[Git][security-tracker-team/security-tracker][master] Process some NFUs

Fri, 30 Dec 2022 00:26:36 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
68e8a4be by Salvatore Bonaccorso at 2022-12-30T09:25:24+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2022-48195
        RESERVED
 CVE-2022-48194 (TP-Link TL-WR902AC devices through V3 0.9.1 allow remote 
authenticated ...)
-       TODO: check
+       NOT-FOR-US: TP-Link
 CVE-2022-48193
        RESERVED
 CVE-2022-48192
@@ -961,7 +961,7 @@ CVE-2022-4757
 CVE-2022-4756
        RESERVED
 CVE-2022-4755 (A vulnerability was found in FlatPress and classified as 
problematic.  ...)
-       TODO: check
+       NOT-FOR-US: FlatPress
 CVE-2022-4754
        RESERVED
 CVE-2022-4753
@@ -975,7 +975,7 @@ CVE-2022-4750
 CVE-2022-4749
        RESERVED
 CVE-2022-4748 (A vulnerability was found in FlatPress. It has been classified 
as crit ...)
-       TODO: check
+       NOT-FOR-US: FlatPress
 CVE-2022-4747
        RESERVED
 CVE-2021-4289 (A vulnerability classified as problematic was found in OpenMRS 
openmrs ...)
@@ -1010,7 +1010,7 @@ CVE-2019-25088 (A vulnerability was found in ytti 
Oxidized Web. It has been clas
 CVE-2019-25087 (A vulnerability was found in RamseyK httpserver. It has been 
rated as  ...)
        TODO: check
 CVE-2019-25086 (A vulnerability was found in IET-OU Open Media Player up to 
1.5.0. It  ...)
-       TODO: check
+       NOT-FOR-US: IET-OU Open Media Player
 CVE-2018-25049 (A vulnerability was found in email-existence. It has been 
rated as pro ...)
        TODO: check
 CVE-2015-10005 (A vulnerability was found in markdown-it up to 2.x. It has 
been classi ...)
@@ -6042,7 +6042,7 @@ CVE-2022-46742 (Code injection in 
paddle.audio.functional.get_window in PaddlePa
 CVE-2022-46741 (Out-of-bounds read in gather_tree in PaddlePaddle before 2.4. 
...)
        NOT-FOR-US: PaddlePaddle
 CVE-2022-46740 (There is a denial of service vulnerability in the Wi-Fi module 
of the  ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2022-46728
        RESERVED
 CVE-2022-46727
@@ -6702,7 +6702,7 @@ CVE-2022-46444
 CVE-2022-46443 (mesinkasir Bangresto 1.0 is vulnberable to SQL Injection via 
the itemq ...)
        NOT-FOR-US: mesinkasir Bangresto
 CVE-2022-46442 (dedecms <=V5.7.102 is vulnerable to SQL Injection. In sys_ 
sql_ n q ...)
-       TODO: check
+       NOT-FOR-US: dedecms
 CVE-2022-46441
        RESERVED
 CVE-2022-46440
@@ -7792,7 +7792,7 @@ CVE-2022-46181 (Gotify server is a simple server for 
sending and receiving messa
 CVE-2022-46180
        RESERVED
 CVE-2022-46179 (LiuOS is a small Python project meant to imitate the functions 
of a re ...)
-       TODO: check
+       NOT-FOR-US: LiuOS
 CVE-2022-46178 (MeterSphere is a one-stop open source continuous testing 
platform, cov ...)
        TODO: check
 CVE-2022-46177
@@ -8306,7 +8306,7 @@ CVE-2022-45965
 CVE-2022-45964
        RESERVED
 CVE-2022-45963 (h3c firewall <= 3.10 ESS6703 has a privilege bypass 
vulnerability. ...)
-       TODO: check
+       NOT-FOR-US: h3c firewall
 CVE-2022-45962
        RESERVED
 CVE-2022-45961
@@ -8517,7 +8517,7 @@ CVE-2022-45877 (OpenHarmony-v3.1.4 and prior versions had 
an vulnerability. PIN
 CVE-2022-45875
        RESERVED
 CVE-2022-45874 (Huawei Aslan Children's Watch has an improper authorization 
vulnerabil ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2022-45126
        RESERVED
 CVE-2022-45118 (OpenHarmony-v3.1.2 and prior versions had a vulnerability that 
telepho ...)
@@ -8830,7 +8830,7 @@ CVE-2022-45780
 CVE-2022-45779
        RESERVED
 CVE-2022-45778 (https://www.hillstonenet.com.cn/ Hillstone Firewall SG-6000 
<= 5.0. ...)
-       TODO: check
+       NOT-FOR-US: Hillstone Firewall SG-6000
 CVE-2022-45777
        RESERVED
 CVE-2022-45776
@@ -13455,7 +13455,7 @@ CVE-2022-44566
 CVE-2022-44565 (An improper access validation vulnerability exists in airMAX 
AC <8. ...)
        TODO: check
 CVE-2022-44564 (Huawei Aslan Children's Watch has a path traversal 
vulnerability. Succ ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2022-3811
        RESERVED
 CVE-2022-3810 (A vulnerability was found in Axiomatic Bento4. It has been 
classified  ...)
@@ -14434,7 +14434,7 @@ CVE-2022-44139 (Apartment Visitor Management System 
v1.0 is vulnerable to SQL In
 CVE-2022-44138
        RESERVED
 CVE-2022-44137 (SourceCodester Sanitization Management System 1.0 is 
vulnerable to SQL ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Sanitization Management System
 CVE-2022-44136 (Zenario CMS 9.3.57186 is vulnerable to Remote Code Excution 
(RCE). ...)
        NOT-FOR-US: Zenario CMS
 CVE-2022-44135
@@ -19379,7 +19379,7 @@ CVE-2022-42955 (The PassWork extension 5.0.9 for Chrome 
and other browsers allow
 CVE-2022-42954 (Keyfactor EJBCA before 7.10.0 allows XSS. ...)
        NOT-FOR-US: Keyfactor EJBCA
 CVE-2022-42953 (Certain ZKTeco products (ZEM500-510-560-760, ZEM600-800, 
ZEM720, ZMM)  ...)
-       TODO: check
+       NOT-FOR-US: ZKTeco
 CVE-2022-42952
        RESERVED
 CVE-2022-42951



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/68e8a4be08a4111b6281cd6132576cd8b730d0bc

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/68e8a4be08a4111b6281cd6132576cd8b730d0bc
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to