Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2c72f5ee by Salvatore Bonaccorso at 2022-01-19T21:28:43+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -317,7 +317,7 @@ CVE-2022-21801
CVE-2022-21796
RESERVED
CVE-2022-0274 (Cross-site Scripting (XSS) - Stored in NPM cypress-orchardcore
prior t ...)
- TODO: check
+ NOT-FOR-US: Orchard CMS
CVE-2022-0273
RESERVED
CVE-2022-0272
@@ -1799,7 +1799,7 @@ CVE-2022-0168
CVE-2022-0167
RESERVED
CVE-2022-0166 (A privilege escalation vulnerability in the McAfee Agent prior
to 5.7. ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2022-0165
RESERVED
CVE-2022-0164
@@ -1943,9 +1943,9 @@ CVE-2021-46206
CVE-2021-46205
RESERVED
CVE-2021-46204 (Taocms v3.0.2 was discovered to contain an arbitrary file read
vulnera ...)
- TODO: check
+ NOT-FOR-US: Taocms
CVE-2021-46203 (Taocms v3.0.2 was discovered to contain an arbitrary file read
vulnera ...)
- TODO: check
+ NOT-FOR-US: Taocms
CVE-2021-46202
RESERVED
CVE-2021-46201
@@ -3619,7 +3619,7 @@ CVE-2022-22312
CVE-2022-22311
RESERVED
CVE-2022-22310 (IBM WebSphere Application Server Liberty 21.0.0.10 through
21.0.0.12 c ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-22309
RESERVED
CVE-2022-22308
@@ -3903,7 +3903,7 @@ CVE-2021-46032
CVE-2021-46031
RESERVED
CVE-2021-46030 (There is a Cross Site Scripting attack (XSS) vulnerability in
JavaQuar ...)
- TODO: check
+ NOT-FOR-US: JavaQuarkBBS
CVE-2021-46029
RESERVED
CVE-2021-46028
@@ -4771,7 +4771,7 @@ CVE-2021-45810
CVE-2021-45809
RESERVED
CVE-2021-45808 (jpress v4.2.0 allows users to register an account by default.
With the ...)
- TODO: check
+ NOT-FOR-US: jpress
CVE-2021-45807 (jpress v4.2.0 is vulnerable to command execution via
io.jpress.web.adm ...)
NOT-FOR-US: jpress
CVE-2021-45806 (jpress v4.2.0 admin panel provides a function through which
attackers ...)
@@ -8083,7 +8083,7 @@ CVE-2021-44839 (An issue was discovered in Delta RM 1.2.
It is possible to reque
CVE-2021-44838 (An issue was discovered in Delta RM 1.2. Using the
/risque/risque/ajax ...)
NOT-FOR-US: Delta RM
CVE-2021-44837 (An issue was discovered in Delta RM 1.2. It is possible for an
unprivi ...)
- TODO: check
+ NOT-FOR-US: Delta RM
CVE-2021-44836 (An issue was discovered in Delta RM 1.2. The
/risque/risque/workflow/r ...)
NOT-FOR-US: Delta RM
CVE-2021-44835
@@ -9673,7 +9673,7 @@ CVE-2021-44301
CVE-2021-44300
RESERVED
CVE-2021-44299 (A reflected cross-site scripting (XSS) vulnerability in
\lib\packages\ ...)
- TODO: check
+ NOT-FOR-US: Navigate CMS
CVE-2021-44298
RESERVED
CVE-2021-44297
@@ -10883,7 +10883,7 @@ CVE-2022-21685 (Frontier is Substrate's Ethereum
compatibility layer. Prior to c
CVE-2022-21684 (Discourse is an open source discussion platform. Versions
prior to 2.7 ...)
NOT-FOR-US: Discourse
CVE-2022-21683 (Wagtail is a Django based content management system focused on
flexibi ...)
- TODO: check
+ NOT-FOR-US: Wagtail
CVE-2022-21682 (Flatpak is a Linux application sandboxing and distribution
framework. ...)
- flatpak 1.12.3-1
NOTE:
https://github.com/flatpak/flatpak/security/advisories/GHSA-8ch7-5j3h-g4fx
@@ -11909,51 +11909,51 @@ CVE-2022-21405
CVE-2022-21404
RESERVED
CVE-2022-21403 (Vulnerability in the Oracle Communications Operations Monitor
product ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21402 (Vulnerability in the Oracle Communications Operations Monitor
product ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21401 (Vulnerability in the Oracle Communications Operations Monitor
product ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21400 (Vulnerability in the Oracle Communications Operations Monitor
product ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21399 (Vulnerability in the Oracle Communications Operations Monitor
product ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21398 (Vulnerability in the Oracle Communications Operations Monitor
product ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21397 (Vulnerability in the Oracle Communications Operations Monitor
product ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21396 (Vulnerability in the Oracle Communications Operations Monitor
product ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21395 (Vulnerability in the Oracle Communications Operations Monitor
product ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21394 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
- virtualbox <unfixed>
CVE-2022-21393 (Vulnerability in the Java VM component of Oracle Database
Server. Supp ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21392 (Vulnerability in the Enterprise Manager Base Platform product
of Oracl ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21391 (Vulnerability in the Oracle Communications Billing and Revenue
Managem ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21390 (Vulnerability in the Oracle Communications Billing and Revenue
Managem ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21389 (Vulnerability in the Oracle Communications Billing and Revenue
Managem ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21388 (Vulnerability in the Oracle Communications Pricing Design
Center produ ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21387 (Vulnerability in the Oracle Commerce Platform product of
Oracle Commer ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21386 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21385
RESERVED
CVE-2022-21384
RESERVED
CVE-2022-21383 (Vulnerability in the Oracle Enterprise Session Border
Controller produ ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21382 (Vulnerability in the Oracle Enterprise Session Border
Controller produ ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21381 (Vulnerability in the Oracle Enterprise Session Border
Controller produ ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21380 (Vulnerability in the MySQL Cluster product of Oracle MySQL
(component: ...)
NOT-FOR-US: MySQL Cluster
CVE-2022-21379 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
@@ -11961,9 +11961,9 @@ CVE-2022-21379 (Vulnerability in the MySQL Server
product of Oracle MySQL (compo
CVE-2022-21378 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-8.0 <unfixed>
CVE-2022-21377 (Vulnerability in the Primavera Portfolio Management product of
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21376 (Vulnerability in the Primavera Portfolio Management product of
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2022-21375 (Vulnerability in the Oracle Solaris product of Oracle Systems
(compone ...)
TODO: check
CVE-2022-21374 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c72f5eecd3ea5a9be2e1e58cf18ad654d6edc2d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c72f5eecd3ea5a9be2e1e58cf18ad654d6edc2d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
