[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Feb 13 09:52:01 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a3bca77a by Moritz Muehlenhoff at 2023-02-13T10:51:13+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -135,9 +135,9 @@ CVE-2022-4907
CVE-2022-4906
RESERVED
CVE-2022-48323 (Sunlogin Sunflower Simplified (aka Sunflower Simple and Personal) 1.0. ...)
- TODO: check
+ NOT-FOR-US: Sunlogin Sunflower Simplified
CVE-2022-48322 (NETGEAR Nighthawk WiFi Mesh systems and routers are affected by a stac ...)
- TODO: check
+ NOT-FOR-US: NETGEAR
CVE-2021-4324
RESERVED
CVE-2021-4323
@@ -213,15 +213,15 @@ CVE-2023-0782 (A vulnerability was found in Tenda AC23 16.03.07.45 and classifie
CVE-2023-0781 (A vulnerability was found in SourceCodester Canteen Management System ...)
NOT-FOR-US: SourceCodester Canteen Management System
CVE-2020-36661 (A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been d ...)
- TODO: check
+ NOT-FOR-US: lua-multipart
CVE-2019-25103 (A vulnerability has been found in simple-markdown 0.5.1 and classified ...)
- TODO: check
+ NOT-FOR-US: simple-markdown
CVE-2019-25102 (A vulnerability, which was classified as problematic, was found in sim ...)
- TODO: check
+ NOT-FOR-US: simple-markdown
CVE-2015-10078 (A vulnerability, which was classified as problematic, has been found i ...)
NOT-FOR-US: Resend Welcome Email Plugin
CVE-2023-0780 (Improper Restriction of Rendered UI Layers or Frames in GitHub reposit ...)
- TODO: check
+ NOT-FOR-US: Cockpit Content Platform (different from src:cockpit)
CVE-2023-0779
RESERVED
CVE-2023-0778
@@ -4066,7 +4066,7 @@ CVE-2023-24232 (A stored cross-site scripting (XSS) vulnerability in the compone
CVE-2023-24231 (A stored cross-site scripting (XSS) vulnerability in the component /ph ...)
NOT-FOR-US: Inventory Management System
CVE-2023-24230 (A stored cross-site scripting (XSS) vulnerability in the component /fo ...)
- TODO: check
+ NOT-FOR-US: Formwork
CVE-2023-24229
RESERVED
CVE-2023-24228
@@ -7924,7 +7924,7 @@ CVE-2023-0128 (Use after free in Overview Mode in Google Chrome on Chrome OS pri
- chromium 109.0.5414.74-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2023-0127 (A command injection vulnerability in the firmware_update command, in t ...)
- TODO: check
+ NOT-FOR-US: Tenable
CVE-2023-0126 (Pre-authentication path traversal vulnerability in SMA1000 firmware ve ...)
NOT-FOR-US: SonicWall
CVE-2023-0125 (A vulnerability was found in Control iD Panel. It has been declared as ...)
@@ -10277,23 +10277,23 @@ CVE-2023-22369
CVE-2023-22368
RESERVED
CVE-2023-22367 (Ichiran App for iOS versions prior to 3.1.0 and Ichiran App for Androi ...)
- TODO: check
+ NOT-FOR-US: Ichiran
CVE-2023-22362 (SUSHIRO App for Android outputs sensitive information to the log file, ...)
- TODO: check
+ NOT-FOR-US: SUSHIRO
CVE-2023-22360 (Use-after free vulnerability exists in Screen Creator Advance 2 Ver.0. ...)
- TODO: check
+ NOT-FOR-US: Screen Creator Advance
CVE-2023-22353 (Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver ...)
- TODO: check
+ NOT-FOR-US: Screen Creator Advance
CVE-2023-22350 (Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver ...)
- TODO: check
+ NOT-FOR-US: Screen Creator Advance
CVE-2023-22349 (Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver ...)
- TODO: check
+ NOT-FOR-US: Screen Creator Advance
CVE-2023-22347 (Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver ...)
- TODO: check
+ NOT-FOR-US: Screen Creator Advance
CVE-2023-22346 (Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver ...)
- TODO: check
+ NOT-FOR-US: Screen Creator Advance
CVE-2023-22345 (Out-of-bound write vulnerability exists in Screen Creator Advance 2 Ve ...)
- TODO: check
+ NOT-FOR-US: Screen Creator Advance
CVE-2023-22344
RESERVED
CVE-2023-22336
@@ -13160,7 +13160,7 @@ CVE-2022-4558 (A vulnerability was found in Alinto SOGo up to 5.7.1. It has been
[buster] - sogo <no-dsa> (Minor issue)
NOTE: https://github.com/Alinto/sogo/commit/1e0f5f00890f751e84d67be4f139dd7f00faa5f3 (SOGo-5.8.0)
CVE-2022-4557 (Improper Input Validation vulnerability in Group Arge Energy and Contr ...)
- TODO: check
+ NOT-FOR-US: Group Arge Energy and Control Systems Smartpower Web
CVE-2022-4556 (A vulnerability was found in Alinto SOGo up to 5.7.1 and classified as ...)
- sogo 5.8.0-1
[bullseye] - sogo <no-dsa> (Minor issue)
@@ -15312,7 +15312,7 @@ CVE-2022-4367
CVE-2022-43501 (KASAGO TCP/IP stack provided by Zuken Elmic generates ISNs(Initial Seq ...)
NOT-FOR-US: Zuken Elmic
CVE-2022-43460 (Driver Distributor v2.2.3.1 and earlier contains a vulnerability where ...)
- TODO: check
+ NOT-FOR-US: Driver Distributor
CVE-2022-46831 (In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS ...)
NOT-FOR-US: JetBrains TeamCity
CVE-2022-46830 (In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpo ...)
@@ -20663,19 +20663,19 @@ CVE-2022-45093 (A vulnerability has been identified in SINEC INS (All versions &
CVE-2022-45092 (A vulnerability has been identified in SINEC INS (All versions < V1 ...)
NOT-FOR-US: Siemens
CVE-2022-45091 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Group Arge Energy and Control Systems Smartpower Web
CVE-2022-45090 (Improper Input Validation vulnerability in Group Arge Energy and Contr ...)
- TODO: check
+ NOT-FOR-US: Group Arge Energy and Control Systems Smartpower Web
CVE-2022-45089 (Improper Input Validation vulnerability in Group Arge Energy and Contr ...)
- TODO: check
+ NOT-FOR-US: Group Arge Energy and Control Systems Smartpower Web
CVE-2022-45088 (Improper Input Validation vulnerability in Group Arge Energy and Contr ...)
- TODO: check
+ NOT-FOR-US: Group Arge Energy and Control Systems Smartpower Web
CVE-2022-45087 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Group Arge Energy and Control Systems Smartpower Web
CVE-2022-45086 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Group Arge Energy and Control Systems Smartpower Web
CVE-2022-45085 (Server-Side Request Forgery (SSRF) vulnerability in Group Arge Energy ...)
- TODO: check
+ NOT-FOR-US: Group Arge Energy and Control Systems Smartpower Web
CVE-2022-45084
RESERVED
CVE-2022-45083
@@ -26193,7 +26193,7 @@ CVE-2023-20078
CVE-2023-20077
RESERVED
CVE-2023-20076 (A vulnerability in the Cisco IOx application hosting environment could ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20075
RESERVED
CVE-2023-20074
@@ -31047,7 +31047,7 @@ CVE-2022-42294
CVE-2022-42293
RESERVED
CVE-2022-42292 (NVIDIA GeForce Experience contains a vulnerability in the NVContainer ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42291 (NVIDIA GeForce Experience contains a vulnerability in the installer, w ...)
NOT-FOR-US: NVIDIA
CVE-2022-42290 (NVIDIA BMC contains a vulnerability in SPX REST API, where an authoriz ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3bca77acedfc23f5b3229d48c695d85e6757457
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3bca77acedfc23f5b3229d48c695d85e6757457
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230213/3f74180a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list