[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 03 Nov 2023 13:23:05 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
8823299e by Salvatore Bonaccorso at 2023-11-03T21:22:32+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,47 +1,47 @@
 CVE-2023-5946 (The Digirisk plugin for WordPress is vulnerable to Reflected 
Cross-Sit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-5945 (The video carousel slider with lightbox plugin for WordPress is 
vulner ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-5707 (The SEO Slider plugin for WordPress is vulnerable to Stored 
Cross-Site ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-5088 (A bug in QEMU could cause a guest I/O operation otherwise 
addressed to ...)
        TODO: check
 CVE-2023-4769 (A SSRF vulnerability has been found in ManageEngine Desktop 
Central af ...)
-       TODO: check
+       NOT-FOR-US: ManageEngine Desktop Central
 CVE-2023-4768 (A CRLF injection vulnerability has been found in ManageEngine 
Desktop  ...)
-       TODO: check
+       NOT-FOR-US: ManageEngine Desktop Central
 CVE-2023-4767 (A CRLF injection vulnerability has been found in ManageEngine 
Desktop  ...)
-       TODO: check
+       NOT-FOR-US: ManageEngine Desktop Central
 CVE-2023-4592 (A Cross-Site Scripting vulnerability has been detected in 
WPN-XM Serve ...)
-       TODO: check
+       NOT-FOR-US: WPN-XM Serverstack
 CVE-2023-4591 (A local file inclusion vulnerability has been found in WPN-XM 
Serverst ...)
-       TODO: check
+       NOT-FOR-US: WPN-XM Serverstack
 CVE-2023-4043 (In Eclipse Parsson before versions 1.1.4 and 1.0.5, Parsing 
JSON from  ...)
        TODO: check
 CVE-2023-46980 (An issue in Best Courier Management System v.1.0 allows a 
remote attac ...)
-       TODO: check
+       NOT-FOR-US: Best Courier Management System
 CVE-2023-46947 (Subrion 4.2.1 has a remote command execution vulnerability in 
the back ...)
-       TODO: check
+       NOT-FOR-US: Subrion
 CVE-2023-46404 (PCRS <= 3.11 (d0de1e) \u201cQuestions\u201d page and 
\u201cCode editor ...)
-       TODO: check
+       NOT-FOR-US: PCRS
 CVE-2023-41726 (Ivanti Avalanche Incorrect Default Permissions allows Local 
Privilege  ...)
-       TODO: check
+       NOT-FOR-US: Ivanti
 CVE-2023-41725 (Ivanti Avalanche EnterpriseServer Service Unrestricted File 
Upload Loc ...)
-       TODO: check
+       NOT-FOR-US: Ivanti
 CVE-2023-41652 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: David F. Carr RSVPMaker rsvpmaker
 CVE-2023-3277 (The MStore API plugin for WordPress is vulnerable to 
Unauthorized Acco ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-39301 (A server-side request forgery (SSRF) vulnerability has been 
reported t ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2023-39299 (A path traversal vulnerability has been reported to affect 
Music Stati ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2023-36529 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2023-34383 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: weDevs WP Project Manager wedevs-project-manager
 CVE-2023-34179 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: Groundhogg
 CVE-2023-32508 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
        TODO: check
 CVE-2023-32121 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
@@ -49011,9 +49011,9 @@ CVE-2023-23371 (A cleartext transmission of sensitive 
information vulnerability
 CVE-2023-23370 (An insufficiently protected credentials vulnerability has been 
reporte ...)
        NOT-FOR-US: QNAP
 CVE-2023-23369 (An OS command injection vulnerability has been reported to 
affect seve ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2023-23368 (An OS command injection vulnerability has been reported to 
affect seve ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2023-23367
        RESERVED
 CVE-2023-23366 (A path traversal vulnerability has been reported to affect 
Music Stati ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8823299edb8c68c591fa75ef45ada177110a431b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8823299edb8c68c591fa75ef45ada177110a431b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to