[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) Thu, 18 Aug 2022 01:45:58 -0700


Neil Williams pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a5b30f6c by Neil Williams at 2022-08-18T09:45:12+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4180,7 +4180,7 @@ CVE-2022-35401
 CVE-2022-2548
        RESERVED
 CVE-2022-2547 (A crafted HTTP packet without a content-type header can create 
a denia ...)
-       TODO: check
+       NOT-FOR-US: Softing Industrial Automation
 CVE-2022-36787
        RESERVED
 CVE-2022-36786
@@ -7855,15 +7855,15 @@ CVE-2022-33150
 CVE-2022-2339 (With this SSRF vulnerability, an attacker can reach internal 
addresses ...)
        NOT-FOR-US: nocodb
 CVE-2022-2338 (Softing Secure Integration Server V1.22 is vulnerable to 
authenticatio ...)
-       TODO: check
+       NOT-FOR-US: Softing Industrial Automation
 CVE-2022-2337 (A crafted HTTP packet with a missing HTTP URI can create a 
denial-of-s ...)
-       TODO: check
+       NOT-FOR-US: Softing Industrial Automation
 CVE-2022-2336 (Softing Secure Integration Server, edgeConnector, and 
edgeAggregator s ...)
-       TODO: check
+       NOT-FOR-US: Softing Industrial Automation
 CVE-2022-2335 (A crafted HTTP packet with a -1 content-length header can 
create a den ...)
-       TODO: check
+       NOT-FOR-US: Softing Industrial Automation
 CVE-2022-2334 (The application searches for a library dll that is not found. 
If an at ...)
-       TODO: check
+       NOT-FOR-US: Softing Industrial Automation
 CVE-2022-2333
        RESERVED
 CVE-2022-2332
@@ -19541,7 +19541,7 @@ CVE-2022-1750 (The Sticky Popup plugin for WordPress is 
vulnerable to Stored Cro
 CVE-2022-1749 (The WPMK Ajax Finder WordPress plugin is vulnerable to 
Cross-Site Requ ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-1748 (Softing OPC UA C++ Server SDK, Secure Integration Server, 
edgeConnecto ...)
-       TODO: check
+       NOT-FOR-US: Softing Industrial Automation
 CVE-2022-1747 (The authentication mechanism used by voters to activate a 
voting sessi ...)
        NOT-FOR-US: Dominion
 CVE-2022-1746 (The authentication mechanism used by poll workers to administer 
voting ...)
@@ -24537,7 +24537,7 @@ CVE-2022-1375 (Delta Electronics DIAEnergie (All 
versions prior to 1.8.02.004) h
 CVE-2022-1374 (Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) 
has a  ...)
        NOT-FOR-US: Delta Electronics
 CVE-2022-1373 (The &#8220;restore configuration&#8221; feature of Softing 
Secure Inte ...)
-       TODO: check
+       NOT-FOR-US: Softing Industrial Automation
 CVE-2022-1372 (Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) 
has a  ...)
        NOT-FOR-US: Delta Electronics
 CVE-2022-1371 (Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) 
has a  ...)
@@ -28820,7 +28820,7 @@ CVE-2022-1071 (User after free in mrb_vm_exec in GitHub 
repository mruby/mruby p
 CVE-2022-1070
        RESERVED
 CVE-2022-1069 (A crafted HTTP packet with a large content-length header can 
create a  ...)
-       TODO: check
+       NOT-FOR-US: Softing Industrial Automation
 CVE-2022-1068 (Modbus Tools Modbus Slave (versions 7.4.2 and prior) is 
vulnerable to  ...)
        NOT-FOR-US: Modbus Tools Modbus Slave
 CVE-2022-1067 (Navigating to a specific URL with a patient ID number will 
result in t ...)
@@ -93310,9 +93310,9 @@ CVE-2021-30073
 CVE-2021-30072 (An issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 
devices. ...)
        NOT-FOR-US: D-Link
 CVE-2021-30071 (A cross-site scripting (XSS) vulnerability in 
/admin/list_key.html of  ...)
-       TODO: check
+       NOT-FOR-US: Hestia Control Panel
 CVE-2021-30070 (An issue was discovered in HestiaCP before v1.3.5. Attackers 
are able  ...)
-       TODO: check
+       NOT-FOR-US: Hestia Control Panel
 CVE-2021-30069
        RESERVED
 CVE-2021-30068
@@ -101846,7 +101846,7 @@ CVE-2021-26641
 CVE-2021-26640
        RESERVED
 CVE-2021-26639 (This vulnerability is caused by the lack of validation of 
input values ...)
-       TODO: check
+       NOT-FOR-US: WISA Smart Wing CMS
 CVE-2021-26638 (Improper Authentication vulnerability in S&amp;D 
smarthome(smartcare)  ...)
        NOT-FOR-US: SmartHome Android app
 CVE-2021-26637 (There is no account authentication and permission check logic 
in the f ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5b30f6ca04b0f20f473cc2511dc2c82a10b9393

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5b30f6ca04b0f20f473cc2511dc2c82a10b9393
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to