[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 04 Aug 2023 02:04:34 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2c75243e by Salvatore Bonaccorso at 2023-08-04T11:03:56+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,55 +7,55 @@ CVE-2023-4140 (The WP Ultimate CSV Importer plugin for 
WordPress is vulnerable t
 CVE-2023-4139 (The WP Ultimate CSV Importer plugin for WordPress is vulnerable 
to Sen ...)
        NOT-FOR-US: WP Ultimate CSV Importer plugin for WordPress
 CVE-2023-3373 (Predictable Exact Value from Previous Values vulnerability in 
Mitsubis ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi
 CVE-2023-39343 (Sulu is an open-source PHP content management system based on 
the Symf ...)
        TODO: check
 CVE-2023-38991 (An issue in the delete function in the ActModelController 
class of jee ...)
-       TODO: check
+       NOT-FOR-US: jeesite
 CVE-2023-38952 (Insecure access control in ZKTeco BioTime v8.5.5 allows 
unauthenticate ...)
-       TODO: check
+       NOT-FOR-US: ZKTeco BioTime
 CVE-2023-38951 (A path traversal vulnerability in ZKTeco BioTime v8.5.5 allows 
attacke ...)
-       TODO: check
+       NOT-FOR-US: ZKTeco BioTime
 CVE-2023-38950 (A path traversal vulnerability in the iclock API of ZKTeco 
BioTime v8. ...)
-       TODO: check
+       NOT-FOR-US: ZKTeco BioTime
 CVE-2023-38949 (An issue in a hidden API in ZKTeco BioTime v8.5.5 allows 
unauthenticat ...)
-       TODO: check
+       NOT-FOR-US: ZKTeco BioTime
 CVE-2023-38941 (django-sspanel v2022.2.2 was discovered to contain a remote 
command ex ...)
        TODO: check
 CVE-2023-38708 (Pimcore is an Open Source Data & Experience Management 
Platform: PIM,  ...)
-       TODO: check
+       NOT-FOR-US: Pimcore
 CVE-2023-37501 (A Persistent XSS vulnerability can be carried out in a certain 
field o ...)
-       TODO: check
+       NOT-FOR-US: Unica Campaign
 CVE-2023-37500 (A Persistent Cross-site Scripting (XSS) vulnerability can be 
carried o ...)
-       TODO: check
+       NOT-FOR-US: Unica Platform
 CVE-2023-37499 (A Persistent Cross-site Scripting (XSS) vulnerability can be 
carried o ...)
-       TODO: check
+       NOT-FOR-US: Unica Platform
 CVE-2023-37498 (A user is capable of assigning him/herself to arbitrary groups 
by reus ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2023-37497 (The Unica application exposes an API which accepts arbitrary 
XML input ...)
-       TODO: check
+       NOT-FOR-US: Unica application
 CVE-2023-36159 (Cross Site Scripting (XSS) vulnerability in sourcecodester 
Lost and Fo ...)
-       TODO: check
+       NOT-FOR-US: Sourcecodester Lost and Found Information System
 CVE-2023-36158 (Cross Site Scripting (XSS) vulnerability in sourcecodester 
Toll Tax Ma ...)
-       TODO: check
+       NOT-FOR-US: sourcecodester Toll Tax Management System
 CVE-2023-36141 (User enumeration is found in in PHPJabbers Cleaning Business 
Software  ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers
 CVE-2023-36139 (In PHPJabbers Cleaning Business Software 1.0, lack of 
verification whe ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers
 CVE-2023-36138 (PHPJabbers Cleaning Business Software 1.0 is vulnerable to 
Cross Site  ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers
 CVE-2023-36137 (There is a Cross Site Scripting (XSS) vulnerability in the 
"theme" par ...)
        TODO: check
 CVE-2023-36135 (User enumeration is found in in PHPJabbers Class Scheduling 
System v1. ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers
 CVE-2023-36134 (In PHP Jabbers Class Scheduling System 1.0, lack of 
verification when  ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers
 CVE-2023-36133 (PHPJabbers Availability Booking Calendar 5.0 is vulnerable to 
User Acc ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers
 CVE-2023-36132 (PHP Jabbers Availability Booking Calendar 5.0 is vulnerable to 
Incorre ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers
 CVE-2023-36131 (PHPJabbers Availability Booking Calendar 5.0 is vulnerable to 
Incorrec ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers
 CVE-2023-33665 (ai-dev aitable before v0.2.2 was discovered to contain a SQL 
injection ...)
        TODO: check
 CVE-2023-38497 [Cargo does not respect umask when extracting packages]



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c75243ebb0af58ef9e32dc2db922335480b571f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c75243ebb0af58ef9e32dc2db922335480b571f
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to