[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Oct 28 21:51:50 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b4d03985 by Salvatore Bonaccorso at 2022-10-28T22:51:24+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27,7 +27,7 @@ CVE-2022-3743
CVE-2022-3742
RESERVED
CVE-2022-3741 (Impact varies for each individual vulnerability in the application. Fo ...)
- TODO: check
+ NOT-FOR-US: chatwoot
CVE-2022-3740
RESERVED
CVE-2022-3739
@@ -577,19 +577,19 @@ CVE-2022-43959
CVE-2022-3736
RESERVED
CVE-2022-3735 (A vulnerability was found in seccome Ehoney. It has been rated as crit ...)
- TODO: check
+ NOT-FOR-US: seccome Ehoney
CVE-2022-3734 (A vulnerability was found in Redis. It has been declared as critical. ...)
TODO: check
CVE-2022-3733 (A vulnerability was found in SourceCodester Web-Based Student Clearanc ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Web-Based Student Clearance System
CVE-2022-3732 (A vulnerability was found in seccome Ehoney and classified as critical ...)
- TODO: check
+ NOT-FOR-US: seccome Ehoney
CVE-2022-3731 (A vulnerability has been found in seccome Ehoney and classified as cri ...)
- TODO: check
+ NOT-FOR-US: seccome Ehoney
CVE-2022-3730 (A vulnerability, which was classified as critical, was found in seccom ...)
- TODO: check
+ NOT-FOR-US: seccome Ehoney
CVE-2022-3729 (A vulnerability, which was classified as critical, has been found in s ...)
- TODO: check
+ NOT-FOR-US: seccome Ehoney
CVE-2022-3728
RESERVED
CVE-2023-20601
@@ -3655,9 +3655,9 @@ CVE-2022-43278
CVE-2022-43277
RESERVED
CVE-2022-43276 (Canteen Management System v1.0 was discovered to contain a SQL injecti ...)
- TODO: check
+ NOT-FOR-US: Canteen Management System
CVE-2022-43275 (Canteen Management System v1.0 was discovered to contain an arbitrary ...)
- TODO: check
+ NOT-FOR-US: Canteen Management System
CVE-2022-43274
RESERVED
CVE-2022-43273
@@ -3741,17 +3741,17 @@ CVE-2022-43235
CVE-2022-43234
RESERVED
CVE-2022-43233 (Canteen Management System v1.0 was discovered to contain a SQL injecti ...)
- TODO: check
+ NOT-FOR-US: Canteen Management System
CVE-2022-43232 (Canteen Management System v1.0 was discovered to contain a SQL injecti ...)
- TODO: check
+ NOT-FOR-US: Canteen Management System
CVE-2022-43231 (Canteen Management System v1.0 was discovered to contain an arbitrary ...)
- TODO: check
+ NOT-FOR-US: Canteen Management System
CVE-2022-43230 (Simple Cold Storage Management System v1.0 was discovered to contain a ...)
- TODO: check
+ NOT-FOR-US: Simple Cold Storage Management System
CVE-2022-43229 (Simple Cold Storage Management System v1.0 was discovered to contain a ...)
- TODO: check
+ NOT-FOR-US: Simple Cold Storage Management System
CVE-2022-43228 (Barangay Management System v1.0 was discovered to contain a SQL inject ...)
- TODO: check
+ NOT-FOR-US: Barangay Management System
CVE-2022-43227
RESERVED
CVE-2022-43226
@@ -3867,19 +3867,19 @@ CVE-2022-43172
CVE-2022-43171
RESERVED
CVE-2022-43170 (A stored cross-site scripting (XSS) vulnerability in the Dashboard Con ...)
- TODO: check
+ NOT-FOR-US: Rukovoditel
CVE-2022-43169 (A stored cross-site scripting (XSS) vulnerability in the Users Access ...)
- TODO: check
+ NOT-FOR-US: Rukovoditel
CVE-2022-43168 (Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Rukovoditel
CVE-2022-43167 (A stored cross-site scripting (XSS) vulnerability in the Users Alerts ...)
- TODO: check
+ NOT-FOR-US: Rukovoditel
CVE-2022-43166 (A stored cross-site scripting (XSS) vulnerability in the Global Entiti ...)
- TODO: check
+ NOT-FOR-US: Rukovoditel
CVE-2022-43165 (A stored cross-site scripting (XSS) vulnerability in the Global Variab ...)
- TODO: check
+ NOT-FOR-US: Rukovoditel
CVE-2022-43164 (A stored cross-site scripting (XSS) vulnerability in the Global Lists ...)
- TODO: check
+ NOT-FOR-US: Rukovoditel
CVE-2022-43163
RESERVED
CVE-2022-43162
@@ -5809,7 +5809,7 @@ CVE-2022-3411
CVE-2022-3410
RESERVED
CVE-2022-3409 (A vulnerability in bmcweb of OpenBMC Project allows user to cause deni ...)
- TODO: check
+ NOT-FOR-US: OpenBMC
CVE-2022-3408
RESERVED
CVE-2022-3407
@@ -6649,9 +6649,9 @@ CVE-2022-42057
CVE-2022-42056
RESERVED
CVE-2022-42055 (Multiple command injection vulnerabilities in GL.iNet GoodCloud IoT De ...)
- TODO: check
+ NOT-FOR-US: GL.iNet GoodCloud IoT Device Management System
CVE-2022-42054 (Multiple stored cross-site scripting (XSS) vulnerabilities in GL.iNet ...)
- TODO: check
+ NOT-FOR-US: GL.iNet GoodCloud IoT Device Management System
CVE-2022-42053
RESERVED
CVE-2022-42052
@@ -6794,11 +6794,11 @@ CVE-2022-36354
CVE-2022-3388
RESERVED
CVE-2022-3387 (Advantech R-SeeNet Versions 2.4.19 and prior are vulnerable to path tr ...)
- TODO: check
+ NOT-FOR-US: Advantech R-SeeNet
CVE-2022-3386 (Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack ...)
- TODO: check
+ NOT-FOR-US: Advantech R-SeeNet
CVE-2022-3385 (Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack ...)
- TODO: check
+ NOT-FOR-US: Advantech R-SeeNet
CVE-2022-3384
RESERVED
CVE-2022-3383
@@ -7107,9 +7107,9 @@ CVE-2022-3381
CVE-2022-3380
RESERVED
CVE-2022-3379 (Horner Automation's Cscape version 9.90 SP7 and prior does not properl ...)
- TODO: check
+ NOT-FOR-US: Horner Automation's Cscape
CVE-2022-3378 (Horner Automation's Cscape version 9.90 SP 7 and prior does not proper ...)
- TODO: check
+ NOT-FOR-US: Horner Automation's Cscape
CVE-2022-3377
RESERVED
CVE-2022-3376 (Weak Password Requirements in GitHub repository ikus060/rdiffweb prior ...)
@@ -7244,13 +7244,13 @@ CVE-2022-41778
CVE-2022-41776
RESERVED
CVE-2022-41773 (The affected product DIAEnergie (versions prior to v1.9.01.002) is vul ...)
- TODO: check
+ NOT-FOR-US: DIAEnergie
CVE-2022-41772
RESERVED
CVE-2022-41702 (The affected product DIAEnergie (versions prior to v1.9.01.002) is vul ...)
- TODO: check
+ NOT-FOR-US: DIAEnergie
CVE-2022-41701 (The affected product DIAEnergie (versions prior to v1.9.01.002) is vul ...)
- TODO: check
+ NOT-FOR-US: DIAEnergie
CVE-2022-41697
RESERVED
CVE-2022-41688
@@ -7264,13 +7264,13 @@ CVE-2022-41654
CVE-2022-41653
RESERVED
CVE-2022-41651 (The affected product DIAEnergie (versions prior to v1.9.01.002) is vul ...)
- TODO: check
+ NOT-FOR-US: DIAEnergie
CVE-2022-41648 (The HEIDENHAIN Controller TNC 640, version 340590 07 SP5, running HERO ...)
- TODO: check
+ NOT-FOR-US: HEIDENHAIN Controller TNC 640
CVE-2022-41644
RESERVED
CVE-2022-41636 (Communication traffic involving "Ethernet Q Commands" service of Haas ...)
- TODO: check
+ NOT-FOR-US: Haas Controller
CVE-2022-41629
RESERVED
CVE-2022-41627 (The physical IoT device of the AliveCor's KardiaMobile, a smartphone-b ...)
@@ -7280,15 +7280,15 @@ CVE-2022-41613
CVE-2022-41607
RESERVED
CVE-2022-41555 (The affected product DIAEnergie (versions prior to v1.9.01.002) is vul ...)
- TODO: check
+ NOT-FOR-US: DIAEnergie
CVE-2022-41133 (The affected product DIAEnergie (versions prior to v1.9.01.002) is vul ...)
- TODO: check
+ NOT-FOR-US: DIAEnergie
CVE-2022-40981
RESERVED
CVE-2022-40967 (The affected product DIAEnergie (versions prior to v1.9.01.002) is vul ...)
- TODO: check
+ NOT-FOR-US: DIAEnergie
CVE-2022-40965 (The affected product DIAEnergie (versions prior to v1.9.01.002) is vul ...)
- TODO: check
+ NOT-FOR-US: DIAEnergie
CVE-2022-40703 (CWE-302 Authentication Bypass by Assumed-Immutable Data in AliveCor Ka ...)
NOT-FOR-US: AliveCor Kardia App
CVE-2022-40204
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4d03985a174e8160f2c749104f92d7515f98c76
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4d03985a174e8160f2c749104f92d7515f98c76
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221028/f97beda4/attachment.htm>
More information about the debian-security-tracker-commits
mailing list