Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
de1d3186 by Salvatore Bonaccorso at 2022-11-22T10:48:55+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13035,9 +13035,9 @@ CVE-2022-41939 (knative.dev/func is is a client library
and CLI enabling the dev
CVE-2022-41938 (Flarum is an open source discussion platform. Flarum's page
title syst ...)
NOT-FOR-US: Flarum
CVE-2022-41937 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2022-41936 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2022-41935
RESERVED
CVE-2022-41934
@@ -14642,7 +14642,7 @@ CVE-2022-3283 (A potential DOS vulnerability was
discovered in GitLab CE/EE affe
CVE-2022-3282 (The Drag and Drop Multiple File Upload WordPress plugin before
1.3.6.5 ...)
NOT-FOR-US: WordPress plugin
CVE-2022-41326 (The web conferencing component of Mitel MiCollab through
9.6.0.13 coul ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2022-41325
RESERVED
CVE-2022-41324
@@ -14863,7 +14863,7 @@ CVE-2022-41257
CVE-2022-41256
RESERVED
CVE-2022-41223 (The Director database component of MiVoice Connect through
19.3 (22.22 ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2022-41221
RESERVED
CVE-2022-40224
@@ -15377,7 +15377,7 @@ CVE-2022-41032 (NuGet Client Elevation of Privilege
Vulnerability. ...)
CVE-2022-41031 (Microsoft Word Remote Code Execution Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-40129 (A use-after-free vulnerability exists in the JavaScript engine
of Foxi ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2022-41030
RESERVED
CVE-2022-41029
@@ -15797,7 +15797,7 @@ CVE-2022-40844 (In Tenda (Shenzhen Tenda Technology
Co., Ltd) AC1200 Router mode
CVE-2022-40843 (The Tenda AC1200 V-W15Ev2 V15.11.0.10(1576) router is
vulnerable to im ...)
NOT-FOR-US: Tenda
CVE-2022-40842 (ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable
to Serve ...)
- TODO: check
+ NOT-FOR-US: NdkAdvancedCustomizationFields
CVE-2022-40841
RESERVED
CVE-2022-40840 (ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable
to Cross ...)
@@ -15954,7 +15954,7 @@ CVE-2022-40767
CVE-2022-40766 (Modern Campus Omni CMS (formerly OU Campus) 10.2.4 allows
login-page S ...)
NOT-FOR-US: Modern Campus Omni CMS (formerly OU Campus)
CVE-2022-40765 (A vulnerability in the Edge Gateway component of Mitel MiVoice
Connect ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2022-40764 (Snyk CLI before 1.996.0 allows arbitrary command execution,
affecting ...)
NOT-FOR-US: Snyk CLI
CVE-2022-3236 (A code injection vulnerability in the User Portal and Webadmin
allows ...)
@@ -16322,11 +16322,11 @@ CVE-2022-40634 (Improper Control of
Dynamically-Managed Code Resources vulnerabi
CVE-2022-40631 (A vulnerability has been identified in SCALANCE X200-4P IRT
(All versi ...)
NOT-FOR-US: Siemens
CVE-2022-38097 (A use-after-free vulnerability exists in the JavaScript engine
of Foxi ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2022-37332 (A use-after-free vulnerability exists in the JavaScript engine
of Foxi ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2022-32774 (A use-after-free vulnerability exists in the JavaScript engine
of Foxi ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2022-3209 (The soledad WordPress theme before 8.2.5 does not sanitise the
{id,dat ...)
NOT-FOR-US: WordPress theme
CVE-2022-3208 (The Simple File List WordPress plugin before 4.4.12 does not
implement ...)
@@ -16471,7 +16471,7 @@ CVE-2022-40604 (In Apache Airflow 2.3.0 through 2.3.4,
part of a url was unneces
CVE-2022-40603
RESERVED
CVE-2022-40602 (A flaw in the Zyxel LTE3301-M209 firmware verisons prior to
V1.00(ABLG ...)
- TODO: check
+ NOT-FOR-US: Zyxel
CVE-2022-40601
RESERVED
CVE-2022-40600
@@ -16758,7 +16758,7 @@ CVE-2022-40472 (ZKTeco Xiamen Information Technology
ZKBio Time 8.0.7 Build: 202
CVE-2022-40471 (Remote Code Execution in Clinic's Patient Management System v
1.0 allo ...)
NOT-FOR-US: Clinic's Patient Management System
CVE-2022-40470 (Phpgurukul Blood Donor Management System 1.0 allows Cross Site
Scripti ...)
- TODO: check
+ NOT-FOR-US: Phpgurukul Blood Donor Management System
CVE-2022-40469 (iKuai OS v3.6.7 was discovered to contain an authenticated
remote code ...)
NOT-FOR-US: iKuai8
CVE-2022-40468 (Potential leak of left-over heap data if custom error page
templates c ...)
@@ -23609,7 +23609,7 @@ CVE-2022-37933
CVE-2022-37932
RESERVED
CVE-2022-37931 (A vulnerability in NetBatch-Plus software allows unauthorized
access t ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2022-37930 (A security vulnerability has been identified in HPE Nimble
Storage Hyb ...)
NOT-FOR-US: HPE
CVE-2022-37929 (Improper Privilege Management vulnerability in Hewlett Packard
Enterpr ...)
@@ -26055,7 +26055,7 @@ CVE-2022-37020
CVE-2022-37019
RESERVED
CVE-2022-37018 (A potential vulnerability has been identified in the system
BIOS for c ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2022-37017
RESERVED
CVE-2022-37016
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de1d31865d7faf2e18d6e501e90d6bb1afff21de
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de1d31865d7faf2e18d6e501e90d6bb1afff21de
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
