[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) Fri, 05 Jan 2024 12:36:52 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b239a420 by Salvatore Bonaccorso at 2024-01-05T21:36:11+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,89 +1,89 @@
 CVE-2024-0247 (A vulnerability classified as critical was found in CodeAstro 
Online F ...)
-       TODO: check
+       NOT-FOR-US: CodeAstro Online Food Ordering System
 CVE-2024-0246 (A vulnerability classified as problematic has been found in 
IceWarp 12 ...)
-       TODO: check
+       NOT-FOR-US: IceWarp
 CVE-2023-52151 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-52149 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company 
Floatin ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-52148 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-52146 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-52145 (Cross-Site Request Forgery (CSRF) vulnerability in Marios 
Alexandrou R ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-52143 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-52136 (Cross-Site Request Forgery (CSRF) vulnerability in Smash 
Balloon Custo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-52130 (Cross-Site Request Forgery (CSRF) vulnerability in wp.Insider, 
wpaffil ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-52129 (Cross-Site Request Forgery (CSRF) vulnerability in Michael 
Winkler tea ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-52128 (Cross-Site Request Forgery (CSRF) vulnerability in WhiteWP 
White Label ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-52127 (Cross-Site Request Forgery (CSRF) vulnerability in WPClever 
WPC Produc ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-52126 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-52125 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-52124 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-52123 (Cross-Site Request Forgery (CSRF) vulnerability in WPChill 
Strong Test ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-52122 (Cross-Site Request Forgery (CSRF) vulnerability in PressTigers 
Simple  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-52121 (Cross-Site Request Forgery (CSRF) vulnerability in NitroPack 
Inc. Nitr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-52120 (Cross-Site Request Forgery (CSRF) vulnerability in Basix 
NEX-Forms \u2 ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-52119 (Cross-Site Request Forgery (CSRF) vulnerability in Icegram 
Icegram Eng ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51678 (Cross-Site Request Forgery (CSRF) vulnerability in Doofinder 
Doofinder ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51673 (Cross-Site Request Forgery (CSRF) vulnerability in Designful 
Stylish P ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51668 (Cross-Site Request Forgery (CSRF) vulnerability in WP Zone 
Inline Imag ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51539 (Cross-Site Request Forgery (CSRF) vulnerability in 
Apollo13Themes Apol ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51538 (Cross-Site Request Forgery (CSRF) vulnerability in Awesome 
Support Tea ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51535 (Cross-Site Request Forgery (CSRF) vulnerability in 
\u0421leanTalk - An ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-50991 (Buffer Overflow vulnerability in Tenda i29 versions 1.0 
V1.0.0.5 and 1 ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2023-50027 (SQL Injection vulnerability in Buy Addons 
baproductzoommagnifier modul ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop module
 CVE-2023-47560 (An OS command injection vulnerability has been reported to 
affect QuMa ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2023-47559 (A cross-site scripting (XSS) vulnerability has been reported 
to affect ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2023-47219 (A SQL injection vulnerability has been reported to affect 
QuMagie. If  ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2023-45044 (A buffer copy without checking size of input vulnerability has 
been re ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2023-45043 (A buffer copy without checking size of input vulnerability has 
been re ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2023-45042 (A buffer copy without checking size of input vulnerability has 
been re ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2023-45041 (A buffer copy without checking size of input vulnerability has 
been re ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2023-45040 (A buffer copy without checking size of input vulnerability has 
been re ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2023-45039 (A buffer copy without checking size of input vulnerability has 
been re ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2023-41289 (An OS command injection vulnerability has been reported to 
affect Qcal ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2023-41288 (An OS command injection vulnerability has been reported to 
affect Vide ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2023-41287 (A SQL injection vulnerability has been reported to affect 
Video Statio ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2023-39296 (A prototype pollution vulnerability has been reported to 
affect severa ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2023-39294 (An OS command injection vulnerability has been reported to 
affect seve ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2024-22088 (Lotos WebServer through 0.1.1 (commit 3eb36cc) has a 
use-after-free in ...)
        NOT-FOR-US: Lotos WebServer
 CVE-2024-22087 (route in main.c in Pico HTTP Server in C through f3b69a6 has 
an sprint ...)
@@ -69329,7 +69329,7 @@ CVE-2022-46841 (Cross-Site Request Forgery (CSRF) 
vulnerability in Soflyy Oxygen
 CVE-2022-46840
        RESERVED
 CVE-2022-46839 (Unrestricted Upload of File with Dangerous Type vulnerability 
in JS He ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-46838
        RESERVED
 CVE-2022-4391 (The Vision Interactive For WordPress plugin through 1.5.3 does 
not san ...)
@@ -100851,7 +100851,7 @@ CVE-2022-36679 (Simple Task Scheduling System v1.0 
was discovered to contain a S
 CVE-2022-36678 (Simple Task Scheduling System v1.0 was discovered to contain a 
SQL inj ...)
        NOT-FOR-US: Simple Task Scheduling System
 CVE-2022-36677 (Obsidian Mind Map v1.1.0 allows attackers to execute arbitrary 
code vi ...)
-       TODO: check
+       NOT-FOR-US: Obsidian
 CVE-2022-36676 (Simple Task Scheduling System v1.0 was discovered to contain a 
SQL inj ...)
        NOT-FOR-US: Simple Task Scheduling System
 CVE-2022-36675 (Simple Task Scheduling System v1.0 was discovered to contain a 
SQL inj ...)
@@ -262041,7 +262041,7 @@ CVE-2020-13881 (In support.c in pam_tacplus 1.3.8 
through 1.5.1, the TACACS+ sha
        NOTE: 
https://github.com/kravietz/pam_tacplus/commit/4a9852c31c2fd0c0e72fbb689a586aabcfb11cb0
        NOTE: https://github.com/kravietz/pam_tacplus/issues/149
 CVE-2020-13880 (IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+1cbf 
heap-bas ...)
-       TODO: check
+       NOT-FOR-US: IrfanView B3D PlugIns
 CVE-2020-13879 (IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+214f 
heap-bas ...)
        NOT-FOR-US: IrfanView B3D PlugIns
 CVE-2020-13878 (IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+27ef 
heap-bas ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b239a420c96625e45dab85c7c17ba214f5523632

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b239a420c96625e45dab85c7c17ba214f5523632
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to