Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
301606a0 by Salvatore Bonaccorso at 2022-03-21T22:27:01+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5039,7 +5039,7 @@ CVE-2022-25572
CVE-2022-25571
RESERVED
CVE-2022-25570 (In Click Studios (SA) Pty Ltd Passwordstate 9435, users with
access to ...)
- TODO: check
+ NOT-FOR-US: Passwordstate
CVE-2022-25569
RESERVED
CVE-2022-25568
@@ -5181,7 +5181,7 @@ CVE-2022-25507 (FreeTAKServer-UI v1.9.8 was discovered to
contain a stored cross
CVE-2022-25506 (FreeTAKServer-UI v1.9.8 was discovered to contain a SQL
injection vuln ...)
NOT-FOR-US: FreeTAKServer
CVE-2022-25505 (Taocms v3.0.2 was discovered to contain a SQL injection
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Taocms
CVE-2022-25504
RESERVED
CVE-2022-25503
@@ -5229,7 +5229,7 @@ CVE-2022-25483
CVE-2022-25482
RESERVED
CVE-2022-25481 (ThinkPHP Framework v5.0.24 was discovered to be configured
without the ...)
- TODO: check
+ NOT-FOR-US: ThinkPHP Framework
CVE-2022-25480
RESERVED
CVE-2022-25479
@@ -5267,7 +5267,7 @@ CVE-2022-25464 (A stored cross-site scripting (XSS)
vulnerability in the compone
CVE-2022-25463
RESERVED
CVE-2022-25462 (Yafu v2.0 contains a segmentation fault via the component
/factor/avx- ...)
- TODO: check
+ NOT-FOR-US: Yafu
CVE-2022-25461 (Tenda AC6 v15.03.05.09_multi was discovered to contain a stack
overflo ...)
NOT-FOR-US: Tenda
CVE-2022-25460 (Tenda AC6 v15.03.05.09_multi was discovered to contain a stack
overflo ...)
@@ -7696,7 +7696,7 @@ CVE-2022-24658
CVE-2022-24657
RESERVED
CVE-2022-24656 (HexoEditor 1.1.8 is affected by Cross Site Scripting (XSS). By
putting ...)
- TODO: check
+ NOT-FOR-US: HexoEditor
CVE-2022-24655 (A stack overflow vulnerability exists in the upnpd service in
Netgear ...)
NOT-FOR-US: Netgear
CVE-2022-24654
@@ -8207,9 +8207,9 @@ CVE-2022-22147
CVE-2022-21130
RESERVED
CVE-2022-0515 (Cross-Site Request Forgery (CSRF) in GitHub repository
crater-invoice/ ...)
- TODO: check
+ NOT-FOR-US: Crater
CVE-2022-0514 (Business Logic Errors in GitHub repository
crater-invoice/crater prior ...)
- TODO: check
+ NOT-FOR-US: Crater
CVE-2022-0513 (The WP Statistics WordPress plugin is vulnerable to SQL
Injection due ...)
NOT-FOR-US: WordPress plugin
CVE-2022-0512 (Authorization Bypass Through User-Controlled Key in NPM
url-parse prio ...)
@@ -9008,11 +9008,11 @@ CVE-2022-24239
CVE-2022-24238
RESERVED
CVE-2022-24237 (The snaptPowered2 component of Snapt Aria v12.8 was discovered
to cont ...)
- TODO: check
+ NOT-FOR-US: Snapt Aria
CVE-2022-24236 (An insecure permissions vulnerability in Snapt Aria v12.8
allows unaut ...)
- TODO: check
+ NOT-FOR-US: Snapt Aria
CVE-2022-24235 (A Cross-Site Request Forgery (CSRF) in the management portal
of Snapt ...)
- TODO: check
+ NOT-FOR-US: Snapt Aria
CVE-2022-24234
RESERVED
CVE-2022-24233
@@ -9256,9 +9256,9 @@ CVE-2022-24128 (Timescale TimescaleDB 1.x and 2.x before
2.5.2 may allow privile
CVE-2022-24127
RESERVED
CVE-2022-24126 (A buffer overflow in the NRSessionSearchResult parser in
Bandai Namco ...)
- TODO: check
+ NOT-FOR-US: Bandai Namco FromSoftware Dark Souls III
CVE-2022-24125 (The matchmaking servers of Bandai Namco FromSoftware Dark
Souls III th ...)
- TODO: check
+ NOT-FOR-US: Bandai Namco FromSoftware Dark Souls III
CVE-2022-24124 (The query API in Casdoor before 1.13.1 has a SQL injection
vulnerabili ...)
NOT-FOR-US: Casdoor
CVE-2022-24123 (MarkText through 0.16.3 does not sanitize the input of a
mermaid block ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/301606a00d0cb216b73f9ac16b95e6199ca6a2c1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/301606a00d0cb216b73f9ac16b95e6199ca6a2c1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
