[Git][security-tracker-team/security-tracker][master] Process NFUs

Wed Sep 7 21:26:02 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c398f21f by Salvatore Bonaccorso at 2022-09-07T22:25:38+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -67,7 +67,7 @@ CVE-2022-3154
 CVE-2022-3153
 	RESERVED
 CVE-2022-3152 (Unverified Password Change in GitHub repository phpfusion/phpfusion pr ...)
-	TODO: check
+	NOT-FOR-US: PHP-Fusion
 CVE-2022-3151
 	RESERVED
 CVE-2022-3150
@@ -6151,7 +6151,7 @@ CVE-2022-37781 (fdkaac v1.0.3 was discovered to contain a heap buffer overflow v
 	NOTE: https://github.com/nu774/fdkaac/commit/ecddb7d63306e01d137d65bbbe7b78c1e779943c
 	NOTE: Crash in CLI tool, no security impact
 CVE-2022-37780 (Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1. ...)
-	TODO: check
+	NOT-FOR-US: Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers
 CVE-2022-37779
 	RESERVED
 CVE-2022-37778
@@ -6258,9 +6258,9 @@ CVE-2022-37733
 CVE-2022-37732
 	RESERVED
 CVE-2022-37731 (ftcms 2.1 poster.PHP has a XSS vulnerability. The attacker inserts mal ...)
-	TODO: check
+	NOT-FOR-US: ftcms
 CVE-2022-37730 (In ftcms 2.1, there is a Cross Site Request Forgery (CSRF) vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: ftcms
 CVE-2022-37729
 	RESERVED
 CVE-2022-37728
@@ -7690,7 +7690,7 @@ CVE-2022-37191
 CVE-2022-37190
 	RESERVED
 CVE-2022-37189 (DDMAL MEI2Volpiano 0.8.2 is vulnerable to XML External Entity (XXE), l ...)
-	TODO: check
+	NOT-FOR-US: DDMAL MEI2Volpiano
 CVE-2022-37188
 	RESERVED
 CVE-2022-37187
@@ -7852,7 +7852,7 @@ CVE-2022-37110
 CVE-2022-37109
 	RESERVED
 CVE-2022-37108 (An injection vulnerability in the syslog-ng configuration wizard in Se ...)
-	TODO: check
+	NOT-FOR-US: Securonix Snypr
 CVE-2022-37107
 	RESERVED
 CVE-2022-37106
@@ -8969,11 +8969,11 @@ CVE-2022-36663 (Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF
 CVE-2022-36662
 	RESERVED
 CVE-2022-36661 (xhyve commit dfbe09b was discovered to contain a NULL pointer derefere ...)
-	TODO: check
+	NOT-FOR-US: xhyve
 CVE-2022-36660 (xhyve commit dfbe09b was discovered to contain a stack buffer overflow ...)
-	TODO: check
+	NOT-FOR-US: xhyve
 CVE-2022-36659 (xhyve commit dfbe09b was discovered to contain a NULL pointer derefere ...)
-	TODO: check
+	NOT-FOR-US: xhyve
 CVE-2022-36658
 	RESERVED
 CVE-2022-36657 (Library Management System v1.0 was discovered to contain a cross-site  ...)
@@ -9217,7 +9217,7 @@ CVE-2022-36541
 CVE-2022-36540
 	RESERVED
 CVE-2022-36539 (WeDayCare B.V Ouderapp before v1.1.22 allows attackers to alter the ID ...)
-	TODO: check
+	NOT-FOR-US: WeDayCare B.V Ouderapp
 CVE-2022-36538
 	RESERVED
 CVE-2022-36537 (ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows atta ...)
@@ -10067,7 +10067,7 @@ CVE-2022-36273 (Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via
 CVE-2022-36272 (Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerab ...)
 	NOT-FOR-US: Mingsoft MCMS
 CVE-2022-36271 (Outbyte PC Repair Installation File 1.7.112.7856 is vulnerable to Dll  ...)
-	TODO: check
+	NOT-FOR-US: Outbyte PC Repair Installation File
 CVE-2022-36270 (Clinic's Patient Management System v1.0 has arbitrary code execution v ...)
 	NOT-FOR-US: Clinic's Patient Management System
 CVE-2022-36269



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c398f21facd69ab8769ed17cd8d4cfedd76d0b70

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c398f21facd69ab8769ed17cd8d4cfedd76d0b70
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220907/a323fec4/attachment.htm>
