Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6ca3b25b by Salvatore Bonaccorso at 2022-05-17T10:14:45+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -645,11 +645,11 @@ CVE-2022-30699
CVE-2022-30698
RESERVED
CVE-2022-30697 (Local privilege escalation due to insecure folder permissions.
The fol ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2022-30696 (Local privilege escalation due to a DLL hijacking
vulnerability. The f ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2022-30695 (Local privilege escalation due to excessive permissions
assigned to ch ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2022-30694
RESERVED
CVE-2022-30543
@@ -669,7 +669,7 @@ CVE-2022-1714 (Heap-based Buffer Overflow in GitHub
repository radareorg/radare2
NOTE: https://huntr.dev/bounties/1c22055b-b015-47a8-a57b-4982978751d0
NOTE:
https://github.com/radareorg/radare2/commit/3ecdbf8e21186a9c5a4d3cfa3b1e9fd27045340e
CVE-2022-1713 (SSRF on /proxy in GitHub repository jgraph/drawio prior to
18.0.4. An ...)
- TODO: check
+ NOT-FOR-US: jgraph/drawio
CVE-2022-1712
RESERVED
CVE-2022-1711
@@ -2495,7 +2495,7 @@ CVE-2022-30057 (Shopwind <=v3.4.2 was discovered to
contain a stored cross-si
CVE-2022-30056
RESERVED
CVE-2022-30055 (Prime95 30.7 build 9 suffers from a Buffer Overflow
vulnerability that ...)
- TODO: check
+ NOT-FOR-US: Prime95
CVE-2022-30054
RESERVED
CVE-2022-30053
@@ -2505,7 +2505,7 @@ CVE-2022-30052
CVE-2022-30051
RESERVED
CVE-2022-30050 (Gnuboard 5.55 and 5.56 is vulnerable to Cross Site Scripting
(XSS) via ...)
- TODO: check
+ NOT-FOR-US: Gnuboard
CVE-2022-30049 (A Server-Side Request Forgery (SSRF) in Rebuild v2.8.3 allows
attacker ...)
TODO: check
CVE-2022-30048 (Mingsoft MCMS 5.2.7 was discovered to contain a SQL injection
vulnerab ...)
@@ -2579,11 +2579,11 @@ CVE-2022-30015
CVE-2022-30014
RESERVED
CVE-2022-30013 (A stored cross-site scripting (XSS) vulnerability in the
upload functi ...)
- TODO: check
+ NOT-FOR-US: totaljs CMS
CVE-2022-30012 (In the POST request of the appointment.php page of HMS v.0,
there are ...)
- TODO: check
+ NOT-FOR-US: HMS
CVE-2022-30011 (In HMS 1.0 when requesting appointment.php through POST,
multiple para ...)
- TODO: check
+ NOT-FOR-US: HMS
CVE-2022-30010
RESERVED
CVE-2022-30009
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ca3b25baaadf88f67c30cde07807b2b86dea1c7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ca3b25baaadf88f67c30cde07807b2b86dea1c7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
