Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9d3a91ba by Salvatore Bonaccorso at 2022-11-14T21:41:57+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -285,7 +285,7 @@ CVE-2022-45380
CVE-2022-45379
RESERVED
CVE-2022-45378 (** UNSUPPORTED WHEN ASSIGNED ** In the default configuration
of Apache ...)
- TODO: check
+ NOT-FOR-US: Apache SOAP
CVE-2022-45377
RESERVED
CVE-2022-45376
@@ -641,7 +641,7 @@ CVE-2022-45200
CVE-2022-3993 (Authentication Bypass by Primary Weakness in GitHub repository
kareadi ...)
TODO: check
CVE-2022-3992 (A vulnerability classified as problematic was found in
SourceCodester ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Sanitization Management System
CVE-2022-3991
RESERVED
CVE-2022-3990
@@ -649,7 +649,7 @@ CVE-2022-3990
CVE-2022-3989
RESERVED
CVE-2022-3988 (A vulnerability was found in Frappe. It has been rated as
problematic. ...)
- TODO: check
+ NOT-FOR-US: Frappe Framework
CVE-2022-3987
RESERVED
CVE-2022-3986
@@ -754,7 +754,7 @@ CVE-2022-45186
CVE-2022-45185
RESERVED
CVE-2022-45184 (The Web Server in Ironman Software PowerShell Universal v3.x
and v2.x ...)
- TODO: check
+ NOT-FOR-US: Ironman Software PowerShell Universal
CVE-2022-45183 (Escalation of privileges in the Web Server in Ironman Software
PowerSh ...)
NOT-FOR-US: Ironman
CVE-2022-45182 (Pi-Star_DV_Dash (for Pi-Star DV) before 5aa194d mishandles the
module ...)
@@ -7284,11 +7284,11 @@ CVE-2022-43696
CVE-2022-43695
RESERVED
CVE-2022-43694 (Concrete CMS (formerly concrete5) below 8.5.10 and between
9.0.0 and 9 ...)
- TODO: check
+ NOT-FOR-US: Concrete CMS
CVE-2022-43693 (Concrete CMS is vulnerable to CSRF due to the lack of "State"
paramete ...)
- TODO: check
+ NOT-FOR-US: Concrete CMS
CVE-2022-43692 (Concrete CMS (formerly concrete5) below 8.5.10 and between
9.0.0 and 9 ...)
- TODO: check
+ NOT-FOR-US: Concrete CMS
CVE-2022-43691
RESERVED
CVE-2022-43690
@@ -8363,7 +8363,7 @@ CVE-2022-43344
CVE-2022-43343 (N-Prolog v1.91 was discovered to contain a global buffer
overflow vuln ...)
NOT-FOR-US: N-Prolog
CVE-2022-43342 (A stored cross-site scripting (XSS) vulnerability in the Add
function ...)
- TODO: check
+ NOT-FOR-US: Eramba GRC Software
CVE-2022-43341
RESERVED
CVE-2022-43340 (A Cross-Site Request Forgery (CSRF) in dzzoffice
2.02.1_SC_UTF8 allows ...)
@@ -8471,7 +8471,7 @@ CVE-2022-43290 (Canteen Management System v1.0 was
discovered to contain a SQL i
CVE-2022-43289
RESERVED
CVE-2022-43288 (Rukovoditel v3.2.1 was discovered to contain a SQL injection
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Rukovoditel
CVE-2022-43287
RESERVED
CVE-2022-43286 (Nginx NJS v0.7.2 was discovered to contain a
heap-use-after-free bug c ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d3a91badda70b9b311e856e6d2506b81f07496a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d3a91badda70b9b311e856e6d2506b81f07496a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
