[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Fri, 07 Jul 2023 13:57:24 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
6e85c774 by Moritz Muehlenhoff at 2023-07-07T22:53:27+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,79 +1,79 @@
 CVE-2023-3544 (A vulnerability was found in GZ Scripts Time Slot Booking 
Calendar PHP ...)
-       TODO: check
+       NOT-FOR-US: GZ Scripts
 CVE-2023-3543 (A vulnerability was found in GZ Scripts Availability Booking 
Calendar  ...)
-       TODO: check
+       NOT-FOR-US: GZ Scripts
 CVE-2023-3542 (A vulnerability was found in ThinuTech ThinuCMS 1.5 and 
classified as  ...)
-       TODO: check
+       NOT-FOR-US: ThinuCMS
 CVE-2023-3541 (A vulnerability has been found in ThinuTech ThinuCMS 1.5 and 
classifie ...)
-       TODO: check
+       NOT-FOR-US: ThinuCMS
 CVE-2023-3540 (A vulnerability, which was classified as problematic, was found 
in Sim ...)
-       TODO: check
+       NOT-FOR-US: SimplePHPscripts
 CVE-2023-3539 (A vulnerability, which was classified as problematic, has been 
found i ...)
-       TODO: check
+       NOT-FOR-US: SimplePHPscripts
 CVE-2023-3538 (A vulnerability classified as problematic was found in 
SimplePHPscript ...)
-       TODO: check
+       NOT-FOR-US: SimplePHPscripts
 CVE-2023-3537 (A vulnerability classified as problematic has been found in 
SimplePHPs ...)
-       TODO: check
+       NOT-FOR-US: SimplePHPscripts
 CVE-2023-3536 (A vulnerability was found in SimplePHPscripts Funeral Script 
PHP 3.1.  ...)
-       TODO: check
+       NOT-FOR-US: SimplePHPscripts
 CVE-2023-3535 (A vulnerability was found in SimplePHPscripts FAQ Script PHP 
2.3. It h ...)
-       TODO: check
+       NOT-FOR-US: SimplePHPscripts
 CVE-2023-3534 (A vulnerability was found in SourceCodester Shopping Website 
1.0. It h ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2023-37308 (Zoho ManageEngine ADAudit Plus before 7100 allows XSS via the 
username ...)
-       TODO: check
+       NOT-FOR-US: Zoho
 CVE-2023-37264 (Tekton Pipelines project provides k8s-style resources for 
declaring CI ...)
-       TODO: check
+       NOT-FOR-US: Tekton Pipelines
 CVE-2023-37173 (TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to 
contain a co ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2023-37172 (TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to 
contain a co ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2023-37171 (TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to 
contain a co ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2023-37170 (TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to 
contain an u ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2023-37149 (TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to 
contain a comm ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2023-37148 (TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to 
contain a comm ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2023-37146 (TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to 
contain a comm ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2023-37145 (TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to 
contain a comm ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2023-37144 (Tenda AC10 v15.03.06.26 was discovered to contain a command 
injection  ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2023-37067 (Chamilo 1.11.x up to 1.11.20 allows users with admin privilege 
account ...)
-       TODO: check
+       NOT-FOR-US: Chamilo LMS
 CVE-2023-37066 (Chamilo 1.11.x up to 1.11.20 allows users with admin privilege 
account ...)
-       TODO: check
+       NOT-FOR-US: Chamilo LMS
 CVE-2023-37065 (Chamilo 1.11.x up to 1.11.20 allows users with admin privilege 
account ...)
-       TODO: check
+       NOT-FOR-US: Chamilo LMS
 CVE-2023-37064 (Chamilo 1.11.x up to 1.11.20 allows users with admin privilege 
account ...)
-       TODO: check
+       NOT-FOR-US: Chamilo LMS
 CVE-2023-37063 (Chamilo 1.11.x up to 1.11.20 allows users with admin privilege 
account ...)
-       TODO: check
+       NOT-FOR-US: Chamilo LMS
 CVE-2023-37062 (Chamilo 1.11.x up to 1.11.20 allows users with admin privilege 
account ...)
-       TODO: check
+       NOT-FOR-US: Chamilo LMS
 CVE-2023-37061 (Chamilo 1.11.x up to 1.11.20 allows users with an admin 
privilege acco ...)
-       TODO: check
+       NOT-FOR-US: Chamilo LMS
 CVE-2023-36994 (In TravianZ 8.3.4 and 8.3.3, Incorrect Access Control in the 
installat ...)
-       TODO: check
+       NOT-FOR-US: TravianZ
 CVE-2023-36993 (The cryptographically insecure random number generator being 
used in T ...)
-       TODO: check
+       NOT-FOR-US: TravianZ
 CVE-2023-36992 (PHP injection in TravianZ 8.3.4 and 8.3.3 in the config editor 
in the  ...)
-       TODO: check
+       NOT-FOR-US: TravianZ
 CVE-2023-36256 (The Online Examination System Project 1.0 version is 
vulnerable to Cro ...)
-       TODO: check
+       NOT-FOR-US: Online Examination System Project
 CVE-2023-36201 (An issue in JerryscriptProject jerryscript v.3.0.0 allows an 
attacker  ...)
        TODO: check
 CVE-2023-34197 (Zoho ManageEngine ServiceDesk Plus before 14202, ServiceDesk 
Plus MSP  ...)
-       TODO: check
+       NOT-FOR-US: Zoho
 CVE-2023-33715 (A buffer overflow in ACDSee Free v2.0.2.227 allows attackers 
to cause  ...)
-       TODO: check
+       NOT-FOR-US: ACDSee
 CVE-2023-33664 (ai-dev aicombinationsonfly before v0.3.1 was discovered to 
contain a S ...)
-       TODO: check
+       NOT-FOR-US: ai-dev aicombinationsonfly
 CVE-2023-32183 (Incorrect Default Permissions vulnerability in the openSUSE 
Tumbleweed ...)
-       TODO: check
+       NOT-FOR-US: hawk2 as packaged by SuSE
 CVE-2023-34442
        NOT-FOR-US: Apache Camel JIRA
 CVE-2023-35887
@@ -10321,7 +10321,7 @@ CVE-2023-30000
 CVE-2023-29999
        RESERVED
 CVE-2023-29998 (A Cross-site scripting (XSS) vulnerability in the content 
editor in Gi ...)
-       TODO: check
+       NOT-FOR-US: Gis3W g3w-suite
 CVE-2023-29997
        RESERVED
 CVE-2023-29996 (In NanoMQ v0.15.0-0, segment fault with Null Pointer 
Dereference occur ...)
@@ -17564,7 +17564,7 @@ CVE-2023-27847 (SQL injection vulnerability found in 
PrestaShop xipblog v.2.0.1
 CVE-2023-27846
        RESERVED
 CVE-2023-27845 (SQL injection vulnerability found in PrestaShop lekerawen_ocs 
before v ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop
 CVE-2023-27844 (SQL injection vulnerability found in PrestaShopleurlrewrite 
v.1.0 and  ...)
        NOT-FOR-US: PrestaShop
 CVE-2023-27843 (SQL injection vulnerability found in PrestaShop askforaquote 
v.5.4.2 a ...)
@@ -24979,7 +24979,7 @@ CVE-2023-25203
 CVE-2023-25202
        RESERVED
 CVE-2023-25201 (Cross Site Request Forgery (CSRF) vulnerability in MultiTech 
Conduit A ...)
-       TODO: check
+       NOT-FOR-US: MultiTech Conduit AP MTCAP2-L4E1
 CVE-2023-25200
        RESERVED
 CVE-2023-25199



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e85c774fc3ae68703ff6e3a578680f4db2fdefb

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e85c774fc3ae68703ff6e3a578680f4db2fdefb
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to