Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d0318344 by Salvatore Bonaccorso at 2022-09-02T08:35:06+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5464,7 +5464,7 @@ CVE-2022-37174
CVE-2022-37173 (An issue in the installer of gvim 9.0.0000 allows
authenticated attack ...)
TODO: check
CVE-2022-37172 (Incorrect access control in the install directory (C:\msys64)
of Msys2 ...)
- TODO: check
+ NOT-FOR-US: Msys2
CVE-2022-37171
RESERVED
CVE-2022-37170
@@ -6531,9 +6531,9 @@ CVE-2022-36751
CVE-2022-36750 (Clinic's Patient Management System v1.0 is vulnerable to SQL
injection ...)
NOT-FOR-US: Clinic's Patient Management System
CVE-2022-36749 (RPi-Jukebox-RFID v2.3.0 was discovered to contain a command
injection ...)
- TODO: check
+ NOT-FOR-US: RPi-Jukebox-RFID
CVE-2022-36748 (PicUploader v2.6.3 was discovered to contain a cross-site
scripting (X ...)
- TODO: check
+ NOT-FOR-US: PicUploader
CVE-2022-36747 (Razor v0.8.0 was discovered to contain a cross-site scripting
(XSS) vu ...)
TODO: check
CVE-2022-36746 (LibreNMS v22.6.0 was discovered to contain a cross-site
scripting (XSS ...)
@@ -6685,9 +6685,9 @@ CVE-2022-36674 (Simple Task Scheduling System v1.0 was
discovered to contain a S
CVE-2022-36673
RESERVED
CVE-2022-36672 (Novel-Plus v3.6.2 was discovered to contain a hard-coded JWT
key locat ...)
- TODO: check
+ NOT-FOR-US: Novel-Plus
CVE-2022-36671 (Novel-Plus v3.6.2 was discovered to contain an arbitrary file
download ...)
- TODO: check
+ NOT-FOR-US: Novel-Plus
CVE-2022-36670
RESERVED
CVE-2022-36669
@@ -6897,15 +6897,15 @@ CVE-2022-36568 (Tenda AC9 V15.03.05.19 was discovered
to contain a stack overflo
CVE-2022-36567
RESERVED
CVE-2022-36566 (Rengine v1.3.0 was discovered to contain a command injection
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Rengine
CVE-2022-36565 (Incorrect access control in the install directory (C:\Wamp64)
of Wamp ...)
- TODO: check
+ NOT-FOR-US: Wamp
CVE-2022-36564 (Incorrect access control in the install directory
(C:\Strawberry) of S ...)
- TODO: check
+ NOT-FOR-US: StrawberryPerl
CVE-2022-36563 (Incorrect access control in the install directory
(C:\RailsInstaller) ...)
- TODO: check
+ NOT-FOR-US: Rubyinstaller2
CVE-2022-36562 (Incorrect access control in the install directory
(C:\Ruby31-x64) of R ...)
- TODO: check
+ NOT-FOR-US: Rubyinstaller2
CVE-2022-36561 (XPDF v4.0.4 was discovered to contain a segmentation violation
via the ...)
TODO: check
CVE-2022-36560 (Seiko SkyBridge MB-A200 v01.00.04 and below was discovered to
contain ...)
@@ -11932,7 +11932,7 @@ CVE-2022-34670
CVE-2022-34669
RESERVED
CVE-2022-34668 (NVFLARE, versions prior to 2.1.4, contains a vulnerability
that deseri ...)
- TODO: check
+ NOT-FOR-US: NVFLARE
CVE-2022-34667
RESERVED
CVE-2022-34666
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d03183449ad7077c3eba6f32dd58c9a220f686b3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d03183449ad7077c3eba6f32dd58c9a220f686b3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
