Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
24729270 by Salvatore Bonaccorso at 2022-08-15T22:12:12+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4643,7 +4643,7 @@ CVE-2022-2537
CVE-2022-2536
RESERVED
CVE-2022-2535 (The SearchWP Live Ajax Search WordPress plugin before 1.6.2
does not e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-2534 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
- gitlab <unfixed>
CVE-2022-2533
@@ -6741,22 +6741,22 @@ CVE-2022-35627
CVE-2022-2385 (A security issue was discovered in aws-iam-authenticator where
an allo ...)
NOT-FOR-US: Kubernetes aws-iam-authenticator
CVE-2022-2384 (The Digital Publications by Supsystic WordPress plugin before
1.7.4 do ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-2383
RESERVED
CVE-2022-2382
RESERVED
CVE-2022-2381 (The E Unlocked - Student Result WordPress plugin through 1.0.4
is lack ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-2380 (The Linux kernel was found vulnerable out of bounds memory
access in t ...)
- linux 5.17.3-1
[bullseye] - linux 5.10.113-1
[buster] - linux 4.19.249-1
NOTE:
https://git.kernel.org/linus/bd771cf5c4254511cc4abb88f3dab3bd58bdf8e8 (5.18-rc1)
CVE-2022-2379 (The Easy Student Results WordPress plugin through 2.2.8 lacks
authoris ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-2378 (The Easy Student Results WordPress plugin through 2.2.8 does
not sanit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-2377
RESERVED
CVE-2022-2376
@@ -7238,7 +7238,7 @@ CVE-2022-2356 (The Frontend File Manager & Sharing
WordPress plugin before 1
CVE-2022-2355 (The Easy Username Updater WordPress plugin before 1.0.5 does
not imple ...)
NOT-FOR-US: WordPress plugin
CVE-2022-2354 (The WP-DBManager WordPress plugin before 2.80.8 does not
prevent admin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-35411 (rpc.py through 0.6.0 allows Remote Code Execution because an
unpickle ...)
NOT-FOR-US: rpc.py
CVE-2022-35410 (mat2 (aka metadata anonymisation toolkit) before 0.13.0 allows
../ dir ...)
@@ -7741,7 +7741,7 @@ CVE-2022-2316 (HTML injection vulnerability in secure
messages of Devolutions Se
CVE-2022-2315
RESERVED
CVE-2022-2314 (The VR Calendar WordPress plugin through 2.2.2 lets any user
execute a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-2313 (A DLL hijacking vulnerability in the MA Smart Installer for
Windows pr ...)
NOT-FOR-US: MA Smart Installer for Windows
CVE-2022-2312
@@ -10588,7 +10588,7 @@ CVE-2022-2153
NOTE:
https://git.kernel.org/linus/00b5f37189d24ac3ed46cb7f11742094778c46ce (5.18-rc1)
NOTE:
https://git.kernel.org/linus/b1e34d325397a33d97d845e312d7cf2a8b646b44 (5.18-rc1)
CVE-2022-2152 (The Duplicate Page and Post Plugin WordPress plugin through 2.7
does n ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-2151 (The Best Contact Management Software WordPress plugin through
3.7.3 do ...)
NOT-FOR-US: WordPress plugin
CVE-2022-2150
@@ -11354,7 +11354,7 @@ CVE-2022-33917 (An issue was discovered in the Arm Mali
GPU Kernel Driver (Valha
CVE-2022-2117 (The GiveWP plugin for WordPress is vulnerable to Sensitive
Information ...)
NOT-FOR-US: WordPress plugin
CVE-2022-2116 (The Contact Form DB WordPress plugin before 1.8.0 does not
sanitise an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-2115 (The Popup Anything WordPress plugin before 2.1.7 does not
sanitise and ...)
NOT-FOR-US: WordPress plugin
CVE-2022-2114 (The Data Tables Generator by Supsystic WordPress plugin before
1.10.20 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/247292703c8bf8507494fbaf08fe75b2d1b4127d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/247292703c8bf8507494fbaf08fe75b2d1b4127d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
