[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Sep 2 07:35:31 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d0318344 by Salvatore Bonaccorso at 2022-09-02T08:35:06+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5464,7 +5464,7 @@ CVE-2022-37174
CVE-2022-37173 (An issue in the installer of gvim 9.0.0000 allows authenticated attack ...)
TODO: check
CVE-2022-37172 (Incorrect access control in the install directory (C:\msys64) of Msys2 ...)
- TODO: check
+ NOT-FOR-US: Msys2
CVE-2022-37171
RESERVED
CVE-2022-37170
@@ -6531,9 +6531,9 @@ CVE-2022-36751
CVE-2022-36750 (Clinic's Patient Management System v1.0 is vulnerable to SQL injection ...)
NOT-FOR-US: Clinic's Patient Management System
CVE-2022-36749 (RPi-Jukebox-RFID v2.3.0 was discovered to contain a command injection ...)
- TODO: check
+ NOT-FOR-US: RPi-Jukebox-RFID
CVE-2022-36748 (PicUploader v2.6.3 was discovered to contain a cross-site scripting (X ...)
- TODO: check
+ NOT-FOR-US: PicUploader
CVE-2022-36747 (Razor v0.8.0 was discovered to contain a cross-site scripting (XSS) vu ...)
TODO: check
CVE-2022-36746 (LibreNMS v22.6.0 was discovered to contain a cross-site scripting (XSS ...)
@@ -6685,9 +6685,9 @@ CVE-2022-36674 (Simple Task Scheduling System v1.0 was discovered to contain a S
CVE-2022-36673
RESERVED
CVE-2022-36672 (Novel-Plus v3.6.2 was discovered to contain a hard-coded JWT key locat ...)
- TODO: check
+ NOT-FOR-US: Novel-Plus
CVE-2022-36671 (Novel-Plus v3.6.2 was discovered to contain an arbitrary file download ...)
- TODO: check
+ NOT-FOR-US: Novel-Plus
CVE-2022-36670
RESERVED
CVE-2022-36669
@@ -6897,15 +6897,15 @@ CVE-2022-36568 (Tenda AC9 V15.03.05.19 was discovered to contain a stack overflo
CVE-2022-36567
RESERVED
CVE-2022-36566 (Rengine v1.3.0 was discovered to contain a command injection vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Rengine
CVE-2022-36565 (Incorrect access control in the install directory (C:\Wamp64) of Wamp ...)
- TODO: check
+ NOT-FOR-US: Wamp
CVE-2022-36564 (Incorrect access control in the install directory (C:\Strawberry) of S ...)
- TODO: check
+ NOT-FOR-US: StrawberryPerl
CVE-2022-36563 (Incorrect access control in the install directory (C:\RailsInstaller) ...)
- TODO: check
+ NOT-FOR-US: Rubyinstaller2
CVE-2022-36562 (Incorrect access control in the install directory (C:\Ruby31-x64) of R ...)
- TODO: check
+ NOT-FOR-US: Rubyinstaller2
CVE-2022-36561 (XPDF v4.0.4 was discovered to contain a segmentation violation via the ...)
TODO: check
CVE-2022-36560 (Seiko SkyBridge MB-A200 v01.00.04 and below was discovered to contain ...)
@@ -11932,7 +11932,7 @@ CVE-2022-34670
CVE-2022-34669
RESERVED
CVE-2022-34668 (NVFLARE, versions prior to 2.1.4, contains a vulnerability that deseri ...)
- TODO: check
+ NOT-FOR-US: NVFLARE
CVE-2022-34667
RESERVED
CVE-2022-34666
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d03183449ad7077c3eba6f32dd58c9a220f686b3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d03183449ad7077c3eba6f32dd58c9a220f686b3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220902/158ea6a3/attachment.htm>
More information about the debian-security-tracker-commits
mailing list