[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Sep 14 10:04:40 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9a0d5201 by Salvatore Bonaccorso at 2022-09-14T11:04:14+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5350,7 +5350,7 @@ CVE-2022-2910
CVE-2022-2909 (A vulnerability was found in SourceCodester Simple and Nice Shopping C ...)
NOT-FOR-US: SourceCodester Simple and Nice Shopping Cart Script
CVE-2022-38466 (A vulnerability has been identified in CoreShield One-Way Gateway (OWG ...)
- TODO: check
+ NOT-FOR-US: CoreShield One-Way Gateway (OWG)
CVE-2022-38465
RESERVED
CVE-2022-38089 (Stored cross-site scripting vulnerability in Exment ((PHP8) exceedone/ ...)
@@ -5888,7 +5888,7 @@ CVE-2022-38344
CVE-2022-38343
RESERVED
CVE-2022-38342 (Safe Software FME Server v2022.0.1.1 and below was discovered to conta ...)
- TODO: check
+ NOT-FOR-US: Safe Software FME Server
CVE-2022-38341
RESERVED
CVE-2022-38340
@@ -5914,7 +5914,7 @@ CVE-2022-38331
CVE-2022-38330
RESERVED
CVE-2022-38329 (An issue was discovered in Shopxian CMS 3.0.0. There is a CSRF vulnera ...)
- TODO: check
+ NOT-FOR-US: Shopxian CMS
CVE-2022-38328
RESERVED
CVE-2022-38327
@@ -5982,7 +5982,7 @@ CVE-2022-2819 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to
CVE-2022-2818 (Authentication Bypass by Primary Weakness in GitHub repository cockpit ...)
NOT-FOR-US: Cockpit-HQ/Cockpit
CVE-2022-38305 (AeroCMS v0.0.1 was discovered to contain an arbitrary file upload vuln ...)
- TODO: check
+ NOT-FOR-US: AeroCMS
CVE-2022-38304 (Online Leave Management System v1.0 was discovered to contain a SQL in ...)
NOT-FOR-US: Online Leave Management System
CVE-2022-38303 (Online Leave Management System v1.0 was discovered to contain a SQL in ...)
@@ -6775,9 +6775,9 @@ CVE-2022-38022
CVE-2022-38021
RESERVED
CVE-2022-38020 (Visual Studio Code Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-38019 (AV1 Video Extension Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-38018
RESERVED
CVE-2022-38017
@@ -6789,25 +6789,25 @@ CVE-2022-38015
CVE-2022-38014
RESERVED
CVE-2022-38013 (.NET Core and Visual Studio Denial of Service Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-38012 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-38011 (Raw Image Extension Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-38010 (Microsoft Office Visio Remote Code Execution Vulnerability. This CVE I ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-38009 (Microsoft SharePoint Server Remote Code Execution Vulnerability. This ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-38008 (Microsoft SharePoint Server Remote Code Execution Vulnerability. This ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-38007 (Azure Guest Configuration and Azure Arc-enabled servers Elevation of P ...)
TODO: check
CVE-2022-38006 (Windows Graphics Component Information Disclosure Vulnerability. This ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-38005 (Windows Print Spooler Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-38004 (Windows Fax Service Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-38003
RESERVED
CVE-2022-38002
@@ -6877,7 +6877,7 @@ CVE-2022-37971
CVE-2022-37970
RESERVED
CVE-2022-37969 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-37968
RESERVED
CVE-2022-37967
@@ -6887,27 +6887,27 @@ CVE-2022-37966
CVE-2022-37965
RESERVED
CVE-2022-37964 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-37963 (Microsoft Office Visio Remote Code Execution Vulnerability. This CVE I ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-37962 (Microsoft PowerPoint Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-37961 (Microsoft SharePoint Server Remote Code Execution Vulnerability. This ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-37960
RESERVED
CVE-2022-37959 (Network Device Enrollment Service (NDES) Security Feature Bypass Vulne ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-37958 (SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Information Di ...)
TODO: check
CVE-2022-37957 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-37956 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-37955 (Windows Group Policy Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-37954 (DirectX Graphics Kernel Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-37953 (An HTTP response splitting vulnerability exists in the AM Gateway Chal ...)
NOT-FOR-US: GE Gas Power
CVE-2022-37952 (A reflected cross-site scripting (XSS) vulnerability exists in the iHi ...)
@@ -8839,9 +8839,9 @@ CVE-2022-37193
CVE-2022-37192
RESERVED
CVE-2022-37191 (The component "cuppa/api/index.php" of CuppaCMS v1.0 is Vulnerable to ...)
- TODO: check
+ NOT-FOR-US: CuppaCMS
CVE-2022-37190 (CuppaCMS 1.0 is vulnerable to Remote Code Execution (RCE). An authenti ...)
- TODO: check
+ NOT-FOR-US: CuppaCMS
CVE-2022-37189 (DDMAL MEI2Volpiano 0.8.2 is vulnerable to XML External Entity (XXE), l ...)
NOT-FOR-US: DDMAL MEI2Volpiano
CVE-2022-37188
@@ -8945,13 +8945,13 @@ CVE-2022-37142
CVE-2022-37141
RESERVED
CVE-2022-37140 (PayMoney 3.3 is vulnerable to Client Side Remote Code Execution (RCE). ...)
- TODO: check
+ NOT-FOR-US: PayMoney
CVE-2022-37139 (Loan Management System version 1.0 suffers from a persistent cross sit ...)
- TODO: check
+ NOT-FOR-US: Loan Management System
CVE-2022-37138 (Loan Management System 1.0 is vulnerable to SQL Injection at the login ...)
- TODO: check
+ NOT-FOR-US: Loan Management System
CVE-2022-37137 (PayMoney 3.3 is vulnerable to Stored Cross-Site Scripting (XSS) during ...)
- TODO: check
+ NOT-FOR-US: PayMoney
CVE-2022-37136
RESERVED
CVE-2022-37135
@@ -10110,11 +10110,11 @@ CVE-2022-36671 (Novel-Plus v3.6.2 was discovered to contain an arbitrary file do
CVE-2022-36670 (PCProtect Endpoint prior to v5.17.470 for Microsoft Windows lacks tamp ...)
NOT-FOR-US: PCProtect Endpoint
CVE-2022-36669 (Hospital Information System version 1.0 suffers from a remote SQL inje ...)
- TODO: check
+ NOT-FOR-US: Hospital Information System
CVE-2022-36668 (Garage Management System 1.0 is vulnerable to Stored Cross Site Script ...)
- TODO: check
+ NOT-FOR-US: Garage Management System
CVE-2022-36667 (Garage Management System 1.0 is vulnerable to the Remote Code Executio ...)
- TODO: check
+ NOT-FOR-US: Garage Management System
CVE-2022-36666
RESERVED
CVE-2022-36665
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a0d52012a051617252143dabbcb392b452e6ae3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a0d52012a051617252143dabbcb392b452e6ae3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220914/4df971b9/attachment.htm>
More information about the debian-security-tracker-commits
mailing list