[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) Tue, 12 Jul 2022 09:01:39 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2813d3b9 by Salvatore Bonaccorso at 2022-07-12T18:00:57+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2022-35648 (Nautilus treadmills T616 S/N 100672PRO21140001 through 
100672PRO211719 ...)
-       TODO: check
+       NOT-FOR-US: Nautilus treadmills
 CVE-2022-35647
        RESERVED
 CVE-2022-35646
@@ -6475,7 +6475,7 @@ CVE-2022-33049 (Online Railway Reservation System v1.0 
was discovered to contain
 CVE-2022-33048 (Online Railway Reservation System v1.0 was discovered to 
contain a SQL ...)
        NOT-FOR-US: Online Railway Reservation System
 CVE-2022-33047 (OTFCC v0.10.4 was discovered to contain a heap buffer overflow 
after f ...)
-       TODO: check
+       NOT-FOR-US: OTFCC
 CVE-2022-33046
        RESERVED
 CVE-2022-33045
@@ -9456,7 +9456,7 @@ CVE-2022-31906 (Online Fire Reporting System v1.0 is 
vulnerable to Cross Site Sc
 CVE-2022-31905
        RESERVED
 CVE-2022-31904 (EGT-Kommunikationstechnik UG Mediacenter before v2.0 was 
discovered to ...)
-       TODO: check
+       NOT-FOR-US: EGT-Kommunikationstechnik UG Mediacenter
 CVE-2022-31903
        RESERVED
 CVE-2022-31902
@@ -12109,7 +12109,7 @@ CVE-2022-1795 (Use After Free in GitHub repository 
gpac/gpac prior to v2.1.0-DEV
        NOTE: https://huntr.dev/bounties/9c312763-41a6-4fc7-827b-269eb86efcbc
        NOTE: 
https://github.com/gpac/gpac/commit/c535bad50d5812d27ee5b22b54371bddec411514
 CVE-2022-1794 (The CODESYS OPC DA Server prior V3.5.18.20 stores PLC passwords 
as pla ...)
-       TODO: check
+       NOT-FOR-US: CODESYS
 CVE-2022-1793 (The Private Files WordPress plugin through 0.40 is missing CSRF 
check  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-1792 (The Quick Subscribe WordPress plugin through 1.7.1 does not 
have CSRF  ...)
@@ -12338,27 +12338,27 @@ CVE-2022-30938
 CVE-2022-30937 (A vulnerability has been identified in EN100 Ethernet module 
DNP3 IP v ...)
        NOT-FOR-US: Siemens
 CVE-2022-30792 (In CmpChannelServer of CODESYS V3 in multiple versions an 
uncontrolled ...)
-       TODO: check
+       NOT-FOR-US: CODESYS
 CVE-2022-30791 (In CmpBlkDrvTcp of CODESYS V3 in multiple versions an 
uncontrolled res ...)
-       TODO: check
+       NOT-FOR-US: CODESYS
 CVE-2022-30758 (Implicit Intent hijacking vulnerability in Finder prior to SMR 
Jul-202 ...)
        TODO: check
 CVE-2022-30757 (Improper authorization in isemtelephony prior to SMR Jul-2022 
Release  ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2022-30756 (Implicit Intent hijacking vulnerability in Finder prior to SMR 
Jul-202 ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2022-30755 (Improper authentication vulnerability in AppLock prior to SMR 
Jul-2022 ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2022-30754 (Implicit Intent hijacking vulnerability in AppLinker prior to 
SMR Jul- ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2022-30753 (Improper use of a unique device ID in unprotected 
SecSoterService prio ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2022-30752 (Improper access control vulnerability in sendDHCPACKBroadcast 
function ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2022-30751 (Improper access control vulnerability in sendDHCPACKBroadcast 
function ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2022-30750 (Improper access control vulnerability in 
updateLastConnectedClientInfo ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2022-30749 (Improper access control vulnerability in Smart Things prior to 
1.7.85. ...)
        NOT-FOR-US: Samsung
 CVE-2022-30748 (Unprotected dynamic receiver in Samsung Members prior to 
version 4.2.0 ...)
@@ -19163,7 +19163,7 @@ CVE-2022-28625
 CVE-2022-28624 (A potential security vulnerability has been identified in 
certain HPE  ...)
        TODO: check
 CVE-2022-28623 (Security vulnerabilities in HPE IceWall SSO 10.0 certd could 
be exploi ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2022-28622 (A potential security vulnerability has been identified in HPE 
StoreOnc ...)
        NOT-FOR-US: HPE
 CVE-2022-28621 (A remote disclosure of sensitive information vulnerability was 
discove ...)
@@ -21435,7 +21435,7 @@ CVE-2022-1098 (Delta Electronics DIAEnergie (all 
versions prior to 1.8.02.004) a
 CVE-2021-46742 (The multi-window module has a vulnerability of unauthorized 
insertion  ...)
        NOT-FOR-US: Harmony OS
 CVE-2021-46741 (The basic framework and setting module have defects, which 
were introd ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2021-46740 (The device authentication service module has a defect 
vulnerability in ...)
        NOT-FOR-US: Harmony OS
 CVE-2022-27887 (Maccms v10 was discovered to contain a reflected cross-site 
scripting  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2813d3b994ef518b13a005b36fe193fdeed3abf2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2813d3b994ef518b13a005b36fe193fdeed3abf2
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to