Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
14c732ab by Salvatore Bonaccorso at 2022-09-15T22:38:15+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -183,7 +183,7 @@ CVE-2022-35238
CVE-2022-33978
RESERVED
CVE-2022-3216 (A vulnerability has been found in Nintendo Game Boy Color and
classifi ...)
- TODO: check
+ NOT-FOR-US: Nintendo Game Boy Color
CVE-2022-3215
RESERVED
CVE-2022-3214
@@ -193,11 +193,11 @@ CVE-2022-3213
CVE-2022-3212 (<bytes::Bytes as
axum_core::extract::FromRequest>::from_request ...)
TODO: check
CVE-2022-3211 (Cross-site Scripting (XSS) - Stored in GitHub repository
pimcore/pimco ...)
- TODO: check
+ NOT-FOR-US: pimcore
CVE-2022-30545
RESERVED
CVE-2020-36603 (The HoYoVerse (formerly miHoYo) Genshin Impact mhyprot2.sys
1.0.0.0 an ...)
- TODO: check
+ NOT-FOR-US: HoYoVerse (formerly miHoYo) Genshin Impact
CVE-2022-40674 (libexpat before 2.4.9 has a use-after-free in the doContent
function i ...)
- expat 2.4.8-2 (bug #1019761)
NOTE: https://github.com/libexpat/libexpat/pull/629
@@ -220,65 +220,65 @@ CVE-2022-40665
CVE-2022-40664
RESERVED
CVE-2022-40663 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: NIKON
CVE-2022-40662 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: NIKON
CVE-2022-40661 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: NIKON
CVE-2022-40660 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: NIKON
CVE-2022-40659 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: NIKON
CVE-2022-40658 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: NIKON
CVE-2022-40657 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: NIKON
CVE-2022-40656 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: NIKON
CVE-2022-40655 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: NIKON
CVE-2022-40654 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: Ansys SpaceClaim
CVE-2022-40653 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: Ansys SpaceClaim
CVE-2022-40652 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: Ansys SpaceClaim
CVE-2022-40651 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: Ansys SpaceClaim
CVE-2022-40650 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: Ansys SpaceClaim
CVE-2022-40649 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: Ansys SpaceClaim
CVE-2022-40648 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: Ansys SpaceClaim
CVE-2022-40647 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: Ansys SpaceClaim
CVE-2022-40646 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: Ansys SpaceClaim
CVE-2022-40645 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: Ansys SpaceClaim
CVE-2022-40644 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: Ansys SpaceClaim
CVE-2022-40643 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: Ansys SpaceClaim
CVE-2022-40642 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: Ansys SpaceClaim
CVE-2022-40641 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: Ansys SpaceClaim
CVE-2022-40640 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: Ansys SpaceClaim
CVE-2022-40639 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: Ansys SpaceClaim
CVE-2022-40638 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: Ansys SpaceClaim
CVE-2022-40637 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: Ansys SpaceClaim
CVE-2022-40636 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: Ansys SpaceClaim
CVE-2022-3210
RESERVED
CVE-2022-31735 (OpenAM Consortium Edition version 14.0.0 provided by OpenAM
Consortium ...)
- TODO: check
+ NOT-FOR-US: OpenAM (different from src:openam)
CVE-2021-46838
RESERVED
CVE-2022-40635 (Improper Control of Dynamically-Managed Code Resources
vulnerability i ...)
@@ -932,7 +932,7 @@ CVE-2022-40367
CVE-2022-40366
RESERVED
CVE-2022-40365 (Cross site scripting (XSS) vulnerability in ouqiang gocron
through 1.5 ...)
- TODO: check
+ NOT-FOR-US: ouqiang gocron (not the same as
src:golang-github-go-co-op-gocron)
CVE-2022-40364
RESERVED
CVE-2022-40363
@@ -4307,7 +4307,7 @@ CVE-2022-38892
CVE-2022-38891
RESERVED
CVE-2022-38890 (Nginx NJS v0.7.7 was discovered to contain a segmentation
violation vi ...)
- TODO: check
+ NOT-FOR-US: njs
CVE-2022-38889
RESERVED
CVE-2022-38888
@@ -4579,9 +4579,9 @@ CVE-2022-38791 (In MariaDB before 10.9.2, compress_write
in extra/mariabackup/ds
CVE-2022-38790 (Weave GitOps Enterprise before 0.9.0-rc.5 has a cross-site
scripting ( ...)
NOT-FOR-US: Weave GitOps Enterprise
CVE-2022-38789 (An issue was discovered in Airties Smart Wi-Fi before
2020-08-04. It a ...)
- TODO: check
+ NOT-FOR-US: Airties Smart Wi-Fi
CVE-2022-38788 (An issue was discovered in Nokia FastMile 5G Receiver 5G14-B
1.2104.00 ...)
- TODO: check
+ NOT-FOR-US: Nokia
CVE-2022-3018
RESERVED
CVE-2022-3017 (Cross-Site Request Forgery (CSRF) in GitHub repository
froxlor/froxlor ...)
@@ -4657,7 +4657,7 @@ CVE-2022-3003
CVE-2022-3002
RESERVED
CVE-2022-3001 (This vulnerability exists in Milesight Video Management Systems
(VMS), ...)
- TODO: check
+ NOT-FOR-US: Milesight Video Management Systems (VMS)
CVE-2022-3000
RESERVED
CVE-2022-38772 (Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP,
Network Co ...)
@@ -5356,9 +5356,9 @@ CVE-2022-38537 (Archery v1.4.5 to v1.8.5 was discovered
to contain multiple SQL
CVE-2022-38536
RESERVED
CVE-2022-38535 (TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote
code exe ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2022-38534 (TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote
code exe ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2022-38533 (In GNU Binutils before 2.40, there is a heap-buffer-overflow
in the er ...)
- binutils <unfixed> (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=29482
@@ -9051,7 +9051,7 @@ CVE-2022-37209
CVE-2022-37208
RESERVED
CVE-2022-37207 (JFinal CMS 5.1.0 is affected by: SQL Injection. These
interfaces do no ...)
- TODO: check
+ NOT-FOR-US: JFinal CMS
CVE-2022-37206
RESERVED
CVE-2022-37205
@@ -9063,7 +9063,7 @@ CVE-2022-37203
CVE-2022-37202
RESERVED
CVE-2022-37201 (JFinal CMS 5.1.0 is vulnerable to SQL Injection. ...)
- TODO: check
+ NOT-FOR-US: JFinal CMS
CVE-2022-37200
RESERVED
CVE-2022-37199 (JFinal CMS 5.1.0 is vulnerable to SQL Injection via
/jfinal_cms/system ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14c732ab599de22ecc59e1effb8bde87432fdf7c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14c732ab599de22ecc59e1effb8bde87432fdf7c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
