[Git][security-tracker-team/security-tracker][master] Process more NFUs

Tue, 06 Sep 2022 13:30:54 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c9eff6a5 by Salvatore Bonaccorso at 2022-09-06T22:30:02+02:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -53,13 +53,13 @@ CVE-2022-40114
 CVE-2022-40113
        RESERVED
 CVE-2022-40112 (TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is 
vulnerable ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2022-40111 (In TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 in 
the sha ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2022-40110 (TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is 
vulnerable ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2022-40109 (TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is 
vulnerable ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2022-40108
        RESERVED
 CVE-2022-40107
@@ -3604,7 +3604,7 @@ CVE-2022-2936 (The Image Hover Effects Ultimate plugin 
for WordPress is vulnerab
 CVE-2022-2935 (The Image Hover Effects Ultimate plugin for WordPress is 
vulnerable to ...)
        NOT-FOR-US: Image Hover Effects Ultimate plugin for WordPress
 CVE-2022-2934 (The Beaver Builder – WordPress Page Builder for WordPress 
is vul ...)
-       TODO: check
+       NOT-FOR-US: WordPress Page Builder
 CVE-2022-2933
        RESERVED
 CVE-2022-2932 (Cross-site Scripting (XSS) - Reflected in GitHub repository 
bustle/mob ...)
@@ -5337,7 +5337,7 @@ CVE-2022-36428
 CVE-2022-36427
        RESERVED
 CVE-2022-36425 (Broken Access Control vulnerability in Beaver Builder plugin 
<= 2.5 ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-36422
        RESERVED
 CVE-2022-36405 (Authenticated (contributor+) Stored Cross-Site Scripting (XSS) 
vulnera ...)
@@ -5828,7 +5828,7 @@ CVE-2022-2718 (The JoomSport – for Sports: Team 
& League, Football, Ho
 CVE-2022-2717 (The JoomSport – for Sports: Team & League, Football, 
Hockey  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-2716 (The Beaver Builder – WordPress Page Builder for WordPress 
is vul ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-2715 (A vulnerability has been found in SourceCodester Employee 
Management S ...)
        NOT-FOR-US: SourceCodester Employee Management System
 CVE-2022-2714 (Improper Handling of Length Parameter Inconsistency in GitHub 
reposito ...)
@@ -5884,15 +5884,15 @@ CVE-2022-37845
 CVE-2022-37844
        RESERVED
 CVE-2022-37843 (In TOTOLINK A860R V4.1.2cu.5182_B20201027 in cstecgi.cgi, the 
acquired ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2022-37842 (In TOTOLINK A860R V4.1.2cu.5182_B20201027, the parameters in 
infostat. ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2022-37841 (In TOTOLINK A860R V4.1.2cu.5182_B20201027 there is a hard 
coded passwo ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2022-37840 (In TOTOLINK A860R V4.1.2cu.5182_B20201027, the main function 
in downlo ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2022-37839 (TOTOLINK A860R V4.1.2cu.5182_B20201027 is vulnerable to Buffer 
Overflo ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2022-37838
        RESERVED
 CVE-2022-37837
@@ -6704,7 +6704,7 @@ CVE-2022-2697 (A vulnerability was found in 
SourceCodester Simple E-Learning Sys
 CVE-2022-2696
        RESERVED
 CVE-2022-2695 (The Beaver Builder – WordPress Page Builder for WordPress 
is vul ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-2694 (A vulnerability was found in SourceCodester Company Website CMS 
and cl ...)
        NOT-FOR-US: SourceCodester Company Website CMS
 CVE-2022-2693 (A vulnerability has been found in SourceCodester Electronic 
Medical Re ...)
@@ -9446,7 +9446,7 @@ CVE-2022-2519 (There is a double free or corruption in 
rotateImage() at tiffcrop
 CVE-2022-2518 (The Stockists Manager for Woocommerce plugin for WordPress is 
vulnerab ...)
        NOT-FOR-US: Stockists Manager for Woocommerce plugin for WordPress
 CVE-2022-2517 (The Beaver Builder – WordPress Page Builder for WordPress 
is vul ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-2516 (The Visual Composer Website Builder plugin for WordPress is 
vulnerable ...)
        NOT-FOR-US: Visual Composer Website Builder plugin for WordPress
 CVE-2018-25045 (Django REST framework (aka django-rest-framework) before 3.9.1 
allows  ...)
@@ -9494,13 +9494,13 @@ CVE-2022-35882 (Authenticated (author or higher user 
role) Stored Cross-Site Scr
 CVE-2022-34868 (Authenticated Arbitrary Settings Update vulnerability in 
YooMoney &#10 ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-34867 (Unauthenticated Sensitive Information Disclosure vulnerability 
in WP L ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-34857 (Reflected Cross-Site Scripting (XSS) vulnerability in 
smartypants SP P ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-34658 (Multiple Authenticated (contributor+) Persistent Cross-Site 
Scripting  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-34656 (Authenticated (admin+) Cross-Site Scripting (XSS) 
vulnerability in wpd ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-34648 (Authenticated (author+) Stored Cross-Site Scripting (XSS) 
vulnerabilit ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-34344
@@ -13456,9 +13456,9 @@ CVE-2022-34885
 CVE-2022-34884
        RESERVED
 CVE-2022-34883 (OS Command Injection vulnerability in Hitachi RAID Manager 
Storage Rep ...)
-       TODO: check
+       NOT-FOR-US: Hitachi
 CVE-2022-34882 (Information Exposure Through an Error Message vulnerability in 
Hitachi ...)
-       TODO: check
+       NOT-FOR-US: Hitachi
 CVE-2022-34881
        RESERVED
 CVE-2022-34880
@@ -13534,7 +13534,7 @@ CVE-2022-33198 (Unauthenticated WordPress Options 
Change vulnerability in Biplob
 CVE-2022-33191 (Authenticated (contributor or higher user role) Stored 
Cross-Site Scri ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-33177 (Cross-Site Request Forgery (CSRF) vulnerability in 
WPdevelop/Oplugins  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-32970
        RESERVED
 CVE-2022-32776



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c9eff6a511717842ec88d891e8f697ae658729ab

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c9eff6a511717842ec88d891e8f697ae658729ab
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to