[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 26 Aug 2022 13:21:51 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2af94dad by Salvatore Bonaccorso at 2022-08-26T22:21:00+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3985,11 +3985,11 @@ CVE-2022-37320
 CVE-2022-37319
        RESERVED
 CVE-2022-37318 (Archer Platform 6.9 SP2 P2 before 6.11 P3 (6.11.0.3) contain a 
reflect ...)
-       TODO: check
+       NOT-FOR-US: Archer
 CVE-2022-37317 (Archer Platform 6.x before 6.11 P3 contain an HTML injection 
vulnerabi ...)
-       TODO: check
+       NOT-FOR-US: Archer
 CVE-2022-37316 (Archer Platform 6.8 before 6.11 P3 (6.11.0.3) contains an 
improper API ...)
-       TODO: check
+       NOT-FOR-US: Archer
 CVE-2022-37315 (graphql-go (aka GraphQL for Go) through 0.8.0 has infinite 
recursion i ...)
        NOT-FOR-US: graphql-go
 CVE-2022-37314
@@ -4455,11 +4455,11 @@ CVE-2022-37154
 CVE-2022-37153 (An issue was discovered in Artica Proxy 4.30.000000. There is 
a XSS vu ...)
        NOT-FOR-US: Artica Proxy
 CVE-2022-37152 (An issue was discovered in Online Diagnostic Lab Management 
System 1.0 ...)
-       TODO: check
+       NOT-FOR-US: Online Diagnostic Lab Management System
 CVE-2022-37151 (There is an unauthorized access vulnerability in Online 
Diagnostic Lab ...)
-       TODO: check
+       NOT-FOR-US: Online Diagnostic Lab Management System
 CVE-2022-37150 (An issue was discovered in Online Diagnostic Lab Management 
System 1.0 ...)
-       TODO: check
+       NOT-FOR-US: Online Diagnostic Lab Management System
 CVE-2022-37149
        RESERVED
 CVE-2022-37148
@@ -5535,19 +5535,19 @@ CVE-2022-36723
 CVE-2022-36722 (Library Management System v1.0 was discovered to contain a SQL 
injecti ...)
        NOT-FOR-US: Library Management System
 CVE-2022-36721 (Library Management System v1.0 was discovered to contain a SQL 
injecti ...)
-       TODO: check
+       NOT-FOR-US: Library Management System
 CVE-2022-36720 (Library Management System v1.0 was discovered to contain a SQL 
injecti ...)
-       TODO: check
+       NOT-FOR-US: Library Management System
 CVE-2022-36719 (Library Management System v1.0 was discovered to contain a SQL 
injecti ...)
-       TODO: check
+       NOT-FOR-US: Library Management System
 CVE-2022-36718
        RESERVED
 CVE-2022-36717
        RESERVED
 CVE-2022-36716 (Library Management System v1.0 was discovered to contain a SQL 
injecti ...)
-       TODO: check
+       NOT-FOR-US: Library Management System
 CVE-2022-36715 (Library Management System v1.0 was discovered to contain a SQL 
injecti ...)
-       TODO: check
+       NOT-FOR-US: Library Management System
 CVE-2022-36714
        RESERVED
 CVE-2022-36713
@@ -5571,29 +5571,29 @@ CVE-2022-36705
 CVE-2022-36704
        RESERVED
 CVE-2022-36703 (Ingredients Stock Management System v1.0 was discovered to 
contain a S ...)
-       TODO: check
+       NOT-FOR-US: Ingredients Stock Management System
 CVE-2022-36702
        RESERVED
 CVE-2022-36701 (Ingredients Stock Management System v1.0 was discovered to 
contain a S ...)
-       TODO: check
+       NOT-FOR-US: Ingredients Stock Management System
 CVE-2022-36700 (Ingredients Stock Management System v1.0 was discovered to 
contain a S ...)
-       TODO: check
+       NOT-FOR-US: Ingredients Stock Management System
 CVE-2022-36699 (Ingredients Stock Management System v1.0 was discovered to 
contain a S ...)
-       TODO: check
+       NOT-FOR-US: Ingredients Stock Management System
 CVE-2022-36698 (Ingredients Stock Management System v1.0 was discovered to 
contain a S ...)
-       TODO: check
+       NOT-FOR-US: Ingredients Stock Management System
 CVE-2022-36697 (Ingredients Stock Management System v1.0 was discovered to 
contain a S ...)
-       TODO: check
+       NOT-FOR-US: Ingredients Stock Management System
 CVE-2022-36696 (Ingredients Stock Management System v1.0 was discovered to 
contain a S ...)
-       TODO: check
+       NOT-FOR-US: Ingredients Stock Management System
 CVE-2022-36695 (Ingredients Stock Management System v1.0 was discovered to 
contain a S ...)
-       TODO: check
+       NOT-FOR-US: Ingredients Stock Management System
 CVE-2022-36694
        RESERVED
 CVE-2022-36693 (Ingredients Stock Management System v1.0 was discovered to 
contain a S ...)
-       TODO: check
+       NOT-FOR-US: Ingredients Stock Management System
 CVE-2022-36692 (Ingredients Stock Management System v1.0 was discovered to 
contain a S ...)
-       TODO: check
+       NOT-FOR-US: Ingredients Stock Management System
 CVE-2022-36691
        RESERVED
 CVE-2022-36690
@@ -5611,17 +5611,17 @@ CVE-2022-36685
 CVE-2022-36684
        RESERVED
 CVE-2022-36683 (Simple Task Scheduling System v1.0 was discovered to contain a 
SQL inj ...)
-       TODO: check
+       NOT-FOR-US: Simple Task Scheduling System
 CVE-2022-36682 (Simple Task Scheduling System v1.0 was discovered to contain a 
SQL inj ...)
-       TODO: check
+       NOT-FOR-US: Simple Task Scheduling System
 CVE-2022-36681 (Simple Task Scheduling System v1.0 was discovered to contain a 
SQL inj ...)
-       TODO: check
+       NOT-FOR-US: Simple Task Scheduling System
 CVE-2022-36680 (Simple Task Scheduling System v1.0 was discovered to contain a 
SQL inj ...)
-       TODO: check
+       NOT-FOR-US: Simple Task Scheduling System
 CVE-2022-36679 (Simple Task Scheduling System v1.0 was discovered to contain a 
SQL inj ...)
-       TODO: check
+       NOT-FOR-US: Simple Task Scheduling System
 CVE-2022-36678 (Simple Task Scheduling System v1.0 was discovered to contain a 
SQL inj ...)
-       TODO: check
+       NOT-FOR-US: Simple Task Scheduling System
 CVE-2022-36677
        RESERVED
 CVE-2022-36676
@@ -5923,7 +5923,7 @@ CVE-2022-36529
 CVE-2022-36528
        RESERVED
 CVE-2022-36527 (Jfinal CMS v5.1.0 allows attackers to execute arbitrary web 
scripts or ...)
-       TODO: check
+       NOT-FOR-US: Jfinal CMS
 CVE-2022-36526 (D-Link GO-RT-AC750 GORTAC750_revA_v101b03 &amp; 
GO-RT-AC750_revB_FWv20 ...)
        NOT-FOR-US: D-Link
 CVE-2022-36525 (D-Link Go-RT-AC750 GORTAC750_revA_v101b03 &amp; 
GO-RT-AC750_revB_FWv20 ...)
@@ -5933,7 +5933,7 @@ CVE-2022-36524 (D-Link GO-RT-AC750 GORTAC750_revA_v101b03 
&amp; GO-RT-AC750_revB
 CVE-2022-36523 (D-Link Go-RT-AC750 GORTAC750_revA_v101b03 &amp; 
GO-RT-AC750_revB_FWv20 ...)
        NOT-FOR-US: D-Link
 CVE-2022-36522 (Mikrotik RouterOs through stable v6.48.3 was discovered to 
contain an  ...)
-       TODO: check
+       NOT-FOR-US: Mikrotik
 CVE-2022-36521 (Insecure permissions in cskefu v7.0.1 allows unauthenticated 
attackers ...)
        TODO: check
 CVE-2022-36520 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a 
stack over ...)
@@ -6818,7 +6818,7 @@ CVE-2022-36228
 CVE-2022-36227
        RESERVED
 CVE-2022-36226 (SiteServerCMS 5.X has a Remote-download-Getshell-vulnerability 
via /Si ...)
-       TODO: check
+       NOT-FOR-US: SiteServerCMS
 CVE-2022-36225 (EyouCMS V1.5.8-UTF8-SP1 is vulnerable to Cross Site Request 
Forgery (C ...)
        NOT-FOR-US: Eyoucms
 CVE-2022-36224 (XunRuiCMS V4.5.6 is vulnerable to Cross Site Request Forgery 
(CSRF). ...)
@@ -6944,7 +6944,7 @@ CVE-2022-36170 (MapGIS 10.5 Pro IGServer has hardcoded 
credentials in the front-
 CVE-2022-36169
        RESERVED
 CVE-2022-36168 (A directory traversal vulnerability was discovered in Wuzhicms 
4.1.0.  ...)
-       TODO: check
+       NOT-FOR-US: Wuzhicms
 CVE-2022-36167
        RESERVED
 CVE-2022-36166
@@ -7104,19 +7104,19 @@ CVE-2022-36123 (The Linux kernel before 5.18.13 lacks a 
certain clear operation
 CVE-2022-36122
        RESERVED
 CVE-2022-36121 (An issue was discovered in Blue Prism Enterprise 6.0 through 
7.01. In  ...)
-       TODO: check
+       NOT-FOR-US: Blue Prism Enterprise
 CVE-2022-36120 (An issue was discovered in Blue Prism Enterprise 6.0 through 
7.01. In  ...)
-       TODO: check
+       NOT-FOR-US: Blue Prism Enterprise
 CVE-2022-36119 (An issue was discovered in Blue Prism Enterprise 6.0 through 
7.01. In  ...)
-       TODO: check
+       NOT-FOR-US: Blue Prism Enterprise
 CVE-2022-36118 (An issue was discovered in Blue Prism Enterprise 6.0 through 
7.01. In  ...)
-       TODO: check
+       NOT-FOR-US: Blue Prism Enterprise
 CVE-2022-36117 (An issue was discovered in Blue Prism Enterprise 6.0 through 
7.01. In  ...)
-       TODO: check
+       NOT-FOR-US: Blue Prism Enterprise
 CVE-2022-36116 (An issue was discovered in Blue Prism Enterprise 6.0 through 
7.01. In  ...)
-       TODO: check
+       NOT-FOR-US: Blue Prism Enterprise
 CVE-2022-36115 (An issue was discovered in Blue Prism Enterprise 6.0 through 
7.01. In  ...)
-       TODO: check
+       NOT-FOR-US: Blue Prism Enterprise
 CVE-2022-36114
        RESERVED
 CVE-2022-36113
@@ -9432,7 +9432,7 @@ CVE-2022-35194
 CVE-2022-35193
        RESERVED
 CVE-2022-35192 (D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router 
DSL-3782 Firmw ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2022-35191 (D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router 
DSL-3782 Firmw ...)
        NOT-FOR-US: D-Link
 CVE-2022-35190



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2af94dad7d03a07eb9ebdda0810563dded6b0eae

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2af94dad7d03a07eb9ebdda0810563dded6b0eae
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to