[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu May 12 13:57:53 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
96760d79 by Moritz Muehlenhoff at 2022-05-12T14:57:15+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -929,7 +929,7 @@ CVE-2022-30280
CVE-2022-30279
RESERVED
CVE-2022-30278 (A vulnerability in Black Duck Hub’s embedded MadCap Flare docume ...)
- TODO: check
+ NOT-FOR-US: Black Duck Hub
CVE-2022-30277
RESERVED
CVE-2022-30276
@@ -1311,7 +1311,7 @@ CVE-2022-30132
CVE-2022-30131
RESERVED
CVE-2022-30130 (.NET Framework Denial of Service Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-30129 (Visual Studio Code Remote Code Execution Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-30128
@@ -1688,7 +1688,7 @@ CVE-2022-29973 (relan exFAT 1.3.0 allows local users to obtain sensitive informa
CVE-2022-29972 (An argument injection vulnerability in the browser-based authenticatio ...)
NOT-FOR-US: Magnitude Simba Amazon Redshift ODBC Driver
CVE-2022-29971 (An argument injection vulnerability in the browser-based authenticatio ...)
- TODO: check
+ NOT-FOR-US: Magnitude Simba Amazon Athena ODBC Driver
CVE-2022-29970 (Sinatra before 2.2.0 does not validate that the expanded path matches ...)
- ruby-sinatra <unfixed>
NOTE: https://github.com/sinatra/sinatra/commit/462c3ca1db53ed3cfc394cf5948e9c948ad1c10e (v2.2.0)
@@ -1782,7 +1782,7 @@ CVE-2022-29934 (USU Oracle Optimization before 5.17.5 lacks Polkit authenticatio
CVE-2022-29933 (Craft CMS through 3.7.36 allows a remote unauthenticated attacker, who ...)
NOT-FOR-US: Craft CMS
CVE-2022-29932 (The HTTP Server in PRIMEUR SPAZIO 2.5.1.954 (File Transfer) allows an ...)
- TODO: check
+ NOT-FOR-US: PRIMEUR
CVE-2022-29931
RESERVED
CVE-2022-29930
@@ -1934,9 +1934,9 @@ CVE-2022-29900
CVE-2022-29899
RESERVED
CVE-2022-29898 (On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user c ...)
- TODO: check
+ NOT-FOR-US: RAD-ISM-900-EN
CVE-2022-29897 (On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user c ...)
- TODO: check
+ NOT-FOR-US: RAD-ISM-900-EN
CVE-2022-29892
RESERVED
CVE-2022-29885
@@ -2079,13 +2079,13 @@ CVE-2022-29850
CVE-2022-29849 (In Progress OpenEdge before 11.7.14 and 12.x before 12.2.9, certain SU ...)
NOT-FOR-US: Progress OpenEdge
CVE-2022-29848 (In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, i ...)
- TODO: check
+ NOT-FOR-US: Progress Ipswitch WhatsUp Gold
CVE-2022-29847 (In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, i ...)
- TODO: check
+ NOT-FOR-US: Progress Ipswitch WhatsUp Gold
CVE-2022-29846 (In Progress Ipswitch WhatsUp Gold 16.1 through 21.1.1, and 22.0.0, it ...)
- TODO: check
+ NOT-FOR-US: Progress Ipswitch WhatsUp Gold
CVE-2022-29845 (In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, i ...)
- TODO: check
+ NOT-FOR-US: Progress Ipswitch WhatsUp Gold
CVE-2022-29844
RESERVED
CVE-2022-29843
@@ -2570,9 +2570,9 @@ CVE-2022-29730
CVE-2022-29729
RESERVED
CVE-2022-29728 (Survey Sparrow Enterprise Survey Software 2022 has a Reflected cross-s ...)
- TODO: check
+ NOT-FOR-US: Survey Sparrow Enterprise Survey Software
CVE-2022-29727 (Survey Sparrow Enterprise Survey Software 2022 has a Stored cross-site ...)
- TODO: check
+ NOT-FOR-US: Survey Sparrow Enterprise Survey Software
CVE-2022-29726
RESERVED
CVE-2022-29725
@@ -2714,9 +2714,9 @@ CVE-2022-29658
CVE-2022-29657
RESERVED
CVE-2022-29656 (Wedding Management System v1.0 was discovered to contain a SQL injecti ...)
- TODO: check
+ NOT-FOR-US: Wedding Management System
CVE-2022-29655 (An arbitrary file upload vulnerability in the Upload Photos module of ...)
- TODO: check
+ NOT-FOR-US: Wedding Management System
CVE-2022-29654
RESERVED
CVE-2022-29653
@@ -2873,7 +2873,7 @@ CVE-2022-29598
CVE-2022-29597
RESERVED
CVE-2022-29596 (MicroStrategy Enterprise Manager 2022 allows authentication bypass by ...)
- TODO: check
+ NOT-FOR-US: MicroStrategy Enterprise Manager
CVE-2022-29595
RESERVED
CVE-2022-29594
@@ -3636,9 +3636,9 @@ CVE-2022-29319
CVE-2022-29318 (An arbitrary file upload vulnerability in the New Entry module of Car ...)
TODO: check
CVE-2022-29317 (Simple Bus Ticket Booking System v1.0 was discovered to contain multip ...)
- TODO: check
+ NOT-FOR-US: Simple Bus Ticket Booking System
CVE-2022-29316 (Complete Online Job Search System v1.0 was discovered to contain a SQL ...)
- TODO: check
+ NOT-FOR-US: Complete Online Job Search System
CVE-2022-29315 (Invicti Acunetix before 14 allows CSV injection via the Description fi ...)
NOT-FOR-US: Invicti Acunetix
CVE-2022-29314
@@ -4142,15 +4142,15 @@ CVE-2022-29143
CVE-2022-29142 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
NOT-FOR-US: Microsoft
CVE-2022-29141 (Windows LDAP Remote Code Execution Vulnerability. This CVE ID is uniqu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-29140 (Windows Print Spooler Information Disclosure Vulnerability. This CVE I ...)
NOT-FOR-US: Microsoft
CVE-2022-29139 (Windows LDAP Remote Code Execution Vulnerability. This CVE ID is uniqu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-29138 (Windows Clustered Shared Volume Elevation of Privilege Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-29137 (Windows LDAP Remote Code Execution Vulnerability. This CVE ID is uniqu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-29136
RESERVED
CVE-2022-29135 (Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerabili ...)
@@ -4162,13 +4162,13 @@ CVE-2022-29133 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID
CVE-2022-29132 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
NOT-FOR-US: Microsoft
CVE-2022-29131 (Windows LDAP Remote Code Execution Vulnerability. This CVE ID is uniqu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-29130 (Windows LDAP Remote Code Execution Vulnerability. This CVE ID is uniqu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-29129 (Windows LDAP Remote Code Execution Vulnerability. This CVE ID is uniqu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-29128 (Windows LDAP Remote Code Execution Vulnerability. This CVE ID is uniqu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-29127 (BitLocker Security Feature Bypass Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-29126 (Tablet Windows User Interface Application Core Elevation of Privilege ...)
@@ -4556,9 +4556,9 @@ CVE-2022-29011
CVE-2022-29010
RESERVED
CVE-2022-29009 (Multiple SQL injection vulnerabilities via the username and password p ...)
- TODO: check
+ NOT-FOR-US: Cyber Cafe Management System Project
CVE-2022-29008 (An insecure direct object reference (IDOR) vulnerability in the viewid ...)
- TODO: check
+ NOT-FOR-US: Bus Pass Management System
CVE-2022-29007 (Multiple SQL injection vulnerabilities via the username and password p ...)
TODO: check
CVE-2022-29006 (Multiple SQL injection vulnerabilities via the username and password p ...)
@@ -4922,9 +4922,9 @@ CVE-2022-28840
CVE-2022-28839
RESERVED
CVE-2022-28838 (Acrobat Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28837 (Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and e ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28836
RESERVED
CVE-2022-28835
@@ -6554,85 +6554,85 @@ CVE-2022-28271 (Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and ear
CVE-2022-28270 (Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) ...)
NOT-FOR-US: Adobe
CVE-2022-28269 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28268 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28267 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28266 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28265 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28264 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28263 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28262 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28261 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28260 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28259 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28258 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28257 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28256 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28255 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28254 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28253 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28252 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28251 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28250 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28249 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28248 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28247 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28246 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28245 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28244 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28243 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28242 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28241 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28240 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28239 (Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28238 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28237 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28236 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28235 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28234 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28233 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28232 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28231 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28230 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-28229
RESERVED
CVE-2022-28228
@@ -7250,9 +7250,9 @@ CVE-2022-28080 (Royal Event Management System v1.0 was discovered to contain a S
CVE-2022-28079 (College Management System v1.0 was discovered to contain a SQL injecti ...)
NOT-FOR-US: College Management System
CVE-2022-28078 (Home Owners Collection Management v1 was discovered to contain a refle ...)
- TODO: check
+ NOT-FOR-US: Home Owners Collection Management
CVE-2022-28077 (Home Owners Collection Management v1 was discovered to contain a refle ...)
- TODO: check
+ NOT-FOR-US: Home Owners Collection Management
CVE-2022-28076 (Seacms v11.6 was discovered to contain a remote command execution (RCE ...)
NOT-FOR-US: Seacms
CVE-2022-28075
@@ -7966,41 +7966,41 @@ CVE-2022-27810
CVE-2022-27809
RESERVED
CVE-2022-27802 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-27801 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-27800 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-27799 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-27798 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-27797 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-27796 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-27795 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-27794 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-27793 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-27792 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-27791 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-27790 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-27789 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-27788 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-27787 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-27786 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-27785 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-27784 (Adobe After Effects versions 22.2.1 (and earlier) and 18.4.5 (and earl ...)
NOT-FOR-US: Adobe
CVE-2022-27783 (Adobe After Effects versions 22.2.1 (and earlier) and 18.4.5 (and earl ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/96760d795530baae452cff0068f2ee56de7358b9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/96760d795530baae452cff0068f2ee56de7358b9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220512/6d45614c/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list