[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Thu, 07 Dec 2023 00:46:49 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
95fe23c0 by Salvatore Bonaccorso at 2023-12-07T09:45:14+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,57 +1,57 @@
 CVE-2023-6568 (Cross-site Scripting (XSS) - Reflected in GitHub repository 
mlflow/mlf ...)
-       TODO: check
+       NOT-FOR-US: mlflow
 CVE-2023-6566 (Business Logic Errors in GitHub repository 
microweber/microweber prior ...)
-       TODO: check
+       NOT-FOR-US: microweber
 CVE-2023-5761 (The Burst Statistics \u2013 Privacy-Friendly Analytics for 
WordPress p ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-5714 (The System Dashboard plugin for WordPress is vulnerable to 
unauthorize ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-5713 (The System Dashboard plugin for WordPress is vulnerable to 
unauthorize ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-5712 (The System Dashboard plugin for WordPress is vulnerable to 
unauthorize ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-5711 (The System Dashboard plugin for WordPress is vulnerable to 
unauthorize ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-5710 (The System Dashboard plugin for WordPress is vulnerable to 
unauthorize ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-49225 (A cross-site-scripting vulnerability exists in Ruckus Access 
Point pro ...)
        TODO: check
 CVE-2023-48861 (DLL hijacking vulnerability in TTplayer version 7.0.2, allows 
local at ...)
        TODO: check
 CVE-2023-48860 (TOTOLINK N300RT version 3.2.4-B20180730.0906 has a 
post-authentication ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2023-48841 (Appointment Scheduler 3.0 is vulnerable to CSV Injection via a 
Languag ...)
-       TODO: check
+       NOT-FOR-US: Appointment Scheduler
 CVE-2023-48840 (A lack of rate limiting in pjActionAjaxSend in Appointment 
Scheduler 3 ...)
-       TODO: check
+       NOT-FOR-US: Appointment Scheduler
 CVE-2023-48839 (Appointment Scheduler 3.0 is vulnerable to Multiple Stored 
Cross-Site  ...)
-       TODO: check
+       NOT-FOR-US: Appointment Scheduler
 CVE-2023-48838 (Appointment Scheduler 3.0 is vulnerable to Multiple HTML 
Injection iss ...)
-       TODO: check
+       NOT-FOR-US: Appointment Scheduler
 CVE-2023-48837 (Car Rental Script 3.0 is vulnerable to Multiple HTML Injection 
issues  ...)
-       TODO: check
+       NOT-FOR-US: Car Rental Script
 CVE-2023-48836 (Car Rental Script 3.0 is vulnerable to Multiple Stored 
Cross-Site Scri ...)
-       TODO: check
+       NOT-FOR-US: Car Rental Script
 CVE-2023-48835 (Car Rental Script v3.0 is vulnerable to CSV Injection via a 
Language > ...)
-       TODO: check
+       NOT-FOR-US: Car Rental Script
 CVE-2023-48834 (A lack of rate limiting in pjActionAjaxSend in Car Rental v3.0 
allows  ...)
-       TODO: check
+       NOT-FOR-US: Car Rental Script
 CVE-2023-48833 (A lack of rate limiting in pjActionAJaxSend in Time Slots 
Booking Cale ...)
-       TODO: check
+       NOT-FOR-US: Time Slots Booking Calendar
 CVE-2023-48831 (A lack of rate limiting in pjActionAJaxSend in Availability 
Booking Ca ...)
-       TODO: check
+       NOT-FOR-US: Availability Booking Calendar
 CVE-2023-48830 (Shuttle Booking Software 2.0 is vulnerable to CSV Injection in 
the Lan ...)
-       TODO: check
+       NOT-FOR-US: Shuttle Booking Software
 CVE-2023-48828 (Time Slots Booking Calendar 4.0 is vulnerable to Multiple 
Stored Cross ...)
-       TODO: check
+       NOT-FOR-US: Time Slots Booking Calendar
 CVE-2023-48827 (Time Slots Booking Calendar 4.0 is vulnerable to Multiple HTML 
Injecti ...)
-       TODO: check
+       NOT-FOR-US: Time Slots Booking Calendar
 CVE-2023-48826 (Time Slots Booking Calendar 4.0 is vulnerable to CSV Injection 
via the ...)
-       TODO: check
+       NOT-FOR-US: Time Slots Booking Calendar
 CVE-2023-48825 (Availability Booking Calendar 5.0 is vulnerable to Multiple 
HTML Injec ...)
-       TODO: check
+       NOT-FOR-US: Availability Booking Calendar
 CVE-2023-48824 (BoidCMS 2.0.1 is vulnerable to Multiple Stored Cross-Site 
Scripting (X ...)
-       TODO: check
+       NOT-FOR-US: BoidCMS
 CVE-2023-48823 (A Blind SQL injection issue in ajax.php in GaatiTrack Courier 
Manageme ...)
        TODO: check
 CVE-2023-48208 (A Cross Site Scripting vulnerability in Availability Booking 
Calendar  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/95fe23c079c534650a0a54691a04de7ec5e06d88

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/95fe23c079c534650a0a54691a04de7ec5e06d88
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to