[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 21 Jun 2022 13:28:38 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
103bde87 by Salvatore Bonaccorso at 2022-06-21T22:28:01+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -382,7 +382,7 @@ CVE-2022-34010
 CVE-2022-34009
        RESERVED
 CVE-2022-34008 (Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows 
privile ...)
-       TODO: check
+       NOT-FOR-US: Comodo Antivirus
 CVE-2022-34007
        RESERVED
 CVE-2022-34006 (An issue was discovered in TitanFTP (aka Titan FTP) NextGen 
before 1.2 ...)
@@ -411,7 +411,7 @@ CVE-2022-33997
 CVE-2022-33996
        RESERVED
 CVE-2022-33995 (A path traversal issue in entry attachments in Devolutions 
Remote Desk ...)
-       TODO: check
+       NOT-FOR-US: Devolutions
 CVE-2022-33994
        RESERVED
 CVE-2017-20091
@@ -554,7 +554,7 @@ CVE-2017-20067 (A vulnerability was found in Hindu 
Matrimonial Script. It has be
 CVE-2017-20066 (A vulnerability has been found in Adminer Login 1.4.4 and 
classified a ...)
        TODO: check
 CVE-2017-20065 (A vulnerability was found in Supsystic Popup Plugin 1.7.6 and 
classifi ...)
-       TODO: check
+       NOT-FOR-US: Supsystic Popup Plugin
 CVE-2017-20064 (A vulnerability was found in Elefant CMS 1.3.12-RC. It has 
been declar ...)
        NOT-FOR-US: Elefant CMS
 CVE-2017-20063 (A vulnerability was found in Elefant CMS 1.3.12-RC. It has 
been classi ...)
@@ -2427,7 +2427,7 @@ CVE-2022-33147
 CVE-2022-33140 (The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 
1.16.2 an ...)
        NOT-FOR-US: Apache NiFi
 CVE-2022-33139 (A vulnerability has been identified in SIMATIC WinCC OA V3.16 
(All ver ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-33138
        RESERVED
 CVE-2022-33137
@@ -2467,7 +2467,7 @@ CVE-2022-33121
 CVE-2022-33120
        RESERVED
 CVE-2022-33119 (NUUO Network Video Recorder NVRsolo v03.06.02 was discovered 
to contai ...)
-       TODO: check
+       NOT-FOR-US: NUUO Network Video Recorder NVRsolo
 CVE-2022-33118
        RESERVED
 CVE-2022-33117
@@ -2593,9 +2593,9 @@ CVE-2022-33058
 CVE-2022-33057
        RESERVED
 CVE-2022-33056 (Online Railway Reservation System v1.0 was discovered to 
contain a SQL ...)
-       TODO: check
+       NOT-FOR-US: Online Railway Reservation System
 CVE-2022-33055 (Online Railway Reservation System v1.0 was discovered to 
contain a SQL ...)
-       TODO: check
+       NOT-FOR-US: Online Railway Reservation System
 CVE-2022-33054
        RESERVED
 CVE-2022-33053
@@ -2607,9 +2607,9 @@ CVE-2022-33051
 CVE-2022-33050
        RESERVED
 CVE-2022-33049 (Online Railway Reservation System v1.0 was discovered to 
contain a SQL ...)
-       TODO: check
+       NOT-FOR-US: Online Railway Reservation System
 CVE-2022-33048 (Online Railway Reservation System v1.0 was discovered to 
contain a SQL ...)
-       TODO: check
+       NOT-FOR-US: Online Railway Reservation System
 CVE-2022-33047
        RESERVED
 CVE-2022-33046
@@ -4181,7 +4181,7 @@ CVE-2022-32416
 CVE-2022-32415
        RESERVED
 CVE-2022-32414 (Nginx NJS v0.7.2 was discovered to contain a segmentation 
violation in ...)
-       TODO: check
+       NOT-FOR-US: njs
 CVE-2022-32413
        RESERVED
 CVE-2022-32412
@@ -5695,9 +5695,9 @@ CVE-2022-31803
 CVE-2022-31802
        RESERVED
 CVE-2022-31801 (An unauthenticated, remote attacker could upload malicious 
logic to th ...)
-       TODO: check
+       NOT-FOR-US: ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool
 CVE-2022-31800 (An unauthenticated, remote attacker could upload malicious 
logic to de ...)
-       TODO: check
+       NOT-FOR-US: ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool
 CVE-2022-1945 (The Coming Soon &amp; Maintenance Mode by Colorlib WordPress 
plugin be ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-1944 (When the feature is configured, improper authorization in the 
Interact ...)
@@ -5820,7 +5820,7 @@ CVE-2022-31788 (IdeaLMS 2022 allows SQL injection via the 
IdeaLMS/ChatRoom/Class
 CVE-2022-31787
        RESERVED
 CVE-2022-31786 (IdeaLMS 2022 allows reflected Cross Site Scripting (XSS) via 
the IdeaL ...)
-       TODO: check
+       NOT-FOR-US: IdeaLMS
 CVE-2022-31785
        RESERVED
 CVE-2022-31784 (A vulnerability in the management interface of MiVoice 
Business throug ...)
@@ -6900,7 +6900,7 @@ CVE-2022-31480 (An unauthenticated attacker could 
arbitrarily upload firmware fi
 CVE-2022-31479 (An unauthenticated attacker can update the hostname with a 
specially c ...)
        NOT-FOR-US: HID Mercury Intelligent Controllers
 CVE-2022-31478 (The UserTakeOver plugin before 4.0.1 for ILIAS allows an 
attacker to l ...)
-       TODO: check
+       NOT-FOR-US: UserTakeOver plugin for ILIAS
 CVE-2022-1841
        RESERVED
 CVE-2022-1840 (A vulnerability, which was classified as problematic, has been 
found i ...)
@@ -7104,9 +7104,9 @@ CVE-2022-31376
 CVE-2022-31375
        RESERVED
 CVE-2022-31374 (An arbitrary file upload vulnerability 
/images/background/1.php in of  ...)
-       TODO: check
+       NOT-FOR-US: SolarView Compact
 CVE-2022-31373 (SolarView Compact v6.0 was discovered to contain a cross-site 
scriptin ...)
-       TODO: check
+       NOT-FOR-US: SolarView Compact
 CVE-2022-31372 (Wiris Mathtype v7.28.0 was discovered to contain a path 
traversal vuln ...)
        NOT-FOR-US: Wiris Mathtype
 CVE-2022-31371
@@ -7238,17 +7238,17 @@ CVE-2022-31309 (A vulnerability in live_check.shtml of 
WAVLINK AERIAL X 1200M M7
 CVE-2022-31308 (A vulnerability in live_mfg.shtml of WAVLINK AERIAL X 1200M 
M79X3.V503 ...)
        NOT-FOR-US: WAVLINK
 CVE-2022-31307 (Nginx NJS v0.7.2 was discovered to contain a segmentation 
violation in ...)
-       TODO: check
+       NOT-FOR-US: njs
 CVE-2022-31306 (Nginx NJS v0.7.2 was discovered to contain a segmentation 
violation in ...)
-       TODO: check
+       NOT-FOR-US: njs
 CVE-2022-31305
        RESERVED
 CVE-2022-31304
        RESERVED
 CVE-2022-31303 (maccms10 was discovered to contain a stored cross-site 
scripting (XSS) ...)
-       TODO: check
+       NOT-FOR-US: maccms10
 CVE-2022-31302 (maccms8 was discovered to contain a stored cross-site 
scripting (XSS)  ...)
-       TODO: check
+       NOT-FOR-US: maccms8
 CVE-2022-31301 (Haraj v3.7 was discovered to contain a stored cross-site 
scripting (XS ...)
        NOT-FOR-US: Haraj
 CVE-2022-31300 (A cross-site scripting vulnerability in the DM Section 
component of Ha ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/103bde874e81169142538893f7181cd89e9eb42f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/103bde874e81169142538893f7181cd89e9eb42f
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to