Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a69f26b8 by Salvatore Bonaccorso at 2022-07-04T11:29:29+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -33,7 +33,7 @@ CVE-2022-34911 (An issue was discovered in MediaWiki before
1.35.7, 1.36.x and 1
NOTE: https://phabricator.wikimedia.org/T308471
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/805208
CVE-2022-2290 (Cross-site Scripting (XSS) - Reflected in GitHub repository
zadam/tril ...)
- TODO: check
+ NOT-FOR-US: Trilium Notes
CVE-2022-2289 (Use After Free in GitHub repository vim/vim prior to 9.0. ...)
- vim <unfixed> (unimportant)
NOTE: https://huntr.dev/bounties/7447d2ea-db5b-4883-adf4-1eaf7deace64/
@@ -1677,7 +1677,7 @@ CVE-2022-34329
CVE-2022-34328 (PMB 7.3.10 allows reflected XSS via the id parameter in an
lvl=author_ ...)
NOT-FOR-US: PMB
CVE-2022-32284 (Use of insufficiently random values vulnerability exists in
Vnet/IP co ...)
- TODO: check
+ NOT-FOR-US: YOKOGAWA
CVE-2022-2185 (A critical issue has been discovered in GitLab affecting all
versions ...)
TODO: check
CVE-2022-2184
@@ -5890,7 +5890,7 @@ CVE-2022-28697
CVE-2022-2036 (Cross-site Scripting (XSS) - Stored in GitHub repository
francoisjacqu ...)
NOT-FOR-US: francoisjacquet/rosariosis
CVE-2022-32551 (Zoho ManageEngine ServiceDesk Plus MSP before 10604 allows
path traver ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2022-32550 (An issue was discovered in AgileBits 1Password, involving the
method v ...)
NOT-FOR-US: AgileBits 1Password
CVE-2022-32549 (Apache Sling Commons Log <= 5.4.0 and Apache Sling API
<= 2.25.0 ...)
@@ -6334,7 +6334,7 @@ CVE-2022-32422
CVE-2022-32421
RESERVED
CVE-2022-32420 (College Management System v1.0 was discovered to contain a
remote code ...)
- TODO: check
+ NOT-FOR-US: College Management System
CVE-2022-32419
RESERVED
CVE-2022-32418
@@ -6350,9 +6350,9 @@ CVE-2022-32414 (Nginx NJS v0.7.2 was discovered to
contain a segmentation violat
CVE-2022-32413
RESERVED
CVE-2022-32412 (An issue in the /template/edit component of HongCMS v3.0
allows attack ...)
- TODO: check
+ NOT-FOR-US: HongCMS
CVE-2022-32411 (An issue in the languages config file of HongCMS v3.0 allows
attackers ...)
- TODO: check
+ NOT-FOR-US: HongCMS
CVE-2022-32410
RESERVED
CVE-2022-32409
@@ -7283,11 +7283,11 @@ CVE-2022-32097
CVE-2022-32096
RESERVED
CVE-2022-32095 (Hospital Management System v1.0 was discovered to contain a
SQL inject ...)
- TODO: check
+ NOT-FOR-US: Hospital Management System
CVE-2022-32094 (Hospital Management System v1.0 was discovered to contain a
SQL inject ...)
- TODO: check
+ NOT-FOR-US: Hospital Management System
CVE-2022-32093 (Hospital Management System v1.0 was discovered to contain a
SQL inject ...)
- TODO: check
+ NOT-FOR-US: Hospital Management System
CVE-2022-32092 (D-Link DIR-645 v1.03 was discovered to contain a command
injection vul ...)
NOT-FOR-US: D-Link
CVE-2022-32091 (MariaDB v10.7 was discovered to contain an use-after-poison in
in __in ...)
@@ -7401,25 +7401,25 @@ CVE-2022-32055
CVE-2022-32054
RESERVED
CVE-2022-32053 (TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain
a stack ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2022-32052 (TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain
a stack ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2022-32051 (TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain
a stack ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2022-32050 (TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain
a stack ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2022-32049 (TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain
a stack ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2022-32048 (TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain
a stack ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2022-32047 (TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain
a stack ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2022-32046 (TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain
a stack ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2022-32045 (TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain
a stack ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2022-32044 (TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain
a stack ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2022-32043 (Tenda M3 V1.0.0.12 was discovered to contain a stack overflow
via the ...)
NOT-FOR-US: Tenda
CVE-2022-32042
@@ -7621,7 +7621,7 @@ CVE-2022-31945 (Rescue Dispatch Management System v1.0 is
vulnerable to Delete a
CVE-2022-31944
RESERVED
CVE-2022-31943 (MCMS v5.2.8 was discovered to contain an arbitrary file upload
vulnera ...)
- TODO: check
+ NOT-FOR-US: MCMS
CVE-2022-31942
RESERVED
CVE-2022-31941 (Rescue Dispatch Management System v1.0 is vulnerable to SQL
Injection ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a69f26b803c3660d4316ca7e0bfbf522819f2e80
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a69f26b803c3660d4316ca7e0bfbf522819f2e80
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
