[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 03 Oct 2023 13:42:47 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
147e0f96 by Salvatore Bonaccorso at 2023-10-03T22:42:11+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
 CVE-2023-5353 (Improper Access Control in GitHub repository 
salesagility/suitecrm pri ...)
-       TODO: check
+       NOT-FOR-US: suitecrm
 CVE-2023-5351 (Cross-site Scripting (XSS) - Stored in GitHub repository 
salesagility/ ...)
-       TODO: check
+       NOT-FOR-US: suitecrm
 CVE-2023-5350 (SQL Injection in GitHub repository salesagility/suitecrm prior 
to 7.14 ...)
-       TODO: check
+       NOT-FOR-US: suitecrm
 CVE-2023-5255 (For certificates that utilize the auto-renew feature in Puppet 
Server, ...)
        TODO: check
 CVE-2023-4929 (All firmware versions of the NPort 5000 Series are affected by 
an impr ...)
-       TODO: check
+       NOT-FOR-US: Moxa
 CVE-2023-4886 (A sensitive information exposure vulnerability was found in 
foreman. C ...)
        TODO: check
 CVE-2023-4885 (Man in the Middle vulnerability, which could allow an attacker 
to inte ...)
@@ -43,33 +43,33 @@ CVE-2023-4098 (It has been identified that the web 
application does not correctl
 CVE-2023-4097 (The file upload functionality is not implemented correctly and 
allows  ...)
        TODO: check
 CVE-2023-43976 (An issue in CatoNetworks CatoClient before v.5.4.0 allows 
attackers to ...)
-       TODO: check
+       NOT-FOR-US: CatoNetworks CatoClient
 CVE-2023-42508 (JFrog Artifactory prior to version 7.66.0 is vulnerable to 
specific en ...)
-       TODO: check
+       NOT-FOR-US: JFrog Artifactory
 CVE-2023-41693 (Cross-Site Request Forgery (CSRF) vulnerability in 
edward_plainview My ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-41244 (Cross-Site Request Forgery (CSRF) vulnerability in Buildfail 
Localize  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-40830 (Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the 
Index p ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2023-40558 (Cross-Site Request Forgery (CSRF) vulnerability in eMarket 
Design YouT ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-40212 (Cross-Site Request Forgery (CSRF) vulnerability in theDotstore 
Product ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-40210 (Cross-Site Request Forgery (CSRF) vulnerability in Sean Barton 
(Tortoi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-40202 (Cross-Site Request Forgery (CSRF) vulnerability in Hannes 
Etzelstorfer ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-40201 (Cross-Site Request Forgery (CSRF) vulnerability inFuturioWP 
Futurio Ex ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-40199 (Cross-Site Request Forgery (CSRF) vulnerability in CRUDLab WP 
Like But ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-40198 (Cross-Site Request Forgery (CSRF) vulnerability in Antsanchez 
Easy Coo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-40009 (Cross-Site Request Forgery (CSRF) vulnerability in ThimPress 
WP Pipes  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-3654 (cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, 
Entwic ...)
-       TODO: check
+       NOT-FOR-US: cashIT!
 CVE-2023-3350 (A Cryptographic Issue vulnerability has been found on 
IBERMATICA RPS,  ...)
        TODO: check
 CVE-2023-3349 (Information exposure vulnerability in IBERMATICA RPS 2019, 
which explo ...)
@@ -77,37 +77,37 @@ CVE-2023-3349 (Information exposure vulnerability in 
IBERMATICA RPS 2019, which
 CVE-2023-3196 (This vulnerability could allow an attacker to store a malicious 
JavaSc ...)
        TODO: check
 CVE-2023-39989 (Cross-Site Request Forgery (CSRF) vulnerability in 99robots 
Header Foo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-39923 (Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme 
The Pos ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-39917 (Cross-Site Request Forgery (CSRF) vulnerability in Photo 
Gallery Team  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-39165 (Cross-Site Request Forgery (CSRF) vulnerability in Fetch 
Designs Sign- ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-39159 (Cross-Site Request Forgery (CSRF) vulnerability in theDotstore 
Fraud P ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-39158 (Cross-Site Request Forgery (CSRF) vulnerability in theDotstore 
Banner  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-38398 (Cross-Site Request Forgery (CSRF) vulnerability in Taboola 
plugin <=2. ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-38396 (Cross-Site Request Forgery (CSRF) vulnerability in Alain 
Gonzalez plug ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-38390 (Cross-Site Request Forgery (CSRF) vulnerability in Anshul Labs 
Mobile  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-38381 (Cross-Site Request Forgery (CSRF) vulnerability in Cyle Conoly 
WP-FlyB ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-37998 (Cross-Site Request Forgery (CSRF) vulnerability in Saas 
Disabler plugi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-37996 (Cross-Site Request Forgery (CSRF) vulnerability in GTmetrix 
GTmetrix f ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-37992 (Cross-Site Request Forgery (CSRF) vulnerability in PressPage 
Entertain ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-37991 (Cross-Site Request Forgery (CSRF) vulnerability in 
Monchito.Net WP Emo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-37990 (Cross-Site Request Forgery (CSRF) vulnerability in Mike 
Perelink Pro p ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-37891 (Cross-Site Request Forgery (CSRF) vulnerability in OptiMonk 
OptiMonk:  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-34970 (A local non-privileged user can make improper GPU processing 
operation ...)
        TODO: check
 CVE-2023-33200 (A local non-privileged user can make improper GPU processing 
operation ...)
@@ -125,9 +125,9 @@ CVE-2023-32670 (Cross-Site Scripting vulnerability   in 
BuddyBoss 2.2.9 version
 CVE-2023-32669 (Authorization bypass vulnerability in BuddyBoss 2.2.9 version, 
the exp ...)
        TODO: check
 CVE-2023-32091 (Cross-Site Request Forgery (CSRF) vulnerability in POEditor 
plugin <=0 ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-2830 (Cross-Site Request Forgery (CSRF) vulnerability in 
Trustindex.Io WP Te ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-2681 (An SQL Injection vulnerability has been found on Jorani version 
1.0.0. ...)
        TODO: check
 CVE-2023-2544 (Authorization bypass vulnerability in UPV PEIX, affecting the 
componen ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/147e0f962617b4a6628b58580a28f122c2cc21ae

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/147e0f962617b4a6628b58580a28f122c2cc21ae
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to