diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2023-05-26 10:37:47 +0200 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2023-05-26 10:37:47 +0200 |
| commit | d35669971369ed98c2b848bc7376a20da7140e45 (patch) | |
| tree | a9e862c50fa33ae7aa42f67c7ac50c2e910c67e7 | |
| parent | feaf86e51824c5885620372f1d82fc677e5bba23 (diff) | |
Process some NFUs
| -rw-r--r-- | data/CVE/list | 84 |
1 files changed, 42 insertions, 42 deletions
diff --git a/data/CVE/list b/data/CVE/list index 8c226edf23..43a9f86fa6 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,13 +1,13 @@ CVE-2023-32074 (user_oidc app is an OpenID Connect user backend for Nextcloud. Authent ...) TODO: check CVE-2023-2903 (A vulnerability classified as problematic has been found in NFine Rapi ...) - TODO: check + NOT-FOR-US: NFine Rapid Development Platform CVE-2023-2902 (A vulnerability was found in NFine Rapid Development Platform 20230511 ...) - TODO: check + NOT-FOR-US: NFine Rapid Development Platform CVE-2023-2901 (A vulnerability was found in NFine Rapid Development Platform 20230511 ...) - TODO: check + NOT-FOR-US: NFine Rapid Development Platform CVE-2023-2900 (A vulnerability was found in NFine Rapid Development Platform 20230511 ...) - TODO: check + NOT-FOR-US: NFine Rapid Development Platform CVE-2023-33751 (A stored cross-site scripting (XSS) vulnerability in mipjz v5.0.5 allo ...) NOT-FOR-US: mipjz CVE-2023-33750 (A stored cross-site scripting (XSS) vulnerability in mipjz v5.0.5 allo ...) @@ -165,7 +165,7 @@ CVE-2023-2873 (A vulnerability classified as critical was found in Twister Antiv CVE-2023-2872 (A vulnerability classified as problematic has been found in FlexiHub 5 ...) NOT-FOR-US: FlexiHub CVE-2023-2871 (A vulnerability was found in FabulaTech USB for Remote Desktop 6.1.0.0 ...) - TODO: check + NOT-FOR-US: FabulaTech USB for Remote Desktop CVE-2023-2870 (A vulnerability was found in EnTech Monitor Asset Manager 2.9. It has ...) NOT-FOR-US: EnTech Monitor Asset Manager CVE-2023-2868 (A remote command injection vulnerability exists in the Barracuda Email ...) @@ -4484,7 +4484,7 @@ CVE-2023-30486 CVE-2023-30485 RESERVED CVE-2023-30484 (Cross-Site Request Forgery (CSRF) vulnerability in uPress Enable Acces ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-30483 RESERVED CVE-2023-30482 @@ -6165,7 +6165,7 @@ CVE-2023-29723 CVE-2023-29722 RESERVED CVE-2023-29721 (SofaWiki <= 3.8.9 has a file upload vulnerability that leads to comman ...) - TODO: check + NOT-FOR-US: SofaWiki CVE-2023-29720 (SofaWiki <=3.8.9 is vulnerable to Cross Site Scripting (XSS) via index ...) NOT-FOR-US: SofaWiki CVE-2023-29719 @@ -13444,7 +13444,7 @@ CVE-2023-1160 (Use of Platform-Dependent Third Party Components in GitHub reposi CVE-2023-1159 RESERVED CVE-2023-1158 (Hitachi Vantara Pentaho Business Analytics Server versions before 9.4. ...) - TODO: check + NOT-FOR-US: Hitachi Vantara Pentaho Business Analytics Server CVE-2023-1157 (A vulnerability, which was classified as problematic, was found in fin ...) NOT-FOR-US: Finixbit elf-parser CVE-2023-1156 (A vulnerability classified as problematic was found in SourceCodester ...) @@ -18994,9 +18994,9 @@ CVE-2022-48317 (Expired sessions were not securely terminated in the RestAPI for CVE-2023-25600 RESERVED CVE-2023-25599 (A vulnerability in the conferencing component of Mitel MiVoice Connect ...) - TODO: check + NOT-FOR-US: Mitel CVE-2023-25598 (A vulnerability in the conferencing component of Mitel MiVoice Connect ...) - TODO: check + NOT-FOR-US: Mitel CVE-2023-25597 (A vulnerability in the web conferencing component of Mitel MiCollab th ...) NOT-FOR-US: Mitel CVE-2023-25596 (A vulnerability exists in ClearPass Policy Manager that allows for an ...) @@ -19493,7 +19493,7 @@ CVE-2023-25441 CVE-2023-25440 (Stored Cross Site Scripting (XSS) vulnerability in the add contact fun ...) - civicrm <unfixed> (bug #1036695) CVE-2023-25439 (Stored Cross Site Scripting (XSS) vulnerability in Square Pig FusionIn ...) - TODO: check + NOT-FOR-US: Square Pig FusionInvoice CVE-2023-25438 (An issue was discovered in Genomedics MilleGP5 5.9.2, allows remote at ...) NOT-FOR-US: MilleGP5 CVE-2023-25437 (An issue was discovered in vTech VCS754 version 1.1.1.A before 1.1.1.H ...) @@ -28599,7 +28599,7 @@ CVE-2023-22506 CVE-2023-22505 RESERVED CVE-2023-22504 (Affected versions of Atlassian Confluence Server allow remote attacker ...) - TODO: check + NOT-FOR-US: Atlassian CVE-2023-22503 (Affected versions of Atlassian Confluence Server and Data Center allow ...) NOT-FOR-US: Atlassian CVE-2023-22502 @@ -29383,7 +29383,7 @@ CVE-2022-4817 (A vulnerability was found in centic9 jgit-cookbook. It has been d CVE-2022-4816 (A denial-of-service vulnerability has been identified in Lenovo Safece ...) NOT-FOR-US: Lenovo CVE-2022-4815 (Hitachi Vantara Pentaho Business Analytics Server versions before 9.4. ...) - TODO: check + NOT-FOR-US: Hitachi Vantara Pentaho Business Analytics Server CVE-2022-4814 (Improper Access Control in GitHub repository usememos/memos prior to 0 ...) NOT-FOR-US: usememos CVE-2022-4813 (Insufficient Granularity of Access Control in GitHub repository usemem ...) @@ -33654,7 +33654,7 @@ CVE-2022-47180 (Cross-Site Request Forgery (CSRF) vulnerability in Kopa Theme Ko CVE-2022-47179 (Cross-Site Request Forgery (CSRF) vulnerability in Uwe Jacobs OWM Weat ...) NOT-FOR-US: WordPress plugin CVE-2022-47178 (Cross-Site Request Forgery (CSRF) vulnerability in Simple Share Button ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-47177 (Cross-Site Request Forgery (CSRF) vulnerability in WP Easy Pay WP Easy ...) NOT-FOR-US: WordPress plugin CVE-2022-47176 @@ -33662,7 +33662,7 @@ CVE-2022-47176 CVE-2022-47175 RESERVED CVE-2022-47174 (Cross-Site Request Forgery (CSRF) vulnerability in WordPress Performan ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-47173 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in nasi ...) NOT-FOR-US: WordPress plugin CVE-2022-47172 @@ -33680,19 +33680,19 @@ CVE-2022-47167 (Cross-Site Request Forgery (CSRF) vulnerability in Aram Kocharya CVE-2022-47166 (Cross-Site Request Forgery (CSRF) vulnerability in voidCoders Void Con ...) NOT-FOR-US: WordPress plugin CVE-2022-47165 (Cross-Site Request Forgery (CSRF) vulnerability in CoSchedule plugin < ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-47164 (Cross-Site Request Forgery (CSRF) vulnerability in MagePeople Team Eve ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-47163 (Cross-Site Request Forgery (CSRF) vulnerability in Tips and Tricks HQ, ...) NOT-FOR-US: WordPress plugin CVE-2022-47162 (Cross-Site Request Forgery (CSRF) vulnerability in Dannie Herdyawan DH ...) NOT-FOR-US: WordPress plugin CVE-2022-47161 (Cross-Site Request Forgery (CSRF) vulnerability in The WordPress.Org c ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-47160 RESERVED CVE-2022-47159 (Cross-Site Request Forgery (CSRF) vulnerability in Logaster Logaster L ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-47158 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pakp ...) NOT-FOR-US: WordPress plugin CVE-2022-47157 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Don ...) @@ -33712,7 +33712,7 @@ CVE-2022-47151 CVE-2022-47150 RESERVED CVE-2022-47149 (Cross-Site Request Forgery (CSRF) vulnerability in Pretty Links plugin ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-47148 (Cross-Site Request Forgery (CSRF) vulnerability in WP Overnight PDF In ...) NOT-FOR-US: WordPress plugin CVE-2022-47147 (Cross-Site Request Forgery (CSRF) vulnerability in Kesz1 Technologies ...) @@ -33722,7 +33722,7 @@ CVE-2022-47146 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Co CVE-2022-47145 (Reflected Cross-Site Scripting (XSS) vulnerability in Blockonomics Wor ...) NOT-FOR-US: WordPress plugin CVE-2022-47144 (Cross-Site Request Forgery (CSRF) vulnerability in Plugincraft Mediama ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-47143 (Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Multiple ...) NOT-FOR-US: WordPress plugin CVE-2022-47142 (Cross-Site Request Forgery (CSRF) vulnerability in Plugincraft Mediama ...) @@ -33732,15 +33732,15 @@ CVE-2022-47141 (Cross-Site Request Forgery (CSRF) vulnerability in Seerox WP Dyn CVE-2022-47140 RESERVED CVE-2022-47139 (Cross-Site Request Forgery (CSRF) vulnerability in Damir Calusic WP Ba ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-47138 (Cross-Site Request Forgery (CSRF) vulnerability in German Krutov LOGIN ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-47137 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPMa ...) NOT-FOR-US: WordPress plugin CVE-2022-47136 (Cross-Site Request Forgery (CSRF) vulnerability in WPManageNinja LLC N ...) NOT-FOR-US: WordPress plugin CVE-2022-47135 (Cross-Site Request Forgery (CSRF) vulnerability in chronoengine.Com Ch ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-47134 (Cross-Site Request Forgery (CSRF) vulnerability in Bill Erickson Galle ...) NOT-FOR-US: WordPress plugin CVE-2022-47133 @@ -34502,9 +34502,9 @@ CVE-2022-46868 CVE-2022-46867 (Cross-Site Request Forgery (CSRF) vulnerability in Chasil Universal St ...) NOT-FOR-US: WordPress plugin CVE-2022-46866 (Cross-Site Request Forgery (CSRF) vulnerability in Marty Thornley Impo ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-46865 (Cross-Site Request Forgery (CSRF) vulnerability in Marty Thornley Bulk ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-46864 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Umair Sa ...) NOT-FOR-US: WordPress plugin CVE-2022-46863 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Full ...) @@ -34522,7 +34522,7 @@ CVE-2022-46858 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Am CVE-2022-46857 RESERVED CVE-2022-46856 (Cross-Site Request Forgery (CSRF) vulnerability in ORION Woocommerce P ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-46855 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...) NOT-FOR-US: WordPress plugin CVE-2022-46854 (Cross-Site Request Forgery (CSRF) vulnerability in Obox Themes Launchp ...) @@ -34657,7 +34657,7 @@ CVE-2022-46822 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in JC CVE-2022-46821 RESERVED CVE-2022-46820 (Cross-Site Request Forgery (CSRF) vulnerability in WPJoli Joli Table O ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-46819 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi ...) NOT-FOR-US: WordPress plugin CVE-2022-46818 @@ -34669,15 +34669,15 @@ CVE-2022-46816 (Cross-Site Request Forgery (CSRF) vulnerability in Booking Ultra CVE-2022-46815 (Cross-Site Request Forgery (CSRF) vulnerability inLauri Karisola / WP ...) NOT-FOR-US: Lauri Karisola / WP Trio Conditional Shipping for WooCommerce plugin CVE-2022-46814 (Cross-Site Request Forgery (CSRF) vulnerability in Pierre Lebedel Kode ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-46813 (Cross-Site Request Forgery (CSRF) vulnerability in Younes JFR. Advance ...) NOT-FOR-US: WordPress plugin CVE-2022-46812 (Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank Yo ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-46811 RESERVED CVE-2022-46810 (Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank Yo ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-46809 RESERVED CVE-2022-46808 @@ -34697,7 +34697,7 @@ CVE-2022-46802 CVE-2022-46801 RESERVED CVE-2022-46800 (Cross-Site Request Forgery (CSRF) vulnerability in LiteSpeed Technolog ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-46799 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirte ...) NOT-FOR-US: WordPress plugin CVE-2022-46798 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes ShopLento ...) @@ -37717,7 +37717,7 @@ CVE-2022-45817 (Cross-Site Scripting (XSS) vulnerability in Erin Garscadden GC T CVE-2022-45816 (Auth. Stored Cross-Site Scripting (XSS) vulnerability inGD bbPress Att ...) NOT-FOR-US: WordPress plugin CVE-2022-45815 (Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes GDPR ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-45814 (Stored Cross-Site Scripting (XSS) vulnerability in Fabian von Allmen W ...) NOT-FOR-US: WordPress plugin CVE-2022-45813 @@ -39247,7 +39247,7 @@ CVE-2022-45373 CVE-2022-45372 RESERVED CVE-2022-45371 (Cross-Site Request Forgery (CSRF) vulnerability in Wpmet ShopEngine pl ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-45370 RESERVED CVE-2022-45369 (Auth. (subscriber+) Broken Access Control vulnerability in Plugin for ...) @@ -39255,9 +39255,9 @@ CVE-2022-45369 (Auth. (subscriber+) Broken Access Control vulnerability in Plugi CVE-2022-45368 RESERVED CVE-2022-45367 (Cross-Site Request Forgery (CSRF) vulnerability in Tyche Softwares Cus ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-45366 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Jason Cr ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-45365 RESERVED CVE-2022-45364 (Cross-Site Request Forgery (CSRF) vulnerability in Glen Don L. Mongaya ...) @@ -46985,7 +46985,7 @@ CVE-2022-43492 (Auth. (subscriber+) Insecure Direct Object References (IDOR) vul CVE-2022-43491 (Cross-Site Request Forgery (CSRF) vulnerability in Advanced Dynamic Pr ...) NOT-FOR-US: WordPress plugin CVE-2022-43490 (Cross-Site Request Forgery (CSRF) vulnerability in XWP Stream plugin < ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-43488 (Cross-Site Request Forgery (CSRF) vulnerability in Advanced Dynamic Pr ...) NOT-FOR-US: WordPress plugin CVE-2022-43482 (Missing Authorization vulnerability in Appointment Booking Calendar pl ...) @@ -47073,7 +47073,7 @@ CVE-2022-41992 (A memory corruption vulnerability exists in the VHD File Format CVE-2022-41990 RESERVED CVE-2022-41987 (Cross-Site Request Forgery (CSRF) vulnerability in LearningTimes Badge ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-41980 (Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Mantenimien ...) NOT-FOR-US: WordPress plugin CVE-2022-41978 (Auth. (subscriber+) Arbitrary Options Update vulnerability in Zoho CRM ...) @@ -47129,11 +47129,11 @@ CVE-2022-40686 (Cross-Site Request Forgery (CSRF) vulnerability in Creative Mail CVE-2022-38971 (Stored Cross-Site Scripting (XSS) vulnerability in ThemeKraft Post For ...) NOT-FOR-US: WordPress plugin CVE-2022-38716 (Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes Moto ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-38702 RESERVED CVE-2022-38356 (Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes Word ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-38075 (Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cros ...) NOT-FOR-US: WordPress plugin CVE-2022-3648 @@ -52348,7 +52348,7 @@ CVE-2022-41640 (Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerabil CVE-2022-41638 (Auth. Stored Cross-Site Scripting (XSS) in Pop-Up Chop Chop plugin <= ...) NOT-FOR-US: WordPress plugin CVE-2022-41635 (Cross-Site Request Forgery (CSRF) vulnerability in Zorem Advanced Ship ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-41634 (Cross-Site Request Forgery (CSRF) vulnerability in Media Library Folde ...) NOT-FOR-US: WordPress plugin CVE-2022-41633 (Cross-Site Request Forgery (CSRF) vulnerability in PeepSo Community by ...) @@ -53471,7 +53471,7 @@ CVE-2022-41256 CVE-2022-41223 (The Director database component of MiVoice Connect through 19.3 (22.22 ...) NOT-FOR-US: Mitel CVE-2022-41221 (The client in OpenText Archive Center Administration through 21.2 allo ...) - TODO: check + NOT-FOR-US: OpenText Archive Center Administration CVE-2022-40224 (A denial of service vulnerability exists in the web server functionali ...) NOT-FOR-US: Moxa CVE-2022-3263 (The security descriptor of Measuresoft ScadaPro Server version 6.7 has ...) |