Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1fb24f7a by Salvatore Bonaccorso at 2022-12-15T11:40:29+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -101,7 +101,7 @@ CVE-2022-4503 (Cross-site Scripting (XSS) - Generic in
GitHub repository openemr
CVE-2022-4502 (Cross-site Scripting (XSS) - Reflected in GitHub repository
openemr/op ...)
TODO: check
CVE-2022-4501 (The Mega Addons plugin for WordPress is vulnerable to
authorization by ...)
- TODO: check
+ NOT-FOR-US: Mega Addons plugin for WordPress
CVE-2022-47405
RESERVED
CVE-2022-47404
@@ -1507,7 +1507,7 @@ CVE-2022-4412
CVE-2022-4411
RESERVED
CVE-2022-4410 (The Permalink Manager Lite plugin for WordPress is vulnerable
to Store ...)
- TODO: check
+ NOT-FOR-US: Permalink Manager Lite plugin for WordPress
CVE-2022-4409 (Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in
GitHub ...)
NOT-FOR-US: phpMyFAQ
CVE-2022-4408 (Cross-site Scripting (XSS) - Stored in GitHub repository
thorsten/phpm ...)
@@ -16823,7 +16823,7 @@ CVE-2022-3429
CVE-2022-3428
RESERVED
CVE-2022-3427 (The Corner Ad plugin for WordPress is vulnerable to Cross-Site
Request ...)
- TODO: check
+ NOT-FOR-US: Corner Ad plugin for WordPress
CVE-2022-3426 (The Advanced WP Columns WordPress plugin through 2.0.6 does not
saniti ...)
NOT-FOR-US: WordPress plugin
CVE-2022-3425
@@ -32585,7 +32585,7 @@ CVE-2022-36440
CVE-2022-2537 (The WooCommerce PDF Invoices & Packing Slips WordPress
plugin befo ...)
NOT-FOR-US: WordPress plugin
CVE-2022-2536 (The Transposh WordPress Translation plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: Transposh WordPress Translation plugin for WordPress
CVE-2022-2535 (The SearchWP Live Ajax Search WordPress plugin before 1.6.2
does not e ...)
NOT-FOR-US: WordPress plugin
CVE-2022-2534 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
@@ -218016,7 +218016,7 @@ CVE-2020-4499 (IBM Security Access Manager 9.0.7 and
IBM Security Verify Access
CVE-2020-4498 (IBM MQ Appliance 9.1 LTS and 9.1 CD could allow a local
privileged use ...)
NOT-FOR-US: IBM
CVE-2020-4497 (IBM Spectrum Protect Plus 10.1.0 through 10.1.12 discloses
sensitive i ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4496 (The IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x server
connect ...)
NOT-FOR-US: IBM
CVE-2020-4495 (IBM Jazz Foundation and IBM Engineering products could allow a
remote ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1fb24f7a6d5af8e0b5a5e53b77ecf4ee8c32bce1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1fb24f7a6d5af8e0b5a5e53b77ecf4ee8c32bce1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
