[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Nov 28 21:55:34 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
540aab09 by Salvatore Bonaccorso at 2022-11-28T22:21:24+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6220,11 +6220,11 @@ CVE-2022-44403 (Automotive Shop Management System v1.0 is vulnerable to SQL Inje
CVE-2022-44402 (Automotive Shop Management System v1.0 is vulnerable to SQL Injection ...)
NOT-FOR-US: Automotive Shop Management System
CVE-2022-44401 (Online Tours & Travels Management System v1.0 contains an arbitrar ...)
- TODO: check
+ NOT-FOR-US: Online Tours & Travels Management System
CVE-2022-44400 (Purchase Order Management System v1.0 contains a file upload vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Purchase Order Management System
CVE-2022-44399 (Poultry Farm Management System v1.0 contains a SQL injection vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Poultry Farm Management System
CVE-2022-44398
RESERVED
CVE-2022-44397
@@ -6454,9 +6454,9 @@ CVE-2022-44286
CVE-2022-44285
RESERVED
CVE-2022-44284 (Dinstar FXO Analog VoIP Gateway DAG2000-16O is vulnerable to Cross Sit ...)
- TODO: check
+ NOT-FOR-US: Dinstar FXO Analog VoIP Gateway DAG2000-16O
CVE-2022-44283 (AVS Audio Converter 10.3 is vulnerable to Buffer Overflow. ...)
- TODO: check
+ NOT-FOR-US: AVS Audio Converter
CVE-2022-44282
RESERVED
CVE-2022-44281
@@ -13058,7 +13058,7 @@ CVE-2022-42447
CVE-2022-42446
RESERVED
CVE-2022-42445 (HCL Launch could allow a user with administrative privileges, includin ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2022-42444
RESERVED
CVE-2022-42443
@@ -14185,7 +14185,7 @@ CVE-2022-41946 (pgjdbc is an open source postgresql JDBC Driver. In affected ver
CVE-2022-41945 (super-xray is a vulnerability scanner (xray) GUI launcher. In version ...)
NOT-FOR-US: super-xray
CVE-2022-41944 (Discourse is an open-source discussion platform. In stable versions pr ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2022-41943 (sourcegraph is a code intelligence platform. As a site admin it was po ...)
NOT-FOR-US: Sourcegraph
CVE-2022-41942 (Sourcegraph is a code intelligence platform. In versions prior to 4.1. ...)
@@ -14231,7 +14231,7 @@ CVE-2022-41923 (Grails Spring Security Core plugin is vulnerable to privilege es
CVE-2022-41922 (`yiisoft/yii` before version 1.1.27 are vulnerable to Remote Code Exec ...)
- yii <itp> (bug #597899)
CVE-2022-41921 (Discourse is an open-source discussion platform. Prior to version 2.9. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2022-41920 (Lancet is a general utility library for the go programming language. A ...)
NOT-FOR-US: Lancet
CVE-2022-41919 (Fastify is a web framework with minimal overhead and plugin architectu ...)
@@ -29303,7 +29303,7 @@ CVE-2022-36195
CVE-2022-36194 (Centreon 22.04.0 is vulnerable to Cross Site Scripting (XSS) from the ...)
- centreon-web <itp> (bug #913903)
CVE-2022-36193 (SQL injection in School Management System 1.0 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: School Management System
CVE-2022-36192
RESERVED
CVE-2022-36191 (A heap-buffer-overflow had occurred in function gf_isom_dovi_config_ge ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/540aab09498e193c6b6058b811192049e3004270
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/540aab09498e193c6b6058b811192049e3004270
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221128/6ee5773c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list