[Git][security-tracker-team/security-tracker][master] Process NFUs

Fri, 10 Nov 2023 00:19:56 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
592d92ef by Salvatore Bonaccorso at 2023-11-10T09:19:17+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,63 +1,63 @@
 CVE-2023-6073 (Attacker can perform a Denial of Service attack to crash the 
ICAS 3 IV ...)
-       TODO: check
+       NOT-FOR-US: Volkswagen
 CVE-2023-6069 (Improper Input Validation in GitHub repository froxlor/froxlor 
prior t ...)
        - froxlor <itp> (bug #581792)
 CVE-2023-5954 (HashiCorp Vault and Vault Enterprise inbound client requests 
triggerin ...)
-       TODO: check
+       NOT-FOR-US: HashiCorp Vault
 CVE-2023-4379 (An issue has been discovered in GitLab EE affecting all 
versions start ...)
        TODO: check
 CVE-2023-47800 (Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a 
default pass ...)
-       TODO: check
+       NOT-FOR-US: Natus NeuroWorks and SleepWorks
 CVE-2023-47246 (In SysAid On-Premise before 23.3.36, a path traversal 
vulnerability le ...)
-       TODO: check
+       NOT-FOR-US: SysAid
 CVE-2023-46729 (sentry-javascript provides Sentry SDKs for JavaScript. An 
unsanitized  ...)
        TODO: check
 CVE-2023-45167 (IBM AIX's 7.3 Python implementation could allow a 
non-privileged local ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2023-39796 (SQL injection vulnerability in the miniform module in WBCE CMS 
v.1.6.0 ...)
-       TODO: check
+       NOT-FOR-US: WBCE CMS
 CVE-2023-36024 (Microsoft Edge (Chromium-based) Elevation of Privilege 
Vulnerability)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2023-36014 (Microsoft Edge (Chromium-based) Remote Code Execution 
Vulnerability)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2023-34031 (Cross-Site Request Forgery (CSRF) vulnerability in Pascal 
Casier bbPre ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-34025 (Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS 
Hide Login  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-34024 (Cross-Site Request Forgery (CSRF) vulnerability in Guillemant 
David WP ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-32794 (Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce 
Product ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-32745 (Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce 
Automat ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-32744 (Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce 
Product ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-32739 (Cross-Site Request Forgery (CSRF) vulnerability in Web_Trendy 
WP Custo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-32602 (Cross-Site Request Forgery (CSRF) vulnerability in LOKALYZE 
CALL ME NO ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-32594 (Cross-Site Request Forgery (CSRF) vulnerability in Benedict 
B., Maciej ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-32592 (Cross-Site Request Forgery (CSRF) vulnerability in Palasthotel 
by Edwa ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-32587 (Cross-Site Request Forgery (CSRF) vulnerability in WP 
Reactions, LLC W ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-32579 (Cross-Site Request Forgery (CSRF) vulnerability in Designs & 
Code Forg ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-32512 (Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel 
ShortPix ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-32502 (Cross-Site Request Forgery (CSRF) vulnerability in Sybre 
Waaijer Pro M ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-32501 (Cross-Site Request Forgery (CSRF) vulnerability in E4J s.R.L. 
VikBooki ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-32500 (Cross-Site Request Forgery (CSRF) vulnerability in xtemos 
WoodMart - M ...)
-       TODO: check
+       NOT-FOR-US: WordPress Theme
 CVE-2023-32125 (Cross-Site Request Forgery (CSRF) vulnerability in Daniel 
Powney Multi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-32093 (Cross-Site Request Forgery (CSRF) vulnerability in Criss Swaim 
TPG Red ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-32092 (Cross-Site Request Forgery (CSRF) vulnerability in PeepSo 
Community by ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-6054 (A vulnerability, which was classified as critical, was found in 
Tongda ...)
        NOT-FOR-US: Tongda OA
 CVE-2023-6053 (A vulnerability, which was classified as critical, has been 
found in T ...)
@@ -25796,7 +25796,7 @@ CVE-2023-31237
 CVE-2023-31236 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in unFo ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-31235 (Cross-Site Request Forgery (CSRF) vulnerability in Roland 
Barker, xnau ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-31234
        RESERVED
 CVE-2023-31233 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Haoq ...)
@@ -26301,7 +26301,7 @@ CVE-2023-31095
 CVE-2023-31094 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Lauri Ka ...)
        NOT-FOR-US: WooCommerce plugin
 CVE-2023-31093 (Cross-Site Request Forgery (CSRF) vulnerability in Chronosly 
Chronosly ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-31092
        RESERVED
 CVE-2023-31091 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Prad ...)
@@ -26311,11 +26311,11 @@ CVE-2023-31090
 CVE-2023-31089
        RESERVED
 CVE-2023-31088 (Cross-Site Request Forgery (CSRF) vulnerability in Faraz Quazi 
Floatin ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-31087 (Cross-Site Request Forgery (CSRF) vulnerability in JoomSky JS 
Job Mana ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-31086 (Cross-Site Request Forgery (CSRF) vulnerability in Igor Benic 
Simple G ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-31085 (An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux 
kernel  ...)
        - linux <unfixed> (unimportant)
        NOTE: 
https://lore.kernel.org/all/[email protected]/
@@ -29566,7 +29566,7 @@ CVE-2023-29977
 CVE-2023-29976
        RESERVED
 CVE-2023-29975 (An issue discovered in Pfsense CE version 2.6.0 allows 
attackers to ch ...)
-       TODO: check
+       NOT-FOR-US: Pfsense CE
 CVE-2023-29974 (An issue discovered in Pfsense CE version 2.6.0 allows 
attackers to co ...)
        NOT-FOR-US: Pfsense CE
 CVE-2023-29973 (Pfsense CE version 2.6.0 is vulnerable to No rate limit which 
can lead ...)
@@ -375018,7 +375018,7 @@ CVE-2018-8865 (In Lantech IDS 2102 2.0 and prior, a 
stack-based buffer overflow
 CVE-2018-8864 (In ATI Systems Emergency Mass Notification Systems (HPSS16, 
HPSS32, MH ...)
        NOT-FOR-US: ATI Systems Emergency Mass Notification Systems devices
 CVE-2018-8863 (The HTTP header in Philips EncoreAnywhere contains data an 
attacker ma ...)
-       TODO: check
+       NOT-FOR-US: Philips EncoreAnywhere
 CVE-2018-8862 (In ATI Systems Emergency Mass Notification Systems (HPSS16, 
HPSS32, MH ...)
        NOT-FOR-US: ATI Systems Emergency Mass Notification Systems devices
 CVE-2018-8861 (Vulnerabilities within the Philips Brilliance CT kiosk 
environment (Br ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/592d92efa60c5097a54a5106abcc9a9123728b45

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/592d92efa60c5097a54a5106abcc9a9123728b45
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to