[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Jan 19 17:25:04 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
92a4b2a2 by Moritz Muehlenhoff at 2023-01-19T18:24:42+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4401,7 +4401,7 @@ CVE-2022-48193
CVE-2022-48192
RESERVED
CVE-2022-48191 (A vulnerability exists in Trend Micro Maximum Security 2022 (17.7) whe ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2021-46870
RESERVED
CVE-2021-46869
@@ -5219,23 +5219,23 @@ CVE-2023-22322
CVE-2023-22320 (OpenAM Web Policy Agent (OpenAM Consortium Edition) provided by OpenAM ...)
NOT-FOR-US: OpenAM Web Policy Agent (different from src:openam)
CVE-2023-22316 (Hidden functionality vulnerability in PIX-RT100 versions RT100_TEQ_2.1 ...)
- TODO: check
+ NOT-FOR-US: PIXELA
CVE-2023-22304 (OS command injection vulnerability in PIX-RT100 versions RT100_TEQ_2.1 ...)
- TODO: check
+ NOT-FOR-US: PIXELA
CVE-2023-22303 (TP-Link SG105PE firmware prior to 'TL-SG105PE(UN) 1.0_1.0.0 Build 2022 ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2023-22298 (Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allow ...)
- pgadmin4 <itp> (bug #834129)
CVE-2023-22296 (Reflected cross-site scripting vulnerability in MAHO-PBX NetDevancer s ...)
- TODO: check
+ NOT-FOR-US: Mahoroba Kobo
CVE-2023-22286 (Cross-site request forgery (CSRF) vulnerability in MAHO-PBX NetDevance ...)
- TODO: check
+ NOT-FOR-US: Mahoroba Kobo
CVE-2023-22280 (MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX ...)
- TODO: check
+ NOT-FOR-US: Mahoroba Kobo
CVE-2023-22279 (MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX ...)
- TODO: check
+ NOT-FOR-US: Mahoroba Kobo
CVE-2023-22278 (m-FILTER prior to Ver.5.70R01 (Ver.5 Series) and m-FILTER prior to Ver ...)
- TODO: check
+ NOT-FOR-US: Digital Arts
CVE-2022-47969
RESERVED
CVE-2022-4777
@@ -5329,9 +5329,9 @@ CVE-2023-22392
CVE-2023-22391 (A vulnerability in class-of-service (CoS) queue management in Juniper ...)
NOT-FOR-US: Juniper
CVE-2023-22366 (CX-Motion-MCH v2.32 and earlier contains an access of uninitialized po ...)
- TODO: check
+ NOT-FOR-US: CX-Motion-MCH
CVE-2023-22357 (Active debug code exists in OMRON CP1L-EL20DR-D all versions, which ma ...)
- TODO: check
+ NOT-FOR-US: OMROM
CVE-2023-22317
RESERVED
CVE-2023-22314
@@ -5424,7 +5424,7 @@ CVE-2018-25049 (A vulnerability was found in email-existence. It has been rated
CVE-2015-10005 (A vulnerability was found in markdown-it up to 2.x. It has been classi ...)
NOT-FOR-US: Fuji Electric
CVE-2022-47966 (Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Pl ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2022-4746
RESERVED
CVE-2022-4745
@@ -5864,11 +5864,11 @@ CVE-2023-22383
CVE-2023-22382
RESERVED
CVE-2022-47917 (Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up ...)
- TODO: check
+ NOT-FOR-US: Sewio
CVE-2022-47912
RESERVED
CVE-2022-47911 (Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up ...)
- TODO: check
+ NOT-FOR-US: Sewio
CVE-2022-47896 (In JetBrains IntelliJ IDEA before 2022.3.1 code Templates were vulnera ...)
- intellij-idea <itp> (bug #747616)
CVE-2022-47895 (In JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" act ...)
@@ -5882,7 +5882,7 @@ CVE-2022-47892
CVE-2022-47891
RESERVED
CVE-2022-47395 (Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up ...)
- TODO: check
+ NOT-FOR-US: Sewio
CVE-2022-47320
RESERVED
CVE-2022-47311
@@ -5890,7 +5890,7 @@ CVE-2022-47311
CVE-2022-46738
RESERVED
CVE-2022-46733 (Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up ...)
- TODO: check
+ NOT-FOR-US: Sewio
CVE-2022-46658
RESERVED
CVE-2022-4634
@@ -5926,19 +5926,19 @@ CVE-2022-45876
CVE-2022-45468
RESERVED
CVE-2022-45444 (Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up ...)
- TODO: check
+ NOT-FOR-US: Sewio
CVE-2022-45127 (Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up ...)
- TODO: check
+ NOT-FOR-US: Sewio
CVE-2022-45121
RESERVED
CVE-2022-43512
RESERVED
CVE-2022-43483 (Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up ...)
- TODO: check
+ NOT-FOR-US: Sewio
CVE-2022-43455 (Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up ...)
- TODO: check
+ NOT-FOR-US: Sewio
CVE-2022-41989 (Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up ...)
- TODO: check
+ NOT-FOR-US: Sewio
CVE-2022-41696
RESERVED
CVE-2022-40633
@@ -6014,7 +6014,7 @@ CVE-2022-47883
CVE-2022-47882
RESERVED
CVE-2022-47881 (Foxit PDF Reader and PDF Editor 11.2.1.53537 and earlier has an Out-of ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2022-47880
RESERVED
CVE-2022-47879
@@ -6663,7 +6663,7 @@ CVE-2022-47580
CVE-2022-4622
RESERVED
CVE-2022-4621 (Panasonic Sanyo CCTV Network Cameras versions 1.02-05 and 2.03-0x are ...)
- TODO: check
+ NOT-FOR-US: Panasonic
CVE-2022-4620
RESERVED
CVE-2022-4619 (The Sidebar Widgets by CodeLights plugin for WordPress is vulnerable t ...)
@@ -8265,11 +8265,11 @@ CVE-2022-47451
CVE-2022-47450
RESERVED
CVE-2022-46732 (Even if the authentication fails for local service authentication, the ...)
- TODO: check
+ NOT-FOR-US: GE Digital
CVE-2022-46660 (An unauthorized user could alter or write files with full control over ...)
- TODO: check
+ NOT-FOR-US: GE Digital
CVE-2022-46331 (An unauthorized user could possibly delete any file on the system. ...)
- TODO: check
+ NOT-FOR-US: GE Digital
CVE-2022-4517
RESERVED
CVE-2022-4516
@@ -8294,9 +8294,9 @@ CVE-2022-4510
CVE-2022-4509
RESERVED
CVE-2022-43494 (An unauthorized user could be able to read any file on the system, pot ...)
- TODO: check
+ NOT-FOR-US: GE Digital
CVE-2022-38469 (An unauthorized user with network access and the decryption key could ...)
- TODO: check
+ NOT-FOR-US: GE Digital
CVE-2021-4245 (A vulnerability classified as problematic has been found in chbrown rf ...)
NOT-FOR-US: rfc6902
CVE-2022-47449
@@ -11163,7 +11163,7 @@ CVE-2022-46477
CVE-2022-46476
RESERVED
CVE-2022-46475 (D-Link DIR 645A1 1.06B01_Beta01 was discovered to contain a stack over ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2022-46474
RESERVED
CVE-2022-46473
@@ -11515,33 +11515,33 @@ CVE-2023-21616
CVE-2023-21615
RESERVED
CVE-2023-21614 (Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-21613 (Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-21612 (Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-21611 (Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-21610 (Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-21609 (Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-21608 (Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-21607 (Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-21606 (Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-21605 (Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-21604 (Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-21603 (Adobe Dimension version 3.4.6 (and earlier) are affected by an out-of- ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-21602
RESERVED
CVE-2023-21601 (Adobe Dimension version 3.4.6 (and earlier) are affected by a Use Afte ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-21600
RESERVED
CVE-2023-21599 (Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affec ...)
@@ -11573,7 +11573,7 @@ CVE-2023-21587 (Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) ar
CVE-2023-21586
RESERVED
CVE-2023-21585 (Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-21584
RESERVED
CVE-2023-21583
@@ -11581,11 +11581,11 @@ CVE-2023-21583
CVE-2023-21582
RESERVED
CVE-2023-21581 (Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-21580
RESERVED
CVE-2023-21579 (Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-21578
RESERVED
CVE-2023-21577
@@ -12920,19 +12920,19 @@ CVE-2022-45930 (A SQL injection issue was discovered in AAA in OpenDaylight (ODL
CVE-2022-45929
RESERVED
CVE-2022-45928 (A remote OScript execution issue was discovered in OpenText Content Su ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2022-45927 (An issue was discovered in OpenText Content Suite Platform 22.1 (16.2. ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2022-45926 (An issue was discovered in OpenText Content Suite Platform 22.1 (16.2. ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2022-45925 (An issue was discovered in OpenText Content Suite Platform 22.1 (16.2. ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2022-45924 (An issue was discovered in OpenText Content Suite Platform 22.1 (16.2. ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2022-45923 (An issue was discovered in OpenText Content Suite Platform 22.1 (16.2. ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2022-45922 (An issue was discovered in OpenText Content Suite Platform 22.1 (16.2. ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2022-45921 (FusionAuth before 1.41.3 allows a file outside of the application root ...)
NOT-FOR-US: FusionAuth
CVE-2022-45920
@@ -13704,7 +13704,7 @@ CVE-2022-45615
CVE-2022-45614
REJECTED
CVE-2022-45613 (Book Store Management System v1.0 was discovered to contain a cross-si ...)
- TODO: check
+ NOT-FOR-US: Book Store Management System
CVE-2022-45612
RESERVED
CVE-2022-45611
@@ -15468,7 +15468,7 @@ CVE-2022-45105
CVE-2022-45104
RESERVED
CVE-2022-45103 (Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Ena ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2022-45102
RESERVED
CVE-2022-45101
@@ -19894,11 +19894,11 @@ CVE-2023-20603
CVE-2023-20602
RESERVED
CVE-2022-43977 (An issue was discovered on GE Grid Solutions MS3000 devices before 3.7 ...)
- TODO: check
+ NOT-FOR-US: GE
CVE-2022-43976 (An issue was discovered in FC46-WebBridge on GE Grid Solutions MS3000 ...)
- TODO: check
+ NOT-FOR-US: GE
CVE-2022-43975 (An issue was discovered in FC46-WebBridge on GE Grid Solutions MS3000 ...)
- TODO: check
+ NOT-FOR-US: GE
CVE-2022-43974 (MatrixSSL 4.0.4 through 4.5.1 has an integer overflow in matrixSslDeco ...)
- matrixssl <removed>
CVE-2022-43973 (An arbitrary code execution vulnerability exisits in Linksys WRT54GL W ...)
@@ -25815,51 +25815,51 @@ CVE-2022-42292
CVE-2022-42291
RESERVED
CVE-2022-42290 (NVIDIA BMC contains a vulnerability in SPX REST API, where an authoriz ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42289 (NVIDIA BMC contains a vulnerability in SPX REST API, where an authoriz ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42288 (NVIDIA BMC contains a vulnerability in IPMI handler, where an unauthor ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42287 (NVIDIA BMC contains a vulnerability in IPMI handler, where an authoriz ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42286 (DGX A100 SBIOS contains a vulnerability in Bds, which may lead to code ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42285 (DGX A100 SBIOS contains a vulnerability in the Pre-EFI Initialization ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42284 (NVIDIA BMC stores user passwords in an obfuscated form in a database a ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42283 (NVIDIA BMC contains a vulnerability in IPMI handler, where an authoriz ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42282 (NVIDIA BMC contains a vulnerability in SPX REST API, where an authoriz ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42281 (NVIDIA DGX A100 contains a vulnerability in SBIOS in the FsRecovery, w ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42280 (NVIDIA BMC contains a vulnerability in SPX REST auth handler, where an ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42279 (NVIDIA BMC contains a vulnerability in SPX REST API, where an authoriz ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42278 (NVIDIA BMC contains a vulnerability in SPX REST API, where an authoriz ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42277 (NVIDIA DGX Station contains a vulnerability in SBIOS in the SmiFlash, ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42276 (NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmiFlash, whe ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42275 (NVIDIA BMC IPMI handler allows an unauthenticated host to write to a h ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42274 (NVIDIA BMC contains a vulnerability in IPMI handler, where an authoriz ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42273 (NVIDIA BMC contains a vulnerability in libwebsocket, where an authoriz ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42272 (NVIDIA BMC contains a vulnerability in IPMI handler, where an authoriz ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42271 (NVIDIA BMC contains a vulnerability in IPMI handler, where an authoriz ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42270 (NVIDIA distributions of Linux contain a vulnerability in nvdla_emu_tas ...)
NOT-FOR-US: NVIDIA
CVE-2022-42269 (NVIDIA Trusted OS contains a vulnerability in an SMC call handler, whe ...)
NOT-FOR-US: NVIDIA
CVE-2022-42268 (Omniverse Kit contains a vulnerability in the reference applications C ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2022-42267 (NVIDIA GPU Display Driver for Windows contains a vulnerability where a ...)
NOT-FOR-US: NVIDIA
CVE-2022-42266 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the ...)
@@ -26303,7 +26303,7 @@ CVE-2022-42138
CVE-2022-42137
RESERVED
CVE-2022-42136 (Authenticated mail users, under specific circumstances, could add file ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2022-42135
RESERVED
CVE-2022-42134
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92a4b2a2163d7cc4935032c4e3d128c55d5d6e61
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92a4b2a2163d7cc4935032c4e3d128c55d5d6e61
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230119/b16c1391/attachment.htm>
More information about the debian-security-tracker-commits
mailing list