Process some NFUs

author: Salvatore Bonaccorso <carnil@debian.org> 2023-12-21 09:40:17 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2023-12-21 09:40:17 +0100
commit: 9385fe665af560a8f329670e6347dfa3705d9f60 (patch)
tree: b57f20eb4a3bb45b1b6e86edacea43b8be88a678
parent: 049ed6fd858b87ecd5a00712825d333d4ea59a42 (diff)
1 files changed, 31 insertions, 31 deletions
diff --git a/data/CVE/list b/data/CVE/list
index d1856d6a61..0db7d01721 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -35,21 +35,21 @@ CVE-2023-50983 (Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command inje
 CVE-2023-50639 (Cross Site Scripting (XSS) vulnerability in CuteHttpFileServer v.1.0 a ...)
 	NOT-FOR-US: CuteHttpFileServer
 CVE-2023-49032 (An issue in LTB Self Service Password before v.1.5.4 allows a remote a ...)
-	TODO: check
+	NOT-FOR-US: LTB Self Service Password
 CVE-2023-48434 (Online Voting System Project v1.0 is vulnerable to multiple Unauthenti ...)
-	TODO: check
+	NOT-FOR-US: Online Voting System Project
 CVE-2023-48433 (Online Voting System Project v1.0 is vulnerable to multiple Unauthenti ...)
-	TODO: check
+	NOT-FOR-US: Online Voting System Project
 CVE-2023-47093 (An issue was discovered in Stormshield Network Security (SNS) 4.0.0 th ...)
-	TODO: check
+	NOT-FOR-US: Stormshield Network Security (SNS)
 CVE-2023-46131 (Grails is a framework used to build web applications with the Groovy p ...)
 	TODO: check
 CVE-2023-45703 (HCL Launch may mishandle input validation of an uploaded archive file  ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2023-45700 (HCL Launch is vulnerable to HTML injection. This vulnerability may all ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2023-41166 (An issue was discovered in Stormshield Network Security (SNS) 3.7.0 th ...)
-	TODO: check
+	NOT-FOR-US: Stormshield Network Security (SNS)
 CVE-2023-7018 (Deserialization of Untrusted Data in GitHub repository huggingface/tra ...)
 	NOT-FOR-US: Transformers
 CVE-2023-7008 [Unsigned name response in signed zone is not refused when DNSSEC=yes]
@@ -176,9 +176,9 @@ CVE-2023-33209 (Improper Neutralization of Special Elements used in an SQL Comma
 CVE-2023-32743 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-32590 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-32128 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-37544 (Improper Authentication vulnerability in Apache Pulsar WebSocket Proxy ...)
 	NOT-FOR-US: Apache Pulsar
 CVE-2023-6977 (This vulnerability enables malicious users to read sensitive files on  ...)
@@ -33419,7 +33419,7 @@ CVE-2023-31233 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
 CVE-2023-31232 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Davi ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-31231 (Unrestricted Upload of File with Dangerous Type vulnerability in Unlim ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-31230 (Cross-Site Request Forgery (CSRF) vulnerability in Haoqisir Baidu Tong ...)
 	NOT-FOR-US: Haoqisir Baidu Tongji generator
 CVE-2023-31229
@@ -33547,7 +33547,7 @@ CVE-2023-31217 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabi
 CVE-2023-31216 (Cross-Site Request Forgery (CSRF) vulnerability in Ultimate Member plu ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-31215 (Unrestricted Upload of File with Dangerous Type vulnerability in Amade ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-31214
 	RESERVED
 CVE-2023-31213 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
@@ -33919,7 +33919,7 @@ CVE-2023-31094 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in La
 CVE-2023-31093 (Cross-Site Request Forgery (CSRF) vulnerability in Chronosly Chronosly ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-31092 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-31091 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Prad ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-31090
@@ -34540,7 +34540,7 @@ CVE-2023-30874 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
 CVE-2023-30873
 	RESERVED
 CVE-2023-30872 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-30871 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PT Woo P ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-30870
@@ -35111,7 +35111,7 @@ CVE-2023-30752 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
 CVE-2023-30751 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in iCon ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-30750 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-30749 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ihom ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-30748
@@ -36027,7 +36027,7 @@ CVE-2023-30497 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Si
 CVE-2023-30496 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-30495 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-30494 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ImageRec ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-30493 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Themefic ...)
@@ -38630,7 +38630,7 @@ CVE-2023-29434 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
 CVE-2023-29433
 	RESERVED
 CVE-2023-29432 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-29431
 	RESERVED
 CVE-2023-29430 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CTHtheme ...)
@@ -38946,7 +38946,7 @@ CVE-2023-29386
 CVE-2023-29385 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kevon Ad ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-29384 (Unrestricted Upload of File with Dangerous Type vulnerability in HM Pl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-1893 (The Login Configurator WordPress plugin through 2.1 does not properly  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-1892 (Cross-site Scripting (XSS) - Reflected in GitHub repository sidekiq/si ...)
@@ -39834,7 +39834,7 @@ CVE-2023-29104 (A vulnerability has been identified in SIMATIC Cloud Connect 7 C
 CVE-2023-29103 (A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 ( ...)
 	NOT-FOR-US: Siemens
 CVE-2023-29102 (Unrestricted Upload of File with Dangerous Type vulnerability in Olive ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-29101 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Muffingr ...)
 	NOT-FOR-US: Muffingroup
 CVE-2023-29100 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dream-Th ...)
@@ -39846,7 +39846,7 @@ CVE-2023-29098 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ar
 CVE-2023-29097 (Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in a3r ...)
 	NOT-FOR-US: WordPress Plugin
 CVE-2023-29096 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-29095 (Auth. (admin+) SQL Injection (SQLi) vulnerability in David F. Carr RSV ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-29094 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in PI W ...)
@@ -41000,7 +41000,7 @@ CVE-2023-28790 (Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability
 CVE-2023-28789 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cimatti  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-28788 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-28787
 	RESERVED
 CVE-2023-28786
@@ -41012,7 +41012,7 @@ CVE-2023-28784 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Co
 CVE-2023-28783 (Auth. (shop manager+) Stored Cross-Site Scripting (XSS) vulnerability  ...)
 	NOT-FOR-US: WordPress Plugin
 CVE-2023-28782 (Deserialization of Untrusted Data vulnerability in Rocketgenius Inc. G ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-28781 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Cimatti Con ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-28780 (Cross-Site Request Forgery (CSRF) vulnerability in Yoast Yoast Local P ...)
@@ -42007,7 +42007,7 @@ CVE-2023-28493 (Auth (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerab
 CVE-2023-28492
 	RESERVED
 CVE-2023-28491 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-28490 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Estatik  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-28489 (A vulnerability has been identified in CP-8031 MASTER MODULE (All vers ...)
@@ -43220,7 +43220,7 @@ CVE-2023-28172 (Cross-Site Request Forgery (CSRF) vulnerability in flippercode W
 CVE-2023-28171 (Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in ...)
 	NOT-FOR-US: WordPress theme
 CVE-2023-28170 (Unrestricted Upload of File with Dangerous Type vulnerability in Theme ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-28169 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Core ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-28168
@@ -43798,7 +43798,7 @@ CVE-2023-1308 (A vulnerability classified as critical has been found in SourceCo
 CVE-2013-10021 (A vulnerability was found in dd32 Debug Bar Plugin up to 0.8 on WordPr ...)
 	NOT-FOR-US: dd32 Debug Bar Plugin
 CVE-2023-28025 (Due to this vulnerability, the Master operator could potentially incor ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2023-28024
 	RESERVED
 CVE-2023-28023 (A cross site request forgery vulnerability in the BigFix WebUI Softwar ...)
@@ -47914,7 +47914,7 @@ CVE-2023-26527 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
 CVE-2023-26526
 	RESERVED
 CVE-2023-26525 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-26524 (Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz An ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-26523
@@ -49576,7 +49576,7 @@ CVE-2023-25972 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
 CVE-2023-25971 (Cross-Site Request Forgery (CSRF) vulnerability in FixBD Educare plugi ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-25970 (Unrestricted Upload of File with Dangerous Type vulnerability in Zendr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-25969
 	RESERVED
 CVE-2023-25968 (Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs, Madalin ...)
@@ -55710,7 +55710,7 @@ CVE-2023-23972 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
 CVE-2023-23971 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Code ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-23970 (Unrestricted Upload of File with Dangerous Type vulnerability in WooRo ...)
-	TODO: check
+	NOT-FOR-US: WordPress theme
 CVE-2023-23907 (A directory traversal vulnerability exists in the server.js start func ...)
 	NOT-FOR-US: MilesightVPN
 CVE-2023-23902 (A buffer overflow vulnerability exists in the uhttpd login functionali ...)
@@ -63262,11 +63262,11 @@ CVE-2022-47601
 CVE-2022-47600 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirte ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-47599 (Deserialization of Untrusted Data vulnerability in File Manager by Bit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-47598 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP P ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-47597 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-47596 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jeff ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-47595 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
@@ -74580,7 +74580,7 @@ CVE-2022-44686
 CVE-2022-44685
 	RESERVED
 CVE-2022-44684 (Windows Local Session Manager (LSM) Denial of Service Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2022-44683 (Windows Kernel Elevation of Privilege Vulnerability)
 	NOT-FOR-US: Microsoft
 CVE-2022-44682 (Windows Hyper-V Denial of Service Vulnerability)
@@ -79570,7 +79570,7 @@ CVE-2022-43458 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in
 CVE-2022-43453
 	RESERVED
 CVE-2022-43450 (Authorization Bypass Through User-Controlled Key vulnerability in XWP  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-43445
 	RESERVED
 CVE-2022-43441 (A code execution vulnerability exists in the Statement Bindings functi ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2023-12-21 09:40:17 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2023-12-21 09:40:17 +0100
commit	9385fe665af560a8f329670e6347dfa3705d9f60 (patch)
tree	b57f20eb4a3bb45b1b6e86edacea43b8be88a678
parent	049ed6fd858b87ecd5a00712825d333d4ea59a42 (diff)