[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d17e0d12 by Salvatore Bonaccorso at 2023-06-20T22:36:16+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,41 +1,41 @@
 CVE-2023-3340 (A vulnerability was found in SourceCodester Online School Fees 
System  ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Online School Fees System
 CVE-2023-3337 (A vulnerability was found in PuneethReddyHC Online Shopping 
System Adv ...)
-       TODO: check
+       NOT-FOR-US: PuneethReddyHC Online Shopping System Advanced
 CVE-2023-3220 (An issue was discovered in the Linux kernel through 6.1-rc8. 
dpu_crtc_ ...)
        TODO: check
 CVE-2023-35885 (CloudPanel 2 before 2.3.1 has insecure file-manager cookie 
authenticat ...)
-       TODO: check
+       NOT-FOR-US: CloudPanel
 CVE-2023-35854 (Zoho ManageEngine ADSelfService Plus through 6113 has an 
authenticatio ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine
 CVE-2023-35166 (XWiki Platform is a generic wiki platform offering runtime 
services fo ...)
-       TODO: check
+       NOT-FOR-US: XWiki
 CVE-2023-35098 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
John Bri ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-35097 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Internet ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-35095 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Flot ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-34600 (Adiscon LogAnalyzer v4.1.13 and before is vulnerable to SQL 
Injection.)
-       TODO: check
+       NOT-FOR-US: Adiscon LogAnalyzer
 CVE-2023-34597 (A vulnerability in Fibaro Motion Sensor firmware v3.4 allows 
attackers ...)
-       TODO: check
+       NOT-FOR-US: Fibaro Motion Sensor firmware
 CVE-2023-34596 (A vulnerability in Aeotec WallMote Switch firmware v2.3 allows 
attacke ...)
-       TODO: check
+       NOT-FOR-US: Aeotec WallMote Switch firmware
 CVE-2023-34563 (netgear R6250 Firmware Version 1.0.4.48 is vulnerable to 
Buffer Overfl ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2023-34541 (Langchain 0.0.171 is vulnerable to Arbitrary code execution in 
load_pr ...)
        TODO: check
 CVE-2023-33869 (Enphase Envoy versions D7.0.88 is vulnerable to a command 
injection ex ...)
        TODO: check
 CVE-2023-33495 (Craft CMS through 4.4.9 is vulnerable to HTML Injection.)
-       TODO: check
+       NOT-FOR-US: Craft CMS
 CVE-2023-32274 (Enphase Installer Toolkit versions 3.27.0 has hard coded 
credentials e ...)
        TODO: check
 CVE-2023-2533 (A Cross-Site Request Forgery (CSRF) vulnerability has been 
identified  ...)
-       TODO: check
+       NOT-FOR-US: PaperCut
 CVE-2023-2400 (Improper deletion of resource in the user management feature in 
Devolu ...)
-       TODO: check
+       NOT-FOR-US: Devolutions Server
 CVE-2023-3325 (The CMS Commander plugin for WordPress is vulnerable to 
authorization  ...)
        NOT-FOR-US: CMS Commander plugin for WordPress
 CVE-2023-3320 (The WP Sticky Social  plugin for WordPress is vulnerable to 
Cross-Site ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d17e0d129d3768642e8228ebd911f277e659ddd9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d17e0d129d3768642e8228ebd911f277e659ddd9
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits