[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jan 26 20:54:42 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
40c7f9f8 by Salvatore Bonaccorso at 2023-01-26T21:54:19+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -65,13 +65,13 @@ CVE-2023-24545
CVE-2023-0517
RESERVED
CVE-2023-0516 (A vulnerability was found in SourceCodester Online Tours & Travels ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Online Tours & Travels Management System
CVE-2023-0515 (A vulnerability was found in SourceCodester Online Tours & Travels ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Online Tours & Travels Management System
CVE-2023-0514
RESERVED
CVE-2023-0513 (A vulnerability has been found in isoftforce Dreamer CMS up to 4.0.1 a ...)
- TODO: check
+ NOT-FOR-US: isoftforce Dreamer CMS
CVE-2023-0512
RESERVED
CVE-2023-0511
@@ -4235,7 +4235,7 @@ CVE-2023-22973
CVE-2023-22972
RESERVED
CVE-2023-22971 (Cross Site Scripting (XSS) vulnerability in Hughes Network Systems Rou ...)
- TODO: check
+ NOT-FOR-US: Hughes
CVE-2023-22970
RESERVED
CVE-2023-22969
@@ -5233,7 +5233,7 @@ CVE-2023-22741 (Sofia-SIP is an open-source SIP User-Agent library, compliant wi
CVE-2023-22740
RESERVED
CVE-2023-22739 (Discourse is an open source platform for community discussion. Version ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2023-22738
RESERVED
CVE-2023-22737
@@ -6374,7 +6374,7 @@ CVE-2023-22470 (Nextcloud Deck is a kanban style organization tool aimed at pers
CVE-2023-22469 (Deck is a kanban style organization tool aimed at personal planning an ...)
NOT-FOR-US: Deck
CVE-2023-22468 (Discourse is an open source platform for community discussion. Version ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2023-22467 (Luxon is a library for working with dates and times in JavaScript. On ...)
NOT-FOR-US: Luxon
CVE-2023-22466 (Tokio is a runtime for writing applications with Rust. Starting with v ...)
@@ -19297,11 +19297,11 @@ CVE-2023-20927
CVE-2023-20926
RESERVED
CVE-2023-20925 (In setUclampMinLocked of PowerSessionManager.cpp, there is a possible ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-20924 (In (TBD) of (TBD), there is a possible way to bypass the lockscreen du ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-20923 (In exported content providers of ShannonRcs, there is a possible way t ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-20922 (In setMimeGroup of PackageManagerService.java, there is a possible cra ...)
NOT-FOR-US: Android
CVE-2023-20921 (In onPackageRemoved of AccessibilityManagerService.java, there is a po ...)
@@ -20518,7 +20518,7 @@ CVE-2022-44299
CVE-2022-44298
RESERVED
CVE-2022-44297 (SiteServer CMS 7.1.3 has a SQL injection vulnerability the background. ...)
- TODO: check
+ NOT-FOR-US: SiteServer CMS
CVE-2022-44296 (Sanitization Management System v1.0 is vulnerable to SQL Injection via ...)
NOT-FOR-US: Sanitization Management System
CVE-2022-44295 (Sanitization Management System v1.0 is vulnerable to SQL Injection via ...)
@@ -21089,7 +21089,7 @@ CVE-2022-44020 (An issue was discovered in OpenStack Sushy-Tools through 0.21.0
CVE-2022-44019 (In Total.js 4 before 0e5ace7, /api/common/ping can achieve remote comm ...)
NOT-FOR-US: Total.js CMS
CVE-2022-44018 (In Softing uaToolkit Embedded before 1.40.1, a malformed PubSub discov ...)
- TODO: check
+ NOT-FOR-US: Softing uaToolkit Embedded
CVE-2022-44017 (An issue was discovered in Simmeth Lieferantenmanager before 5.6. Due ...)
NOT-FOR-US: Simmeth Lieferantenmanager
CVE-2022-44016 (An issue was discovered in Simmeth Lieferantenmanager before 5.6. An a ...)
@@ -21751,7 +21751,7 @@ CVE-2022-43961
CVE-2022-43960
RESERVED
CVE-2022-43959 (Insufficiently Protected Credentials in the AD/LDAP server settings in ...)
- TODO: check
+ NOT-FOR-US: 1C-Bitrix Bitrix24
CVE-2022-3736 (BIND 9 resolver can crash when stale cache and stale answers are enabl ...)
{DSA-5329-1}
- bind9 1:9.18.11-1
@@ -23640,7 +23640,7 @@ CVE-2022-43705 (In Botan before 2.19.3, it is possible to forge OCSP responses d
NOTE: https://github.com/randombit/botan/commit/a33689613127f319c0047fb96f092de16e7cb350 (2.19.3)
NOTE: https://github.com/randombit/botan/commit/909c62717855402e04dbaf8ffc085f444d547aae (2.19.3)
CVE-2022-43704 (The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, a ...)
- TODO: check
+ NOT-FOR-US: Sinilink XY-WFT1 WiFi Remote Thermostat
CVE-2022-43703
RESERVED
CVE-2022-43702
@@ -27126,11 +27126,11 @@ CVE-2022-3433 (The aeson library is not safe to use to consume untrusted JSON in
NOTE: https://github.com/haskell/aeson/issues/864
NOTE: https://github.com/haskell/aeson/commit/582a844d8028f62e409048a4caae187b27e8e697 (v2.0.1.0)
CVE-2022-3432 (A potential vulnerability in a driver used during manufacturing proces ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2022-3431
RESERVED
CVE-2022-3430 (A potential vulnerability in the WMI Setup driver on some consumer Len ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2022-42493
RESERVED
CVE-2022-42492
@@ -27335,115 +27335,115 @@ CVE-2022-42425
CVE-2022-42424
RESERVED
CVE-2022-42423 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42422
RESERVED
CVE-2022-42421 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42420 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42419 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42418 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42417 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42416 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42415 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42414 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42413 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42412 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42411 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42410 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42409 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42408 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42407 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42406 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42405 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42404 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42403 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42402 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42401 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42400 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42399 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42398 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42397 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42396 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42395 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42394 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42393 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42392 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42391 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42390 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42389 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42388 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42387 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42386 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42385 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42384 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42383 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42382 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42381 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42380 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42379 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42378 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42377 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42376 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42375 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42374 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42373 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42372 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42371 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42370 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42369 (This vulnerability allows remote attackers to disclose sensitive infor ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2022-42368
RESERVED
CVE-2022-42367 (Adobe Experience Manager version 6.5.14 (and earlier) is affected by a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/40c7f9f8321a69a7e07e1e126c88ed189d7c876f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/40c7f9f8321a69a7e07e1e126c88ed189d7c876f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230126/c1e4e7df/attachment.htm>
More information about the debian-security-tracker-commits
mailing list