[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) Sat, 30 Sep 2023 01:44:41 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
86feeac3 by Salvatore Bonaccorso at 2023-09-30T10:42:35+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,51 +1,51 @@
 CVE-2023-5320 (Cross-site Scripting (XSS) - DOM in GitHub repository 
thorsten/phpmyfa ...)
-       TODO: check
+       NOT-FOR-US: phpmyfaq
 CVE-2023-5319 (Cross-site Scripting (XSS) - Stored in GitHub repository 
thorsten/phpm ...)
-       TODO: check
+       NOT-FOR-US: phpmyfaq
 CVE-2023-5318 (Use of Hard-coded Credentials in GitHub repository 
microweber/microweb ...)
-       TODO: check
+       NOT-FOR-US: microweber
 CVE-2023-5317 (Cross-site Scripting (XSS) - Stored in GitHub repository 
thorsten/phpm ...)
-       TODO: check
+       NOT-FOR-US: phpmyfaq
 CVE-2023-5316 (Cross-site Scripting (XSS) - DOM in GitHub repository 
thorsten/phpmyfa ...)
-       TODO: check
+       NOT-FOR-US: phpmyfaq
 CVE-2023-5298 (A vulnerability was found in Tongda OA 2017. It has been rated 
as crit ...)
-       TODO: check
+       NOT-FOR-US: Tongda OA
 CVE-2023-5297 (A vulnerability was found in Xinhu RockOA 2.3.2. It has been 
classifie ...)
-       TODO: check
+       NOT-FOR-US: Xinhu RockOA
 CVE-2023-5296 (A vulnerability was found in Xinhu RockOA 1.1/2.3.2/15.X3amdi 
and clas ...)
-       TODO: check
+       NOT-FOR-US: Xinhu RockOA
 CVE-2023-5295 (The Blog Filter plugin for WordPress is vulnerable to Stored 
Cross-Sit ...)
-       TODO: check
+       NOT-FOR-US: Blog Filter plugin for WordPress
 CVE-2023-5294 (A vulnerability has been found in ECshop 4.1.1 and classified 
as criti ...)
-       TODO: check
+       NOT-FOR-US: ECshop
 CVE-2023-5293 (A vulnerability, which was classified as critical, was found in 
ECshop ...)
-       TODO: check
+       NOT-FOR-US: ECshop
 CVE-2023-5227 (Unrestricted Upload of File with Dangerous Type in GitHub 
repository t ...)
-       TODO: check
+       NOT-FOR-US: phpmyfaq
 CVE-2023-5201 (The OpenHook plugin for WordPress is vulnerable to Remote Code 
Executi ...)
-       TODO: check
+       NOT-FOR-US: OpenHook plugin for WordPress
 CVE-2023-44270 (An issue was discovered in PostCSS before 8.4.31. It affects 
linters u ...)
        TODO: check
 CVE-2023-43711 (Os Commerce is currently susceptible to a Cross-Site Scripting 
(XSS) v ...)
-       TODO: check
+       NOT-FOR-US: Os Commerce
 CVE-2023-43710 (Os Commerce is currently susceptible to a Cross-Site Scripting 
(XSS) v ...)
-       TODO: check
+       NOT-FOR-US: Os Commerce
 CVE-2023-43709 (Os Commerce is currently susceptible to a Cross-Site Scripting 
(XSS) v ...)
-       TODO: check
+       NOT-FOR-US: Os Commerce
 CVE-2023-43708 (Os Commerce is currently susceptible to a Cross-Site Scripting 
(XSS) v ...)
-       TODO: check
+       NOT-FOR-US: Os Commerce
 CVE-2023-43707 (Os Commerce is currently susceptible to a Cross-Site Scripting 
(XSS) v ...)
-       TODO: check
+       NOT-FOR-US: Os Commerce
 CVE-2023-43706 (Os Commerce is currently susceptible to a Cross-Site Scripting 
(XSS) v ...)
-       TODO: check
+       NOT-FOR-US: Os Commerce
 CVE-2023-43705 (Os Commerce is currently susceptible to a Cross-Site Scripting 
(XSS) v ...)
-       TODO: check
+       NOT-FOR-US: Os Commerce
 CVE-2023-43704 (Os Commerce is currently susceptible to a Cross-Site Scripting 
(XSS) v ...)
-       TODO: check
+       NOT-FOR-US: Os Commerce
 CVE-2023-43703 (Os Commerce is currently susceptible to a Cross-Site Scripting 
(XSS) v ...)
-       TODO: check
+       NOT-FOR-US: Os Commerce
 CVE-2023-43702 (Os Commerce is currently susceptible to a Cross-Site Scripting 
(XSS) v ...)
-       TODO: check
+       NOT-FOR-US: Os Commerce
 CVE-2023-5289 (Allocation of Resources Without Limits or Throttling in GitHub 
reposit ...)
        - rdiffweb <itp> (bug #969974)
 CVE-2023-5288 (A remote unauthorized attacker may connect to the SIM1012, 
interact wi ...)
@@ -107,7 +107,7 @@ CVE-2023-5259 (A vulnerability classified as problematic 
was found in ForU CMS.
 CVE-2023-5258 (A vulnerability classified as critical has been found in 
OpenRapid Rap ...)
        NOT-FOR-US: OpenRapid RapidCMS
 CVE-2023-5257 (A vulnerability was found in WhiteHSBG JNDIExploit 1.4 on 
Windows. It  ...)
-       TODO: check
+       NOT-FOR-US: WhiteHSBG JNDIExploit
 CVE-2023-5196 (Mattermost fails to enforce character limits in all possible 
notificat ...)
        TODO: check
 CVE-2023-5195 (Mattermost fails to properly validate the permissions when soft 
deleti ...)
@@ -119,29 +119,29 @@ CVE-2023-5193 (Mattermost fails to properly check 
permissions when retrieving a
 CVE-2023-5159 (Mattermost fails to properly verify the permissions when 
managing/upda ...)
        TODO: check
 CVE-2023-43944 (A Stored Cross Site Scripting (XSS) vulnerability was found in 
SourceC ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Task Management System
 CVE-2023-43909 (Hospital Management System thru commit 4770d was discovered to 
contain ...)
-       TODO: check
+       NOT-FOR-US: Hospital Management System
 CVE-2023-43655 (Composer is a dependency manager for PHP. Users publishing a 
composer. ...)
        TODO: check
 CVE-2023-41691 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Pensopay ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-41687 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) 
vulnerability i ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-41666 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) 
vulnerability i ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-41663 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Giovamba ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-41662 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Ulf Benj ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-41661 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Pres ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-41658 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
I Thirte ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-41657 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Grou ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-41655 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Andr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-3413 (An issue has been discovered in GitLab affecting all versions 
starting ...)
        TODO: check
 CVE-2023-3024 (Forcing the Bluetooth LE stack to segment 'prepare write 
response' pac ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/86feeac3c29c30ae7bb376cdc48ac09b62d93590

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/86feeac3c29c30ae7bb376cdc48ac09b62d93590
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to