Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f5c0aebb by Moritz Muehlenhoff at 2022-07-25T20:26:37+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -29,9 +29,9 @@ CVE-2022-2525
CVE-2022-2524
RESERVED
CVE-2017-20145 (A vulnerability was found in Tecrail Responsive Filemanger up
to 9.10. ...)
- TODO: check
+ NOT-FOR-US: Tecrail Responsive Filemanger
CVE-2017-20144 (A vulnerability has been found in Anvsoft PDFMate PDF
Converter Pro 1. ...)
- TODO: check
+ NOT-FOR-US: Anvsoft PDFMate PDF Converter Pro
CVE-2022-36400
RESERVED
CVE-2022-36392
@@ -33911,7 +33911,7 @@ CVE-2022-0472 (Unrestricted Upload of File with
Dangerous Type in Packagist jsde
CVE-2022-0471 (The Favicon by RealFaviconGenerator WordPress plugin before
1.3.23 doe ...)
NOT-FOR-US: WordPress plugin
CVE-2022-24294 (A regular expression used in Apache MXNet (incubating) is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: Apache MXNet
CVE-2022-24293 (Certain HP Print devices may be vulnerable to potential
information di ...)
NOT-FOR-US: HP
CVE-2022-24292 (Certain HP Print devices may be vulnerable to potential
information di ...)
@@ -175578,7 +175578,7 @@ CVE-2020-7643 (paypal-adaptive through 0.4.2
manipulation of JavaScript objects
CVE-2020-7642 (lazysizes through 5.2.0 allows execution of malicious
JavaScript. The ...)
NOT-FOR-US: Node lazysizes
CVE-2020-7641 (This affects all versions of package grunt-util-property. The
function ...)
- TODO: check
+ NOT-FOR-US: Node grunt-util-property
CVE-2020-7640 (pixl-class prior to 1.0.3 allows execution of arbitrary
commands. The ...)
NOT-FOR-US: Node pixl-class
CVE-2020-7639 (eivindfjeldstad-dot below 1.0.3 is vulnerable to Prototype
Pollution.T ...)
@@ -221713,7 +221713,7 @@ CVE-2019-10802 (giting version prior to 0.0.8 allows
execution of arbritary comm
CVE-2019-10801 (enpeem through 2.2.0 allows execution of arbitrary commands.
The "opti ...)
NOT-FOR-US: Node enpeem
CVE-2019-10800 (This affects the package codecov before 2.0.16. The
vulnerability occu ...)
- TODO: check
+ NOT-FOR-US: codecov
CVE-2019-10799 (compile-sass prior to 1.0.5 allows execution of arbritary
commands. Th ...)
NOT-FOR-US: Node module compile-sass
CVE-2019-10798 (rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript
objects r ...)
@@ -221813,7 +221813,7 @@ CVE-2019-10763 (pimcore/pimcore before 6.3.0 is
vulnerable to SQL Injection. An
CVE-2019-10762 (columnQuote in medoo before 1.7.5 allows remote attackers to
perform a ...)
NOT-FOR-US: medoo
CVE-2019-10761 (This affects the package vm2 before 3.6.11. It is possible to
trigger ...)
- TODO: check
+ NOT-FOR-US: vm2
CVE-2019-10760 (safer-eval before 1.3.2 are vulnerable to Arbitrary Code
Execution. A ...)
NOT-FOR-US: safer-eval Node module
CVE-2019-10759 (safer-eval before 1.3.4 are vulnerable to Arbitrary Code
Execution. A ...)
@@ -390710,7 +390710,7 @@ CVE-2015-7984 (Multiple cross-site request forgery
(CSRF) vulnerabilities in Hor
NOTE:
https://github.com/horde/horde/commit/a199d74932c902844514b2a83d21e7e221257dae
NOTE:
http://lists.horde.org/archives/dev/Week-of-Mon-20141201/028821.html
CVE-2015-8031 (Hudson (aka org.jvnet.hudson.main:hudson-core) before 3.3.2
allows XXE ...)
- TODO: check
+ NOT-FOR-US: Hudson
CVE-2015-8030 (SAP 3D Visual Enterprise Viewer (VEV) allows remote attackers
to execu ...)
NOT-FOR-US: SAP
CVE-2015-8029 (SAP 3D Visual Enterprise Viewer (VEV) allows remote attackers
to execu ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f5c0aebbb22b124bcb3b050bd51db1217aa1c255
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f5c0aebbb22b124bcb3b050bd51db1217aa1c255
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
