[Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jul 11 21:18:13 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f2fa0826 by Salvatore Bonaccorso at 2022-07-11T22:17:49+02:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -37,7 +37,7 @@ CVE-2022-2370
CVE-2022-2369
RESERVED
CVE-2022-2368 (Business Logic Errors in GitHub repository microweber/microweber prior ...)
- TODO: check
+ NOT-FOR-US: microweber
CVE-2022-2367
RESERVED
CVE-2022-35626
@@ -1606,7 +1606,7 @@ CVE-2022-2304 (Stack-based Buffer Overflow in GitHub repository vim/vim prior to
CVE-2022-2303
RESERVED
CVE-2022-2302 (Multiple Lenze products of the cabinet series skip the password verifi ...)
- TODO: check
+ NOT-FOR-US: Lenze
CVE-2022-2301 (Buffer Over-read in GitHub repository hpjansson/chafa prior to 1.10.3. ...)
- chafa 1.10.3-1 (unimportant)
NOTE: https://huntr.dev/bounties/f6b9114b-671d-4948-b946-ffe5c9aeb816/
@@ -2150,23 +2150,23 @@ CVE-2022-34747
CVE-2022-34746
RESERVED
CVE-2022-34743 (The AT commands of the USB port have an out-of-bounds read vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-34742 (The system module has a read/write vulnerability. Successful exploitat ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-34741 (The NFC module has a buffer overflow vulnerability. Successful exploit ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-34740 (The NFC module has a buffer overflow vulnerability. Successful exploit ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-34739 (The fingerprint module has a vulnerability of overflow in arithmetic a ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-34738 (The SystemUI module has a vulnerability in permission control. If this ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-34737 (The application security module has a vulnerability in permission assi ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-34736 (The frame scheduling module has a null pointer dereference vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-34735 (The frame scheduling module has a null pointer dereference vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-2245
RESERVED
CVE-2022-2244 (An improper authorization vulnerability in GitLab EE/CE affecting all ...)
@@ -4564,7 +4564,7 @@ CVE-2022-33913 (In Mahara 21.04 before 21.04.6, 21.10 before 21.10.4, and 22.04.
CVE-2022-33912 (A permission issue affects users that deployed the shipped version of ...)
NOT-FOR-US: Check MK as packaged by upstream
CVE-2022-33911 (An issue was discovered in Couchbase Server 7.x before 7.0.4. Field na ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2022-33910 (An XSS vulnerability in MantisBT before 2.25.5 allows remote attackers ...)
- mantis <removed>
CVE-2022-33909
@@ -5046,63 +5046,63 @@ CVE-2022-33715
CVE-2022-33714
RESERVED
CVE-2022-33713 (Implicit Intent hijacking vulnerability in Samsung Cloud prior to vers ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33712 (Intent redirection vulnerability using implict intent in Camera prior ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33711 (Improper validation of integrity check vulnerability in Samsung USB Dr ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33710 (Improper input validation vulnerability in BillingPackageInsraller in ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33709 (Improper input validation vulnerability in ApexPackageInstaller in Gal ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33708 (Improper input validation vulnerability in AppsPackageInstaller in Gal ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33707 (Improper identifier creation logic in Find My Mobile prior to version ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33706 (Improper access control vulnerability in Samsung Gallery prior to vers ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33705 (Information exposure in Calendar prior to version 12.3.05.10000 allows ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33704 (Improper validation vulnerability in ucmRetParcelable of KnoxSDK prior ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33703 (Improper validation vulnerability in CACertificateInfo prior to SMR Ju ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33702 (Improper authorization vulnerability in Knoxguard prior to SMR Jul-202 ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33701 (Improper access control vulnerability in KnoxCustomManagerService prio ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33700 (Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prio ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33699 (Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prio ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33698 (Exposure of Sensitive Information in Telecom application prior to SMR ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33697 (Sensitive information exposure vulnerability in ImsServiceSwitchBase i ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33696 (Exposure of Sensitive Information in Telephony service prior to SMR Ju ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33695 (Use of improper permission in InputManagerService prior to SMR Jul-202 ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33694 (Exposure of Sensitive Information in CSC application prior to SMR Jul- ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33693 (Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33692 (Exposure of Sensitive Information in Messaging application prior to SM ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33691 (A possible race condition vulnerability in score driver prior to SMR J ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33690 (Improper input validation in Contacts Storage prior to SMR Jul-2022 Re ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33689 (Improper access control vulnerability in TelephonyUI prior to SMR Jul- ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33688 (Sensitive information exposure vulnerability in EventType in SecTeleph ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33687 (Exposure of Sensitive Information in telephony-common.jar prior to SMR ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33686 (Exposure of Sensitive Information in GsmAlarmManager prior to SMR Jul- ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33685 (Unprotected dynamic receiver in Wearable Manager Service prior to SMR ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-33684
RESERVED
CVE-2022-33683
@@ -6162,7 +6162,7 @@ CVE-2022-33175 (Power Distribution Units running on Powertek firmware (multiple
CVE-2022-33174 (Power Distribution Units running on Powertek firmware (multiple brands ...)
NOT-FOR-US: Powertek
CVE-2022-33173 (An algorithm-downgrade issue was discovered in Couchbase Server before ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2022-33172
RESERVED
CVE-2022-33171 (** DISPUTED ** The findOne function in TypeORM before 0.3.0 can either ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f2fa082645fad35c61bb28e0df6441e9a719981f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f2fa082645fad35c61bb28e0df6441e9a719981f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220711/a93c0aa5/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list