Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9cd4d5a7 by Salvatore Bonaccorso at 2023-06-05T22:43:51+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
CVE-2023-3109 (Cross-site Scripting (XSS) - Stored in GitHub repository
admidio/admid ...)
- TODO: check
+ NOT-FOR-US: admidio
CVE-2023-3066 (Incorrect Authorization vulnerability in Mobatime mobile
application A ...)
- TODO: check
+ NOT-FOR-US: Mobatime mobile application
CVE-2023-3065 (Improper Authentication vulnerability in Mobatime mobile
application A ...)
- TODO: check
+ NOT-FOR-US: Mobatime mobile application
CVE-2023-3064 (Anonymous user may get the list of existing users managed by
the appli ...)
- TODO: check
+ NOT-FOR-US: Mobatime mobile application
CVE-2023-34097 (hoppscotch is an open source API development ecosystem. In
versions pr ...)
TODO: check
CVE-2023-33970 (Kanboard is open source project management software that
focuses on th ...)
@@ -27,19 +27,19 @@ CVE-2023-33956 (Kanboard is open source project management
software that focuses
CVE-2023-33733 (Reportlab up to v3.6.12 allows attackers to execute arbitrary
code via ...)
TODO: check
CVE-2023-33693 (A buffer overflow in EasyPlayerPro-Win v3.2.19.0106 to
v3.6.19.0823 al ...)
- TODO: check
+ NOT-FOR-US: EasyPlayerPro-Win
CVE-2023-33690 (SonicJS up to v0.7.0 allows attackers to execute an
authenticated path ...)
- TODO: check
+ NOT-FOR-US: SonicJS
CVE-2023-33524 (Advent/SSC Inc. Tamale RMS < 23.1 is vulnerable to Directory
Traversal ...)
- TODO: check
+ NOT-FOR-US: Advent/SSC Inc. Tamale RMS
CVE-2023-33518 (emoncms v11 and later was discovered to contain an information
disclos ...)
- TODO: check
+ NOT-FOR-US: emoncms
CVE-2023-33386 (MarsCTF 1.2.1 has an arbitrary file upload vulnerability in
the interf ...)
- TODO: check
+ NOT-FOR-US: MarsCTF
CVE-2023-32766 (Gitpod before 2022.11.3 allows XSS because redirection can
occur for s ...)
TODO: check
CVE-2023-31893 (Telefnica Brasil Vivo Play (IPTV) Firmware:
2023.04.04.01.06.15 is vul ...)
- TODO: check
+ NOT-FOR-US: Telefnica Brasil Vivo Play (IPTV) Firmware
CVE-2023-2634 (The Get your number WordPress plugin through 1.1.3 does not
sanitise a ...)
NOT-FOR-US: WordPress plugin
CVE-2023-2572 (The Survey Maker WordPress plugin before 3.4.7 does not escape
some pa ...)
@@ -59,11 +59,11 @@ CVE-2023-2337 (The ConvertKit WordPress plugin before 2.2.1
does not escape a pa
CVE-2022-4946 (The Frontend Post WordPress Plugin WordPress plugin through
2.8.4 does ...)
NOT-FOR-US: WordPress plugin
CVE-2015-10115 (A vulnerability, which was classified as problematic, was
found in Woo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2015-10114 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2015-10113 (A vulnerability classified as problematic was found in
WooFramework Tw ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-3100 (A vulnerability, which was classified as critical, has been
found in I ...)
TODO: check
CVE-2023-3099 (A vulnerability classified as critical was found in KylinSoft
youker-a ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9cd4d5a73093d92221ad687a8c3ebbdd0f5e9cfc
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9cd4d5a73093d92221ad687a8c3ebbdd0f5e9cfc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
