Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
de217ad1 by Salvatore Bonaccorso at 2022-09-16T10:47:49+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4471,7 +4471,7 @@ CVE-2022-38816
CVE-2022-38815
RESERVED
CVE-2022-38814 (A stored cross-site scripting (XSS) vulnerability in the
auth_settings ...)
- TODO: check
+ NOT-FOR-US: FiberHome
CVE-2022-38813
RESERVED
CVE-2022-38812 (AeroCMS 0.1.1 is vulnerable to SQL Injection via the author
parameter. ...)
@@ -10643,15 +10643,15 @@ CVE-2022-36538
CVE-2022-36537 (ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1
allows atta ...)
NOT-FOR-US: ZK Framework
CVE-2022-36536 (An issue in the component post_applogin.php of Super Flexible
Software ...)
- TODO: check
+ NOT-FOR-US: Super Flexible Software GmbH & Co. KG Syncovery
CVE-2022-36535
RESERVED
CVE-2022-36534 (Super Flexible Software GmbH & Co. KG Syncovery 9 for
Linux v9.47x ...)
- TODO: check
+ NOT-FOR-US: Super Flexible Software GmbH & Co. KG Syncovery
CVE-2022-36533 (Super Flexible Software GmbH & Co. KG Syncovery 9 for
Linux v9.47x ...)
- TODO: check
+ NOT-FOR-US: Super Flexible Software GmbH & Co. KG Syncovery
CVE-2022-36532 (Bolt CMS contains a vulnerability in version 5.1.12 and below
that all ...)
- TODO: check
+ NOT-FOR-US: Bolt CMS
CVE-2022-36531
RESERVED
CVE-2022-36530 (An issue was discovered in rageframe2 2.6.37. There is a XSS
vulnerabi ...)
@@ -15190,7 +15190,7 @@ CVE-2022-34833
CVE-2022-34832
RESERVED
CVE-2022-34831 (An issue was discovered in Keyfactor PrimeKey EJBCA before
7.9.0, rela ...)
- TODO: check
+ NOT-FOR-US: Keyfactor
CVE-2022-34830
RESERVED
CVE-2022-34829 (Zoho ManageEngine ADSelfService Plus before 6203 allows a
denial of se ...)
@@ -15512,39 +15512,39 @@ CVE-2017-20123 (A vulnerability was found in
Viscosity 1.6.7. It has been classi
CVE-2017-20122 (A vulnerability classified as problematic was found in Bitrix
Site Man ...)
NOT-FOR-US: Bitrix Site Manager
CVE-2022-34734 (Microsoft ODBC Driver Remote Code Execution Vulnerability.
This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-34733 (Microsoft OLE DB Provider for SQL Server Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-34732 (Microsoft ODBC Driver Remote Code Execution Vulnerability.
This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-34731 (Microsoft OLE DB Provider for SQL Server Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-34730 (Microsoft ODBC Driver Remote Code Execution Vulnerability.
This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-34729 (Windows GDI Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-34728 (Windows Graphics Component Information Disclosure
Vulnerability. This ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-34727 (Microsoft ODBC Driver Remote Code Execution Vulnerability.
This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-34726 (Microsoft ODBC Driver Remote Code Execution Vulnerability.
This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-34725 (Windows ALPC Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-34724 (Windows DNS Server Denial of Service Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-34723 (Windows DPAPI (Data Protection Application Programming
Interface) Info ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-34722 (Windows Internet Key Exchange (IKE) Protocol Extensions Remote
Code Ex ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-34721 (Windows Internet Key Exchange (IKE) Protocol Extensions Remote
Code Ex ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-34720 (Windows Internet Key Exchange (IKE) Extension Denial of
Service Vulner ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-34719 (Windows Distributed File System (DFS) Elevation of Privilege
Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-34718 (Windows TCP/IP Remote Code Execution Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-34717 (Microsoft Office Remote Code Execution Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-34716 (.NET Spoofing Vulnerability. ...)
@@ -15580,7 +15580,7 @@ CVE-2022-34702 (Windows Secure Socket Tunneling
Protocol (SSTP) Remote Code Exec
CVE-2022-34701 (Windows Secure Socket Tunneling Protocol (SSTP) Denial of
Service Vuln ...)
NOT-FOR-US: Microsoft
CVE-2022-34700 (Microsoft Dynamics CRM (on-premises) Remote Code Execution
Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-34699 (Windows Win32k Elevation of Privilege Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-34698
@@ -17233,11 +17233,11 @@ CVE-2022-34104
CVE-2022-34103
RESERVED
CVE-2022-34102 (Insufficient access control vulnerability was discovered in
the Crestr ...)
- TODO: check
+ NOT-FOR-US: Crestron
CVE-2022-34101 (A vulnerability was discovered in the Crestron AirMedia
Windows Applic ...)
- TODO: check
+ NOT-FOR-US: Crestron
CVE-2022-34100 (A vulnerability was discovered in the Crestron AirMedia
Windows Applic ...)
- TODO: check
+ NOT-FOR-US: Crestron
CVE-2022-34099
RESERVED
CVE-2022-34098
@@ -18433,7 +18433,7 @@ CVE-2022-33681
CVE-2022-33680 (Microsoft Edge (Chromium-based) Elevation of Privilege
Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-33679 (Windows Kerberos Elevation of Privilege Vulnerability. This
CVE ID is ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-33678 (Azure Site Recovery Remote Code Execution Vulnerability. This
CVE ID i ...)
NOT-FOR-US: Microsoft
CVE-2022-33677 (Azure Site Recovery Elevation of Privilege Vulnerability. This
CVE ID ...)
@@ -18497,7 +18497,7 @@ CVE-2022-33649 (Microsoft Edge (Chromium-based)
Security Feature Bypass Vulnerab
CVE-2022-33648 (Microsoft Excel Remote Code Execution Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-33647 (Windows Kerberos Elevation of Privilege Vulnerability. This
CVE ID is ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-33646 (Azure Batch Node Agent Elevation of Privilege Vulnerability.
...)
NOT-FOR-US: Microsoft
CVE-2022-33645
@@ -20902,7 +20902,7 @@ CVE-2022-32557 (An issue was discovered in Couchbase
Server before 7.0.4. The In
CVE-2022-32556 (An issue was discovered in Couchbase Server before 7.0.4. A
private ke ...)
NOT-FOR-US: Couchbase Server
CVE-2022-32555 (Unisys Data Exchange Management Studio before 6.0.IC2 and 7.x
before 7 ...)
- TODO: check
+ NOT-FOR-US: Unisys Data Exchange Management Studio
CVE-2022-32554 (Pure Storage FlashArray products running Purity//FA 6.2.0 -
6.2.3, 6.1 ...)
NOT-FOR-US: Pure Storage FlashArray
CVE-2022-32553 (Pure Storage FlashArray products running Purity//FA 6.2.0 -
6.2.3, 6.1 ...)
@@ -21892,7 +21892,7 @@ CVE-2022-32246 (SAP Busines Objects Business
Intelligence Platform (Visual Diffe
CVE-2022-32245 (SAP BusinessObjects Business Intelligence Platform (Open
Document) - v ...)
NOT-FOR-US: SAP
CVE-2022-32244 (Under certain conditions an attacker authenticated as a CMS
administra ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-32243 (When a user opens manipulated Scalable Vector Graphics (.svg,
svg.x3d) ...)
NOT-FOR-US: SAP
CVE-2022-32242 (When a user opens manipulated Radiance Picture (.hdr, hdr.x3d)
files r ...)
@@ -25630,7 +25630,7 @@ CVE-2022-1780 (The LaTeX for WordPress plugin through
3.4.10 does not have CSRF
CVE-2022-1779 (The Auto Delete Posts WordPress plugin through 1.3.0 does not
have CSR ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1778 (Improper Input Validation vulnerability in Hitachi Energy
MicroSCADA X ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-1777 (The Filr WordPress plugin before 1.2.2.1 does not have
authorisation c ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1776 (The Popups, Welcome Bar, Optins and Lead Generation Plugin
WordPress p ...)
@@ -27781,7 +27781,7 @@ CVE-2022-30293 (In WebKitGTK through 2.36.0 (and WPE
WebKit), there is a heap-ba
CVE-2022-29894 (Strapi v3.x.x versions and earlier contain a stored cross-site
scripti ...)
NOT-FOR-US: Strapi
CVE-2022-1602 (A potential security vulnerability has been identified in HP
ThinPro 7 ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2022-1601
RESERVED
CVE-2022-1600 (The YOP Poll WordPress plugin before 6.4.3 prioritizes getting
a visit ...)
@@ -28095,7 +28095,7 @@ CVE-2022-30202 (Windows Advanced Local Procedure Call
Elevation of Privilege Vul
CVE-2022-30201
RESERVED
CVE-2022-30200 (Windows Lightweight Directory Access Protocol (LDAP) Remote
Code Execu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-30199
RESERVED
CVE-2022-30198
@@ -28103,7 +28103,7 @@ CVE-2022-30198
CVE-2022-30197 (Windows Kernel Information Disclosure Vulnerability. This CVE
ID is un ...)
NOT-FOR-US: Microsoft
CVE-2022-30196 (Windows Secure Channel Denial of Service Vulnerability. This
CVE ID is ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-30195
RESERVED
CVE-2022-30194 (Windows WebBrowser Control Remote Code Execution
Vulnerability. ...)
@@ -28155,7 +28155,7 @@ CVE-2022-30172 (Microsoft Office Information Disclosure
Vulnerability. This CVE
CVE-2022-30171 (Microsoft Office Information Disclosure Vulnerability. This
CVE ID is ...)
NOT-FOR-US: Microsoft
CVE-2022-30170 (Windows Credential Roaming Service Elevation of Privilege
Vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-30169
RESERVED
CVE-2022-30168 (Microsoft Photos App Remote Code Execution Vulnerability. ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de217ad1d05c492d35113c6899c5dceb3c325054
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de217ad1d05c492d35113c6899c5dceb3c325054
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
