[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Apr 11 21:56:17 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5b4dd74a by Salvatore Bonaccorso at 2022-04-11T22:55:51+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -945,7 +945,7 @@ CVE-2022-1253 (Heap-based Buffer Overflow in GitHub repository strukturag/libde2
NOTE: https://huntr.dev/bounties/1-other-strukturag/libde265/
NOTE: https://github.com/strukturag/libde265/commit/8e89fe0e175d2870c39486fdd09250b230ec10b8
CVE-2022-1252 (Exposure of Private Personal Information to an Unauthorized Actor in G ...)
- TODO: check
+ NOT-FOR-US: gnuboard5
CVE-2022-1251
RESERVED
CVE-2022-1250
@@ -5201,7 +5201,7 @@ CVE-2022-27158
CVE-2022-27157
RESERVED
CVE-2022-27156 (Daylight Studio Fuel CMS 1.5.1 is vulnerable to HTML Injection. ...)
- TODO: check
+ NOT-FOR-US: Daylight Studio Fuel CMS
CVE-2022-27155
RESERVED
CVE-2022-27154
@@ -5247,23 +5247,23 @@ CVE-2022-27135
CVE-2022-27134
RESERVED
CVE-2022-27133 (zbzcms v1.0 was discovered to contain an arbitrary file deletion vulne ...)
- TODO: check
+ NOT-FOR-US: zbzcms
CVE-2022-27132
RESERVED
CVE-2022-27131 (An arbitrary file upload vulnerability at /zbzedit/php/zbz.php in zbzc ...)
- TODO: check
+ NOT-FOR-US: zbzcms
CVE-2022-27130
RESERVED
CVE-2022-27129 (An arbitrary file upload vulnerability at /admin/ajax.php in zbzcms v1 ...)
- TODO: check
+ NOT-FOR-US: zbzcms
CVE-2022-27128 (An incorrect access control issue at /admin/run_ajax.php in zbzcms v1. ...)
- TODO: check
+ NOT-FOR-US: zbzcms
CVE-2022-27127 (zbzcms v1.0 was discovered to contain a SQL injection vulnerability vi ...)
- TODO: check
+ NOT-FOR-US: zbzcms
CVE-2022-27126 (zbzcms v1.0 was discovered to contain a SQL injection vulnerability vi ...)
- TODO: check
+ NOT-FOR-US: zbzcms
CVE-2022-27125 (zbzcms v1.0 was discovered to contain a stored cross-site scripting (X ...)
- TODO: check
+ NOT-FOR-US: zbzcms
CVE-2022-27124 (Insurance Management System 1.0 was discovered to contain a SQL inject ...)
NOT-FOR-US: Insurance Management System
CVE-2022-27123 (Employee Performance Evaluation v1.0 was discovered to contain a SQL i ...)
@@ -5283,7 +5283,7 @@ CVE-2022-27117
CVE-2022-27116
RESERVED
CVE-2022-27115 (In Studio-42 elFinder 2.1.60, there is a vulnerability that causes rem ...)
- TODO: check
+ NOT-FOR-US: Studio-42 elFinder
CVE-2022-27114
RESERVED
CVE-2022-27113
@@ -5291,7 +5291,7 @@ CVE-2022-27113
CVE-2022-27112
RESERVED
CVE-2022-27111 (Jfinal_CMS 5.1.0 allows attackers to use the feedback function to send ...)
- TODO: check
+ NOT-FOR-US: Jfinal_CMS
CVE-2022-27110 (OrangeHRM 4.10 is vulnerable to a Host header injection redirect via v ...)
- orangehrm <itp> (bug #786622)
CVE-2022-27109 (OrangeHRM 4.10 suffers from a Referer header injection redirect vulner ...)
@@ -5335,9 +5335,9 @@ CVE-2022-27091
CVE-2022-27090 (Cscms Music Portal System v4.2 was discovered to contain a redirection ...)
NOT-FOR-US: Cscms Music Portal System
CVE-2022-27089 (In Fujitsu PlugFree Network <= 7.3.0.3, an Unquoted service path in ...)
- TODO: check
+ NOT-FOR-US: Fujitsu PlugFree Network
CVE-2022-27088 (Ivanti DSM Remote <= 6.3.1.1862 is vulnerable to an unquoted servic ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2022-27087
RESERVED
CVE-2022-27086
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b4dd74a9f545cb0dee8d0246c1170ce7db62073
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b4dd74a9f545cb0dee8d0246c1170ce7db62073
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220411/40e8320c/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list