[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue, 20 Dec 2022 13:19:30 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
10d39f46 by Salvatore Bonaccorso at 2022-12-20T22:18:44+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4509,11 +4509,11 @@ CVE-2022-46423
 CVE-2022-46422
        RESERVED
 CVE-2022-43486 (Hidden functionality vulnerability in Buffalo network devices 
WSR-3200 ...)
-       TODO: check
+       NOT-FOR-US: Buffalo network devices
 CVE-2022-43466 (Buffalo network devices WSR-3200AX4S firmware Ver. 1.26 and 
earlier, W ...)
-       TODO: check
+       NOT-FOR-US: Buffalo network devices
 CVE-2022-43443 (Buffalo network devices WSR-3200AX4S firmware Ver. 1.26 and 
earlier, W ...)
-       TODO: check
+       NOT-FOR-US: Buffalo network devices
 CVE-2022-4294
        RESERVED
 CVE-2022-4293 (Floating Point Comparison with Incorrect Operator in GitHub 
repository ...)
@@ -4559,11 +4559,11 @@ CVE-2022-46421
 CVE-2022-4281 (A vulnerability has been found in Facepay 1.0 and classified as 
critic ...)
        NOT-FOR-US: Facepay
 CVE-2022-46288 (Open redirect vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 
R4 and e ...)
-       TODO: check
+       NOT-FOR-US: DENSHI NYUSATSU CORE SYSTEM
 CVE-2022-46287 (Cross-site scripting vulnerability in DENSHI NYUSATSU CORE 
SYSTEM v6 R ...)
-       TODO: check
+       NOT-FOR-US: DENSHI NYUSATSU CORE SYSTEM
 CVE-2022-41993 (Cross-site scripting vulnerability in DENSHI NYUSATSU CORE 
SYSTEM v6 R ...)
-       TODO: check
+       NOT-FOR-US: DENSHI NYUSATSU CORE SYSTEM
 CVE-2022-46416
        RESERVED
 CVE-2022-46415
@@ -4591,15 +4591,15 @@ CVE-2022-46405 (Mastodon through 4.0.2 allows attackers 
to cause a denial of ser
 CVE-2022-46404 (A command injection vulnerability has been identified in Atos 
Unify Op ...)
        NOT-FOR-US: Atos Unify OpenScape
 CVE-2022-46403 (The Microchip RN4870 module firmware 1.43 (and the Microchip 
PIC Light ...)
-       TODO: check
+       NOT-FOR-US: Microchip
 CVE-2022-46402 (The Microchip RN4870 module firmware 1.43 (and the Microchip 
PIC Light ...)
-       TODO: check
+       NOT-FOR-US: Microchip
 CVE-2022-46401 (The Microchip RN4870 module firmware 1.43 (and the Microchip 
PIC Light ...)
-       TODO: check
+       NOT-FOR-US: Microchip
 CVE-2022-46400 (The Microchip RN4870 module firmware 1.43 (and the Microchip 
PIC Light ...)
-       TODO: check
+       NOT-FOR-US: Microchip
 CVE-2022-46399 (The Microchip RN4870 module firmware 1.43 (and the Microchip 
PIC Light ...)
-       TODO: check
+       NOT-FOR-US: Microchip
 CVE-2022-46398
        RESERVED
 CVE-2022-46397
@@ -7307,7 +7307,7 @@ CVE-2022-45471 (In JetBrains Hub before 2022.3.15181 
Throttling was missed when
 CVE-2022-45470 (** UNSUPPORTED WHEN ASSIGNED ** missing input validation in 
Apache Ham ...)
        NOT-FOR-US: Apache Hama
 CVE-2022-44456 (CONPROSYS HMI System (CHS) Ver.3.4.4?and earlier allows a 
remote unaut ...)
-       TODO: check
+       NOT-FOR-US: CONPROSYS HMI System (CHS)
 CVE-2022-4061 (The JobBoardWP WordPress plugin before 1.2.2 does not properly 
validat ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-4060
@@ -8943,11 +8943,11 @@ CVE-2022-3879 (The Car Dealer (Dealership) and Vehicle 
sales WordPress Plugin Wo
 CVE-2022-3878 (A vulnerability classified as critical has been found in Maxon 
ERP. Th ...)
        NOT-FOR-US: Maxon ERP
 CVE-2022-3877 (A vulnerability, which was classified as problematic, was found 
in Cli ...)
-       TODO: check
+       NOT-FOR-US: Click Studios Passwordstate and Passwordstate Browser 
Extension Chrome
 CVE-2022-3876 (A vulnerability, which was classified as problematic, has been 
found i ...)
-       TODO: check
+       NOT-FOR-US: Click Studios Passwordstate and Passwordstate Browser 
Extension Chrome
 CVE-2022-3875 (A vulnerability classified as critical was found in Click 
Studios Pass ...)
-       TODO: check
+       NOT-FOR-US: Click Studios Passwordstate and Passwordstate Browser 
Extension Chrome
 CVE-2022-3874
        RESERVED
 CVE-2022-3873 (Cross-site Scripting (XSS) - DOM in GitHub repository 
jgraph/drawio pr ...)
@@ -8964,7 +8964,7 @@ CVE-2022-45043 (Tenda AX12 V22.03.01.16_cn is vulnerable 
to command injection vi
 CVE-2022-45042
        RESERVED
 CVE-2022-45041 (SQL Injection exits in xinhu < 2.5.0 ...)
-       TODO: check
+       NOT-FOR-US: xinhu
 CVE-2022-45040 (A cross-site scripting (XSS) vulnerability in 
/admin/pages/sections_sa ...)
        NOT-FOR-US: WBCE CMS
 CVE-2022-45039 (An arbitrary file upload vulnerability in the Server Settings 
module o ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/10d39f46c8de2a2d779bbb7a47ad1f06e9b9c757

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/10d39f46c8de2a2d779bbb7a47ad1f06e9b9c757
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to