Neil Williams pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
eef205d8 by Neil Williams at 2022-04-14T11:27:18+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3382,15 +3382,15 @@ CVE-2022-28038
CVE-2022-28037
RESERVED
CVE-2022-28036 (AtomCMS 2.0 is vulnerable to SQL Injection via
Atom.CMS_admin_ajax_nav ...)
- TODO: check
+ NOT-FOR-US: AtomCMS
CVE-2022-28035 (Atom.CMS 2.0 is vulnerable to SQL Injection via
Atom.CMS_admin_ajax_bl ...)
- TODO: check
+ NOT-FOR-US: AtomCMS
CVE-2022-28034 (AtomCMS 2.0 is vulnerabie to SQL Injection via
Atom.CMS_admin_ajax_lis ...)
- TODO: check
+ NOT-FOR-US: AtomCMS
CVE-2022-28033 (Atom.CMS 2.0 is vulnerable to SQL Injection via
Atom.CMS_admin_uploads ...)
- TODO: check
+ NOT-FOR-US: AtomCMS
CVE-2022-28032 (AtomCMS 2.0 is vulnerable to SQL Injection via
Atom.CMS_admin_ajax_pag ...)
- TODO: check
+ NOT-FOR-US: AtomCMS
CVE-2022-28031
RESERVED
CVE-2022-28030
@@ -5716,15 +5716,15 @@ CVE-2022-XXXX [wordpress 5.9.2]
[stretch] - wordpress 4.7.23+dfsg-0+deb9u1
NOTE:
https://wordpress.org/news/2022/03/wordpress-5-9-2-security-maintenance-release/
CVE-2022-27165 (CSZ CMS 1.2.2 is vulnerable to SQL Injection via
cszcms_admin_Plugin_m ...)
- TODO: check
+ NOT-FOR-US: CSZ CMS
CVE-2022-27164 (CSZ CMS 1.2.2 is vulnerable to SQL Injection via
cszcms_admin_Users_vi ...)
- TODO: check
+ NOT-FOR-US: CSZ CMS
CVE-2022-27163 (CSZ CMS 1.2.2 is vulnerable to SQL Injection via
cszcms_admin_Users_ed ...)
- TODO: check
+ NOT-FOR-US: CSZ CMS
CVE-2022-27162 (CSZ CMS 1.2.2 is vulnerable to SQL Injection via
cszcms_admin_Members_ ...)
- TODO: check
+ NOT-FOR-US: CSZ CMS
CVE-2022-27161 (Csz Cms 1.2.2 is vulnerable to SQL Injection via
cszcms_admin_Members_ ...)
- TODO: check
+ NOT-FOR-US: CSZ CMS
CVE-2022-27160
RESERVED
CVE-2022-27159
@@ -14891,13 +14891,13 @@ CVE-2018-25029 (The Z-Wave specification requires
that S2 security can be downgr
CVE-2013-20003 (Z-Wave devices from Sierra Designs (circa 2013) and Silicon
Labs (usin ...)
NOT-FOR-US: Z-Wave devices
CVE-2022-23973 (ASUS RT-AX56U’s user profile configuration function is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: Asus RT-AX56U
CVE-2022-23972 (ASUS RT-AX56U’s SQL handling function has an SQL
injection vulne ...)
- TODO: check
+ NOT-FOR-US: Asus RT-AX56U
CVE-2022-23971 (ASUS RT-AX56U’s update_PLC/PORT file has a path
traversal vulner ...)
- TODO: check
+ NOT-FOR-US: Asus RT-AX56U
CVE-2022-23970 (ASUS RT-AX56U’s update_json function has a path
traversal vulner ...)
- TODO: check
+ NOT-FOR-US: Asus RT-AX56U
CVE-2022-23969
RESERVED
CVE-2022-23968 (Xerox VersaLink devices on specific versions of firmware
before 2022-0 ...)
@@ -16663,11 +16663,11 @@ CVE-2022-23451
NOTE: https://storyboard.openstack.org/#!/story/2009253
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2025089
CVE-2022-23450 (A vulnerability has been identified in SIMATIC Energy Manager
Basic (A ...)
- TODO: check
+ NOT-FOR-US: Siemens SIMATIC
CVE-2022-23449 (A vulnerability has been identified in SIMATIC Energy Manager
Basic (A ...)
- TODO: check
+ NOT-FOR-US: Siemens SIMATIC
CVE-2022-23448 (A vulnerability has been identified in SIMATIC Energy Manager
Basic (A ...)
- TODO: check
+ NOT-FOR-US: Siemens SIMATIC
CVE-2022-23447
RESERVED
CVE-2022-23446 (A improper control of a resource through its lifetime in
Fortinet Fort ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eef205d8c01fd4adadda1559e8f61a9948147764
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eef205d8c01fd4adadda1559e8f61a9948147764
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
