[Git][security-tracker-team/security-tracker][master] NFUs

Thu, 06 Apr 2023 09:25:46 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
471d0162 by Moritz Mühlenhoff at 2023-04-06T18:25:11+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15845,7 +15845,7 @@ CVE-2023-24023
 CVE-2023-24022 (Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB 
devices with  ...)
        NOT-FOR-US: Baicells
 CVE-2023-0432 (The web configuration service of the affected device contains 
an authe ...)
-       TODO: check
+       NOT-FOR-US: Delta Electronics
 CVE-2023-0431
        RESERVED
 CVE-2020-36655 (Yii Yii2 Gii before 2.2.2 allows remote attackers to execute 
arbitrary ...)
@@ -15907,7 +15907,7 @@ CVE-2023-23989
 CVE-2023-23988
        RESERVED
 CVE-2023-23987 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in WPEv ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-23986
        RESERVED
 CVE-2023-23985
@@ -15923,11 +15923,11 @@ CVE-2023-23981 (Auth. (admin+) Stored Cross-Site 
Scripting (XSS) vulnerability i
 CVE-2023-23980
        RESERVED
 CVE-2023-23979 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in 
Fullworks Q ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-23978
        RESERVED
 CVE-2023-23977 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) 
vulnerability i ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-23976
        RESERVED
 CVE-2023-23975
@@ -15937,9 +15937,9 @@ CVE-2023-23974 (Cross-Site Request Forgery (CSRF) 
vulnerability in Fullworks Qui
 CVE-2023-23973 (Cross-Site Request Forgery (CSRF) vulnerability in a3rev 
Software Cont ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-23972 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Smpl ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-23971 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Code ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-23970
        RESERVED
 CVE-2023-23907
@@ -16229,7 +16229,7 @@ CVE-2023-23880
 CVE-2023-23879
        RESERVED
 CVE-2023-23878 (Auth. (editor+) Stored Cross-Site Scripting (XSS) 
vulnerability in fli ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-23877
        RESERVED
 CVE-2023-23876
@@ -16245,7 +16245,7 @@ CVE-2023-23872
 CVE-2023-23871
        RESERVED
 CVE-2023-23870 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in wpde ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-23869
        RESERVED
 CVE-2023-23868
@@ -16401,7 +16401,7 @@ CVE-2023-23823
 CVE-2023-23822
        RESERVED
 CVE-2023-23821 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Marc ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-23820
        RESERVED
 CVE-2023-23819
@@ -16413,7 +16413,7 @@ CVE-2023-23817
 CVE-2023-23816
        RESERVED
 CVE-2023-23815 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) 
vulnerability i ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-23814
        RESERVED
 CVE-2023-23813
@@ -16535,7 +16535,7 @@ CVE-2023-0384
 CVE-2023-0383
        RESERVED
 CVE-2023-0382 (User-controlled operations could have allowed Denial of Service 
in M-F ...)
-       TODO: check
+       NOT-FOR-US: M-Files Server
 CVE-2023-0381 (The GigPress WordPress plugin through 2.3.28 does not validate 
and esc ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-0380 (The Easy Digital Downloads WordPress plugin before 3.1.0.5 does 
not va ...)
@@ -16659,7 +16659,7 @@ CVE-2023-0358 (Use After Free in GitHub repository 
gpac/gpac prior to 2.3.0-DEV.
        NOTE: https://huntr.dev/bounties/93e128ed-253f-4c42-81ff-fbac7fd8f355
        NOTE: 
https://github.com/gpac/gpac/commit/9971fb125cf91cefd081a080c417b90bbe4a467b
 CVE-2023-0357 (Helpy version 2.8.0 allows an unauthenticated remote attacker 
to explo ...)
-       TODO: check
+       NOT-FOR-US: Helpy
 CVE-2023-0356 (SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack 
strong encry ...)
        NOT-FOR-US: SOCOMEC MODULYS GP Netvision
 CVE-2023-0355 (Akuvox E11 uses a hard-coded cryptographic key, which could 
allow an a ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/471d01624ab209d9cb1be9dac5370117d8cfa0e4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/471d01624ab209d9cb1be9dac5370117d8cfa0e4
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to