[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Mar 18 20:19:47 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
84c1fbaa by Salvatore Bonaccorso at 2022-03-18T21:19:14+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,13 +5,13 @@ CVE-2022-27248
CVE-2022-27247
RESERVED
CVE-2022-27246 (An issue was discovered in MISP before 2.4.156. An SVG org logo (which ...)
- TODO: check
+ NOT-FOR-US: MISP
CVE-2022-27245 (An issue was discovered in MISP before 2.4.156. app/Model/Server.php d ...)
- TODO: check
+ NOT-FOR-US: MISP
CVE-2022-27244 (An issue was discovered in MISP before 2.4.156. A malicious site admin ...)
- TODO: check
+ NOT-FOR-US: MISP
CVE-2022-27243 (An issue was discovered in MISP before 2.4.156. app/View/Users/terms.c ...)
- TODO: check
+ NOT-FOR-US: MISP
CVE-2022-27242
RESERVED
CVE-2022-27241
@@ -1984,7 +1984,7 @@ CVE-2022-26504 (Improper authentication in Veeam Backup & Replication 9.5U3,
CVE-2022-26503 (Deserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, ...)
NOT-FOR-US: Veeam
CVE-2022-26502 (**REJECT** Veeam Backup & Replication 10.x and 11.x has an Untrust ...)
- TODO: check
+ NOT-FOR-US: Veeam
CVE-2022-26501 (Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4 ...)
NOT-FOR-US: Veeam
CVE-2022-26500 (Improper limitation of path names in Veeam Backup & Replication 9. ...)
@@ -4399,7 +4399,7 @@ CVE-2022-25606
CVE-2022-25605 (Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabiliti ...)
NOT-FOR-US: WordPress plugin
CVE-2022-25604 (Authenticated (contributor of higher user role) Stored Cross-Site Scri ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-25603 (Authenticated (author or higher user role) Stored Cross-Site Scripting ...)
NOT-FOR-US: WordPress plugin
CVE-2022-25602 (Nonce token leak vulnerability leading to arbitrary file upload, theme ...)
@@ -7150,7 +7150,7 @@ CVE-2022-24657
CVE-2022-24656
RESERVED
CVE-2022-24655 (A stack overflow vulnerability exists in the upnpd service in Netgear ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2022-24654
RESERVED
CVE-2022-24653
@@ -7186,7 +7186,7 @@ CVE-2022-24639
CVE-2022-24638
RESERVED
CVE-2022-24637 (Open Web Analytics (OWA) before 1.7.4 allows an unauthenticated remote ...)
- TODO: check
+ NOT-FOR-US: Open Web Analytics (OWA)
CVE-2022-24636
RESERVED
CVE-2022-24635
@@ -7283,7 +7283,7 @@ CVE-2022-24597
CVE-2022-24596
RESERVED
CVE-2022-24595 (Automotive Grade Linux Kooky Koi 11.0.0, 11.0.1, 11.0.2, 11.0.3, 11.0. ...)
- TODO: check
+ NOT-FOR-US: Automotive Grade Linux Kooky Koi
CVE-2022-24594 (In waline 1.6.1, an attacker can submit messages using X-Forwarded-For ...)
NOT-FOR-US: waline
CVE-2022-24593
@@ -8885,9 +8885,9 @@ CVE-2022-24094 (Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and
CVE-2022-24093
RESERVED
CVE-2022-24092 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-24091 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-24090 (Adobe Photoshop versions 23.1.1 (and earlier) and 22.5.5 (and earlier) ...)
NOT-FOR-US: Adobe
CVE-2022-24089
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84c1fbaa05eca7670c32f27bbbc7cfe81b72da58
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84c1fbaa05eca7670c32f27bbbc7cfe81b72da58
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220318/99f78795/attachment.htm>
More information about the debian-security-tracker-commits
mailing list