[Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Nov 21 20:15:10 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6792b8e6 by Salvatore Bonaccorso at 2022-11-21T21:14:42+01:00
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3065,7 +3065,7 @@ CVE-2022-44715
CVE-2022-3862
RESERVED
CVE-2022-3861 (The Betheme theme for WordPress is vulnerable to PHP Object Injection ...)
- TODO: check
+ NOT-FOR-US: Betheme theme for WordPress
CVE-2022-3860
RESERVED
CVE-2022-3859
@@ -4207,21 +4207,21 @@ CVE-2022-44656
CVE-2022-44655
RESERVED
CVE-2022-44654 (Affected builds of Trend Micro Apex One and Apex One as a Service cont ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2022-44653 (A security agent directory traversal vulnerability in Trend Micro Apex ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2022-44652 (An improper handling of exceptional conditions vulnerability in Trend ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2022-44651 (A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2022-44650 (A memory corruption vulnerability in the Unauthorized Change Preventio ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2022-44649 (An out-of-bounds access vulnerability in the Unauthorized Change Preve ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2022-44648 (An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex O ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2022-44647 (An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex O ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2022-44646 (In JetBrains TeamCity version before 2022.10, no audit items were adde ...)
NOT-FOR-US: JetBrains TeamCity
CVE-2022-44645
@@ -4928,9 +4928,9 @@ CVE-2022-3765 (Cross-site Scripting (XSS) - Stored in GitHub repository thorsten
CVE-2022-3764
RESERVED
CVE-2022-3763 (The Booster for WooCommerce WordPress plugin before 5.6.7, Booster Plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3762 (The Booster for WooCommerce WordPress plugin before 5.6.7, Booster Plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3761
RESERVED
CVE-2023-20853
@@ -5474,39 +5474,39 @@ CVE-2022-44185
CVE-2022-44184
RESERVED
CVE-2022-44183 (Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2022-44182
RESERVED
CVE-2022-44181
RESERVED
CVE-2022-44180 (Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2022-44179
RESERVED
CVE-2022-44178 (Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow. via function ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2022-44177 (Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2022-44176 (Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2022-44175 (Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2022-44174 (Tenda AC18 V15.03.05.05 is vulnerable to Buffer Overflow via function ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2022-44173
RESERVED
CVE-2022-44172 (Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2022-44171 (Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2022-44170
RESERVED
CVE-2022-44169 (Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2022-44168 (Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2022-44167 (Tenda AC15 V15.03.05.18 is avulnerable to Buffer Overflow via function ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2022-44166
RESERVED
CVE-2022-44165
@@ -5514,7 +5514,7 @@ CVE-2022-44165
CVE-2022-44164
RESERVED
CVE-2022-44163 (Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via function ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2022-44162
RESERVED
CVE-2022-44161
@@ -5524,11 +5524,11 @@ CVE-2022-44160
CVE-2022-44159
RESERVED
CVE-2022-44158 (Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via function ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2022-44157
RESERVED
CVE-2022-44156 (Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow via function ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2022-44155
RESERVED
CVE-2022-44154
@@ -5871,7 +5871,7 @@ CVE-2022-3755
CVE-2022-3754 (Weak Password Requirements in GitHub repository thorsten/phpmyfaq prio ...)
NOT-FOR-US: phpmyfaq
CVE-2022-3753 (The Evaluate WordPress plugin through 1.0 does not sanitize and escape ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-43997
RESERVED
CVE-2022-43996
@@ -7771,7 +7771,7 @@ CVE-2022-3722
CVE-2022-3721 (Code Injection in GitHub repository froxlor/froxlor prior to 0.10.39. ...)
- froxlor <itp> (bug #581792)
CVE-2022-3720 (The Event Monster WordPress plugin before 1.2.0 does not validate and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3719
REJECTED
- exiv2 <not-affected> (Vulnerable code not present)
@@ -8224,13 +8224,13 @@ CVE-2022-3693
CVE-2022-3692
RESERVED
CVE-2022-3691 (The DeepL Pro API translation plugin WordPress plugin before 1.7.5 dis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3690 (The Popup Maker WordPress plugin before 1.16.11 does not sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3689
RESERVED
CVE-2022-3688 (The WPQA Builder WordPress plugin before 5.9 does not have CSRF check ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-43760
RESERVED
CVE-2022-43759
@@ -9074,7 +9074,7 @@ CVE-2022-3635 (A vulnerability, which was classified as critical, has been found
[buster] - linux 4.19.260-1
NOTE: https://git.kernel.org/linus/3f4093e2bf4673f218c0bf17d8362337c400e77b (6.0-rc1)
CVE-2022-3634 (The Contact Form 7 Database Addon WordPress plugin before 1.2.6.5 does ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3633 (A vulnerability classified as problematic has been found in Linux Kern ...)
{DLA-3173-1}
- linux 5.19.6-1
@@ -9140,7 +9140,7 @@ CVE-2022-3619 (A vulnerability has been found in Linux Kernel and classified as
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7c9524d929648935bac2bbb4c20437df8f9c3f42
CVE-2022-3618 (The Spacer WordPress plugin before 3.0.7 does not sanitize and escapes ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3617
RESERVED
CVE-2022-3616 (Attackers can create long chains of CAs that would lead to OctoRPKI ex ...)
@@ -9185,7 +9185,7 @@ CVE-2022-3602 (A buffer overrun can be triggered in X.509 certificate verificati
CVE-2022-3601
RESERVED
CVE-2022-3600 (The Easy Digital Downloads WordPress plugin before 3.1.0.2 does not va ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3599 (LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools ...)
- tiff 4.4.0-5 (bug #1022555)
NOTE: https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246
@@ -13957,7 +13957,7 @@ CVE-2022-3338 (An External XML entity (XXE) vulnerability in ePO prior to 5.10 U
CVE-2022-3337 (It was possible for a user to delete a VPN profile from WARP mobile cl ...)
NOT-FOR-US: Cloudflare
CVE-2022-3336 (The Event Monster WordPress plugin before 1.2.0 does not have CSRF che ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3335 (The Kadence WooCommerce Email Designer WordPress plugin before 1.5.7 u ...)
NOT-FOR-US: WordPress plugin
CVE-2022-3334 (The Easy WP SMTP WordPress plugin before 1.5.0 unserialises the conten ...)
@@ -16006,7 +16006,7 @@ CVE-2022-40748 (IBM InfoSphere Information Server 11.7 is vulnerable to cross-si
CVE-2022-40747 ("IBM InfoSphere Information Server 11.7 is vulnerable to an XML Extern ...)
NOT-FOR-US: IBM
CVE-2022-40746 (IBM i Access Family 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.0 co ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-40745
RESERVED
CVE-2022-40744
@@ -21037,7 +21037,7 @@ CVE-2022-38757
CVE-2022-38756
RESERVED
CVE-2022-38755 (A vulnerability has been identified in Micro Focus Filr in versions pr ...)
- TODO: check
+ NOT-FOR-US: Micro Focus
CVE-2022-38754
RESERVED
CVE-2022-38753
@@ -44796,13 +44796,13 @@ CVE-2022-1583 (The External Links in New Window / New Tab WordPress plugin befor
CVE-2022-1582 (The External Links in New Window / New Tab WordPress plugin before 1.4 ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1581 (The WP-Polls WordPress plugin before 2.76.0 prioritizes getting a visi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-1580 (The Site Offline Or Coming Soon Or Maintenance Mode WordPress plugin b ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1579 (The function check_is_login_page() uses headers for the IP check, whic ...)
TODO: check
CVE-2022-1578 (The My wpdb WordPress plugin before 2.5 is missing CSRF check when run ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-1577 (The Database Backup for WordPress plugin before 2.5.2 does not have CS ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1576 (The WP Maintenance Mode & Coming Soon WordPress plugin before 2.4. ...)
@@ -62577,7 +62577,7 @@ CVE-2022-0423 (The 3D FlipBook WordPress plugin before 1.12.1 does not have auth
CVE-2022-0422 (The White Label CMS WordPress plugin before 2.2.9 does not sanitise an ...)
NOT-FOR-US: WordPress plugin
CVE-2022-0421 (The Five Star Restaurant Reservations WordPress plugin before 2.4.12 d ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0420 (The RegistrationMagic WordPress plugin before 5.0.2.2 does not sanitis ...)
NOT-FOR-US: WordPress plugin
CVE-2022-24271
@@ -130251,7 +130251,7 @@ CVE-2021-24651 (The Poll Maker WordPress plugin before 3.4.2 allows unauthentica
CVE-2021-24650
RESERVED
CVE-2021-24649 (The WP User Frontend WordPress plugin before 3.5.29 uses a user suppli ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24648 (The RegistrationMagic WordPress plugin before 5.0.1.9 does not sanitis ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24647 (The Registration Forms – User profile, Content Restriction, Spam ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6792b8e6db1f36a218068634a5acae97989353a2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6792b8e6db1f36a218068634a5acae97989353a2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221121/5dfda8f7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list