Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e4067473 by Salvatore Bonaccorso at 2022-12-19T21:34:36+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6444,9 +6444,9 @@ CVE-2022-4127 (A NULL pointer dereference issue was
discovered in the Linux kern
CVE-2022-4126
RESERVED
CVE-2022-4125 (The Popup Manager WordPress plugin through 1.6.6 does not have
authori ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-4124 (The Popup Manager WordPress plugin through 1.6.6 does not have
authori ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45800
RESERVED
CVE-2022-45799
@@ -6526,7 +6526,7 @@ CVE-2022-4114
CVE-2022-4113
RESERVED
CVE-2022-4112 (The Quizlord WordPress plugin through 2.0 does not sanitise and
escape ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-4111 (Unrestricted file size limit can lead to DoS in tooljet/tooljet
<1. ...)
NOT-FOR-US: ToolJet
CVE-2022-4110
@@ -6534,11 +6534,11 @@ CVE-2022-4110
CVE-2022-4109
RESERVED
CVE-2022-4108 (The Wholesale Market for WooCommerce WordPress plugin before
1.0.8 doe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-4107 (The SMSA Shipping for WooCommerce WordPress plugin before 1.0.5
does n ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-4106 (The Wholesale Market for WooCommerce WordPress plugin before
1.0.7 doe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45781
RESERVED
CVE-2022-45780
@@ -7254,7 +7254,7 @@ CVE-2022-45476 (Tiny File Manager version 2.4.8 executes
the code of files uploa
CVE-2022-45475 (Tiny File Manager version 2.4.8 allows an unauthenticated
remote attac ...)
NOT-FOR-US: Tiny File Manager
CVE-2022-4063 (The InPost Gallery WordPress plugin before 2.1.4.1 insecurely
uses PHP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-4062
RESERVED
CVE-2022-45474 (drachtio-server 0.8.18 has a request-handler.cpp event_cb
use-after-fr ...)
@@ -7270,13 +7270,13 @@ CVE-2022-45470 (** UNSUPPORTED WHEN ASSIGNED ** missing
input validation in Apac
CVE-2022-44456 (CONPROSYS HMI System (CHS) Ver.3.4.4?and earlier allows a
remote unaut ...)
TODO: check
CVE-2022-4061 (The JobBoardWP WordPress plugin before 1.2.2 does not properly
validat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-4060
RESERVED
CVE-2022-4059
RESERVED
CVE-2022-4058 (The Photo Gallery by 10Web WordPress plugin before 1.8.3 does
not vali ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-4057
RESERVED
CVE-2023-21523
@@ -7320,7 +7320,7 @@ CVE-2022-4052 (A vulnerability was found in Student
Attendance Management System
CVE-2022-4051 (A vulnerability has been found in Hostel Searching Project and
classif ...)
NOT-FOR-US: Hostel Searching Project
CVE-2022-4050 (The JoomSport WordPress plugin before 5.2.8 does not properly
sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-4049
RESERVED
CVE-2022-4048
@@ -7398,7 +7398,7 @@ CVE-2022-4026
CVE-2022-4025
RESERVED
CVE-2022-4024 (The Registration Forms WordPress plugin before 3.8.1.3 does not
have a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-4023
RESERVED
CVE-2022-4022 (The SVG Support plugin for WordPress defaults to insecure
settings in ...)
@@ -8296,15 +8296,15 @@ CVE-2022-3989 (The Motors WordPress plugin before 1.4.4
does not properly valida
CVE-2022-3988 (A vulnerability was found in Frappe. It has been rated as
problematic. ...)
NOT-FOR-US: Frappe Framework
CVE-2022-3987 (The Responsive Lightbox2 WordPress plugin before 1.0.4 does not
valida ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3986 (The WP Stripe Checkout WordPress plugin before 1.2.2.21 does
not valid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3985 (The Videojs HTML5 Player WordPress plugin before 1.1.9 does not
valida ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3984 (The Flowplayer Video Player WordPress plugin before 1.0.5 does
not val ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3983 (The Checkout for PayPal WordPress plugin before 1.0.14 does not
valida ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3982 (The Booking calendar, Appointment Booking System WordPress
plugin befo ...)
NOT-FOR-US: WordPress plugin
CVE-2022-3981 (The Icegram Express WordPress plugin before 5.5.1 does not
properly sa ...)
@@ -8444,7 +8444,7 @@ CVE-2022-3962
RESERVED
NOT-FOR-US: Kiali
CVE-2022-3961 (The Directorist WordPress plugin before 7.4.4 does not prevent
users w ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3960
RESERVED
CVE-2022-45167
@@ -8544,7 +8544,7 @@ CVE-2022-3939 (A vulnerability, which was classified as
critical, has been found
CVE-2022-3938
RESERVED
CVE-2022-3937 (The Easy Video Player WordPress plugin before 1.2.2.3 does not
sanitiz ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3936
RESERVED
CVE-2022-3935 (The Welcart e-Commerce WordPress plugin before 2.8.4 does not
sanitise ...)
@@ -10953,7 +10953,7 @@ CVE-2022-3834 (The Google Forms WordPress plugin
through 0.95 does not sanitise
CVE-2022-3833 (The Fancier Author Box by ThematoSoup WordPress plugin through
1.4 doe ...)
NOT-FOR-US: WordPress plugin
CVE-2022-3832 (The External Media WordPress plugin before 1.0.36 does not
sanitise an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3831 (The reCAPTCHA WordPress plugin through 1.6 does not sanitise
and escap ...)
NOT-FOR-US: WordPress plugin
CVE-2022-3830 (The WP Page Builder WordPress plugin through 1.2.8 does not
sanitise a ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4067473cb8ef8aa87ef31d537f0bbf166152c51
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4067473cb8ef8aa87ef31d537f0bbf166152c51
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
