[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Sep 24 09:23:12 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
87dd0dc4 by Salvatore Bonaccorso at 2022-09-24T10:22:48+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -251,7 +251,7 @@ CVE-2022-41221
CVE-2022-40224
RESERVED
CVE-2022-3263 (The security descriptor of Measuresoft ScadaPro Server version 6.7 has ...)
- TODO: check
+ NOT-FOR-US: Measuresoft ScadaPro Server
CVE-2022-3262
RESERVED
NOT-FOR-US: OpenShift
@@ -1329,7 +1329,7 @@ CVE-2022-40765
CVE-2022-40764
RESERVED
CVE-2022-3236 (A code injection vulnerability in the User Portal and Webadmin allows ...)
- TODO: check
+ NOT-FOR-US: Sophos
CVE-2022-40763
RESERVED
CVE-2022-3235 (Use After Free in GitHub repository vim/vim prior to 9.0.0490. ...)
@@ -1523,15 +1523,15 @@ CVE-2022-40676
CVE-2022-40675
RESERVED
CVE-2022-40672 (Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-40671 (Cross-Site Request Forgery (CSRF) vulnerability in Rate my Post – ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-40632
RESERVED
CVE-2022-40312
RESERVED
CVE-2022-40310 (Authenticated (subscriber+) Race Condition vulnerability in Rate my Po ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-40223
RESERVED
CVE-2022-40219 (Cross-Site Request Forgery (CSRF) vulnerability in SedLex FavIcon Swit ...)
@@ -1539,9 +1539,9 @@ CVE-2022-40219 (Cross-Site Request Forgery (CSRF) vulnerability in SedLex FavIco
CVE-2022-40217 (Authenticated (admin+) Arbitrary File Edit/Upload vulnerability in Xpl ...)
NOT-FOR-US: WordPress plugin
CVE-2022-40215 (Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabiliti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-40213 (Multiple Authenticated (contributor+) Stored Cross-Site Scripting (XSS ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-40211
RESERVED
CVE-2022-40206
@@ -1549,7 +1549,7 @@ CVE-2022-40206
CVE-2022-40205
RESERVED
CVE-2022-40193 (Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in Awe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-40131
RESERVED
CVE-2022-38974
@@ -1559,11 +1559,11 @@ CVE-2022-38468
CVE-2022-38461
RESERVED
CVE-2022-38454 (Cross-Site Request Forgery (CSRF) vulnerability in Kraken.io Image Opt ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-38104
RESERVED
CVE-2022-38079 (Cross-Site Request Forgery (CSRF) vulnerability Backup Scheduler plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-38074
RESERVED
CVE-2022-38073 (Multiple Authenticated (custom specific plugin role) Persistent Cross- ...)
@@ -1571,11 +1571,11 @@ CVE-2022-38073 (Multiple Authenticated (custom specific plugin role) Persistent
CVE-2022-36424
RESERVED
CVE-2022-36417 (Multiple Stored Cross-Site Scripting (XSS) via Cross-Site Request Forg ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-36404
RESERVED
CVE-2022-35238 (Unauthenticated Plugin Settings Change vulnerability in Awesome Filter ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-33978
RESERVED
CVE-2022-3216 (A vulnerability has been found in Nintendo Game Boy Color and classifi ...)
@@ -2668,25 +2668,25 @@ CVE-2022-40198
CVE-2022-40197
RESERVED
CVE-2022-40195 (Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-40194 (Unauthenticated Sensitive Information Disclosure vulnerability in Cust ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-40191 (Authenticated (subscriber+) Stored Cross-Site Scripting (XSS) vulnerab ...)
NOT-FOR-US: WordPress plugin
CVE-2022-40189
RESERVED
CVE-2022-40132 (Cross-Site Request Forgery (CSRF) vulnerability in Seriously Simple Po ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-38976
RESERVED
CVE-2022-38704 (Cross-Site Request Forgery (CSRF) vulnerability in SEO Redirection plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-38703 (Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-38470 (Cross-Site Request Forgery (CSRF) vulnerability in Customer Reviews fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-38460 (Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-38144 (Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team wpFor ...)
NOT-FOR-US: WordPress plugin
CVE-2022-38140
@@ -2698,27 +2698,27 @@ CVE-2022-38137
CVE-2022-38135 (Broken Access Control vulnerability in Dean Oakley's Photospace Galler ...)
NOT-FOR-US: WordPress plugin
CVE-2022-38134 (Authenticated (subscriber+) Broken Access Control vulnerability in Cus ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-38098
RESERVED
CVE-2022-38095 (Cross-Site Request Forgery (CSRF) vulnerability in AlgolPlus Advanced ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-38086
RESERVED
CVE-2022-38085 (Cross-Site Request Forgery (CSRF) vulnerability in Read more By Adam p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-38077
RESERVED
CVE-2022-37342 (Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-36790
RESERVED
CVE-2022-36388 (Cross-Site Request Forgery (CSRF) vulnerability in YDS Support Ticket ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-36356 (Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability ...)
NOT-FOR-US: WordPress plugin
CVE-2022-36340 (Unauthenticated Optin Campaign Cache Deletion vulnerability in MailOpt ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-36299
RESERVED
CVE-2022-36295
@@ -2944,25 +2944,25 @@ CVE-2022-40124
CVE-2022-40123
RESERVED
CVE-2022-40122 (Online Banking System v1.0 was discovered to contain a SQL injection v ...)
- TODO: check
+ NOT-FOR-US: Online Banking System
CVE-2022-40121 (Online Banking System v1.0 was discovered to contain a SQL injection v ...)
- TODO: check
+ NOT-FOR-US: Online Banking System
CVE-2022-40120 (Online Banking System v1.0 was discovered to contain a SQL injection v ...)
- TODO: check
+ NOT-FOR-US: Online Banking System
CVE-2022-40119 (Online Banking System v1.0 was discovered to contain a SQL injection v ...)
- TODO: check
+ NOT-FOR-US: Online Banking System
CVE-2022-40118 (Online Banking System v1.0 was discovered to contain a SQL injection v ...)
- TODO: check
+ NOT-FOR-US: Online Banking System
CVE-2022-40117 (Online Banking System v1.0 was discovered to contain a SQL injection v ...)
- TODO: check
+ NOT-FOR-US: Online Banking System
CVE-2022-40116 (Online Banking System v1.0 was discovered to contain a SQL injection v ...)
- TODO: check
+ NOT-FOR-US: Online Banking System
CVE-2022-40115 (Online Banking System v1.0 was discovered to contain a SQL injection v ...)
- TODO: check
+ NOT-FOR-US: Online Banking System
CVE-2022-40114 (Online Banking System v1.0 was discovered to contain a SQL injection v ...)
- TODO: check
+ NOT-FOR-US: Online Banking System
CVE-2022-40113 (Online Banking System v1.0 was discovered to contain a SQL injection v ...)
- TODO: check
+ NOT-FOR-US: Online Banking System
CVE-2022-40112 (TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable ...)
NOT-FOR-US: TOTOLINK
CVE-2022-40111 (In TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 in the sha ...)
@@ -3002,11 +3002,11 @@ CVE-2022-40095
CVE-2022-40094
RESERVED
CVE-2022-40093 (Online Tours & Travels Management System v1.0 was discovered to co ...)
- TODO: check
+ NOT-FOR-US: Online Tours & Travels Management System
CVE-2022-40092 (Online Tours & Travels Management System v1.0 was discovered to co ...)
- TODO: check
+ NOT-FOR-US: Online Tours & Travels Management System
CVE-2022-40091 (Online Tours & Travels Management System v1.0 was discovered to co ...)
- TODO: check
+ NOT-FOR-US: Online Tours & Travels Management System
CVE-2022-40090
RESERVED
CVE-2022-40089 (A remote file inclusion (RFI) vulnerability in Simple College Website ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/87dd0dc4d8b00f5c97ddf3465f85dae7a6a52ec6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/87dd0dc4d8b00f5c97ddf3465f85dae7a6a52ec6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220924/f4a9d8a2/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list