[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jan 12 20:40:02 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a5f50118 by Salvatore Bonaccorso at 2022-01-12T21:39:38+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1060,7 +1060,7 @@ CVE-2021-23218 (When running with FIPS mode enabled, Mirantis Container Runtime
CVE-2021-23154 (In Lens prior to 5.3.4, custom helm chart configuration creates helm c ...)
NOT-FOR-US: Lens
CVE-2022-0159 (orchardcore is vulnerable to Improper Neutralization of Input During W ...)
- TODO: check
+ NOT-FOR-US: orchardcore
CVE-2022-0158 (vim is vulnerable to Heap-based Buffer Overflow ...)
- vim <unfixed>
[bullseye] - vim <no-dsa> (Minor issue)
@@ -2580,7 +2580,7 @@ CVE-2022-22308
CVE-2022-22307
RESERVED
CVE-2022-0087 (keystone is vulnerable to Improper Neutralization of Input During Web ...)
- TODO: check
+ NOT-FOR-US: KeystoneJS
CVE-2021-46130
RESERVED
CVE-2022-22306
@@ -3431,13 +3431,13 @@ CVE-2022-0017
CVE-2022-0016
RESERVED
CVE-2022-0015 (A local privilege escalation (PE) vulnerability exists in the Palo Alt ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks
CVE-2022-0014 (An untrusted search path vulnerability exists in the Palo Alto Network ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks
CVE-2022-0013 (A file information exposure vulnerability exists in the Palo Alto Netw ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks
CVE-2022-0012 (An improper link resolution before file access vulnerability exists in ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks
CVE-2022-0011
RESERVED
CVE-2021-45918
@@ -5056,7 +5056,7 @@ CVE-2021-45447
CVE-2021-45446
RESERVED
CVE-2021-45445 (Unisys ClearPath MCP TCP/IP Networking Services 59.1, 60.0, and 62.0 h ...)
- TODO: check
+ NOT-FOR-US: Unisys
CVE-2021-45444
RESERVED
CVE-2021-45443
@@ -5134,7 +5134,7 @@ CVE-2021-45413
CVE-2021-45412
RESERVED
CVE-2021-45411 (In Sourcecodetester Printable Staff ID Card Creator System 1.0 after c ...)
- TODO: check
+ NOT-FOR-US: Sourcecodetester
CVE-2021-45410
RESERVED
CVE-2021-45409
@@ -5714,9 +5714,9 @@ CVE-2022-21972
CVE-2022-21971
RESERVED
CVE-2022-21970 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21969 (Microsoft Exchange Server Remote Code Execution Vulnerability. This CV ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21968
RESERVED
CVE-2022-21967
@@ -5726,19 +5726,19 @@ CVE-2022-21966
CVE-2022-21965
RESERVED
CVE-2022-21964 (Remote Desktop Licensing Diagnoser Information Disclosure Vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21963 (Windows Resilient File System (ReFS) Remote Code Execution Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21962 (Windows Resilient File System (ReFS) Remote Code Execution Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21961 (Windows Resilient File System (ReFS) Remote Code Execution Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21960 (Windows Resilient File System (ReFS) Remote Code Execution Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21959 (Windows Resilient File System (ReFS) Remote Code Execution Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21958 (Windows Resilient File System (ReFS) Remote Code Execution Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21957
RESERVED
CVE-2022-21956
@@ -5746,7 +5746,7 @@ CVE-2022-21956
CVE-2022-21955
RESERVED
CVE-2022-21954 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-45233
RESERVED
CVE-2021-45232 (In Apache APISIX Dashboard before 2.10.1, the Manager API uses two fra ...)
@@ -6325,205 +6325,205 @@ CVE-2021-23228 (DIAEnergie Version 1.7.5 and prior is vulnerable to a reflected
CVE-2022-21933
RESERVED
CVE-2022-21932 (Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulner ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21931 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. T ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21930 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. T ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21929 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. T ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21928 (Windows Resilient File System (ReFS) Remote Code Execution Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21927
RESERVED
CVE-2022-21926
RESERVED
CVE-2022-21925 (Windows BackupKey Remote Protocol Security Feature Bypass Vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21924 (Workstation Service Remote Protocol Security Feature Bypass Vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21923
RESERVED
CVE-2022-21922 (Remote Procedure Call Runtime Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21921 (Windows Defender Credential Guard Security Feature Bypass Vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21920 (Windows Kerberos Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21919 (Windows User Profile Service Elevation of Privilege Vulnerability. Thi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21918 (DirectX Graphics Kernel File Denial of Service Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21917 (HEVC Video Extensions Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21916 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21915 (Windows GDI+ Information Disclosure Vulnerability. This CVE ID is uniq ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21914 (Windows Remote Access Connection Manager Elevation of Privilege Vulner ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21913 (Local Security Authority (Domain Policy) Remote Protocol Security Feat ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21912 (DirectX Graphics Kernel Remote Code Execution Vulnerability. This CVE ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21911 (.NET Framework Denial of Service Vulnerability. ...)
TODO: check
CVE-2022-21910 (Microsoft Cluster Port Driver Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21909
RESERVED
CVE-2022-21908 (Windows Installer Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21907 (HTTP Protocol Stack Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21906 (Windows Defender Application Control Security Feature Bypass Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21905 (Windows Hyper-V Security Feature Bypass Vulnerability. This CVE ID is ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21904 (Windows GDI Information Disclosure Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21903 (Windows GDI Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21902 (Windows DWM Core Library Elevation of Privilege Vulnerability. This CV ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21901 (Windows Hyper-V Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21900 (Windows Hyper-V Security Feature Bypass Vulnerability. This CVE ID is ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21899 (Windows Extensible Firmware Interface Security Feature Bypass Vulnerab ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21898 (DirectX Graphics Kernel Remote Code Execution Vulnerability. This CVE ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21897 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21896 (Windows DWM Core Library Elevation of Privilege Vulnerability. This CV ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21895 (Windows User Profile Service Elevation of Privilege Vulnerability. Thi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21894 (Secure Boot Security Feature Bypass Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21893 (Remote Desktop Protocol Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21892 (Windows Resilient File System (ReFS) Remote Code Execution Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21891 (Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21890 (Windows IKE Extension Denial of Service Vulnerability. This CVE ID is ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21889 (Windows IKE Extension Denial of Service Vulnerability. This CVE ID is ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21888 (Windows Modern Execution Server Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21887 (Win32k Elevation of Privilege Vulnerability. This CVE ID is unique fro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21886
RESERVED
CVE-2022-21885 (Windows Remote Access Connection Manager Elevation of Privilege Vulner ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21884 (Local Security Authority Subsystem Service Elevation of Privilege Vuln ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21883 (Windows IKE Extension Denial of Service Vulnerability. This CVE ID is ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21882 (Win32k Elevation of Privilege Vulnerability. This CVE ID is unique fro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21881 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21880 (Windows GDI+ Information Disclosure Vulnerability. This CVE ID is uniq ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21879 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21878 (Windows Geolocation Service Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21877 (Storage Spaces Controller Information Disclosure Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21876 (Win32k Information Disclosure Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21875 (Windows Storage Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21874 (Windows Security Center API Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21873 (Tile Data Repository Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21872 (Windows Event Tracing Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21871 (Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Priv ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21870 (Tablet Windows User Interface Application Core Elevation of Privilege ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21869 (Clipboard User Service Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21868 (Windows Devices Human Interface Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21867 (Windows Push Notifications Apps Elevation Of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21866 (Windows System Launcher Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21865 (Connected Devices Platform Service Elevation of Privilege Vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21864 (Windows UI Immersive Server API Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21863 (Windows StateRepository API Server file Elevation of Privilege Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21862 (Windows Application Model Core API Elevation of Privilege Vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21861 (Task Flow Data Engine Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21860 (Windows AppContracts API Server Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21859 (Windows Accounts Control Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21858 (Windows Bind Filter Driver Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21857 (Active Directory Domain Services Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21856
RESERVED
CVE-2022-21855 (Microsoft Exchange Server Remote Code Execution Vulnerability. This CV ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21854
RESERVED
CVE-2022-21853
RESERVED
CVE-2022-21852 (Windows DWM Core Library Elevation of Privilege Vulnerability. This CV ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21851 (Remote Desktop Client Remote Code Execution Vulnerability. This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21850 (Remote Desktop Client Remote Code Execution Vulnerability. This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21849 (Windows IKE Extension Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21848 (Windows IKE Extension Denial of Service Vulnerability. This CVE ID is ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21847 (Windows Hyper-V Denial of Service Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21846 (Microsoft Exchange Server Remote Code Execution Vulnerability. This CV ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21845
RESERVED
CVE-2022-21844
RESERVED
CVE-2022-21843 (Windows IKE Extension Denial of Service Vulnerability. This CVE ID is ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21842 (Microsoft Word Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21841 (Microsoft Excel Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21840 (Microsoft Office Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21839 (Windows Event Tracing Discretionary Access Control List Denial of Serv ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21838 (Windows Cleanup Manager Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21837 (Microsoft SharePoint Server Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21836 (Windows Certificate Spoofing Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21835 (Microsoft Cryptographic Services Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21834 (Windows User-mode Driver Framework Reflector Driver Elevation of Privi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-21833 (Virtual Machine IDE Drive Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-45043 (HD-Network Real-time Monitoring System 2.0 allows ../ directory traver ...)
NOT-FOR-US: HD-Network Real-time Monitoring System
CVE-2021-45042 (In HashiCorp Vault and Vault Enterprise before 1.7.7, 1.8.x before 1.8 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5f501181ce7dd43caa0cd182f5f3617d784ec35
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5f501181ce7dd43caa0cd182f5f3617d784ec35
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220112/2b7e460a/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list