Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3203ee72 by Salvatore Bonaccorso at 2022-03-10T10:44:48+01:00
Update some NFU naming
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4691,15 +4691,15 @@ CVE-2022-25066
CVE-2022-25065
RESERVED
CVE-2022-25064 (TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a
remote ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2022-25063
RESERVED
CVE-2022-25062 (TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain
an intege ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2022-25061 (TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a
command ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2022-25060 (TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a
command ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2022-25059
RESERVED
CVE-2022-25058
@@ -12348,9 +12348,9 @@ CVE-2022-22808 (A CWE-942: Permissive Cross-domain
Policy with Untrusted Domains
CVE-2022-22807 (A CWE-1021 Improper Restriction of Rendered UI Layers or
Frames vulner ...)
NOT-FOR-US: Schneider Electric
CVE-2022-22806 (A CWE-294: Authentication Bypass by Capture-replay
vulnerability exist ...)
- NOT-FOR-US: schneider Electric
+ NOT-FOR-US: Schneider Electric
CVE-2022-22805 (A CWE-120: Buffer Copy without Checking Size of Input
('Classic Buffer ...)
- NOT-FOR-US: schneider Electric
+ NOT-FOR-US: Schneider Electric
CVE-2022-22804 (A CWE-79: Improper Neutralization of Input During Web Page
Generation ...)
NOT-FOR-US: Schneider Electric
CVE-2022-22803
@@ -19209,27 +19209,27 @@ CVE-2021-44634
CVE-2021-44633
RESERVED
CVE-2021-44632 (A Buffer Overflow vulnerability exists in TP-LINK WR-886N
20190826 2.3 ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2021-44631 (A Buffer Overflow vulnerability exists in TP-LINK WR-886N
20190826 2.3 ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2021-44630 (A Buffer Overflow vulnerability exists in TP-LINK WR-886N
20190826 2.3 ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2021-44629 (A Buffer Overflow vulnerabilitiy exists in TP-LINK WR-886N
20190826 2. ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2021-44628 (A Buffer Overflow vulnerabiltiy exists in TP-LINK WR-886N
20190826 2.3 ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2021-44627 (A Buffer Overflow vulnerability exists in TP-LINK WR-886N
20190826 2.3 ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2021-44626 (A Buffer Overflow vulnerability exists in TP-LINK WR-886N
20190826 2.3 ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2021-44625 (A Buffer Overflow vulnerability exists in TP-LINK WR-886N
20190826 2.3 ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2021-44624
RESERVED
CVE-2021-44623 (A Buffer Overflow vulnerability exists in TP-LINK WR-886N
20190826 2.3 ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2021-44622 (A Buffer Overflow vulnerability exists in TP-LINK WR-886N
20190826 2.3 ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2021-44621
RESERVED
CVE-2021-44620
@@ -131107,7 +131107,7 @@ CVE-2020-13225 (phpIPAM 1.4 contains a stored cross
site scripting (XSS) vulnera
- phpipam <itp> (bug #731713)
NOTE: https://github.com/phpipam/phpipam/issues/3025
CVE-2020-13224 (TP-LINK NC200 devices through 2.1.10 build 200401, NC210
devices throu ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2020-13223 (HashiCorp Vault and Vault Enterprise logged proxy environment
variable ...)
NOT-FOR-US: HashiCorp Vault
CVE-2020-13222
@@ -164242,7 +164242,7 @@ CVE-2019-19145
CVE-2019-19144
RESERVED
CVE-2019-19143 (TP-LINK TL-WR849N 0.9.1 4.16 devices do not require
authentication to ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2019-19142 (Intelbras WRN240 devices do not require authentication to
replace the ...)
NOT-FOR-US: Intelbras
CVE-2019-19141 (The Camera Upload functionality in Plex Media Server through
1.18.2.20 ...)
@@ -226651,7 +226651,7 @@ CVE-2018-18491
CVE-2018-18490
RESERVED
CVE-2018-18489 (The ping feature in the Diagnostic functionality on TP-LINK
WR840N v2 ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2018-18488 (In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, SQL
Injectio ...)
NOT-FOR-US: Gxlcms
CVE-2018-18487 (In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the
database ...)
@@ -245438,9 +245438,9 @@ CVE-2018-11484
CVE-2018-11483
RESERVED
CVE-2018-11482 (/usr/lib/lua/luci/websys.lua on TP-LINK IPC TL-IPC223(P)-6,
TL-IPC323K ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2018-11481 (TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and
TL-IPC4 ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2018-11480
RESERVED
CVE-2018-11479 (The VPN component in Windscribe 1.81 uses the OpenVPN client
for conne ...)
@@ -262847,7 +262847,7 @@ CVE-2018-5395
CVE-2018-5394
RESERVED
CVE-2018-5393 (The TP-LINK EAP Controller is TP-LINK's software for remotely
controll ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2018-5392 (mingw-w64 version 5.0.4 by default produces executables that
opt in to ...)
- mingw-w64 <unfixed> (unimportant; bug #968277)
NOTE: https://sourceforge.net/p/mingw-w64/mailman/message/31034877/
@@ -284038,7 +284038,7 @@ CVE-2017-15293 (Xpress Server in SAP POS does not
require authentication for fil
CVE-2017-15292
RESERVED
CVE-2017-15291 (Cross-site scripting (XSS) vulnerability in the Wireless MAC
Filtering ...)
- NOT-FOR-US: TP-LINK TL-MR3220 wireless routers
+ NOT-FOR-US: TP-Link TL-MR3220 wireless routers
CVE-2017-15290 (Mirasys Video Management System (VMS) 6.x before 6.4.6, 7.x
before 7.5 ...)
NOT-FOR-US: Mirasys Video Management System
CVE-2017-15594 (An issue was discovered in Xen through 4.9.x allowing x86 SVM
PV guest ...)
@@ -287360,7 +287360,7 @@ CVE-2017-14251 (Unrestricted File Upload
vulnerability in the fileDenyPattern in
- typo3-src <removed>
[wheezy] - typo3-src <end-of-life> (Not supported in Wheezy LTS)
CVE-2017-14250 (In TP-LINK TL-WR741N / TL-WR741ND 150M Wireless Lite N Router
with Fir ...)
- NOT-FOR-US: TP-LINK Router
+ NOT-FOR-US: TP-Link Router
CVE-2017-14249 (ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage
in coder ...)
{DLA-2366-1 DLA-1785-1 DLA-1131-1}
- imagemagick 8:6.9.9.34+dfsg-3 (low; bug #876099)
@@ -340299,7 +340299,7 @@ CVE-2016-6186 (Cross-site scripting (XSS)
vulnerability in the dismissChangeRela
- python-django 1:1.9.8-1 (bug #831799)
NOTE:
https://www.djangoproject.com/weblog/2016/jul/18/security-releases/
CVE-2016-1000009 (TP-LINK lost control of two domains, www.tplinklogin.net and
tplinkext ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2016-XXXX [Insecure use of /tmp]
- leptonlib 1.73-5 (unimportant; bug #830660)
NOTE: Neutralised by kernel hardening
@@ -376184,7 +376184,7 @@ CVE-2015-3037
CVE-2015-3036 (Stack-based buffer overflow in the run_init_sbus function in
the KCode ...)
NOT-FOR-US: KCodes NetUSB module for the Linux kernel
CVE-2015-3035 (Directory traversal vulnerability in TP-LINK Archer C5 (1.2)
with firm ...)
- NOT-FOR-US: TP-LINK Router
+ NOT-FOR-US: TP-Link Router
CVE-2015-3034
RESERVED
CVE-2015-3033
@@ -417320,7 +417320,7 @@ CVE-2013-4656 (Symlink Traversal vulnerability in
ASUS RT-AC66U and RT-N56U due
CVE-2013-4655 (Symlink Traversal vulnerability in Belkin N900 due to
misconfiguration ...)
NOT-FOR-US: Belkin
CVE-2013-4654 (Symlink Traversal vulnerability in TP-LINK TL-WDR4300 and
TL-1043ND.. ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2013-4653 (Multiple cross-site scripting (XSS) vulnerabilities in the
signin func ...)
NOT-FOR-US: Alcatel-Lucent Omnitouch
CVE-2013-4652 (Unspecified vulnerability in the command-line management
interface on ...)
@@ -422681,9 +422681,9 @@ CVE-2013-2648
CVE-2013-2647
RESERVED
CVE-2013-2646 (TP-LINK TL-WR1043ND V1_120405 devices contain an unspecified
denial of ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2013-2645 (Multiple cross-site request forgery (CSRF) vulnerabilities on
the TP-L ...)
- NOT-FOR-US: TP-LINK Router
+ NOT-FOR-US: TP-Link Router
CVE-2013-2644
REJECTED
CVE-2013-2643 (Multiple cross-site scripting (XSS) vulnerabilities in Sophos
Web Appl ...)
@@ -430609,7 +430609,7 @@ CVE-2012-6318
CVE-2012-6317
RESERVED
CVE-2012-6316 (Multiple cross-site scripting (XSS) vulnerabilities in the
TP-LINK TL- ...)
- NOT-FOR-US: TP-LINK
+ NOT-FOR-US: TP-Link
CVE-2012-6315
REJECTED
CVE-2012-6314 (Citrix XenDesktop Virtual Desktop Agent (VDA) 5.6.x before
5.6.200, wh ...)
@@ -430693,7 +430693,7 @@ CVE-2012-6278
CVE-2012-6277 (Multiple unspecified vulnerabilities in Autonomy KeyView IDOL
before 1 ...)
NOT-FOR-US: IBM
CVE-2012-6276 (Directory traversal vulnerability in the web-based management
interfac ...)
- NOT-FOR-US: TP-LINK TL-WR841N
+ NOT-FOR-US: TP-Link TL-WR841N
CVE-2012-6275 (Multiple stack-based buffer overflows in AntDS.exe in
BigAntSoft BigAn ...)
NOT-FOR-US: BigAnt IM Server
CVE-2012-6274 (BigAntSoft BigAnt IM Message Server does not require
authentication fo ...)
@@ -432434,7 +432434,7 @@ CVE-2012-5688 (ISC BIND 9.8.x before 9.8.4-P1 and
9.9.x before 9.9.2-P1, when DN
[squeeze] - bind9 <not-affected> (Only affects 9.8 and 9.9)
- isc-dhcp <not-affected> (issue only affects the named service, which
isn't used by isc-dhcp)
CVE-2012-5687 (Directory traversal vulnerability in the web-based management
feature ...)
- NOT-FOR-US: TP-LINK TL-WR841N router
+ NOT-FOR-US: TP-Link TL-WR841N router
CVE-2012-5686 (ZPanel 10.0.1 has insufficient entropy for its password reset
process. ...)
NOT-FOR-US: ZPanel
CVE-2012-5685 (SQL injection vulnerability in ZPanel 10.0.1 and earlier allows
remote ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3203ee72c8382a7c2c683d6849a4b8a234ef0210
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3203ee72c8382a7c2c683d6849a4b8a234ef0210
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
