[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jul 12 21:28:34 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2875fe1c by Salvatore Bonaccorso at 2022-07-12T22:28:04+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -668,9 +668,9 @@ CVE-2022-2366 (Incorrect default configuration for trusted IP header in Mattermo
CVE-2022-2365 (Cross-site Scripting (XSS) - Stored in GitHub repository zadam/trilium ...)
TODO: check
CVE-2022-2364 (A vulnerability, which was classified as problematic, was found in Sou ...)
- TODO: check
+ NOT-FOR-US: Simple Parking Management System
CVE-2022-2363 (A vulnerability, which was classified as problematic, has been found i ...)
- TODO: check
+ NOT-FOR-US: Simple Parking Management System
CVE-2022-2362
RESERVED
CVE-2022-2361
@@ -1821,9 +1821,9 @@ CVE-2022-2300 (Cross-site Scripting (XSS) - Stored in GitHub repository microweb
CVE-2022-2299
RESERVED
CVE-2022-2298 (A vulnerability has been found in SourceCodester Clinics Patient Manag ...)
- TODO: check
+ NOT-FOR-US: Clinics Patient Management System
CVE-2022-2297 (A vulnerability, which was classified as critical, was found in Source ...)
- TODO: check
+ NOT-FOR-US: Clinics Patient Management System
CVE-2022-2296
RESERVED
{DSA-5180-1}
@@ -1843,11 +1843,11 @@ CVE-2022-2294
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-2293 (A vulnerability classified as problematic was found in SourceCodester ...)
- TODO: check
+ NOT-FOR-US: Simple Sales Management System
CVE-2022-2292 (A vulnerability classified as problematic has been found in SourceCode ...)
- TODO: check
+ NOT-FOR-US: Hotel Management System
CVE-2022-2291 (A vulnerability was found in SourceCodester Hotel Management System 2. ...)
- TODO: check
+ NOT-FOR-US: Hotel Management System
CVE-2022-34915
RESERVED
CVE-2022-34914 (Webswing before 22.1.3 allows X-Forwarded-For header injection. The cl ...)
@@ -2124,9 +2124,9 @@ CVE-2022-2264 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to
NOTE: Fixed by: https://github.com/vim/vim/commit/d25f003342aca9889067f2e839963dfeccf1fe05 (v9.0.0011)
NOTE: Crash in CLI tool, no security impact
CVE-2022-2263 (A vulnerability was found in Online Hotel Booking System 1.0 and class ...)
- TODO: check
+ NOT-FOR-US: Online Hotel Booking System
CVE-2022-2262 (A vulnerability has been found in Online Hotel Booking System 1.0 and ...)
- TODO: check
+ NOT-FOR-US: Online Hotel Booking System
CVE-2022-2261
RESERVED
CVE-2022-2260
@@ -2177,11 +2177,11 @@ CVE-2022-2256
CVE-2022-2255
RESERVED
CVE-2022-34821 (A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34820 (A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34819 (A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34818 (Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier does not perfo ...)
NOT-FOR-US: Jenkins plugin
CVE-2022-34817 (A cross-site request forgery (CSRF) vulnerability in Jenkins Failed Jo ...)
@@ -2347,7 +2347,7 @@ CVE-2022-34750 (An issue was discovered in MediaWiki through 1.38.1. The lemma l
CVE-2022-34749
RESERVED
CVE-2022-34748 (A vulnerability has been identified in Simcenter Femap (All versions & ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34747
RESERVED
CVE-2022-34746
@@ -2598,7 +2598,7 @@ CVE-2022-34665
CVE-2022-34664
RESERVED
CVE-2022-34663 (A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versio ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34662
RESERVED
CVE-2022-34661
@@ -3207,13 +3207,13 @@ CVE-2022-34468
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-25/#CVE-2022-34468
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-26/#CVE-2022-34468
CVE-2022-34467 (A vulnerability has been identified in Mendix Excel Importer Module (M ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34466 (A vulnerability has been identified in Mendix Applications using Mendi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34465 (A vulnerability has been identified in Parasolid V33.1 (All versions), ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34464 (A vulnerability has been identified in SICAM GridEdge Essential ARM (A ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-2198
RESERVED
CVE-2022-2197 (By using a specific credential string, an attacker with network access ...)
@@ -3624,45 +3624,45 @@ CVE-2022-34293
CVE-2022-34292
RESERVED
CVE-2022-34291 (A vulnerability has been identified in PADS Standard/Plus Viewer (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34290 (A vulnerability has been identified in PADS Standard/Plus Viewer (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34289 (A vulnerability has been identified in PADS Standard/Plus Viewer (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34288 (A vulnerability has been identified in PADS Standard/Plus Viewer (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34287 (A vulnerability has been identified in PADS Standard/Plus Viewer (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34286 (A vulnerability has been identified in PADS Standard/Plus Viewer (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34285 (A vulnerability has been identified in PADS Standard/Plus Viewer (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34284 (A vulnerability has been identified in PADS Standard/Plus Viewer (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34283 (A vulnerability has been identified in PADS Standard/Plus Viewer (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34282 (A vulnerability has been identified in PADS Standard/Plus Viewer (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34281 (A vulnerability has been identified in PADS Standard/Plus Viewer (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34280 (A vulnerability has been identified in PADS Standard/Plus Viewer (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34279 (A vulnerability has been identified in PADS Standard/Plus Viewer (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34278 (A vulnerability has been identified in PADS Standard/Plus Viewer (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34277 (A vulnerability has been identified in PADS Standard/Plus Viewer (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34276 (A vulnerability has been identified in PADS Standard/Plus Viewer (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34275 (A vulnerability has been identified in PADS Standard/Plus Viewer (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34274 (A vulnerability has been identified in PADS Standard/Plus Viewer (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34273 (A vulnerability has been identified in PADS Standard/Plus Viewer (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34272 (A vulnerability has been identified in PADS Standard/Plus Viewer (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-34271
RESERVED
CVE-2022-2180
@@ -5195,7 +5195,7 @@ CVE-2022-33738 (OpenVPN Access Server before 2.11 uses a weak random generator u
CVE-2022-33737 (The OpenVPN Access Server installer creates a log file readable for ev ...)
NOT-FOR-US: OpenVPN Access Server
CVE-2022-33736 (A vulnerability has been identified in Opcenter Quality V13.1 (All ver ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-33202 (Authentication bypass vulnerability in the setup screen of L2Blocker(o ...)
NOT-FOR-US: L2Blocker
CVE-2022-2088 (An authenticated user with admin privileges may be able to terminate a ...)
@@ -6419,9 +6419,9 @@ CVE-2022-33140 (The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.1
CVE-2022-33139 (A vulnerability has been identified in SIMATIC WinCC OA V3.16 (All ver ...)
NOT-FOR-US: Siemens
CVE-2022-33138 (A vulnerability has been identified in SIMATIC MV540 H (All versions & ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-33137 (A vulnerability has been identified in SIMATIC MV540 H (All versions & ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-33136
RESERVED
CVE-2022-33135
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2875fe1c7b54a825b7522252056121293781b96f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2875fe1c7b54a825b7522252056121293781b96f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220712/5cecb659/attachment.htm>
More information about the debian-security-tracker-commits
mailing list