Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6b74f5c3 by Salvatore Bonaccorso at 2022-09-21T10:27:48+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2022-41220 (** DISPUTED ** md2roff 1.9 has a stack-based buffer overflow
via a Mar ...)
- TODO: check
+ NOT-FOR-US: md2roff
CVE-2022-41219
RESERVED
CVE-2022-41218 (In drivers/media/dvb-core/dmxdev.c in the Linux kernel through
5.19.10 ...)
@@ -1995,7 +1995,7 @@ CVE-2022-40359
CVE-2022-40358
RESERVED
CVE-2022-40357 (A security issue was discovered in Z-BlogPHP <= 1.7.2. A
Server-Sid ...)
- TODO: check
+ NOT-FOR-US: Z-BlogPHP
CVE-2022-40356
RESERVED
CVE-2022-40355
@@ -4483,9 +4483,9 @@ CVE-2022-39223
CVE-2022-39222
RESERVED
CVE-2022-39221 (McWebserver mod runs a simple HTTP server alongside the
Minecraft serv ...)
- TODO: check
+ NOT-FOR-US: McWebserver
CVE-2022-39220 (SFTPGo is an SFTP server written in Go. Versions prior to
2.3.5 are su ...)
- TODO: check
+ NOT-FOR-US: SFTPGo
CVE-2022-39219
RESERVED
CVE-2022-39218 (The JS Compute Runtime for Fastly's Compute@Edge platform
provides the ...)
@@ -5306,7 +5306,7 @@ CVE-2022-38933
CVE-2022-38932
RESERVED
CVE-2022-38931 (A Server-Side Request Forgery (SSRF) in fetch_net_file_upload
function ...)
- TODO: check
+ NOT-FOR-US: baijiacms
CVE-2022-38930
RESERVED
CVE-2022-38929
@@ -5894,9 +5894,9 @@ CVE-2022-2986
RESERVED
- moodle <removed>
CVE-2021-46835 (There is a traffic hijacking vulnerability in WS7200-10
11.0.2.13. Suc ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-36602 (There is an out-of-bounds read and write vulnerability in some
headset ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-38744
RESERVED
CVE-2022-38743
@@ -6307,7 +6307,7 @@ CVE-2022-38621 (Doufox v0.0.4 was discovered to contain a
remote code execution
CVE-2022-38620
RESERVED
CVE-2022-38619 (SmartVista SVFE2 v2.2.22 was discovered to contain a SQL
injection vul ...)
- TODO: check
+ NOT-FOR-US: SmartVista
CVE-2022-38618 (SmartVista SVFE2 v2.2.22 was discovered to contain a SQL
injection vul ...)
NOT-FOR-US: SmartVista SVFE2
CVE-2022-38617 (SmartVista SVFE2 v2.2.22 was discovered to contain a SQL
injection vul ...)
@@ -6896,7 +6896,7 @@ CVE-2022-2893
CVE-2022-2892 (Measuresoft ScadaPro Server (Versions prior to 6.8.0.1) uses an
unmain ...)
NOT-FOR-US: Measuresoft ScadaPro
CVE-2021-46834 (A permission bypass vulnerability in Huawei cross device task
manageme ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-36599 (lib/omniauth/failure_endpoint.rb in OmniAuth before 1.9.2 (and
before ...)
[experimental] - ruby-omniauth 2.0.4-1~exp1
- ruby-omniauth <unfixed>
@@ -8411,21 +8411,21 @@ CVE-2022-37886
CVE-2022-37885
RESERVED
CVE-2022-37884 (A vulnerability exists in the ClearPass Policy Manager Guest
User Inte ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2022-37883 (Vulnerabilities in the ClearPass Policy Manager web-based
management i ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2022-37882 (Vulnerabilities in the ClearPass Policy Manager web-based
management i ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2022-37881 (Vulnerabilities in the ClearPass Policy Manager web-based
management i ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2022-37880 (Vulnerabilities in the ClearPass Policy Manager web-based
management i ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2022-37879 (Vulnerabilities in the ClearPass Policy Manager web-based
management i ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2022-37878 (Vulnerabilities in the ClearPass Policy Manager web-based
management i ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2022-37877 (A vulnerability in the ClearPass OnGuard macOS agent could
allow malic ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2022-2725 (A vulnerability was found in SourceCodester Company Website
CMS. It ha ...)
NOT-FOR-US: SourceCodester Company Website CMS
CVE-2022-2724 (A vulnerability was found in SourceCodester Employee Management
System ...)
@@ -9660,7 +9660,7 @@ CVE-2022-2640
CVE-2022-37396 (In JetBrains Rider before 2022.2 Trust and Open Project dialog
could b ...)
NOT-FOR-US: JetBrains
CVE-2022-37395 (A Huawei device has an input verification vulnerability.
Successful ex ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2022-37394 (An issue was discovered in OpenStack Nova before 23.2.2, 24.x
before 2 ...)
- nova <unfixed> (bug #1016980)
[bullseye] - nova <no-dsa> (Minor issue)
@@ -10181,11 +10181,11 @@ CVE-2022-37207 (JFinal CMS 5.1.0 is affected by: SQL
Injection. These interfaces
CVE-2022-37206
RESERVED
CVE-2022-37205 (JFinal CMS 5.1.0 is affected by: SQL Injection. These
interfaces do no ...)
- TODO: check
+ NOT-FOR-US: JFinal CMS
CVE-2022-37204 (Final CMS 5.1.0 is vulnerable to SQL Injection. ...)
- TODO: check
+ NOT-FOR-US: JFinal CMS
CVE-2022-37203 (JFinal CMS 5.1.0 is vulnerable to SQL Injection. These
interfaces do n ...)
- TODO: check
+ NOT-FOR-US: JFinal CMS
CVE-2022-37202
RESERVED
CVE-2022-37201 (JFinal CMS 5.1.0 is vulnerable to SQL Injection. ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b74f5c314fad209b4b0d0c9543bc1d599395c3c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b74f5c314fad209b4b0d0c9543bc1d599395c3c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
