Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
49c47716 by Moritz Muehlenhoff at 2022-06-14T16:15:06+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1034,11 +1034,14 @@ CVE-2022-32743
CVE-2022-32742
RESERVED
CVE-2022-32741 (Attacker is able to determine if the provided username exists
(and it' ...)
- TODO: check
+ NOT-FOR-US: OTRS
+ NOTE: Issue is listed as specific to 7.x and 8.x, so won't affect Znuny
which forked from 6.x
CVE-2022-32740 (A reply to a forwarded email article by a 3rd party could
unintensiona ...)
- TODO: check
+ NOT-FOR-US: OTRS
+ NOTE: Issue is listed as specific to 7.x and 8.x, so won't affect Znuny
which forked from 6.x
CVE-2022-32739 (When Secure::DisableBanner system configuration has been
disabled and ...)
- TODO: check
+ NOT-FOR-US: OTRS
+ NOTE: Issue is listed as specific to 7.x and 8.x, so won't affect Znuny
which forked from 6.x
CVE-2022-32573
RESERVED
CVE-2022-30605
@@ -1370,21 +1373,21 @@ CVE-2022-32567
CVE-2022-32566
RESERVED
CVE-2022-32565 (An issue was discovered in Couchbase Server before 7.0.4. The
Backup S ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2022-32564 (An issue was discovered in Couchbase Server before 7.0.4. In
couchbase ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2022-32563 (An issue was discovered in Couchbase Sync Gateway 3.x before
3.0.2. Ad ...)
NOT-FOR-US: Couchbase Sync Gateway
CVE-2022-32562 (An issue was discovered in Couchbase Server before 7.0.4.
Operations m ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2022-32561
RESERVED
CVE-2022-32560 (An issue was discovered in Couchbase Server before 7.0.4. XDCR
lacks r ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2022-32559
RESERVED
CVE-2022-32558 (An issue was discovered in Couchbase Server before 7.0.4.
Sample bucke ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2022-32557
RESERVED
CVE-2022-32556
@@ -1768,7 +1771,7 @@ CVE-2017-20043 (A vulnerability was found in Navetti
PricePoint 4.6.0.0 and clas
CVE-2017-20042 (A vulnerability has been found in Navetti PricePoint 4.6.0.0
and class ...)
NOT-FOR-US: Navetti PricePoint
CVE-2017-20041 (A vulnerability was found in Ucweb UC Browser 11.2.5.932. It
has been ...)
- TODO: check
+ NOT-FOR-US: Ucweb UC Browser
CVE-2022-32452
RESERVED
CVE-2022-32451
@@ -2516,9 +2519,9 @@ CVE-2022-32195 (Open edX platform before 2022-06-06
allows XSS via the "next" pa
CVE-2022-32194
RESERVED
CVE-2022-32193 (Couchbase Server 6.6.x through 7.x before 7.0.4 exposes
Sensitive Info ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2022-32192 (Couchbase Server 5.x through 7.x before 7.0.4 exposes
Sensitive Inform ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2022-32191
RESERVED
CVE-2022-32190
@@ -3581,31 +3584,31 @@ CVE-2022-1903
CVE-2020-36528 (A vulnerability, which was classified as critical, was found
in Platin ...)
NOT-FOR-US: Platinum Mobile
CVE-2022-31763 (The kernel module has the null pointer and out-of-bounds array
vulnera ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-31762 (The AMS module has a vulnerability in input validation.
Successful exp ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-31761 (Configuration defects in the secure OS module. Successful
exploitation ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-31760 (Dialog boxes can still be displayed even if the screen is
locked in ca ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-31759 (AppLink has a vulnerability of accessing uninitialized
pointers. Succe ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-31758 (The kernel module has the race condition vulnerability.
Successful exp ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-31757 (The setting module has a vulnerability of improper use of
APIs. Succes ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-31756 (The fingerprint sensor module has design defects. Successful
exploitat ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-31755 (The communication module has a vulnerability of improper
permission pr ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-31754 (Logical defects in code implementation in some products.
Successful ex ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-31753 (The voice wakeup module has a vulnerability of using
externally-contro ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-31752 (Missing authorization vulnerability in the system components.
Successf ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-31751 (The kernel emcom module has multi-thread contention.
Successful exploi ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-31750
RESERVED
CVE-2022-1902
@@ -3616,15 +3619,15 @@ CVE-2022-1901
CVE-2022-1900 (The Copify plugin for WordPress is vulnerable to Cross-Site
Request Fo ...)
NOT-FOR-US: Copify plugin for WordPress
CVE-2021-46815 (Configuration defects in the secure OS module. Successful
exploitation ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-46814 (The video framework has an out-of-bounds memory read/write
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-46813 (Vulnerability of residual files not being deleted after an
update in t ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-46812 (The Device Manager has a vulnerability in multi-device
interaction. Su ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-46811 (HwSEServiceAPP has a vulnerability in permission management.
Successfu ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-36527 (A vulnerability, which was classified as problematic, has been
found i ...)
NOT-FOR-US: Atlassian
CVE-2020-36526 (A vulnerability classified as problematic was found in
Countdown Timer ...)
@@ -3927,7 +3930,7 @@ CVE-2022-31650 (In SoX 14.4.2, there is a floating-point
exception in lsx_aiffst
[buster] - sox <no-dsa> (Minor issue)
NOTE: https://sourceforge.net/p/sox/bugs/360/
CVE-2022-31649 (ownCloud owncloud/core before 10.10.0 Improperly Removes
Sensitive Inf ...)
- TODO: check
+ - owncloud <removed>
CVE-2022-31648 (Talend Administration Center is vulnerable to a reflected
Cross-Site S ...)
NOT-FOR-US: Talend Administration Center
CVE-2022-31647
@@ -4072,7 +4075,7 @@ CVE-2022-1882 (A use-after-free flaw was found in the
Linux kernel’s pipes
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2089701
NOTE:
https://lore.kernel.org/lkml/[email protected]/T/
CVE-2022-27176 (Incomplete filtering of special elements vulnerability exists
in RevoW ...)
- TODO: check
+ NOT-FOR-US: RevoWorks
CVE-2022-1881
RESERVED
CVE-2022-1880
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49c477165acd8bcfb925d05b5e102fdbdfaf2cea
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49c477165acd8bcfb925d05b5e102fdbdfaf2cea
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
