Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7811d98e by Salvatore Bonaccorso at 2022-06-09T22:37:26+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -421,7 +421,7 @@ CVE-2022-28699
CVE-2022-28697
RESERVED
CVE-2022-2036 (Cross-site Scripting (XSS) - Stored in GitHub repository
francoisjacqu ...)
- TODO: check
+ NOT-FOR-US: francoisjacquet/rosariosis
CVE-2022-32551
RESERVED
CVE-2022-32550
@@ -449,7 +449,7 @@ CVE-2022-28612
CVE-2022-25649
RESERVED
CVE-2022-2035 (A reflected cross-site scripting (XSS) vulnerability exists in
the pla ...)
- TODO: check
+ NOT-FOR-US: SCORM Engine
CVE-2022-2034
RESERVED
CVE-2022-2033
@@ -1127,17 +1127,17 @@ CVE-2017-20018
CVE-2016-15002 (A vulnerability, which was classified as critical, was found
in MONyog ...)
NOT-FOR-US: MONyog Ultimate
CVE-2019-25070 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in
WolfCMS u ...)
- TODO: check
+ NOT-FOR-US: WolfCMS
CVE-2019-25069 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: Axios Italia Axios RE
CVE-2019-25068 (A vulnerability classified as critical was found in Axios
Italia Axios ...)
- TODO: check
+ NOT-FOR-US: Axios Italia Axios RE
CVE-2019-25067 (A vulnerability, which was classified as critical, was found
in Podman ...)
TODO: check
CVE-2019-25066 (A vulnerability has been found in ajenti 2.1.31 and classified
as crit ...)
TODO: check
CVE-2019-25065 (A vulnerability was found in OpenNetAdmin 18.1.1. It has been
rated as ...)
- TODO: check
+ NOT-FOR-US: OpenNetAdmin
CVE-2018-25044
RESERVED
CVE-2018-25043
@@ -1195,7 +1195,7 @@ CVE-2020-36530 (A vulnerability classified as critical
was found in SevOne Netwo
CVE-2020-36529 (A vulnerability classified as critical has been found in
SevOne Networ ...)
NOT-FOR-US: SevOne Network Management System
CVE-2019-25064 (A vulnerability was found in CoreHR Core Portal up to 27.0.7.
It has b ...)
- TODO: check
+ NOT-FOR-US: CoreHR Core Portal
CVE-2019-25063 (A vulnerability was found in Sricam IP CCTV Camera. It has
been classi ...)
NOT-FOR-US: Sricam IP CCTV Camera
CVE-2019-25062 (A vulnerability was found in Sricam IP CCTV Camera and
classified as c ...)
@@ -2256,13 +2256,13 @@ CVE-2022-31832
CVE-2022-31831
RESERVED
CVE-2022-31830 (Kity Minder v1.3.5 was discovered to contain a Server-Side
Request For ...)
- TODO: check
+ NOT-FOR-US: Kity Minder
CVE-2022-31829
RESERVED
CVE-2022-31828
RESERVED
CVE-2022-31827 (MonstaFTP v2.10.3 was discovered to contain a Server-Side
Request Forg ...)
- TODO: check
+ NOT-FOR-US: MonstaFTP
CVE-2022-31826
RESERVED
CVE-2022-31825
@@ -3476,7 +3476,7 @@ CVE-2022-31498 (LibreHealth EHR Base 2.0.0 allows
interface/orders/patient_match
CVE-2022-31497 (LibreHealth EHR Base 2.0.0 allows
interface/main/finder/finder_navigat ...)
NOT-FOR-US: LibreHealth EHR Base
CVE-2022-31496 (LibreHealth EHR Base 2.0.0 allows incorrect
interface/super/manage_sit ...)
- TODO: check
+ NOT-FOR-US: LibreHealth EHR Base
CVE-2022-31495 (LibreHealth EHR Base 2.0.0 allows gacl/admin/acl_admin.php
return_page ...)
NOT-FOR-US: LibreHealth EHR Base
CVE-2022-31494 (LibreHealth EHR Base 2.0.0 allows gacl/admin/acl_admin.php
action XSS. ...)
@@ -3678,13 +3678,13 @@ CVE-2022-31395
CVE-2022-31394
RESERVED
CVE-2022-31393 (Jizhicms v2.2.5 was discovered to contain a Server-Side
Request Forger ...)
- TODO: check
+ NOT-FOR-US: Jizhicms
CVE-2022-31392
RESERVED
CVE-2022-31391
RESERVED
CVE-2022-31390 (Jizhicms v2.2.5 was discovered to contain a Server-Side
Request Forger ...)
- TODO: check
+ NOT-FOR-US: Jizhicms
CVE-2022-31389
RESERVED
CVE-2022-31388
@@ -3692,7 +3692,7 @@ CVE-2022-31388
CVE-2022-31387
RESERVED
CVE-2022-31386 (A Server-Side Request Forgery (SSRF) in the getFileBinary
function of ...)
- TODO: check
+ NOT-FOR-US: nbnbk cms
CVE-2022-31385
RESERVED
CVE-2022-31384
@@ -6298,7 +6298,7 @@ CVE-2022-30468
CVE-2022-30467
RESERVED
CVE-2022-30466 (joyebike Joy ebike Wolf Manufacturing year 2022 is vulnerable
to Authe ...)
- TODO: check
+ NOT-FOR-US: joyebike Joy ebike Wolf Manufacturing
CVE-2022-30465
RESERVED
CVE-2022-30464 (ChatBot App with Suggestion in PHP/OOP v1.0 is vulnerable to
Cross Sit ...)
@@ -7370,7 +7370,7 @@ CVE-2022-30077
CVE-2022-30076
RESERVED
CVE-2022-30075 (In TP-Link Router AX50 firmware 210730 and older, import of a
maliciou ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2022-30074
RESERVED
CVE-2022-30073 (WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via
/admin/ ...)
@@ -8941,7 +8941,7 @@ CVE-2022-1427 (Out-of-bounds Read in mrb_obj_is_kind_of
in in GitHub repository
CVE-2022-29565
RESERVED
CVE-2022-29564 (Jamf Private Access before 2022-05-16 has Incorrect Access
Control, in ...)
- TODO: check
+ NOT-FOR-US: Jamf
CVE-2022-29563
RESERVED
CVE-2022-29562
@@ -9646,7 +9646,7 @@ CVE-2022-29298 (SolarView Compact ver.6.00 allows
attackers to access sensitive
CVE-2022-29297
RESERVED
CVE-2022-29296 (A reflected cross-site scripting (XSS) vulnerability in the
login port ...)
- TODO: check
+ NOT-FOR-US: Avantune Genialcloud ProJ
CVE-2022-29295
RESERVED
CVE-2022-29294
@@ -9832,7 +9832,7 @@ CVE-2022-29257
CVE-2022-29256 (sharp is an application for Node.js image processing. Prior to
version ...)
NOT-FOR-US: lovell/sharp
CVE-2022-29255 (Vyper is a Pythonic Smart Contract Language for the ethereum
virtual m ...)
- TODO: check
+ NOT-FOR-US: Vyper
CVE-2022-29254 (silverstripe-omnipay is a SilverStripe integration with
Omnipay PHP pa ...)
TODO: check
CVE-2022-29253 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
@@ -10568,9 +10568,9 @@ CVE-2022-29016
CVE-2022-29015
RESERVED
CVE-2022-29014 (A local file inclusion vulnerability in Razer Sila Gaming
Router v2.0. ...)
- TODO: check
+ NOT-FOR-US: Razer Sila Gaming Router
CVE-2022-29013 (A command injection in the command parameter of Razer Sila
Gaming Rout ...)
- TODO: check
+ NOT-FOR-US: Razer Sila Gaming Router
CVE-2022-29012
RESERVED
CVE-2022-29011
@@ -11059,7 +11059,7 @@ CVE-2022-28797
CVE-2022-28795 (A vulnerability within the Avira Password Manager Browser
Extensions p ...)
NOT-FOR-US: Avira Password Manager Browser Extensions
CVE-2022-28794 (Sensitive information exposure in low-battery dumpstate log
prior to S ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2022-28793 (Given the TEE is compromised and controlled by the attacker,
improper ...)
NOT-FOR-US: Samsung
CVE-2022-28792 (DLL hijacking vulnerability in Gear IconX PC Manager prior to
version ...)
@@ -11937,9 +11937,9 @@ CVE-2022-28481 (CSV-Safe gem < 3.0.0 doesn't filter
out special characters wh
CVE-2022-28480 (ALLMediaServer 1.6 is vulnerable to Buffer Overflow via
MediaServer.ex ...)
NOT-FOR-US: ALLMediaServer
CVE-2022-28479 (SeedDMS versions 6.0.18 and 5.1.25 and below are vulnerable to
stored ...)
- TODO: check
+ NOT-FOR-US: SeedDMS
CVE-2022-28478 (SeedDMS 6.0.17 and 5.1.24 are vulnerable to Directory
Traversal. The " ...)
- TODO: check
+ NOT-FOR-US: SeedDMS
CVE-2022-28477 (WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS).
...)
NOT-FOR-US: WBCE CMS
CVE-2022-28476
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7811d98e06e82268569508510da1385c60e4e1df
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7811d98e06e82268569508510da1385c60e4e1df
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
