[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Feb 9 20:47:13 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
73a62cd5 by Salvatore Bonaccorso at 2022-02-09T21:46:46+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4520,7 +4520,7 @@ CVE-2021-46362
CVE-2021-46361
RESERVED
CVE-2021-46360 (Authenticated remote code execution (RCE) in Composr-CMS 10.0.39 and e ...)
- TODO: check
+ NOT-FOR-US: Composr-CMS
CVE-2021-46359 (FISCO-BCOS release-3.0.0-rc2 contains a denial of service vulnerabilit ...)
NOT-FOR-US: FISCO-BCOS
CVE-2021-46358
@@ -4532,7 +4532,7 @@ CVE-2021-46356
CVE-2021-46355
RESERVED
CVE-2021-46354 (Thinfinity VirtualUI 2.1.28.0, 2.1.32.1 and 2.5.26.2, fixed in version ...)
- TODO: check
+ NOT-FOR-US: Thinfinity VirtualUI
CVE-2021-46353
RESERVED
CVE-2021-46352
@@ -4680,7 +4680,7 @@ CVE-2021-46306
CVE-2021-46305
RESERVED
CVE-2022-23312 (A vulnerability has been identified in Spectrum Power 4 (All versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-23311
RESERVED
CVE-2022-23310
@@ -4782,7 +4782,7 @@ CVE-2022-23302 (JMSSink in all versions of Log4j 1.x is vulnerable to deserializ
CVE-2022-22142 (Reflected cross-site scripting vulnerability in the checkbox of php_ma ...)
NOT-FOR-US: php_mailform
CVE-2022-21805 (Reflected cross-site scripting vulnerability in the attached file name ...)
- TODO: check
+ NOT-FOR-US: php_mailform
CVE-2022-0242 (Unrestricted Upload of File with Dangerous Type in GitHub repository c ...)
NOT-FOR-US: Crater
CVE-2022-0241
@@ -4841,7 +4841,7 @@ CVE-2022-23282
CVE-2022-23281
RESERVED
CVE-2022-23280 (Microsoft Outlook for Mac Security Feature Bypass Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-23279
RESERVED
CVE-2022-23278
@@ -4849,21 +4849,21 @@ CVE-2022-23278
CVE-2022-23277
RESERVED
CVE-2022-23276 (SQL Server for Linux Containers Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-23275
RESERVED
CVE-2022-23274 (Microsoft Dynamics GP Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-23273 (Microsoft Dynamics GP Elevation Of Privilege Vulnerability. This CVE I ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-23272 (Microsoft Dynamics GP Elevation Of Privilege Vulnerability. This CVE I ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-23271 (Microsoft Dynamics GP Elevation Of Privilege Vulnerability. This CVE I ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-23270
RESERVED
CVE-2022-23269 (Microsoft Dynamics GP Spoofing Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-23268
RESERVED
CVE-2022-23267
@@ -4889,15 +4889,15 @@ CVE-2022-23258 (Microsoft Edge for Android Spoofing Vulnerability. ...)
CVE-2022-23257
RESERVED
CVE-2022-23256 (Azure Data Explorer Spoofing Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-23255 (Microsoft OneDrive for Android Security Feature Bypass Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-23254 (Microsoft Power BI Information Disclosure Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-23253
RESERVED
CVE-2022-23252 (Microsoft Office Information Disclosure Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-23251
RESERVED
CVE-2022-23250
@@ -5414,7 +5414,7 @@ CVE-2022-23106 (Jenkins Configuration as Code Plugin 1.55 and earlier used a non
CVE-2022-23105 (Jenkins Active Directory Plugin 2.25 and earlier does not encrypt the ...)
NOT-FOR-US: Jenkins plugin
CVE-2022-23102 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-21236 (An information disclosure vulnerability exists due to a web server mis ...)
NOT-FOR-US: Reolink
CVE-2022-21217 (An out-of-bounds write vulnerability exists in the device TestEmail fu ...)
@@ -6828,27 +6828,27 @@ CVE-2022-0145
CVE-2021-46162
RESERVED
CVE-2021-46161 (A vulnerability has been identified in Simcenter Femap V2020.2 (All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2021-46160 (A vulnerability has been identified in Simcenter Femap V2020.2 (All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2021-46159 (A vulnerability has been identified in Simcenter Femap V2020.2 (All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2021-46158 (A vulnerability has been identified in Simcenter Femap V2020.2 (All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2021-46157 (A vulnerability has been identified in Simcenter Femap V2020.2 (All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2021-46156 (A vulnerability has been identified in Simcenter Femap V2020.2 (All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2021-46155 (A vulnerability has been identified in Simcenter Femap V2020.2 (All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2021-46154 (A vulnerability has been identified in Simcenter Femap V2020.2 (All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2021-46153 (A vulnerability has been identified in Simcenter Femap V2020.2 (All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2021-46152 (A vulnerability has been identified in Simcenter Femap V2020.2 (All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2021-46151 (A vulnerability has been identified in Simcenter Femap V2020.2 (All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-22732
RESERVED
CVE-2022-22731
@@ -6900,25 +6900,25 @@ CVE-2022-22720
CVE-2022-22719
RESERVED
CVE-2022-22718 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-22717 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-22716 (Microsoft Excel Information Disclosure Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-22715 (Named Pipe File System Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-22714
RESERVED
CVE-2022-22713
RESERVED
CVE-2022-22712 (Windows Hyper-V Denial of Service Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-22711
RESERVED
CVE-2022-22710 (Windows Common Log File System Driver Denial of Service Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-22709 (VP9 Video Extensions Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21806
RESERVED
CVE-2022-0139 (Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0. ...)
@@ -11169,55 +11169,55 @@ CVE-2022-22007
CVE-2022-22006
RESERVED
CVE-2022-22005 (Microsoft SharePoint Server Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-22004 (Microsoft Office ClickToRun Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-22003 (Microsoft Office Graphics Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-22002 (Windows User Account Profile Picture Denial of Service Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-22001 (Windows Remote Access Connection Manager Elevation of Privilege Vulner ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-22000 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21999 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21998 (Windows Common Log File System Driver Information Disclosure Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21997 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21996 (Win32k Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21995 (Windows Hyper-V Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21994 (Windows DWM Core Library Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21993 (Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vuln ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21992 (Windows Mobile Device Management Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21991 (Visual Studio Code Remote Development Extension Remote Code Execution ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21990
RESERVED
CVE-2022-21989 (Windows Kernel Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21988 (Microsoft Office Visio Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21987 (Microsoft SharePoint Server Spoofing Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21986 (.NET Denial of Service Vulnerability. ...)
TODO: check
CVE-2022-21985 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21984 (Windows DNS Server Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21983
RESERVED
CVE-2022-21982
RESERVED
CVE-2022-21981 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21980
RESERVED
CVE-2022-21979
@@ -11231,25 +11231,25 @@ CVE-2022-21976
CVE-2022-21975
RESERVED
CVE-2022-21974 (Roaming Security Rights Management Services Remote Code Execution Vuln ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21973
RESERVED
CVE-2022-21972
RESERVED
CVE-2022-21971 (Windows Runtime Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21970 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-21969 (Microsoft Exchange Server Remote Code Execution Vulnerability. This CV ...)
NOT-FOR-US: Microsoft
CVE-2022-21968 (Microsoft SharePoint Server Security Feature BypassVulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21967
RESERVED
CVE-2022-21966
RESERVED
CVE-2022-21965 (Microsoft Teams Denial of Service Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21964 (Remote Desktop Licensing Diagnoser Information Disclosure Vulnerabilit ...)
NOT-FOR-US: Microsoft
CVE-2022-21963 (Windows Resilient File System (ReFS) Remote Code Execution Vulnerabili ...)
@@ -11265,7 +11265,7 @@ CVE-2022-21959 (Windows Resilient File System (ReFS) Remote Code Execution Vulne
CVE-2022-21958 (Windows Resilient File System (ReFS) Remote Code Execution Vulnerabili ...)
NOT-FOR-US: Microsoft
CVE-2022-21957 (Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21956
RESERVED
CVE-2022-21955
@@ -11523,7 +11523,7 @@ CVE-2021-45115 (An issue was discovered in Django 2.2 before 2.2.26, 3.2 before
NOTE: https://github.com/django/django/commit/a8b32fe13bcaed1c0b772fdc53de84abc224fb20 (3.2.11)
NOTE: https://github.com/django/django/commit/2135637fdd5ce994de110affef9e67dffdf77277 (2.2.26)
CVE-2021-45106 (A vulnerability has been identified in SICAM TOOLBOX II (All versions) ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2021-44463 (Missing DLLs, if replaced by an insider, could allow an attacker to ac ...)
NOT-FOR-US: Emerson
CVE-2021-44462
@@ -11871,9 +11871,9 @@ CVE-2022-21929 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerabil
CVE-2022-21928 (Windows Resilient File System (ReFS) Remote Code Execution Vulnerabili ...)
NOT-FOR-US: Microsoft
CVE-2022-21927 (HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21926 (HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21925 (Windows BackupKey Remote Protocol Security Feature Bypass Vulnerabilit ...)
NOT-FOR-US: Microsoft
CVE-2022-21924 (Workstation Service Remote Protocol Security Feature Bypass Vulnerabil ...)
@@ -12037,7 +12037,7 @@ CVE-2022-21846 (Microsoft Exchange Server Remote Code Execution Vulnerability. T
CVE-2022-21845
RESERVED
CVE-2022-21844 (HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21843 (Windows IKE Extension Denial of Service Vulnerability. This CVE ID is ...)
NOT-FOR-US: Microsoft
CVE-2022-21842 (Microsoft Word Remote Code Execution Vulnerability. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73a62cd513c3f959b083396140a369f0e2a8bde5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73a62cd513c3f959b083396140a369f0e2a8bde5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220209/f84d8cfd/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list