[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Aug 23 08:21:52 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
25b3879b by Salvatore Bonaccorso at 2022-08-23T09:21:30+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27050,7 +27050,7 @@ CVE-2022-1253 (Heap-based Buffer Overflow in GitHub repository strukturag/libde2
CVE-2022-1252 (Exposure of Private Personal Information to an Unauthorized Actor in G ...)
NOT-FOR-US: gnuboard5
CVE-2022-1251 (The Ask me WordPress theme before 6.8.4 does not perform nonce checks ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2022-1250 (The LifterLMS PayPal WordPress plugin before 1.4.0 does not sanitise a ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1248 (A vulnerability was found in SAP Information System 1.0 which has been ...)
@@ -27324,7 +27324,7 @@ CVE-2022-28600
CVE-2022-28599 (A stored cross-site scripting (XSS) vulnerability exists in FUEL-CMS 1 ...)
NOT-FOR-US: FUEL-CMS
CVE-2022-28598 (Frappe ERPNext 12.29.0 is vulnerable to XSS where the software does no ...)
- TODO: check
+ NOT-FOR-US: Frappe ERPNext
CVE-2022-28597
RESERVED
CVE-2022-28596
@@ -75686,7 +75686,7 @@ CVE-2021-37291 (An SQL Injection vulnerability exists in KevinLAB Inc Building E
CVE-2021-37290
RESERVED
CVE-2021-37289 (Insecure Permissions in administration interface in Planex MZK-DP150N ...)
- TODO: check
+ NOT-FOR-US: Planex MZK-DP150N
CVE-2021-37288
RESERVED
CVE-2021-37287
@@ -76691,7 +76691,7 @@ CVE-2021-36859
CVE-2021-36858
RESERVED
CVE-2021-36857 (Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-36856
RESERVED
CVE-2021-36855
@@ -76701,7 +76701,7 @@ CVE-2021-36854
CVE-2021-36853
RESERVED
CVE-2021-36852 (Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Hotel ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-36851 (Authenticated (editor or higher user role) Cross-Site Scripting (XSS) ...)
NOT-FOR-US: WordPress plugin
CVE-2021-36850 (Cross-Site Request Forgery (CSRF) vulnerability in WordPress Media Fil ...)
@@ -76711,7 +76711,7 @@ CVE-2021-36849 (Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnera
CVE-2021-36848 (Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability ...)
NOT-FOR-US: WordPress plugin
CVE-2021-36847 (Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-36846 (Authenticated (admin or higher user role) Stored Cross-Site Scripting ...)
NOT-FOR-US: WordPress plugin
CVE-2021-36845 (Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabiliti ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/25b3879b3dc2af0ebc132a0d5eb2a32625f2ded2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/25b3879b3dc2af0ebc132a0d5eb2a32625f2ded2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220823/36e733bf/attachment.htm>
More information about the debian-security-tracker-commits
mailing list