[Git][security-tracker-team/security-tracker][master] Process some NFUs
Neil Williams (@codehelp)
codehelp at debian.org
Thu Apr 14 11:27:35 BST 2022
Neil Williams pushed to branch master at Debian Security Tracker / security-tracker
Commits:
eef205d8 by Neil Williams at 2022-04-14T11:27:18+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3382,15 +3382,15 @@ CVE-2022-28038
CVE-2022-28037
RESERVED
CVE-2022-28036 (AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_nav ...)
- TODO: check
+ NOT-FOR-US: AtomCMS
CVE-2022-28035 (Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_bl ...)
- TODO: check
+ NOT-FOR-US: AtomCMS
CVE-2022-28034 (AtomCMS 2.0 is vulnerabie to SQL Injection via Atom.CMS_admin_ajax_lis ...)
- TODO: check
+ NOT-FOR-US: AtomCMS
CVE-2022-28033 (Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_uploads ...)
- TODO: check
+ NOT-FOR-US: AtomCMS
CVE-2022-28032 (AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_pag ...)
- TODO: check
+ NOT-FOR-US: AtomCMS
CVE-2022-28031
RESERVED
CVE-2022-28030
@@ -5716,15 +5716,15 @@ CVE-2022-XXXX [wordpress 5.9.2]
[stretch] - wordpress 4.7.23+dfsg-0+deb9u1
NOTE: https://wordpress.org/news/2022/03/wordpress-5-9-2-security-maintenance-release/
CVE-2022-27165 (CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Plugin_m ...)
- TODO: check
+ NOT-FOR-US: CSZ CMS
CVE-2022-27164 (CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Users_vi ...)
- TODO: check
+ NOT-FOR-US: CSZ CMS
CVE-2022-27163 (CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Users_ed ...)
- TODO: check
+ NOT-FOR-US: CSZ CMS
CVE-2022-27162 (CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Members_ ...)
- TODO: check
+ NOT-FOR-US: CSZ CMS
CVE-2022-27161 (Csz Cms 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Members_ ...)
- TODO: check
+ NOT-FOR-US: CSZ CMS
CVE-2022-27160
RESERVED
CVE-2022-27159
@@ -14891,13 +14891,13 @@ CVE-2018-25029 (The Z-Wave specification requires that S2 security can be downgr
CVE-2013-20003 (Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (usin ...)
NOT-FOR-US: Z-Wave devices
CVE-2022-23973 (ASUS RT-AX56U’s user profile configuration function is vulnerabl ...)
- TODO: check
+ NOT-FOR-US: Asus RT-AX56U
CVE-2022-23972 (ASUS RT-AX56U’s SQL handling function has an SQL injection vulne ...)
- TODO: check
+ NOT-FOR-US: Asus RT-AX56U
CVE-2022-23971 (ASUS RT-AX56U’s update_PLC/PORT file has a path traversal vulner ...)
- TODO: check
+ NOT-FOR-US: Asus RT-AX56U
CVE-2022-23970 (ASUS RT-AX56U’s update_json function has a path traversal vulner ...)
- TODO: check
+ NOT-FOR-US: Asus RT-AX56U
CVE-2022-23969
RESERVED
CVE-2022-23968 (Xerox VersaLink devices on specific versions of firmware before 2022-0 ...)
@@ -16663,11 +16663,11 @@ CVE-2022-23451
NOTE: https://storyboard.openstack.org/#!/story/2009253
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2025089
CVE-2022-23450 (A vulnerability has been identified in SIMATIC Energy Manager Basic (A ...)
- TODO: check
+ NOT-FOR-US: Siemens SIMATIC
CVE-2022-23449 (A vulnerability has been identified in SIMATIC Energy Manager Basic (A ...)
- TODO: check
+ NOT-FOR-US: Siemens SIMATIC
CVE-2022-23448 (A vulnerability has been identified in SIMATIC Energy Manager Basic (A ...)
- TODO: check
+ NOT-FOR-US: Siemens SIMATIC
CVE-2022-23447
RESERVED
CVE-2022-23446 (A improper control of a resource through its lifetime in Fortinet Fort ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eef205d8c01fd4adadda1559e8f61a9948147764
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eef205d8c01fd4adadda1559e8f61a9948147764
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220414/f4b565e3/attachment.htm>
More information about the debian-security-tracker-commits
mailing list