Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
41060afd by Salvatore Bonaccorso at 2022-03-08T21:19:21+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -522,7 +522,7 @@ CVE-2022-0879
CVE-2022-0878
RESERVED
CVE-2022-0877 (Cross-site Scripting (XSS) - Stored in GitHub repository
bookstackapp/ ...)
- TODO: check
+ NOT-FOR-US: bookstack
CVE-2022-0876
RESERVED
CVE-2022-0875
@@ -1121,15 +1121,15 @@ CVE-2022-26319
CVE-2022-26318 (On WatchGuard Firebox and XTM appliances, an unauthenticated
user can ...)
NOT-FOR-US: WatchGuard
CVE-2022-26317 (A vulnerability has been identified in Mendix Applications
using Mendi ...)
- TODO: check
+ NOT-FOR-US: Mendix (Siemens)
CVE-2022-26316
RESERVED
CVE-2022-26315 (qrcp through 0.8.4, in receive mode, allows ../ Directory
Traversal vi ...)
NOT-FOR-US: qrcp
CVE-2022-26314 (A vulnerability has been identified in Mendix Forgot Password
Appstore ...)
- TODO: check
+ NOT-FOR-US: Mendix (Siemens)
CVE-2022-26313 (A vulnerability has been identified in Mendix Forgot Password
Appstore ...)
- TODO: check
+ NOT-FOR-US: Mendix (Siemens)
CVE-2022-26312
RESERVED
CVE-2022-26311 (Couchbase Operator 2.2.x before 2.2.3 exposes Sensitive
Information to ...)
@@ -1771,7 +1771,7 @@ CVE-2022-26103 (Under certain conditions, SAP NetWeaver
(Real Time Messaging Fra
CVE-2022-26102 (Due to missing authorization check, SAP NetWeaver Application
Server f ...)
NOT-FOR-US: SAP
CVE-2022-26101 (Fiori launchpad - versions 754, 755, 756, does not
sufficiently encode ...)
- TODO: check
+ NOT-FOR-US: Fiori launchpad
CVE-2022-26100 (SAPCAR - version 7.22, does not contain sufficient input
validation on ...)
TODO: check
CVE-2022-26099
@@ -2354,39 +2354,39 @@ CVE-2022-25832
CVE-2022-25831
RESERVED
CVE-2022-25830 (Information Exposure vulnerability in Galaxy Watch3 Plugin
prior to ve ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-25829 (Information Exposure vulnerability in Watch Active2 Plugin
prior to ve ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-25828 (Information Exposure vulnerability in Watch Active Plugin
prior to ver ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-25827 (Information Exposure vulnerability in Galaxy Watch Plugin
prior to ver ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-25826 (Information Exposure vulnerability in Galaxy S3 Plugin prior
to versio ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-25825 (Improper access control vulnerability in Samsung Account prior
to vers ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-25824 (Improper access control vulnerability in BixbyTouch prior to
version 2 ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-25823 (Information Exposure vulnerability in Galaxy Watch Plugin
prior to ver ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-25822 (An use after free vulnerability in sdp driver prior to SMR
Mar-2022 Re ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-25821 (Improper use of SMS buffer pointer in Shannon baseband prior
to SMR Ma ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-25820 (A vulnerable design in fingerprint matching algorithm prior to
SMR Mar ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-25819 (OOB read vulnerability in hdcp2 device node prior to SMR
Mar-2022 Rele ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-25818 (Improper boundary check in UWB stack prior to SMR Mar-2022
Release 1 a ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-25817 (Improper authentication in One UI Home prior to SMR Mar-2022
Release 1 ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-25816 (Improper authentication in Samsung Lock and mask apps setting
prior to ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-25815 (PendingIntent hijacking vulnerability in Weather application
prior to ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-25814 (PendingIntent hijacking vulnerability in Wearable Manager
Installer pr ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-0743 (Cross-site Scripting (XSS) - Stored in GitHub repository
getgrav/grav ...)
NOT-FOR-US: Grav CMS
CVE-2019-25058 (An issue was discovered in USBGuard before 1.1.0. On systems
with the ...)
@@ -3652,7 +3652,7 @@ CVE-2022-25313 (In Expat (aka libexpat) before 2.4.5, an
attacker can trigger st
NOTE: https://github.com/libexpat/libexpat/pull/558
NOTE:
https://github.com/libexpat/libexpat/commit/9b4ce651b26557f16103c3a366c91934ecd439ab
CVE-2022-25311 (A vulnerability has been identified in SINEC NMS (All
versions). The a ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-25310
RESERVED
CVE-2022-25309
@@ -3980,7 +3980,7 @@ CVE-2022-25227
CVE-2022-25226
RESERVED
CVE-2022-25225 (Network Olympus version 1.8.0 allows an authenticated admin
user to in ...)
- TODO: check
+ NOT-FOR-US: Network Olympus
CVE-2022-25224
RESERVED
CVE-2022-25223
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41060afd96944af29a07b74c2b5cebf763ade6b0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41060afd96944af29a07b74c2b5cebf763ade6b0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
