Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
62b57988 by Salvatore Bonaccorso at 2022-07-13T10:18:03+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1184,15 +1184,15 @@ CVE-2022-35230 (An authenticated user can create a link
with reflected Javascrip
CVE-2022-35229 (An authenticated user can create a link with reflected
Javascript code ...)
TODO: check
CVE-2022-35228 (SAP BusinessObjects CMC allows an unauthenticated attacker to
retrieve ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-35227 (A vulnerability in SAP NW EP (WPC) - versions 7.30, 7.31,
7.40, 7.50, ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-35226
RESERVED
CVE-2022-35225 (SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20,
7.30, 7.3 ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-35224 (SAP Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31,
7.40, 7 ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-35223
RESERVED
CVE-2022-35222
@@ -1337,15 +1337,15 @@ CVE-2022-35174
CVE-2022-35173
RESERVED
CVE-2022-35172 (SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20,
7.30, 7.3 ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-35171 (When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files
receive ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-35170 (SAP NetWeaver Enterprise Portal does - versions 7.10, 7.11,
7.20, 7.30 ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-35169 (SAP BusinessObjects Business Intelligence Platform (LCM) -
versions 42 ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-35168 (Due to improper input sanitization of XML input in SAP
Business One - ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-35167
RESERVED
CVE-2022-35166
@@ -8759,13 +8759,13 @@ CVE-2022-32250 (net/netfilter/nf_tables_api.c in the
Linux kernel through 5.18.1
NOTE:
https://git.kernel.org/linus/520778042ccca019f3ffa136dd0ca565c486cedd
NOTE: Was previously also tracked as CVE-2022-1966
CVE-2022-32249 (Under special integration scenario of SAP Business one and SAP
HANA - ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-32248 (Due to missing input validation in the Manage Checkbooks
component of ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-32247 (SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20,
7.30, 7.3 ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-32246 (SAP Busines Objects Business Intelligence Platform (Visual
Difference ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-32245
RESERVED
CVE-2022-32244
@@ -10858,9 +10858,9 @@ CVE-2013-10003 (A vulnerability classified as critical
has been found in Telecom
CVE-2013-10002 (A vulnerability was found in Telecommunication Software SAMwin
Contact ...)
NOT-FOR-US: Telecommunication Software SAMwin Contact Center Suite
CVE-2022-31598 (Due to insufficient input validation, SAP Business Objects -
version 4 ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-31597 (Within SAP S/4HANA - versions S4CORE 101, 102, 103, 104, 105,
106, SAP ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-31596
RESERVED
CVE-2022-31595 (SAP Financial Consolidation - version 1010,�does not
perform ne ...)
@@ -10868,11 +10868,11 @@ CVE-2022-31595 (SAP Financial Consolidation - version
1010,�does not perf
CVE-2022-31594 (A highly privileged user can exploit SUID-root program to
escalate his ...)
NOT-FOR-US: SAP
CVE-2022-31593 (SAP Business One client - version 10.0 allows an attacker with
low pri ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-31592 (The application SAP Enterprise Extension Defense Forces &
Public S ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-31591 (SAP BusinessObjects BW Publisher Service - versions 420, 430,
uses a s ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-31590 (SAP PowerDesigner Proxy - version 16.7, allows an attacker
with low pr ...)
NOT-FOR-US: SAP
CVE-2022-31589 (Due to improper authorization check, business users who are
using Isra ...)
@@ -16493,7 +16493,7 @@ CVE-2022-29621
CVE-2022-29620 (** DISPUTED ** FileZilla v3.59.0 allows attackers to obtain
cleartext ...)
NOT-FOR-US: Disputed Filezilla issue
CVE-2022-29619 (Under certain conditions SAP BusinessObjects Business
Intelligence Pla ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-29618 (Due to insufficient input validation, SAP NetWeaver
Development Infras ...)
NOT-FOR-US: SAP
CVE-2022-29617 (Due to improper error handling an authenticated user can crash
CLA ass ...)
@@ -18901,7 +18901,7 @@ CVE-2022-28773 (Due to an uncontrolled recursion in SAP
Web Dispatcher and SAP I
CVE-2022-28772 (By overlong input values an attacker may force overwrite of
the intern ...)
NOT-FOR-US: SAP
CVE-2022-28771 (Due to missing authentication check, SAP Business one License
service ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-28770 (Due to insufficient input validation, SAPUI5 library(vbm) -
versions 7 ...)
NOT-FOR-US: SAP
CVE-2022-28769
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/62b579888a40fe120d79974509f5b29006069e66
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/62b579888a40fe120d79974509f5b29006069e66
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
