc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52126 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52125 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52124 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52123 (Cross-Site Request Forgery (CSRF) vulnerability in WPChill Strong Test ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52122 (Cross-Site Request Forgery (CSRF) vulnerability in PressTigers Simple ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52121 (Cross-Site Request Forgery (CSRF) vulnerability in NitroPack Inc. Nitr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52120 (Cross-Site Request Forgery (CSRF) vulnerability in Basix NEX-Forms \u2 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52119 (Cross-Site Request Forgery (CSRF) vulnerability in Icegram Icegram Eng ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51678 (Cross-Site Request Forgery (CSRF) vulnerability in Doofinder Doofinder ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51673 (Cross-Site Request Forgery (CSRF) vulnerability in Designful Stylish P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51668 (Cross-Site Request Forgery (CSRF) vulnerability in WP Zone Inline Imag ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51539 (Cross-Site Request Forgery (CSRF) vulnerability in Apollo13Themes Apol ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51538 (Cross-Site Request Forgery (CSRF) vulnerability in Awesome Support Tea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51535 (Cross-Site Request Forgery (CSRF) vulnerability in \u0421leanTalk - An ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50991 (Buffer Overflow vulnerability in Tenda i29 versions 1.0 V1.0.0.5 and 1 ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-50027 (SQL Injection vulnerability in Buy Addons baproductzoommagnifier modul ...)
- TODO: check
+ NOT-FOR-US: PrestaShop module
CVE-2023-47560 (An OS command injection vulnerability has been reported to affect QuMa ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-47559 (A cross-site scripting (XSS) vulnerability has been reported to affect ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-47219 (A SQL injection vulnerability has been reported to affect QuMagie. If ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-45044 (A buffer copy without checking size of input vulnerability has been re ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-45043 (A buffer copy without checking size of input vulnerability has been re ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-45042 (A buffer copy without checking size of input vulnerability has been re ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-45041 (A buffer copy without checking size of input vulnerability has been re ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-45040 (A buffer copy without checking size of input vulnerability has been re ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-45039 (A buffer copy without checking size of input vulnerability has been re ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-41289 (An OS command injection vulnerability has been reported to affect Qcal ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-41288 (An OS command injection vulnerability has been reported to affect Vide ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-41287 (A SQL injection vulnerability has been reported to affect Video Statio ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-39296 (A prototype pollution vulnerability has been reported to affect severa ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-39294 (An OS command injection vulnerability has been reported to affect seve ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2024-22088 (Lotos WebServer through 0.1.1 (commit 3eb36cc) has a use-after-free in ...)
NOT-FOR-US: Lotos WebServer
CVE-2024-22087 (route in main.c in Pico HTTP Server in C through f3b69a6 has an sprint ...)
@@ -69329,7 +69329,7 @@ CVE-2022-46841 (Cross-Site Request Forgery (CSRF) vulnerability in Soflyy Oxygen
CVE-2022-46840
RESERVED
CVE-2022-46839 (Unrestricted Upload of File with Dangerous Type vulnerability in JS He ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-46838
RESERVED
CVE-2022-4391 (The Vision Interactive For WordPress plugin through 1.5.3 does not san ...)
@@ -100851,7 +100851,7 @@ CVE-2022-36679 (Simple Task Scheduling System v1.0 was discovered to contain a S
CVE-2022-36678 (Simple Task Scheduling System v1.0 was discovered to contain a SQL inj ...)
NOT-FOR-US: Simple Task Scheduling System
CVE-2022-36677 (Obsidian Mind Map v1.1.0 allows attackers to execute arbitrary code vi ...)
- TODO: check
+ NOT-FOR-US: Obsidian
CVE-2022-36676 (Simple Task Scheduling System v1.0 was discovered to contain a SQL inj ...)
NOT-FOR-US: Simple Task Scheduling System
CVE-2022-36675 (Simple Task Scheduling System v1.0 was discovered to contain a SQL inj ...)
@@ -262041,7 +262041,7 @@ CVE-2020-13881 (In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ sha
NOTE: https://github.com/kravietz/pam_tacplus/commit/4a9852c31c2fd0c0e72fbb689a586aabcfb11cb0
NOTE: https://github.com/kravietz/pam_tacplus/issues/149
CVE-2020-13880 (IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+1cbf heap-bas ...)
- TODO: check
+ NOT-FOR-US: IrfanView B3D PlugIns
CVE-2020-13879 (IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+214f heap-bas ...)
NOT-FOR-US: IrfanView B3D PlugIns
CVE-2020-13878 (IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+27ef heap-bas ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b239a420c96625e45dab85c7c17ba214f5523632
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b239a420c96625e45dab85c7c17ba214f5523632
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240105/5b09bd42/attachment.htm>
More information about the debian-security-tracker-commits
mailing list