diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2023-07-02 09:20:52 +0200 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2023-07-02 09:20:52 +0200 |
| commit | 47d87ec6a5c3bca94f09eb695bbdd2318bb9cbbc (patch) | |
| tree | 34a31752d76badccfb5e3577c393345872fe3b2a | |
| parent | 4447a42999dbaeff8e0cd326088c1d4f6e37639d (diff) | |
Process NFUs
| -rw-r--r-- | data/CVE/list | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/data/CVE/list b/data/CVE/list index 3b966b3972..d70036c041 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -109,11 +109,11 @@ CVE-2020-36736 (The WooCommerce Checkout & Funnel Builder by CartFlows plugin fo CVE-2020-36735 (The WP ERP | Complete HR solution with recruitment & job listings | Wo ...) NOT-FOR-US: WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plugin for WordPress CVE-2023-3485 (Insecure defaults in open-source Temporal Server before version 1.20 o ...) - TODO: check + NOT-FOR-US: Temporal Server CVE-2023-3479 (Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/h ...) - TODO: check + NOT-FOR-US: Hestia Control Panel CVE-2023-3478 (A vulnerability classified as critical was found in IBOS OA 4.5.5. Aff ...) - TODO: check + NOT-FOR-US: IBOS OA CVE-2023-37365 (Hnswlib 0.7.0 has a double free in init_index when the M argument is a ...) TODO: check CVE-2023-37360 (pacparser_find_proxy in Pacparser before 1.4.2 allows JavaScript injec ...) @@ -121,7 +121,7 @@ CVE-2023-37360 (pacparser_find_proxy in Pacparser before 1.4.2 allows JavaScript CVE-2023-37307 (In MISP before 2.4.172, title_for_layout is not properly sanitized in ...) NOT-FOR-US: MISP CVE-2023-37306 (MISP 2.4.172 mishandles different certificate file extensions in serve ...) - TODO: check + NOT-FOR-US: MISP CVE-2023-37305 (An issue was discovered in the ProofreadPage (aka Proofread Page) exte ...) NOT-FOR-US: MediaWiki extension ProofreadPage CVE-2023-37304 (An issue was discovered in the DoubleWiki extension for MediaWiki thro ...) @@ -153,9 +153,9 @@ CVE-2023-35176 (Certain HP LaserJet Pro print products are potentially vulnerabl CVE-2023-35175 (Certain HP LaserJet Pro print products are potentially vulnerable to P ...) NOT-FOR-US: HP CVE-2023-34840 (angular-ui-notification v0.1.0, v0.2.0, and v0.3.6 was discovered to c ...) - TODO: check + NOT-FOR-US: angular-ui-notification CVE-2023-33276 (The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and ...) - TODO: check + NOT-FOR-US: Gira Giersiepen Gira KNX/IP-Router CVE-2023-31543 (A dependency confusion in pipreqs v0.3.0 to v0.4.11 allows attackers t ...) TODO: check CVE-2023-3477 (A vulnerability was found in RocketSoft Rocket LMS 1.7. It has been de ...) @@ -265,7 +265,7 @@ CVE-2023-33466 (Orthanc before 1.12.0 allows authenticated users with access to CVE-2023-33277 (The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and ...) NOT-FOR-US: Gira Giersiepen Gira KNX/IP-Router CVE-2023-33190 (Sealos is an open source cloud operating system distribution based on ...) - TODO: check + NOT-FOR-US: Sealos CVE-2023-XXXX [Heap overwrite in PGS subtitle overlay decoder] - gst-plugins-bad1.0 1.22.4-1 [bookworm] - gst-plugins-bad1.0 1.22.0-4+deb12u1 @@ -293,17 +293,17 @@ CVE-2023-XXXX [Heap overwrite in subtitle parsing] CVE-2023-3447 (The Active Directory Integration / LDAP Integration plugin for WordPre ...) NOT-FOR-US: Active Directory Integration / LDAP Integration plugin for WordPress CVE-2023-3243 (** UNSUPPORTED WHEN ASSIGNED ** [An attacker can capture an authentica ...) - TODO: check + NOT-FOR-US: Honeywell CVE-2023-37237 (In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permission ...) NOT-FOR-US: Veritas NetBackup Appliance CVE-2023-36476 (calamares-nixos-extensions provides Calamares branding and modules for ...) TODO: check CVE-2023-36475 (Parse Server is an open source backend that can be deployed to any inf ...) - TODO: check + NOT-FOR-US: Node parse-server CVE-2023-36474 (Interactsh is an open-source tool for detecting out-of-band interactio ...) TODO: check CVE-2023-34843 (Traggo Server 0.3.0 is vulnerable to directory traversal via a crafted ...) - TODO: check + NOT-FOR-US: Traggo Server CVE-2023-34834 (A Directory Browsing vulnerability in MCL-Net version 4.3.5.8788 webse ...) NOT-FOR-US: MCL-Net CVE-2023-34831 (The "Submission Web Form" of Turnitin LTI tool/plugin version 1.3 is a ...) @@ -390,7 +390,7 @@ CVE-2023-33592 (Lost and Found Information System v1.0 was discovered to contain CVE-2023-33570 (Bagisto v1.5.1 is vulnerable to Server-Side Template Injection (SSTI).) NOT-FOR-US: Bagisto CVE-2023-2625 (A vulnerability exists that can be exploited by an authenticated clien ...) - TODO: check + NOT-FOR-US: ABB CoreTec CVE-2023-3436 (Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is ...) TODO: check CVE-2023-3428 [heap-buffer-overflow in coders/tiff.c] |