Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5b4dd74a by Salvatore Bonaccorso at 2022-04-11T22:55:51+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -945,7 +945,7 @@ CVE-2022-1253 (Heap-based Buffer Overflow in GitHub
repository strukturag/libde2
NOTE: https://huntr.dev/bounties/1-other-strukturag/libde265/
NOTE:
https://github.com/strukturag/libde265/commit/8e89fe0e175d2870c39486fdd09250b230ec10b8
CVE-2022-1252 (Exposure of Private Personal Information to an Unauthorized
Actor in G ...)
- TODO: check
+ NOT-FOR-US: gnuboard5
CVE-2022-1251
RESERVED
CVE-2022-1250
@@ -5201,7 +5201,7 @@ CVE-2022-27158
CVE-2022-27157
RESERVED
CVE-2022-27156 (Daylight Studio Fuel CMS 1.5.1 is vulnerable to HTML
Injection. ...)
- TODO: check
+ NOT-FOR-US: Daylight Studio Fuel CMS
CVE-2022-27155
RESERVED
CVE-2022-27154
@@ -5247,23 +5247,23 @@ CVE-2022-27135
CVE-2022-27134
RESERVED
CVE-2022-27133 (zbzcms v1.0 was discovered to contain an arbitrary file
deletion vulne ...)
- TODO: check
+ NOT-FOR-US: zbzcms
CVE-2022-27132
RESERVED
CVE-2022-27131 (An arbitrary file upload vulnerability at /zbzedit/php/zbz.php
in zbzc ...)
- TODO: check
+ NOT-FOR-US: zbzcms
CVE-2022-27130
RESERVED
CVE-2022-27129 (An arbitrary file upload vulnerability at /admin/ajax.php in
zbzcms v1 ...)
- TODO: check
+ NOT-FOR-US: zbzcms
CVE-2022-27128 (An incorrect access control issue at /admin/run_ajax.php in
zbzcms v1. ...)
- TODO: check
+ NOT-FOR-US: zbzcms
CVE-2022-27127 (zbzcms v1.0 was discovered to contain a SQL injection
vulnerability vi ...)
- TODO: check
+ NOT-FOR-US: zbzcms
CVE-2022-27126 (zbzcms v1.0 was discovered to contain a SQL injection
vulnerability vi ...)
- TODO: check
+ NOT-FOR-US: zbzcms
CVE-2022-27125 (zbzcms v1.0 was discovered to contain a stored cross-site
scripting (X ...)
- TODO: check
+ NOT-FOR-US: zbzcms
CVE-2022-27124 (Insurance Management System 1.0 was discovered to contain a
SQL inject ...)
NOT-FOR-US: Insurance Management System
CVE-2022-27123 (Employee Performance Evaluation v1.0 was discovered to contain
a SQL i ...)
@@ -5283,7 +5283,7 @@ CVE-2022-27117
CVE-2022-27116
RESERVED
CVE-2022-27115 (In Studio-42 elFinder 2.1.60, there is a vulnerability that
causes rem ...)
- TODO: check
+ NOT-FOR-US: Studio-42 elFinder
CVE-2022-27114
RESERVED
CVE-2022-27113
@@ -5291,7 +5291,7 @@ CVE-2022-27113
CVE-2022-27112
RESERVED
CVE-2022-27111 (Jfinal_CMS 5.1.0 allows attackers to use the feedback function
to send ...)
- TODO: check
+ NOT-FOR-US: Jfinal_CMS
CVE-2022-27110 (OrangeHRM 4.10 is vulnerable to a Host header injection
redirect via v ...)
- orangehrm <itp> (bug #786622)
CVE-2022-27109 (OrangeHRM 4.10 suffers from a Referer header injection
redirect vulner ...)
@@ -5335,9 +5335,9 @@ CVE-2022-27091
CVE-2022-27090 (Cscms Music Portal System v4.2 was discovered to contain a
redirection ...)
NOT-FOR-US: Cscms Music Portal System
CVE-2022-27089 (In Fujitsu PlugFree Network <= 7.3.0.3, an Unquoted service
path in ...)
- TODO: check
+ NOT-FOR-US: Fujitsu PlugFree Network
CVE-2022-27088 (Ivanti DSM Remote <= 6.3.1.1862 is vulnerable to an
unquoted servic ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2022-27087
RESERVED
CVE-2022-27086
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b4dd74a9f545cb0dee8d0246c1170ce7db62073
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b4dd74a9f545cb0dee8d0246c1170ce7db62073
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
