[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jun 14 21:28:14 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7bca93a7 by Salvatore Bonaccorso at 2022-06-14T22:21:02+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -247,7 +247,7 @@ CVE-2022-2081
CVE-2022-2080
RESERVED
CVE-2022-2079 (Cross-site Scripting (XSS) - Stored in GitHub repository nocodb/nocodb ...)
- TODO: check
+ NOT-FOR-US: nocodb
CVE-2022-2078
RESERVED
CVE-2022-33207
@@ -291,9 +291,9 @@ CVE-2022-29472
CVE-2022-27804
RESERVED
CVE-2022-2077 (** DISPUTED ** A vulnerability was found in Microsoft O365 and classif ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-2076 (** DISPUTED ** A vulnerability has been found in Microsoft O365 and cl ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-2075
RESERVED
CVE-2022-2074
@@ -1633,15 +1633,15 @@ CVE-2022-32563 (An issue was discovered in Couchbase Sync Gateway 3.x before 3.0
CVE-2022-32562 (An issue was discovered in Couchbase Server before 7.0.4. Operations m ...)
NOT-FOR-US: Couchbase Server
CVE-2022-32561 (An issue was discovered in Couchbase Server before 6.6.5 and 7.x befor ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2022-32560 (An issue was discovered in Couchbase Server before 7.0.4. XDCR lacks r ...)
NOT-FOR-US: Couchbase Server
CVE-2022-32559 (An issue was discovered in Couchbase Server before 7.0.4. Random HTTP ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2022-32558 (An issue was discovered in Couchbase Server before 7.0.4. Sample bucke ...)
NOT-FOR-US: Couchbase Server
CVE-2022-32557 (An issue was discovered in Couchbase Server before 7.0.4. The Index Se ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2022-32556
RESERVED
CVE-2022-32555
@@ -2195,13 +2195,13 @@ CVE-2022-32369
CVE-2022-32368
RESERVED
CVE-2022-32367 (Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/a ...)
- TODO: check
+ NOT-FOR-US: Product Show Room Site
CVE-2022-32366 (Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/a ...)
- TODO: check
+ NOT-FOR-US: Product Show Room Site
CVE-2022-32365 (Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/a ...)
- TODO: check
+ NOT-FOR-US: Product Show Room Site
CVE-2022-32364 (Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/a ...)
- TODO: check
+ NOT-FOR-US: Product Show Room Site
CVE-2022-32363
RESERVED
CVE-2022-32362
@@ -2225,55 +2225,55 @@ CVE-2022-32354
CVE-2022-32353
RESERVED
CVE-2022-32352 (Hospital's Patient Records Management System v1.0 is vulnerable to SQL ...)
- TODO: check
+ NOT-FOR-US: Hospital's Patient Records Management System
CVE-2022-32351 (Hospital's Patient Records Management System v1.0 is vulnerable to SQL ...)
- TODO: check
+ NOT-FOR-US: Hospital's Patient Records Management System
CVE-2022-32350 (Hospital's Patient Records Management System v1.0 is vulnerable to SQL ...)
- TODO: check
+ NOT-FOR-US: Hospital's Patient Records Management System
CVE-2022-32349 (Hospital's Patient Records Management System v1.0 is vulnerable to SQL ...)
- TODO: check
+ NOT-FOR-US: Hospital's Patient Records Management System
CVE-2022-32348 (Hospital's Patient Records Management System v1.0 is vulnerable to SQL ...)
- TODO: check
+ NOT-FOR-US: Hospital's Patient Records Management System
CVE-2022-32347 (Hospital's Patient Records Management System v1.0 is vulnerable to SQL ...)
- TODO: check
+ NOT-FOR-US: Hospital's Patient Records Management System
CVE-2022-32346 (Hospital's Patient Records Management System v1.0 is vulnerable to SQL ...)
- TODO: check
+ NOT-FOR-US: Hospital's Patient Records Management System
CVE-2022-32345 (Hospital's Patient Records Management System v1.0 is vulnerable to SQL ...)
- TODO: check
+ NOT-FOR-US: Hospital's Patient Records Management System
CVE-2022-32344 (Hospital's Patient Records Management System v1.0 is vulnerable to SQL ...)
- TODO: check
+ NOT-FOR-US: Hospital's Patient Records Management System
CVE-2022-32343 (Hospital's Patient Records Management System v1.0 is vulnerable to SQL ...)
- TODO: check
+ NOT-FOR-US: Hospital's Patient Records Management System
CVE-2022-32342 (Hospital's Patient Records Management System v1.0 is vulnerable to SQL ...)
- TODO: check
+ NOT-FOR-US: Hospital's Patient Records Management System
CVE-2022-32341 (Hospital's Patient Records Management System v1.0 is vulnerable to SQL ...)
- TODO: check
+ NOT-FOR-US: Hospital's Patient Records Management System
CVE-2022-32340 (Hospital's Patient Records Management System v1.0 is vulnerable to SQL ...)
- TODO: check
+ NOT-FOR-US: Hospital's Patient Records Management System
CVE-2022-32339 (Hospital's Patient Records Management System v1.0 is vulnerable to SQL ...)
- TODO: check
+ NOT-FOR-US: Hospital's Patient Records Management System
CVE-2022-32338 (Hospital's Patient Records Management System v1.0 is vulnerable to SQL ...)
- TODO: check
+ NOT-FOR-US: Hospital's Patient Records Management System
CVE-2022-32337 (Hospital's Patient Records Management System v1.0 is vulnerable to SQL ...)
- TODO: check
+ NOT-FOR-US: Hospital's Patient Records Management System
CVE-2022-32336 (Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffo ...)
- TODO: check
+ NOT-FOR-US: Fast Food Ordering System
CVE-2022-32335 (Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffo ...)
- TODO: check
+ NOT-FOR-US: Fast Food Ordering System
CVE-2022-32334 (Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffo ...)
- TODO: check
+ NOT-FOR-US: Fast Food Ordering System
CVE-2022-32333 (Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffo ...)
- TODO: check
+ NOT-FOR-US: Fast Food Ordering System
CVE-2022-32332 (Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffo ...)
- TODO: check
+ NOT-FOR-US: Fast Food Ordering System
CVE-2022-32331 (Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffo ...)
- TODO: check
+ NOT-FOR-US: Fast Food Ordering System
CVE-2022-32330 (Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffo ...)
- TODO: check
+ NOT-FOR-US: Fast Food Ordering System
CVE-2022-32329
RESERVED
CVE-2022-32328 (Fast Food Ordering System v1.0 is vulnerable to Delete any file. via / ...)
- TODO: check
+ NOT-FOR-US: Fast Food Ordering System
CVE-2022-32327
RESERVED
CVE-2022-32326
@@ -2481,9 +2481,9 @@ CVE-2022-32296 (The Linux kernel before 5.17.9 allows TCP servers to identify cl
CVE-2022-32287
RESERVED
CVE-2022-32286 (A vulnerability has been identified in Mendix SAML Module (Mendix 7 co ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-32285 (A vulnerability has been identified in Mendix SAML Module (Mendix 7 co ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-32279
RESERVED
CVE-2022-32278 (XFCE 4.16 allows attackers to execute arbitrary code because xdg-open ...)
@@ -2540,29 +2540,29 @@ CVE-2022-32264
CVE-2022-32263
RESERVED
CVE-2022-32262 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-32261 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-32260 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-32259 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-32258 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-32257
RESERVED
CVE-2022-32256 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-32255 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-32254 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-32253 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-32252 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-32251 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-32250 (net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allow ...)
TODO: check with MITRE, duplicate of now as well assigned CVE-2022-1966
CVE-2022-32249
@@ -2872,7 +2872,7 @@ CVE-2022-32147
CVE-2022-32146
RESERVED
CVE-2022-32145 (A vulnerability has been identified in Teamcenter Active Workspace V5. ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-32144
RESERVED
CVE-2022-32143
@@ -3502,11 +3502,11 @@ CVE-2022-31849
CVE-2022-31848
RESERVED
CVE-2022-31847 (A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M ...)
- TODO: check
+ NOT-FOR-US: WAVLINK
CVE-2022-31846 (A vulnerability in live_mfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180 ...)
- TODO: check
+ NOT-FOR-US: WAVLINK
CVE-2022-31845 (A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.1 ...)
- TODO: check
+ NOT-FOR-US: WAVLINK
CVE-2022-31844
RESERVED
CVE-2022-31843
@@ -4307,7 +4307,7 @@ CVE-2021-4231 (A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2.
NOT-FOR-US: angular/angular - replacement for deprecated angularjs
NOTE: AngularJS upstream support has officially ended as of January 2022
CVE-2022-31619 (A vulnerability has been identified in Teamcenter V12.4 (All versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-1887
RESERVED
CVE-2022-1886 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...)
@@ -4833,7 +4833,7 @@ CVE-2022-31467 (A DLL hijacking vulnerability in the installed for Quick Heal To
CVE-2022-31466 (Time of Check - Time of Use (TOCTOU) vulnerability in Quick Heal Total ...)
NOT-FOR-US: Quick Heal Total Security
CVE-2022-31465 (A vulnerability has been identified in Xpedition Designer (All version ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-31464
RESERVED
CVE-2022-31463 (Owl Labs Meeting Owl 5.2.0.15 does not require a password for Bluetoot ...)
@@ -4957,7 +4957,7 @@ CVE-2022-31405
CVE-2022-31404
RESERVED
CVE-2022-31403 (ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vul ...)
- TODO: check
+ NOT-FOR-US: ITOP
CVE-2022-31402 (ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vul ...)
NOT-FOR-US: ITOP
CVE-2022-31401
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7bca93a7961118fada20e7c73be552a7b27cd755
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7bca93a7961118fada20e7c73be552a7b27cd755
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220614/b6af8da3/attachment.htm>
More information about the debian-security-tracker-commits
mailing list