[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 03 May 2023 13:18:24 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2f919e9a by Salvatore Bonaccorso at 2023-05-03T22:17:46+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1876,21 +1876,21 @@ CVE-2023-2091 (A vulnerability classified as critical 
was found in KylinSoft you
 CVE-2023-2090 (A vulnerability classified as critical has been found in 
SourceCodeste ...)
        NOT-FOR-US: SourceCodester Employee and Visitor Gate Pass Logging System
 CVE-2023-29240 (An authenticated attacker granted a Viewer or Auditor role on 
a BIG-IQ ...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2023-29163 (When UDP profile with idle timeout set to immediate or the 
value 0 is  ...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2023-28742 (When DNS is provisioned, an authenticated remote command 
execution vul ...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2023-28724 (NGINX Management Suite default file permissions are set such 
that an a ...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2023-28656 (NGINX Management Suite may allow an authenticated attacker to 
gain acc ...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2023-28406 (A directory traversal vulnerability exists in an undisclosed 
page of t ...)
        NOT-FOR-US: F5 BIG-IP
 CVE-2023-27378 (Multiple reflected cross-site scripting (XSS) vulnerabilities 
exist in ...)
        NOT-FOR-US: F5 BIG-IP
 CVE-2023-24594 (When an SSL profile is configured on a Virtual Server, 
undisclosed tra ...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2023-24461 (An improper certificate validationvulnerability exists in the 
BIG-IP E ...)
        NOT-FOR-US: F5 BIG-IP
 CVE-2023-22372 (In the pre connection stage, an improper enforcement of 
message integr ...)
@@ -15754,7 +15754,7 @@ CVE-2023-25981
 CVE-2023-25980
        RESERVED
 CVE-2023-25979 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Vide ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-25978
        RESERVED
 CVE-2023-25977
@@ -15778,7 +15778,7 @@ CVE-2023-25969
 CVE-2023-25968 (Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs, 
Madalin ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-25967 (Cross-Site Request Forgery (CSRF) vulnerability in PeepSo 
Community by ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-25966
        RESERVED
 CVE-2023-25965
@@ -16246,11 +16246,11 @@ CVE-2023-25800
 CVE-2023-25799
        RESERVED
 CVE-2023-25798 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) 
vulnerability i ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-25797 (Auth. Stored Cross-Site Scripting (XSS) vulnerability in 
Mr.Vibe vSlid ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-25796 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Incl ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-25795 (Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in 
WP-master.I ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-25794 (Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in 
Mighty Digi ...)
@@ -16258,25 +16258,25 @@ CVE-2023-25794 (Auth. (admin+) Cross-Site Scripting 
(XSS) vulnerability in Might
 CVE-2023-25793 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Geor ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-25792 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Xiao ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-25791
        RESERVED
 CVE-2023-25790
        RESERVED
 CVE-2023-25789 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Tapf ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-25788
        RESERVED
 CVE-2023-25787 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Wbol ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-25786 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Thom ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-25785
        RESERVED
 CVE-2023-25784 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Bon  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-25783 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Alex ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-25782 (Auth. (admin+) vulnerability in Second2none Service Area 
Postcode Chec ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-25781
@@ -21929,7 +21929,7 @@ CVE-2023-23883
 CVE-2023-23882
        RESERVED
 CVE-2023-23881 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Gree ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-23880
        RESERVED
 CVE-2023-23879 (Cross-Site Request Forgery (CSRF) vulnerability in Nicolas Zeh 
PHP Exe ...)
@@ -21939,11 +21939,11 @@ CVE-2023-23878 (Auth. (editor+) Stored Cross-Site 
Scripting (XSS) vulnerability
 CVE-2023-23877
        RESERVED
 CVE-2023-23876 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) 
vulnerability i ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-23875 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Hima ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-23874 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) 
vulnerability i ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-23873
        RESERVED
 CVE-2023-23872
@@ -22089,7 +22089,7 @@ CVE-2023-23832 (Auth. (contributor+) Cross-Site 
Scripting (XSS) vulnerability in
 CVE-2023-23831
        RESERVED
 CVE-2023-23830 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
ProfileP ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-23829
        RESERVED
 CVE-2023-23828
@@ -22109,7 +22109,7 @@ CVE-2023-23822
 CVE-2023-23821 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Marc ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-23820 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) 
vulnerability i ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-23819
        RESERVED
 CVE-2023-23818
@@ -22131,9 +22131,9 @@ CVE-2023-23811
 CVE-2023-23810
        RESERVED
 CVE-2023-23809 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Mori ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-23808 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Serg ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-23807
        RESERVED
 CVE-2023-23806 (Auth. (admin+) StoredCross-Site Scripting (XSS) vulnerability 
in Davin ...)
@@ -22169,7 +22169,7 @@ CVE-2023-23792
 CVE-2023-23791
        RESERVED
 CVE-2023-23790 (Cross-Site Request Forgery (CSRF) vulnerability in Pods 
Framework Team ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-23789
        RESERVED
 CVE-2023-23788
@@ -22179,7 +22179,7 @@ CVE-2023-23787
 CVE-2023-23786
        RESERVED
 CVE-2023-23785 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in DgCu ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-23784 (A relative path traversal in Fortinet FortiWeb version 7.0.0 
through 7 ...)
        NOT-FOR-US: FortiGuard
 CVE-2023-23783 (A use of externally-controlled format string in Fortinet 
FortiWeb vers ...)
@@ -25875,7 +25875,7 @@ CVE-2023-22715 (Auth. (admin+) Cross-Site Scripting 
(XSS) vulnerability in Leste
 CVE-2023-22714
        RESERVED
 CVE-2023-22713 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability 
in WordP ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-22712 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) 
vulnerability i ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-22711
@@ -25935,7 +25935,7 @@ CVE-2023-22685
 CVE-2023-22684
        RESERVED
 CVE-2023-22683 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Them ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-22682 (Reflected Cross-Site Scripting (XSS) vulnerability in Manuel 
Masia | P ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-22681 (Cross-Site Request Forgery (CSRF) vulnerability in 
Aarvanshinfotech On ...)
@@ -32618,7 +32618,7 @@ CVE-2022-46854 (Cross-Site Request Forgery (CSRF) 
vulnerability in Obox Themes L
 CVE-2022-46853
        RESERVED
 CVE-2022-46852 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in WP T ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-46851
        RESERVED
 CVE-2022-46850



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f919e9a576e700be68e7304678798a9250d067e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f919e9a576e700be68e7304678798a9250d067e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to