[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Sat, 30 Apr 2022 00:32:16 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
5d9d93ee by Salvatore Bonaccorso at 2022-04-30T09:31:26+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -61,7 +61,7 @@ CVE-2022-29492
 CVE-2022-29490
        RESERVED
 CVE-2022-1543 (Improper handling of Length parameter in GitHub repository 
erudika/sco ...)
-       TODO: check
+       NOT-FOR-US: scoold
 CVE-2022-1542
        RESERVED
 CVE-2022-1541
@@ -75,7 +75,7 @@ CVE-2022-1538
 CVE-2022-1537
        RESERVED
 CVE-2022-1536 (A vulnerability has been found in automad up to 1.10.9 and 
classified  ...)
-       TODO: check
+       NOT-FOR-US: automad
 CVE-2022-1535
        RESERVED
 CVE-2022-1534 (Buffer Over-read at parse_rawml.c:1416 in GitHub repository 
bfabiszews ...)
@@ -89,7 +89,7 @@ CVE-2022-1533 (Buffer Over-read in GitHub repository 
bfabiszewski/libmobi prior
 CVE-2022-1532
        RESERVED
 CVE-2022-1531 (SQL injection vulnerability in ARAX-UI Synonym Lookup 
functionality in ...)
-       TODO: check
+       NOT-FOR-US: RTX
 CVE-2022-1530 (Cross-site Scripting (XSS) in GitHub repository 
livehelperchat/livehel ...)
        NOT-FOR-US: livehelperchat
 CVE-2022-1529
@@ -2713,7 +2713,7 @@ CVE-2022-28996
 CVE-2022-28995
        RESERVED
 CVE-2022-28994 (Small HTTP Server version 3.06 suffers from a remote buffer 
overflow v ...)
-       TODO: check
+       NOT-FOR-US: Small HTTP Server
 CVE-2022-28993
        RESERVED
 CVE-2022-28992
@@ -14057,7 +14057,7 @@ CVE-2022-24902
 CVE-2022-24901
        RESERVED
 CVE-2022-24900 (Piano LED Visualizer is software that allows LED lights to 
light up as ...)
-       TODO: check
+       NOT-FOR-US: Piano LED Visualizer
 CVE-2022-24899
        RESERVED
 CVE-2022-24898 (org.xwiki.commons:xwiki-commons-xml is a common module used by 
other X ...)
@@ -28627,9 +28627,9 @@ CVE-2021-44598 (Attendance Management System 1.0 is 
affected by a Cross Site Scr
 CVE-2021-44597 (An Access Control vunerabiity exists in Gerapy v 0.9.7 via the 
spider  ...)
        NOT-FOR-US: Gerapy
 CVE-2021-44596 (Wondershare LTD Dr. Fone as of 2021-12-06 version is affected 
by Remot ...)
-       TODO: check
+       NOT-FOR-US: Wondershare
 CVE-2021-44595 (Wondershare Dr. Fone Latest version as of 2021-12-06 is 
vulnerable to  ...)
-       TODO: check
+       NOT-FOR-US: Wondershare
 CVE-2021-44594
        RESERVED
 CVE-2021-44593 (Simple College Website 1.0 is vulnerable to unauthenticated 
file uploa ...)
@@ -31089,9 +31089,9 @@ CVE-2021-43940 (Affected versions of Atlassian 
Confluence Server and Data Center
 CVE-2021-43939 (Elcomplus SmartPTT is vulnerable when a low-authenticated user 
can acc ...)
        NOT-FOR-US: Elcomplus SmartPTT
 CVE-2021-43938 (Elcomplus SmartPTT SCADA Server is vulnerable to an 
unauthenticated us ...)
-       TODO: check
+       NOT-FOR-US: Elcomplus SmartPTT SCADA Server
 CVE-2021-43937 (Elcomplus SmartPTT SCADA Server web application does not, or 
cannot, s ...)
-       TODO: check
+       NOT-FOR-US: Elcomplus SmartPTT SCADA Server
 CVE-2021-43936 (The software allows the attacker to upload or transfer files 
of danger ...)
        NOT-FOR-US: Distributed Data Systems
 CVE-2021-43935 (The impacted products, when configured to use SSO, are 
affected by an  ...)
@@ -39279,7 +39279,7 @@ CVE-2021-41950 (A directory traversal issue in 
ResourceSpace 9.6 before 9.6 rev
 CVE-2021-41949
        RESERVED
 CVE-2021-41948 (A cross-site scripting (XSS) vulnerability exists in the 
"contact us"  ...)
-       TODO: check
+       NOT-FOR-US: Subrion CMS plugin
 CVE-2021-41947 (A SQL injection vulnerability exists in Subrion CMS v4.2.1 in 
the visu ...)
        NOT-FOR-US: Subrion CMS
 CVE-2021-41946
@@ -39296,7 +39296,7 @@ CVE-2021-41944
 CVE-2021-41943
        RESERVED
 CVE-2021-41942 (The Magic CMS MSVOD v10 video system has a SQL injection 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Magic CMS
 CVE-2021-41941
        RESERVED
 CVE-2021-41940
@@ -46491,7 +46491,7 @@ CVE-2021-39084
 CVE-2021-39083
        RESERVED
 CVE-2021-39082 (IBM UrbanCode Deploy (UCD) 7.1.1.2 uses weaker than expected 
cryptogra ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-39081
        RESERVED
 CVE-2021-39080 (Due to weak obfuscation, IBM Cognos Analytics Mobile for 
Android appli ...)
@@ -53567,7 +53567,7 @@ CVE-2021-36209 (In JetBrains Hub before 2021.1.13389, 
account takeover was possi
 CVE-2021-36208
        RESERVED
 CVE-2021-36207 (Under certain circumstances improper privilege management in 
Metasys A ...)
-       TODO: check
+       NOT-FOR-US: Metasys
 CVE-2021-36206
        RESERVED
 CVE-2021-36205 (Under certain circumstances the session token is not cleared 
on logout ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d9d93eeeceb32346054cd2ff1284c643203db2c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d9d93eeeceb32346054cd2ff1284c643203db2c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to