Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
76c0d430 by Salvatore Bonaccorso at 2022-03-01T09:15:37+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -341,15 +341,15 @@ CVE-2022-26161
CVE-2022-26160
RESERVED
CVE-2022-26159 (The auto-completion plugin in Ametys CMS before 4.5.0 allows a
remote ...)
- TODO: check
+ NOT-FOR-US: Ametys CMS
CVE-2022-26158 (An issue was discovered in the web application in Cherwell
Service Man ...)
- TODO: check
+ NOT-FOR-US: Cherwell Service Management (CSM)
CVE-2022-26157 (An issue was discovered in the web application in Cherwell
Service Man ...)
- TODO: check
+ NOT-FOR-US: Cherwell Service Management (CSM)
CVE-2022-26156 (An issue was discovered in the web application in Cherwell
Service Man ...)
- TODO: check
+ NOT-FOR-US: Cherwell Service Management (CSM)
CVE-2022-26155 (An issue was discovered in the web application in Cherwell
Service Man ...)
- TODO: check
+ NOT-FOR-US: Cherwell Service Management (CSM)
CVE-2022-26154
RESERVED
CVE-2022-26153
@@ -441,7 +441,7 @@ CVE-2022-0774
CVE-2022-0773
RESERVED
CVE-2022-0772 (Cross-site Scripting (XSS) - Stored in GitHub repository
librenms/libr ...)
- TODO: check
+ NOT-FOR-US: LibreNMS
CVE-2022-0771
RESERVED
CVE-2022-0770
@@ -1590,7 +1590,7 @@ CVE-2022-25643 (seatd-launch in seatd 0.6.x before 0.6.4
allows removing files w
- seatd 0.6.4-1 (bug #1006308)
NOTE:
https://lists.sr.ht/~kennylevinsen/seatd-announce/%3CETEO7R.QG8B1KGD531R1%40kl.wtf%3E
CVE-2022-25642 (Obyte (formerly Byteball) Wallet before 3.4.1 allows XSS. A
crafted ch ...)
- TODO: check
+ NOT-FOR-US: Obyte (formerly Byteball) Wallet
CVE-2022-25641
RESERVED
CVE-2022-25640 (In wolfSSL before 5.2.0, a TLS 1.3 server cannot properly
enforce a re ...)
@@ -2120,19 +2120,19 @@ CVE-2022-25415
CVE-2022-25414 (Tenda AC9 V15.03.2.21_cn was discovered to contain a stack
overflow vi ...)
NOT-FOR-US: Tenda
CVE-2022-25413 (Maxsite CMS v108 was discovered to contain a stored cross-site
scripti ...)
- TODO: check
+ NOT-FOR-US: Maxsite CMS
CVE-2022-25412 (Maxsite CMS v180 was discovered to contain multiple arbitrary
file del ...)
- TODO: check
+ NOT-FOR-US: Maxsite CMS
CVE-2022-25411 (A Remote Code Execution (RCE) vulnerability at /admin/options
in Maxsi ...)
- TODO: check
+ NOT-FOR-US: Maxsite CMS
CVE-2022-25410 (Maxsite CMS v180 was discovered to contain a stored cross-site
scripti ...)
- TODO: check
+ NOT-FOR-US: Maxsite CMS
CVE-2022-25409 (Hospital Management System v1.0 was discovered to contain a
stored cro ...)
- TODO: check
+ NOT-FOR-US: Hospital Management System
CVE-2022-25408 (Hospital Management System v1.0 was discovered to contain a
stored cro ...)
- TODO: check
+ NOT-FOR-US: Hospital Management System
CVE-2022-25407 (Hospital Management System v1.0 was discovered to contain a
stored cro ...)
- TODO: check
+ NOT-FOR-US: Hospital Management System
CVE-2022-25406 (Tongda2000 v11.10 was discovered to contain a SQL injection
vulnerabil ...)
NOT-FOR-US: Tongda2000
CVE-2022-25405 (Tongda2000 v11.10 was discovered to contain a SQL injection
vulnerabil ...)
@@ -2268,7 +2268,7 @@ CVE-2021-46700 (In libsixel 1.8.6,
sixel_encoder_output_without_macro (called fr
[buster] - libsixel <no-dsa> (Minor issue)
NOTE: https://github.com/saitoha/libsixel/issues/158
CVE-2021-4222 (The WP-Paginate WordPress plugin before 2.1.4 does not sanitise
and es ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-25367
RESERVED
CVE-2022-25366 (Cryptomator through 1.6.5 allows DYLIB injection because,
although it ...)
@@ -3292,9 +3292,9 @@ CVE-2022-25031
CVE-2022-25030
RESERVED
CVE-2022-25029 (Home Owners Collection Management System v1.0 was discovered
to contai ...)
- TODO: check
+ NOT-FOR-US: Home Owners Collection Management System
CVE-2022-25028 (Home Owners Collection Management System v1.0 was discovered
to contai ...)
- TODO: check
+ NOT-FOR-US: Home Owners Collection Management System
CVE-2022-25027
RESERVED
CVE-2022-25026
@@ -4500,9 +4500,9 @@ CVE-2022-24574
CVE-2022-24573
RESERVED
CVE-2022-24572 (Car Driving School Management System v1.0 is affected by Cross
Site Sc ...)
- TODO: check
+ NOT-FOR-US: Car Driving School Management System
CVE-2022-24571 (Car Driving School Management System v1.0 is affected by SQL
injection ...)
- TODO: check
+ NOT-FOR-US: Car Driving School Management System
CVE-2022-24570
RESERVED
CVE-2022-24569
@@ -4753,7 +4753,7 @@ CVE-2022-24448 (An issue was discovered in fs/nfs/dir.c
in the Linux kernel befo
CVE-2022-24447
RESERVED
CVE-2022-24446 (An issue was discovered in Zoho ManageEngine Key Manager Plus
6.1.6. A ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2022-24445
REJECTED
CVE-2022-24444
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76c0d4305c91ae2e4456ca79f4e2b6c4600958ba
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76c0d4305c91ae2e4456ca79f4e2b6c4600958ba
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
