[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Mar 16 08:31:49 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fe814c90 by Salvatore Bonaccorso at 2022-03-16T09:29:55+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -18,7 +18,7 @@ CVE-2022-0991
CVE-2022-0990
RESERVED
CVE-2020-36519 (Mimecast Email Security before 2020-01-10 allows any admin to spoof an ...)
- TODO: check
+ NOT-FOR-US: Mimecast Email Security
CVE-2022-27221
RESERVED
CVE-2022-27220
@@ -631,37 +631,37 @@ CVE-2022-27007
CVE-2022-27006
RESERVED
CVE-2022-27005 (Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.61 ...)
- TODO: check
+ NOT-FOR-US: Totolink
CVE-2022-27004 (Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.61 ...)
- TODO: check
+ NOT-FOR-US: Totolink
CVE-2022-27003 (Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.61 ...)
- TODO: check
+ NOT-FOR-US: Totolink
CVE-2022-27002 (Arris TR3300 v1.0.13 were discovered to contain a command injection vu ...)
- TODO: check
+ NOT-FOR-US: Arris
CVE-2022-27001 (Arris TR3300 v1.0.13 were discovered to contain a command injection vu ...)
- TODO: check
+ NOT-FOR-US: Arris
CVE-2022-27000 (Arris TR3300 v1.0.13 was discovered to contain a command injection vul ...)
- TODO: check
+ NOT-FOR-US: Arris
CVE-2022-26999 (Arris TR3300 v1.0.13 was discovered to contain a command injection vul ...)
- TODO: check
+ NOT-FOR-US: Arris
CVE-2022-26998 (Arris TR3300 v1.0.13 was discovered to contain a command injection vul ...)
- TODO: check
+ NOT-FOR-US: Arris
CVE-2022-26997 (Arris TR3300 v1.0.13 was discovered to contain a command injection vul ...)
- TODO: check
+ NOT-FOR-US: Arris
CVE-2022-26996 (Arris TR3300 v1.0.13 was discovered to contain a command injection vul ...)
- TODO: check
+ NOT-FOR-US: Arris
CVE-2022-26995 (Arris TR3300 v1.0.13 was discovered to contain a command injection vul ...)
- TODO: check
+ NOT-FOR-US: Arris
CVE-2022-26994 (Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1 ...)
- TODO: check
+ NOT-FOR-US: Arris
CVE-2022-26993 (Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1 ...)
- TODO: check
+ NOT-FOR-US: Arris
CVE-2022-26992 (Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1 ...)
- TODO: check
+ NOT-FOR-US: Arris
CVE-2022-26991 (Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1 ...)
- TODO: check
+ NOT-FOR-US: Arris
CVE-2022-26990 (Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1 ...)
- TODO: check
+ NOT-FOR-US: Arris
CVE-2022-26989
RESERVED
CVE-2022-26988
@@ -2639,23 +2639,23 @@ CVE-2022-26216
CVE-2022-26215
RESERVED
CVE-2022-26214 (Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A ...)
- TODO: check
+ NOT-FOR-US: Totolink
CVE-2022-26213 (Totolink X5000R_Firmware v9.1.0u.6118_B20201102 was discovered to cont ...)
- TODO: check
+ NOT-FOR-US: Totolink
CVE-2022-26212 (Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A ...)
- TODO: check
+ NOT-FOR-US: Totolink
CVE-2022-26211 (Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A ...)
- TODO: check
+ NOT-FOR-US: Totolink
CVE-2022-26210 (Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A ...)
- TODO: check
+ NOT-FOR-US: Totolink
CVE-2022-26209 (Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A ...)
- TODO: check
+ NOT-FOR-US: Totolink
CVE-2022-26208 (Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A ...)
- TODO: check
+ NOT-FOR-US: Totolink
CVE-2022-26207 (Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A ...)
- TODO: check
+ NOT-FOR-US: Totolink
CVE-2022-26206 (Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A ...)
- TODO: check
+ NOT-FOR-US: Totolink
CVE-2022-26205
RESERVED
CVE-2022-26204
@@ -4502,33 +4502,33 @@ CVE-2022-25500
CVE-2022-25499
RESERVED
CVE-2022-25498 (CuppaCMS v1.0 was discovered to contain a remote code execution (RCE) ...)
- TODO: check
+ NOT-FOR-US: CuppaCMS
CVE-2022-25497 (CuppaCMS v1.0 was discovered to contain an arbitrary file read via the ...)
- TODO: check
+ NOT-FOR-US: CuppaCMS
CVE-2022-25496
RESERVED
CVE-2022-25495 (The component /jquery_file_upload/server/php/index.php of CuppaCMS v1. ...)
- TODO: check
+ NOT-FOR-US: CuppaCMS
CVE-2022-25494 (Online Banking System v1.0 was discovered to contain a SQL injection v ...)
- TODO: check
+ NOT-FOR-US: Online Banking System
CVE-2022-25493 (HMS v1.0 was discovered to contain a reflected cross-site scripting (X ...)
- TODO: check
+ NOT-FOR-US: HMS
CVE-2022-25492 (HMS v1.0 was discovered to contain a SQL injection vulnerability via t ...)
- TODO: check
+ NOT-FOR-US: HMS
CVE-2022-25491 (HMS v1.0 was discovered to contain a SQL injection vulnerability via t ...)
- TODO: check
+ NOT-FOR-US: HMS
CVE-2022-25490 (HMS v1.0 was discovered to contain a SQL injection vulnerability via t ...)
- TODO: check
+ NOT-FOR-US: HMS
CVE-2022-25489 (Atom CMS v2.0 was discovered to contain a reflected cross-site scripti ...)
- TODO: check
+ NOT-FOR-US: Atom CMS
CVE-2022-25488 (Atom CMS v2.0 was discovered to contain a SQL injection vulnerability ...)
- TODO: check
+ NOT-FOR-US: Atom CMS
CVE-2022-25487 (Atom CMS v2.0 was discovered to contain a remote code execution (RCE) ...)
- TODO: check
+ NOT-FOR-US: Atom CMS
CVE-2022-25486 (CuppaCMS v1.0 was discovered to contain a local file inclusion via the ...)
- TODO: check
+ NOT-FOR-US: CuppaCMS
CVE-2022-25485 (CuppaCMS v1.0 was discovered to contain a local file inclusion via the ...)
- TODO: check
+ NOT-FOR-US: CuppaCMS
CVE-2022-25484
RESERVED
CVE-2022-25483
@@ -9182,7 +9182,7 @@ CVE-2022-23990 (Expat (aka libexpat) before 2.4.4 has an integer overflow in the
NOTE: Introduced with: https://github.com/libexpat/libexpat/commit/cb8a4c756d057b948c1b41e7185dd69ef3ade3fb (R_1_95_4)
NOTE: Fixed by: https://github.com/libexpat/libexpat/commit/ede41d1e186ed2aba88a06e84cac839b770af3a1 (R_2_4_4)
CVE-2022-23989 (In Stormshield Network Security (SNS) 3.7.6 through 3.7.24, 3.11.1 thr ...)
- TODO: check
+ NOT-FOR-US: Stormshield Network Security (SNS)
CVE-2022-23988 (The WS Form LITE and Pro WordPress plugins before 1.8.176 do not sanit ...)
NOT-FOR-US: WordPress plugin
CVE-2022-23987 (The WS Form LITE and Pro WordPress plugins before 1.8.176 do not sanit ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe814c90d501a0b6ead3320f1a3de856121a4034
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe814c90d501a0b6ead3320f1a3de856121a4034
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220316/74fdd341/attachment.htm>
More information about the debian-security-tracker-commits
mailing list