[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 11 May 2022 13:20:34 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
34828be4 by Salvatore Bonaccorso at 2022-05-11T22:19:52+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1422,7 +1422,7 @@ CVE-2022-30042
 CVE-2022-30041
        RESERVED
 CVE-2022-30040 (Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. 
The vulne ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2022-30039
        RESERVED
 CVE-2022-30038
@@ -2669,19 +2669,19 @@ CVE-2022-29618
 CVE-2022-29617
        RESERVED
 CVE-2022-29616 (SAP Host Agent, SAP NetWeaver and ABAP Platform allow an 
attacker to l ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2022-29615
        RESERVED
 CVE-2022-29614
        RESERVED
 CVE-2022-29613 (Due to insufficient input validation, SAP Employee Self 
Service allows ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2022-29612
        RESERVED
 CVE-2022-29611 (SAP NetWeaver Application Server for ABAP and ABAP Platform do 
not per ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2022-29610 (SAP NetWeaver Application Server ABAP allows an authenticated 
attacker ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2022-29609
        RESERVED
 CVE-2022-29608
@@ -4919,7 +4919,7 @@ CVE-2022-28776 (Improper access control vulnerability in 
Galaxy Store prior to v
 CVE-2022-28775 (Improper access control vulnerability in Samsung Flow prior to 
version ...)
        NOT-FOR-US: Samsung
 CVE-2022-28774 (Under certain conditions, the SAP Host Agent logfile shows 
information ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2022-28773 (Due to an uncontrolled recursion in SAP Web Dispatcher and SAP 
Interne ...)
        NOT-FOR-US: SAP
 CVE-2022-28772 (By overlong input values an attacker may force overwrite of 
the intern ...)
@@ -6588,7 +6588,7 @@ CVE-2022-28216 (SAP BusinessObjects Business Intelligence 
Platform (BI Workspace
 CVE-2022-28215 (SAP NetWeaver ABAP Server and ABAP Platform - versions 740, 
750, 787,  ...)
        NOT-FOR-US: SAP
 CVE-2022-28214 (During an update of SAP BusinessObjects Enterprise, Central 
Management ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2022-28213 (When a user access SOAP Web services in SAP BusinessObjects 
Business I ...)
        NOT-FOR-US: SAP
 CVE-2022-28212
@@ -8182,7 +8182,7 @@ CVE-2022-27658 (Under certain conditions, SAP Innovation 
management - version 2.
 CVE-2022-27657 (A highly privileged remote attacker, can gain unauthorized 
access to d ...)
        NOT-FOR-US: SAP
 CVE-2022-27656 (The Web administration UI of SAP Web Dispatcher and the 
Internet Commu ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2022-27655 (When a user opens a manipulated Universal 3D (.u3d, 3difr.x3d) 
receive ...)
        NOT-FOR-US: SAP
 CVE-2022-27654 (When a user opens a manipulated Photoshop Document (.psd, 
2d.x3d) rece ...)
@@ -24997,7 +24997,7 @@ CVE-2022-22322 (IBM InfoSphere Information Server 11.7 
is vulnerable to cross-si
 CVE-2022-22321 (IBM MQ Appliance 9.2 CD and 9.2 LTS local messaging users 
stored with  ...)
        NOT-FOR-US: IBM
 CVE-2022-22320 (IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site 
scripting. Thi ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-22319 (IBM Robotic Process Automation 21.0.1 could allow a register 
user on t ...)
        NOT-FOR-US: IBM
 CVE-2022-22318
@@ -48511,7 +48511,7 @@ CVE-2021-39061
 CVE-2021-39060
        RESERVED
 CVE-2021-39059 (IBM Jazz Foundation (IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 
7.0.1,  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-39058 (IBM Spectrum Copy Data Management 2.2.13 and earlier uses 
weaker than  ...)
        NOT-FOR-US: IBM
 CVE-2021-39057 (IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x is 
vulnerable to s ...)
@@ -48691,7 +48691,7 @@ CVE-2021-38971 (IBM Data Virtualization on Cloud Pak 
for Data 1.3.0, 1.4.1, 1.5.
 CVE-2021-38970
        RESERVED
 CVE-2021-38969 (IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an 
attacker to a ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-38968
        RESERVED
 CVE-2021-38967 (IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local 
privileged use ...)
@@ -51660,7 +51660,7 @@ CVE-2021-37853
 CVE-2021-37852 (ESET products for Windows allows untrusted process to 
impersonate the  ...)
        NOT-FOR-US: ESET
 CVE-2021-37851 (Local privilege escalation in Windows products of ESET allows 
user who ...)
-       TODO: check
+       NOT-FOR-US: ESET
 CVE-2021-37850 (ESET was made aware of a vulnerability in its consumer and 
business pr ...)
        NOT-FOR-US: ESET
 CVE-2021-37849



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34828be48c9d6da53504473cc907a0bffc866f0d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34828be48c9d6da53504473cc907a0bffc866f0d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to