Neil Williams pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
35be4da3 by Neil Williams at 2022-05-18T11:41:47+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17308,7 +17308,7 @@ CVE-2022-24858 (next-auth v3 users before version
3.29.2 are impacted. next-auth
CVE-2022-24857 (django-mfa3 is a library that implements multi factor
authentication f ...)
NOT-FOR-US: django-mfa3
CVE-2022-24856 (FlyteConsole is the web user interface for the Flyte platform.
FlyteCo ...)
- TODO: check
+ NOT-FOR-US: flyteorg/flyteconsole
CVE-2022-24855 (Metabase is an open source business intelligence and analytics
applica ...)
NOT-FOR-US: Metabase
CVE-2022-24854 (Metabase is an open source business intelligence and analytics
applica ...)
@@ -18191,7 +18191,7 @@ CVE-2022-24613 (metadata-extractor up to 2.16.0 can
throw various uncaught excep
CVE-2022-24612 (An authenticated user can upload an XML file containing an XSS
via the ...)
NOT-FOR-US: EyesOfNetwork (EON) eonweb
CVE-2022-24611 (Denial of Service (DoS) in the Z-Wave S0 NonceGet protocol
specificati ...)
- TODO: check
+ NOT-FOR-US: Z-Wave devices
CVE-2022-24610 (Settings/network settings/wireless settings on the Alecto
DVC-215IP ca ...)
NOT-FOR-US: Alecto
CVE-2022-24609 (Luocms v2.0 is affected by an incorrect access control
vulnerability. ...)
@@ -18749,19 +18749,19 @@ CVE-2022-24396 (The Simple Diagnostics Agent -
versions 1.0 up to version 1.57,
CVE-2022-24395 (SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20,
7.30, 7.3 ...)
NOT-FOR-US: SAP
CVE-2022-24394 (Vulnerability in Fidelis Network and Deception CommandPost
enables aut ...)
- TODO: check
+ NOT-FOR-US: Fidelis
CVE-2022-24393 (Vulnerability in Fidelis Network and Deception CommandPost
enables aut ...)
- TODO: check
+ NOT-FOR-US: Fidelis
CVE-2022-24392 (Vulnerability in Fidelis Network and Deception CommandPost
enables aut ...)
- TODO: check
+ NOT-FOR-US: Fidelis
CVE-2022-24391 (Vulnerability in Fidelis Network and Deception CommandPost
enables SQL ...)
- TODO: check
+ NOT-FOR-US: Fidelis
CVE-2022-24390 (Vulnerability in rconfig “remote_text_file”
enables an att ...)
- TODO: check
+ NOT-FOR-US: Fidelis
CVE-2022-24389 (Vulnerability in rconfig “cert_utils” enables an
attacker ...)
- TODO: check
+ NOT-FOR-US: Fidelis
CVE-2022-24388 (Vulnerability in rconfig “date” enables an
attacker with u ...)
- TODO: check
+ NOT-FOR-US: Fidelis
CVE-2022-24387 (With administrator or admin privileges the application can be
tricked ...)
NOT-FOR-US: SmarterTrack
CVE-2022-24386 (Stored XSS in SmarterTools SmarterTrack This issue affects:
SmarterToo ...)
@@ -19800,7 +19800,7 @@ CVE-2022-24110 (Kiteworks MFT 7.5 may allow an
unauthorized user to reset other
CVE-2022-24109
RESERVED
CVE-2022-24108 (The Skyoftech So Listing Tabs module 2.2.0 for OpenCart allows
a remot ...)
- TODO: check
+ NOT-FOR-US: OpenCart plugin
CVE-2022-24107
RESERVED
CVE-2022-24106
@@ -21582,7 +21582,7 @@ CVE-2022-23708 (A flaw was discovered in Elasticsearch
7.17.0’s upgrade as
CVE-2022-23707 (An XSS vulnerability was found in Kibana index patterns. Using
this vu ...)
- kibana <itp> (bug #700337)
CVE-2022-23706 (A remote cross-site scripting (xss) vulnerability was
discovered in HP ...)
- TODO: check
+ NOT-FOR-US: HPE OneView
CVE-2022-23705 (A security vulnerability has been identified in HPE Nimble
Storage Hyb ...)
NOT-FOR-US: HPE
CVE-2022-23704 (A potential security vulnerability has been identified in
Integrated L ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35be4da3b4a9a58e9b1bf324603e1a9e3c15e8ba
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35be4da3b4a9a58e9b1bf324603e1a9e3c15e8ba
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
