Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
df66d6a5 by Salvatore Bonaccorso at 2022-02-07T21:35:47+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -225,9 +225,9 @@ CVE-2022-24554
CVE-2022-24553
RESERVED
CVE-2022-24552 (StarWind SAN and NAS before 0.2 build 1685 allows remote code
executio ...)
- TODO: check
+ NOT-FOR-US: StarWind
CVE-2022-24551 (StarWind SAN and NAS before 0.2 build 1685 allows users to
reset other ...)
- TODO: check
+ NOT-FOR-US: StarWind
CVE-2022-24550
RESERVED
CVE-2022-24549
@@ -520,7 +520,7 @@ CVE-2022-0504
CVE-2022-0503
RESERVED
CVE-2022-0502 (Cross-site Scripting (XSS) - Stored in Packagist
remdex/livehelperchat ...)
- TODO: check
+ NOT-FOR-US: livehelperchat
CVE-2021-46675
RESERVED
CVE-2021-46674
@@ -530,9 +530,9 @@ CVE-2021-46673
CVE-2021-46672
RESERVED
CVE-2013-20004 (StarWind iSCSI SAN before 6.0 build 2013-03-20 allows a memory
leak. ...)
- TODO: check
+ NOT-FOR-US: StarWind
CVE-2007-20001 (StarWind iSCSI SAN before 3.5 build 2007-08-09 allows socket
exhaustio ...)
- TODO: check
+ NOT-FOR-US: StarWind
CVE-2022-24408
RESERVED
CVE-2022-0501 (Cross-site Scripting (XSS) - Reflected in Packagist
ptrofimov/beanstal ...)
@@ -704,7 +704,7 @@ CVE-2022-24350
CVE-2022-24349
RESERVED
CVE-2022-24348 (Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory
traversal ...)
- TODO: check
+ NOT-FOR-US: Argo CD
CVE-2022-24347
RESERVED
CVE-2022-24346
@@ -1135,13 +1135,13 @@ CVE-2022-24264 (Cuppa CMS v1.0 was discovered to
contain a SQL injection vulnera
CVE-2022-24263 (Hospital Management System v4.0 was discovered to contain a
SQL inject ...)
NOT-FOR-US: Hospital Management System
CVE-2022-24262 (The config restore function of Voipmonitor GUI before v24.96
does not ...)
- TODO: check
+ NOT-FOR-US: Voipmonitor
CVE-2022-24261
RESERVED
CVE-2022-24260 (A SQL injection vulnerability in Voipmonitor GUI before v24.96
allows ...)
- TODO: check
+ NOT-FOR-US: Voipmonitor
CVE-2022-24259 (An incorrect check in the component cdr.php of Voipmonitor GUI
before ...)
- TODO: check
+ NOT-FOR-US: Voipmonitor
CVE-2022-24258
RESERVED
CVE-2022-24257
@@ -1495,11 +1495,11 @@ CVE-2022-24117
CVE-2022-24116
RESERVED
CVE-2022-24115 (Local privilege escalation due to unrestricted loading of
unsigned lib ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2022-24114 (Local privilege escalation due to race condition on
application startu ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2022-24113 (Local privilege escalation due to excessive permissions
assigned to ch ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2022-0409
RESERVED
CVE-2022-0408 (Stack-based Buffer Overflow in GitHub repository vim/vim prior
to 8.2. ...)
@@ -1726,7 +1726,7 @@ CVE-2022-24036
CVE-2022-23921
RESERVED
CVE-2022-22987 (The affected product has a hardcoded private key available
inside the ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2022-21798
RESERVED
CVE-2022-21154
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df66d6a50fc88174020c3fa1d8d563d889031471
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df66d6a50fc88174020c3fa1d8d563d889031471
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
