Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
68a5a3b6 by Salvatore Bonaccorso at 2022-08-26T09:00:12+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -832,11 +832,11 @@ CVE-2022-38466
CVE-2022-38465
RESERVED
CVE-2022-38089 (Stored cross-site scripting vulnerability in Exment ((PHP8)
exceedone/ ...)
- TODO: check
+ NOT-FOR-US: Exment
CVE-2022-38080 (Reflected cross-site scripting vulnerability in Exment ((PHP8)
exceedo ...)
- TODO: check
+ NOT-FOR-US: Exment
CVE-2022-37333 (SQL injection vulnerability in the Exment ((PHP8)
exceedone/exment v5. ...)
- TODO: check
+ NOT-FOR-US: Exment
CVE-2022-2908
RESERVED
CVE-2022-2907
@@ -2348,7 +2348,7 @@ CVE-2022-37955
CVE-2022-37954
RESERVED
CVE-2022-37953 (An HTTP response splitting vulnerability exists in the AM
Gateway Chal ...)
- TODO: check
+ NOT-FOR-US: GE Gas Power
CVE-2022-37952 (A reflected cross-site scripting (XSS) vulnerability exists in
the iHi ...)
NOT-FOR-US: iHistorian Data Display of WorkstationST
CVE-2022-37951
@@ -9071,7 +9071,7 @@ CVE-2022-35280 (IBM Robotic Process Automation 21.0.0,
21.0.1, and 21.0.2 does n
CVE-2022-35279
RESERVED
CVE-2022-35278 (In Apache ActiveMQ Artemis prior to 2.24.0, an attacker could
show mal ...)
- TODO: check
+ NOT-FOR-US: Apache ActiveMQ Artemis
CVE-2022-34850
RESERVED
CVE-2022-34845
@@ -10378,19 +10378,19 @@ CVE-2022-34778 (Jenkins TestNG Results Plugin
554.va4a552116332 and earlier rend
CVE-2022-34777 (Jenkins GitLab Plugin 1.5.34 and earlier does not escape
multiple fiel ...)
NOT-FOR-US: Jenkins plugin
CVE-2022-34776 (Tabit - giftcard stealth. Several APIs on the web system
display, with ...)
- TODO: check
+ NOT-FOR-US: Tabit
CVE-2022-34775 (Tabit - Excessive data exposure. Another endpoint mapped by
the tiny u ...)
- TODO: check
+ NOT-FOR-US: Tabit
CVE-2022-34774 (Tabit - Arbitrary account modification. One of the endpoints
mapped by ...)
- TODO: check
+ NOT-FOR-US: Tabit
CVE-2022-34773 (Tabit - HTTP Method manipulation.
https://bridge.tabit.cloud/configura ...)
- TODO: check
+ NOT-FOR-US: Tabit
CVE-2022-34772 (Tabit - password enumeration. Description: Tabit - password
enumeratio ...)
- TODO: check
+ NOT-FOR-US: Tabit
CVE-2022-34771 (Tabit - arbitrary SMS send on Tabits behalf. The resend OTP
API of tab ...)
- TODO: check
+ NOT-FOR-US: Tabit
CVE-2022-34770 (Tabit - sensitive information disclosure. Several APIs on the
web syst ...)
- TODO: check
+ NOT-FOR-US: Tabit
CVE-2022-34769 (Michlol - rashim web interface Insecure direct object
references (IDOR ...)
NOT-FOR-US: Michlol
CVE-2022-34768 (Supersmart.me - Walk Through Performing unauthorized actions
on other ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/68a5a3b6bd7107e71572c2b53313a9b515aab247
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/68a5a3b6bd7107e71572c2b53313a9b515aab247
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
