[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jun 9 21:38:09 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7811d98e by Salvatore Bonaccorso at 2022-06-09T22:37:26+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -421,7 +421,7 @@ CVE-2022-28699
CVE-2022-28697
RESERVED
CVE-2022-2036 (Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacqu ...)
- TODO: check
+ NOT-FOR-US: francoisjacquet/rosariosis
CVE-2022-32551
RESERVED
CVE-2022-32550
@@ -449,7 +449,7 @@ CVE-2022-28612
CVE-2022-25649
RESERVED
CVE-2022-2035 (A reflected cross-site scripting (XSS) vulnerability exists in the pla ...)
- TODO: check
+ NOT-FOR-US: SCORM Engine
CVE-2022-2034
RESERVED
CVE-2022-2033
@@ -1127,17 +1127,17 @@ CVE-2017-20018
CVE-2016-15002 (A vulnerability, which was classified as critical, was found in MONyog ...)
NOT-FOR-US: MONyog Ultimate
CVE-2019-25070 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in WolfCMS u ...)
- TODO: check
+ NOT-FOR-US: WolfCMS
CVE-2019-25069 (A vulnerability, which was classified as problematic, has been found i ...)
- TODO: check
+ NOT-FOR-US: Axios Italia Axios RE
CVE-2019-25068 (A vulnerability classified as critical was found in Axios Italia Axios ...)
- TODO: check
+ NOT-FOR-US: Axios Italia Axios RE
CVE-2019-25067 (A vulnerability, which was classified as critical, was found in Podman ...)
TODO: check
CVE-2019-25066 (A vulnerability has been found in ajenti 2.1.31 and classified as crit ...)
TODO: check
CVE-2019-25065 (A vulnerability was found in OpenNetAdmin 18.1.1. It has been rated as ...)
- TODO: check
+ NOT-FOR-US: OpenNetAdmin
CVE-2018-25044
RESERVED
CVE-2018-25043
@@ -1195,7 +1195,7 @@ CVE-2020-36530 (A vulnerability classified as critical was found in SevOne Netwo
CVE-2020-36529 (A vulnerability classified as critical has been found in SevOne Networ ...)
NOT-FOR-US: SevOne Network Management System
CVE-2019-25064 (A vulnerability was found in CoreHR Core Portal up to 27.0.7. It has b ...)
- TODO: check
+ NOT-FOR-US: CoreHR Core Portal
CVE-2019-25063 (A vulnerability was found in Sricam IP CCTV Camera. It has been classi ...)
NOT-FOR-US: Sricam IP CCTV Camera
CVE-2019-25062 (A vulnerability was found in Sricam IP CCTV Camera and classified as c ...)
@@ -2256,13 +2256,13 @@ CVE-2022-31832
CVE-2022-31831
RESERVED
CVE-2022-31830 (Kity Minder v1.3.5 was discovered to contain a Server-Side Request For ...)
- TODO: check
+ NOT-FOR-US: Kity Minder
CVE-2022-31829
RESERVED
CVE-2022-31828
RESERVED
CVE-2022-31827 (MonstaFTP v2.10.3 was discovered to contain a Server-Side Request Forg ...)
- TODO: check
+ NOT-FOR-US: MonstaFTP
CVE-2022-31826
RESERVED
CVE-2022-31825
@@ -3476,7 +3476,7 @@ CVE-2022-31498 (LibreHealth EHR Base 2.0.0 allows interface/orders/patient_match
CVE-2022-31497 (LibreHealth EHR Base 2.0.0 allows interface/main/finder/finder_navigat ...)
NOT-FOR-US: LibreHealth EHR Base
CVE-2022-31496 (LibreHealth EHR Base 2.0.0 allows incorrect interface/super/manage_sit ...)
- TODO: check
+ NOT-FOR-US: LibreHealth EHR Base
CVE-2022-31495 (LibreHealth EHR Base 2.0.0 allows gacl/admin/acl_admin.php return_page ...)
NOT-FOR-US: LibreHealth EHR Base
CVE-2022-31494 (LibreHealth EHR Base 2.0.0 allows gacl/admin/acl_admin.php action XSS. ...)
@@ -3678,13 +3678,13 @@ CVE-2022-31395
CVE-2022-31394
RESERVED
CVE-2022-31393 (Jizhicms v2.2.5 was discovered to contain a Server-Side Request Forger ...)
- TODO: check
+ NOT-FOR-US: Jizhicms
CVE-2022-31392
RESERVED
CVE-2022-31391
RESERVED
CVE-2022-31390 (Jizhicms v2.2.5 was discovered to contain a Server-Side Request Forger ...)
- TODO: check
+ NOT-FOR-US: Jizhicms
CVE-2022-31389
RESERVED
CVE-2022-31388
@@ -3692,7 +3692,7 @@ CVE-2022-31388
CVE-2022-31387
RESERVED
CVE-2022-31386 (A Server-Side Request Forgery (SSRF) in the getFileBinary function of ...)
- TODO: check
+ NOT-FOR-US: nbnbk cms
CVE-2022-31385
RESERVED
CVE-2022-31384
@@ -6298,7 +6298,7 @@ CVE-2022-30468
CVE-2022-30467
RESERVED
CVE-2022-30466 (joyebike Joy ebike Wolf Manufacturing year 2022 is vulnerable to Authe ...)
- TODO: check
+ NOT-FOR-US: joyebike Joy ebike Wolf Manufacturing
CVE-2022-30465
RESERVED
CVE-2022-30464 (ChatBot App with Suggestion in PHP/OOP v1.0 is vulnerable to Cross Sit ...)
@@ -7370,7 +7370,7 @@ CVE-2022-30077
CVE-2022-30076
RESERVED
CVE-2022-30075 (In TP-Link Router AX50 firmware 210730 and older, import of a maliciou ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2022-30074
RESERVED
CVE-2022-30073 (WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via /admin/ ...)
@@ -8941,7 +8941,7 @@ CVE-2022-1427 (Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository
CVE-2022-29565
RESERVED
CVE-2022-29564 (Jamf Private Access before 2022-05-16 has Incorrect Access Control, in ...)
- TODO: check
+ NOT-FOR-US: Jamf
CVE-2022-29563
RESERVED
CVE-2022-29562
@@ -9646,7 +9646,7 @@ CVE-2022-29298 (SolarView Compact ver.6.00 allows attackers to access sensitive
CVE-2022-29297
RESERVED
CVE-2022-29296 (A reflected cross-site scripting (XSS) vulnerability in the login port ...)
- TODO: check
+ NOT-FOR-US: Avantune Genialcloud ProJ
CVE-2022-29295
RESERVED
CVE-2022-29294
@@ -9832,7 +9832,7 @@ CVE-2022-29257
CVE-2022-29256 (sharp is an application for Node.js image processing. Prior to version ...)
NOT-FOR-US: lovell/sharp
CVE-2022-29255 (Vyper is a Pythonic Smart Contract Language for the ethereum virtual m ...)
- TODO: check
+ NOT-FOR-US: Vyper
CVE-2022-29254 (silverstripe-omnipay is a SilverStripe integration with Omnipay PHP pa ...)
TODO: check
CVE-2022-29253 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
@@ -10568,9 +10568,9 @@ CVE-2022-29016
CVE-2022-29015
RESERVED
CVE-2022-29014 (A local file inclusion vulnerability in Razer Sila Gaming Router v2.0. ...)
- TODO: check
+ NOT-FOR-US: Razer Sila Gaming Router
CVE-2022-29013 (A command injection in the command parameter of Razer Sila Gaming Rout ...)
- TODO: check
+ NOT-FOR-US: Razer Sila Gaming Router
CVE-2022-29012
RESERVED
CVE-2022-29011
@@ -11059,7 +11059,7 @@ CVE-2022-28797
CVE-2022-28795 (A vulnerability within the Avira Password Manager Browser Extensions p ...)
NOT-FOR-US: Avira Password Manager Browser Extensions
CVE-2022-28794 (Sensitive information exposure in low-battery dumpstate log prior to S ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-28793 (Given the TEE is compromised and controlled by the attacker, improper ...)
NOT-FOR-US: Samsung
CVE-2022-28792 (DLL hijacking vulnerability in Gear IconX PC Manager prior to version ...)
@@ -11937,9 +11937,9 @@ CVE-2022-28481 (CSV-Safe gem < 3.0.0 doesn't filter out special characters wh
CVE-2022-28480 (ALLMediaServer 1.6 is vulnerable to Buffer Overflow via MediaServer.ex ...)
NOT-FOR-US: ALLMediaServer
CVE-2022-28479 (SeedDMS versions 6.0.18 and 5.1.25 and below are vulnerable to stored ...)
- TODO: check
+ NOT-FOR-US: SeedDMS
CVE-2022-28478 (SeedDMS 6.0.17 and 5.1.24 are vulnerable to Directory Traversal. The " ...)
- TODO: check
+ NOT-FOR-US: SeedDMS
CVE-2022-28477 (WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS). ...)
NOT-FOR-US: WBCE CMS
CVE-2022-28476
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7811d98e06e82268569508510da1385c60e4e1df
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7811d98e06e82268569508510da1385c60e4e1df
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220609/4795c270/attachment.htm>
More information about the debian-security-tracker-commits
mailing list