[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Sep 6 21:36:43 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dfd22da5 by Salvatore Bonaccorso at 2022-09-06T22:36:19+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10973,7 +10973,7 @@ CVE-2022-35849
CVE-2022-35848
RESERVED
CVE-2022-35847 (An improper neutralization of special elements used in a template engi ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2022-35846
RESERVED
CVE-2022-35845
@@ -21313,7 +21313,7 @@ CVE-2022-31862
CVE-2022-31861
RESERVED
CVE-2022-31860 (An issue was discovered in OpenRemote through 1.0.4 allows attackers t ...)
- TODO: check
+ NOT-FOR-US: OpenRemote
CVE-2022-31859
RESERVED
CVE-2022-31858
@@ -21560,7 +21560,7 @@ CVE-2022-31792
CVE-2022-31791
RESERVED
CVE-2022-31790 (WatchGuard Firebox and XTM appliances allow an unauthenticated remote ...)
- TODO: check
+ NOT-FOR-US: WatchGuard Firebox and XTM appliances
CVE-2022-31789
RESERVED
CVE-2022-31788 (IdeaLMS 2022 allows SQL injection via the IdeaLMS/ChatRoom/ClassAccess ...)
@@ -26124,7 +26124,7 @@ CVE-2022-30300
CVE-2022-30299
RESERVED
CVE-2022-30298 (An improper privilege management vulnerability [CWE-269] in Fortinet F ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2022-29509 (Directory traversal vulnerability in T&D Data Server (Japanese Edi ...)
NOT-FOR-US: T&D Data Server
CVE-2022-29483 (Incorrect Default Permissions vulnerability in ABB e-Design allows att ...)
@@ -29856,7 +29856,7 @@ CVE-2022-1316 (ZeroTierOne for windows local privilege escalation because of inc
CVE-2022-29063 (The Solr plugin of Apache OFBiz is configured by default to automatica ...)
NOT-FOR-US: Apache OFBiz
CVE-2022-29062 (Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2022-29061
RESERVED
CVE-2022-29060 (A use of hard-coded cryptographic key vulnerability [CWE-321] in Forti ...)
@@ -29864,7 +29864,7 @@ CVE-2022-29060 (A use of hard-coded cryptographic key vulnerability [CWE-321] in
CVE-2022-29059
RESERVED
CVE-2022-29058 (An improper neutralization of special elements [CWE-89] used in an OS ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2022-29057 (A improper neutralization of input during web page generation ('cross- ...)
NOT-FOR-US: Fortinet
CVE-2022-29056
@@ -29874,7 +29874,7 @@ CVE-2022-29055
CVE-2022-29054
RESERVED
CVE-2022-29053 (A missing cryptographic steps vulnerability [CWE-325] in the functions ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2022-29052 (Jenkins Google Compute Engine Plugin 4.3.8 and earlier stores private ...)
NOT-FOR-US: Jenkins plugin
CVE-2022-29051 (Missing permission checks in Jenkins Publish Over FTP Plugin 1.16 and ...)
@@ -30359,9 +30359,9 @@ CVE-2022-28887
CVE-2022-28886
RESERVED
CVE-2022-28885 (A Denial-of-Service (DoS) vulnerability was discovered in the fsicapd ...)
- TODO: check
+ NOT-FOR-US: WithSecure
CVE-2022-28884 (A Denial-of-Service vulnerability was discovered in the F-Secure and W ...)
- TODO: check
+ NOT-FOR-US: WithSecure
CVE-2022-28883 (A Denial-of-Service (DoS) vulnerability was discovered in F-Secure &am ...)
NOT-FOR-US: F-Secure & WithSecure products
CVE-2022-28882 (A Denial-of-Service (DoS) vulnerability was discovered in F-Secure &am ...)
@@ -34384,7 +34384,7 @@ CVE-2022-1038
CVE-2022-27492
RESERVED
CVE-2022-27491 (A improper verification of source of a communication channel in Fortin ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2022-27490
RESERVED
CVE-2022-27489
@@ -38480,7 +38480,7 @@ CVE-2022-26116 (Multiple improper neutralization of special elements used in SQL
CVE-2022-26115
RESERVED
CVE-2022-26114 (An improper neutralization of input during web page generation vulnera ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2022-26113 (An execution with unnecessary privileges vulnerability [CWE-250] in Fo ...)
NOT-FOR-US: Fortinet
CVE-2022-26112
@@ -46385,33 +46385,33 @@ CVE-2022-23693
CVE-2022-23692
RESERVED
CVE-2022-23691 (A vulnerability exists in certain AOS-CX switch models which could all ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2022-23690 (A vulnerability in the web-based management interface of AOS-CX could ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2022-23689 (Multiple vulnerabilities exist in the processing of packet data by the ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2022-23688 (Multiple vulnerabilities exist in the processing of packet data by the ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2022-23687 (Multiple vulnerabilities exist in the processing of packet data by the ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2022-23686 (Multiple vulnerabilities exist in the processing of packet data by the ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2022-23685
RESERVED
CVE-2022-23684 (A vulnerability in the web-based management interface of AOS-CX could ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2022-23683 (Authenticated command injection vulnerabilities exist in the AOS-CX Ne ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2022-23682 (Multiple vulnerabilities exist in the AOS-CX command line interface th ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2022-23681 (Multiple vulnerabilities exist in the AOS-CX command line interface th ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2022-23680 (AOS-CX lacks Anti-CSRF protections in place for state-changing operati ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2022-23679 (AOS-CX lacks Anti-CSRF protections in place for state-changing operati ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2022-23678 (A vulnerability in the Aruba Virtual Intranet Access (VIA) client for ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2022-23677 (A remote execution of arbitrary code vulnerability was discovered in A ...)
NOT-FOR-US: Aruba
CVE-2022-23676 (A remote execution of arbitrary code vulnerability was discovered in A ...)
@@ -63524,7 +63524,7 @@ CVE-2020-36504 (The WP-Pro-Quiz WordPress plugin through 0.37 does not have CSRF
CVE-2021-43081 (An improper neutralization of input during web page generation vulnera ...)
NOT-FOR-US: FortiGuard
CVE-2021-43080 (An improper neutralization of input during web page generation vulnera ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2021-43079
RESERVED
CVE-2021-43078
@@ -63532,7 +63532,7 @@ CVE-2021-43078
CVE-2021-43077 (A improper neutralization of special elements used in an sql command ( ...)
NOT-FOR-US: FortiGuard
CVE-2021-43076 (An improper privilege management vulnerability [CWE-269] in FortiADC v ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2021-43075 (A improper neutralization of special elements used in an os command (' ...)
NOT-FOR-US: FortiGuard
CVE-2021-43074
@@ -84862,7 +84862,7 @@ CVE-2021-35110 (Possible buffer overflow to improper validation of hash segment
CVE-2021-35109 (Possible address manipulation from APP-NS while APP-S is configuring a ...)
TODO: check
CVE-2021-35108 (Improper checking of AP-S lock bit while verifying the secure resource ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-35107
RESERVED
CVE-2021-35106 (Possible out of bound read due to improper length calculation of WMI m ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dfd22da5a2e48de3a860acef7ad45b484d72ceaa
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dfd22da5a2e48de3a860acef7ad45b484d72ceaa
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220906/f319ea9b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list