Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e093b29f by Salvatore Bonaccorso at 2022-11-12T10:10:08+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -23,7 +23,7 @@ CVE-2022-45184
CVE-2022-45183
RESERVED
CVE-2022-45182 (Pi-Star_DV_Dash (for Pi-Star DV) before 5aa194d mishandles the
module ...)
- TODO: check
+ NOT-FOR-US: Pi-Star_DV_Dash (for Pi-Star DV)
CVE-2022-45181
RESERVED
CVE-2022-45180
@@ -6598,9 +6598,9 @@ CVE-2022-43674
CVE-2022-43673
RESERVED
CVE-2022-43672 (Zoho ManageEngine Password Manager Pro before 12122, PAM360
before 571 ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2022-43671 (Zoho ManageEngine Password Manager Pro before 12122, PAM360
before 571 ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2022-43670 (An improper neutralization of input during web page generation
('Cross ...)
NOT-FOR-US: Apache Sling
CVE-2022-43667
@@ -12688,7 +12688,7 @@ CVE-2022-36368 (Multiple stored cross-site scripting
vulnerabilities in the web
CVE-2022-41340 (The secp256k1-js package before 1.1.0 for Node.js implements
ECDSA wit ...)
NOT-FOR-US: Node secp256k1-js
CVE-2022-41339 (In Zoho ManageEngine Mobile Device Manager Plus before
10.1.2207.5, th ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2022-41338
RESERVED
CVE-2022-41337
@@ -14049,7 +14049,7 @@ CVE-2022-40775 (An issue was discovered in Bento4
through 1.6.0-639. A NULL poin
CVE-2022-40774 (An issue was discovered in Bento4 through 1.6.0-639. There is
a NULL p ...)
NOT-FOR-US: Bento4
CVE-2022-40773 (Zoho ManageEngine ServiceDesk Plus MSP before 10609 and
SupportCenter ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2022-40772
RESERVED
CVE-2022-40771
@@ -19505,9 +19505,9 @@ CVE-2022-38653
CVE-2022-38652 (** UNSUPPORTED WHEN ASSIGNED ** A remote insecure
deserialization vuln ...)
TODO: check
CVE-2022-38651 (** UNSUPPORTED WHEN ASSIGNED ** A security filter
misconfiguration exi ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2022-38650 (** UNSUPPORTED WHEN ASSIGNED ** A remote unauthenticated
insecure dese ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2022-38649
RESERVED
CVE-2022-38648 (Server-Side Request Forgery (SSRF) vulnerability in Batik of
Apache XM ...)
@@ -55022,7 +55022,7 @@ CVE-2022-26090 (Improper access control vulnerability
in SamsungContacts prior t
CVE-2022-26089
RESERVED
CVE-2022-26088 (An issue was discovered in BMC Remedy before 22.1. Email-based
Inciden ...)
- TODO: check
+ NOT-FOR-US: BMC Remedy
CVE-2022-0761
RESERVED
CVE-2022-0760 (The Simple Link Directory WordPress plugin before 7.7.2 does
not valid ...)
@@ -72708,7 +72708,7 @@ CVE-2022-21812 (Improper access control in the Intel(R)
HAXM software before ver
CVE-2022-21804
RESERVED
CVE-2022-21794 (Improper authentication in BIOS firmware for some Intel(R) NUC
Boards, ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2022-21793 (Insufficient control flow management in the Intel(R) Ethernet
500 Seri ...)
NOT-FOR-US: Intel
CVE-2022-21239
@@ -73902,7 +73902,7 @@ CVE-2021-26258 (Improper access control for the
Intel(R) Killer(TM) Control Cent
CVE-2021-26257 (Improper buffer restrictions in firmware for some Intel(R)
Wireless Bl ...)
NOT-FOR-US: Intel
CVE-2021-26251 (Improper input validation in the Intel(R) Distribution of
OpenVINO(TM) ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-23223 (Improper initialization for some Intel(R) PROSet/Wireless WiFi
and Kil ...)
- firmware-nonfree 20220913-1
[bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
@@ -106268,7 +106268,7 @@ CVE-2021-33166 (Incorrect default permissions for the
Intel(R) RXT for Chromeboo
CVE-2021-33165
RESERVED
CVE-2021-33164 (Improper access control in BIOS firmware for some Intel(R)
NUCs before ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-33163
RESERVED
CVE-2021-33162
@@ -106278,7 +106278,7 @@ CVE-2021-33161
CVE-2021-33160
RESERVED
CVE-2021-33159 (Improper authentication in subsystem for Intel(R) AMT before
versions ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-33158
RESERVED
CVE-2021-33157
@@ -106483,7 +106483,7 @@ CVE-2021-33066
CVE-2021-33065
RESERVED
CVE-2021-33064 (Uncontrolled search path in the software installer for
Intel(R) System ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-33063 (Uncontrolled search path in the Intel(R) RealSense(TM) D400
Series UWP ...)
NOT-FOR-US: Intel
CVE-2021-33062 (Incorrect default permissions in the software installer for
the Intel( ...)
@@ -152204,7 +152204,7 @@ CVE-2021-0187
CVE-2021-0186 (Improper input validation in the Intel(R) SGX SDK applications
compile ...)
NOT-FOR-US: Intel
CVE-2021-0185 (Improper input validation in the firmware for some Intel(R)
Server Boa ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-0184
RESERVED
CVE-2021-0183 (Improper Validation of Specified Index, Position, or Offset in
Input i ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e093b29fa33673eeed17eb1af36bec117c13a263
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e093b29fa33673eeed17eb1af36bec117c13a263
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
