[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Aug 3 21:20:36 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7ce6f0b7 by Salvatore Bonaccorso at 2022-08-03T22:20:01+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3775,11 +3775,11 @@ CVE-2022-35868
 CVE-2022-35867 (This vulnerability allows local attackers to escalate privileges on af ...)
 	TODO: check
 CVE-2022-35866 (This vulnerability allows remote attackers to bypass authentication on ...)
-	TODO: check
+	NOT-FOR-US: Vinchin Backup and Recovery
 CVE-2022-35865 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: BMC Track-It!
 CVE-2022-35864 (This vulnerability allows remote attackers to disclose sensitive infor ...)
-	TODO: check
+	NOT-FOR-US: BMC Track-It!
 CVE-2022-2414 (Access to external entities when parsing XML documents can lead to XML ...)
 	- dogtag-pki <unfixed> (bug #1014957)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2104676
@@ -4383,9 +4383,9 @@ CVE-2022-35622
 CVE-2022-35621
 	RESERVED
 CVE-2022-35620 (D-LINK DIR-818LW A1:DIR818L_FW105b01 was discovered to contain a remot ...)
-	TODO: check
+	NOT-FOR-US: D-LINK
 CVE-2022-35619 (D-LINK DIR-818LW A1:DIR818L_FW105b01 was discovered to contain a remot ...)
-	TODO: check
+	NOT-FOR-US: D-LINK
 CVE-2022-35618
 	RESERVED
 CVE-2022-35617
@@ -5832,9 +5832,9 @@ CVE-2022-34976
 CVE-2022-34975
 	RESERVED
 CVE-2022-34974 (D-Link DIR810LA1_FW102B22 was discovered to contain a command injectio ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2022-34973 (D-Link DIR820LA1_FW106B02 was discovered to contain a buffer overflow  ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2022-34972 (So Filter Shop v3.x was discovered to contain multiple blind SQL injec ...)
 	NOT-FOR-US: So Filter Shop
 CVE-2022-34971 (An arbitrary file upload vulnerability in the Advertising Management m ...)
@@ -6178,9 +6178,9 @@ CVE-2022-34874 (This vulnerability allows remote attackers to disclose sensitive
 CVE-2022-34873 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit
 CVE-2022-34872 (This vulnerability allows remote attackers to disclose sensitive infor ...)
-	TODO: check
+	NOT-FOR-US: Centreon
 CVE-2022-34871 (This vulnerability allows remote attackers to escalate privileges on a ...)
-	TODO: check
+	NOT-FOR-US: Centreon
 CVE-2022-34870
 	RESERVED
 CVE-2022-34858
@@ -6263,7 +6263,7 @@ CVE-2022-2274 (The OpenSSL 3.0.4 release introduced a serious bug in the RSA imp
 CVE-2022-2273 (The Simple Membership WordPress plugin before 4.1.3 does not properly  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-2272 (This vulnerability allows remote attackers to bypass authentication on ...)
-	TODO: check
+	NOT-FOR-US: Sante PACS Server
 CVE-2022-2271
 	RESERVED
 CVE-2022-2270 (An issue has been discovered in GitLab affecting all versions starting ...)
@@ -23276,7 +23276,7 @@ CVE-2022-28686
 CVE-2022-28685
 	RESERVED
 CVE-2022-28684 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: DevExpress
 CVE-2022-28683 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit
 CVE-2022-28682 (This vulnerability allows remote attackers to execute arbitrary code o ...)
@@ -26916,7 +26916,7 @@ CVE-2022-27486
 CVE-2022-27485
 	RESERVED
 CVE-2022-27484 (A unverified password change in Fortinet FortiADC version 6.2.0 throug ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2022-27483 (A improper neutralization of special elements used in an os command (' ...)
 	NOT-FOR-US: Fortinet
 CVE-2022-27482
@@ -39462,7 +39462,7 @@ CVE-2022-23444
 CVE-2022-23443 (An improper access control in Fortinet FortiSOAR before 7.2.0 allows u ...)
 	NOT-FOR-US: FortiGuard
 CVE-2022-23442 (An improper access control vulnerability [CWE-284] in FortiOS versions ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2022-23441 (A use of hard-coded cryptographic key vulnerability [CWE-321] in Forti ...)
 	NOT-FOR-US: Fortinet
 CVE-2022-23440 (A use of hard-coded cryptographic key vulnerability [CWE-321] in the r ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ce6f0b767486a57d9910912150ee5af4d2b9246

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ce6f0b767486a57d9910912150ee5af4d2b9246
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220803/db7bbb3f/attachment.htm>

More information about the debian-security-tracker-commits mailing list