[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Wed, 04 Jan 2023 03:30:58 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
920f7ead by Moritz Muehlenhoff at 2023-01-04T12:30:21+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8503,7 +8503,7 @@ CVE-2022-46083
 CVE-2022-46082
        RESERVED
 CVE-2022-46081 (In Garmin Connect 4.61, terminating a LiveTrack session 
wouldn't preve ...)
-       TODO: check
+       NOT-FOR-US: Garmin
 CVE-2022-46080
        RESERVED
 CVE-2022-46079
@@ -20670,7 +20670,7 @@ CVE-2022-42712
 CVE-2022-42711 (In Progress WhatsUp Gold before 22.1.0, an SNMP MIB Walker 
application ...)
        NOT-FOR-US: Progress WhatsUp Gold
 CVE-2022-42710 (Nice (formerly Nortek) Linear eMerge E3-Series 0.32-08f, 
0.32-07p, 0.3 ...)
-       TODO: check
+       NOT-FOR-US: Nice Linear eMerge E3-Series
 CVE-2022-42709
        RESERVED
 CVE-2022-42708
@@ -21726,15 +21726,15 @@ CVE-2022-42272
 CVE-2022-42271
        RESERVED
 CVE-2022-42270 (NVIDIA distributions of Linux contain a vulnerability in 
nvdla_emu_tas ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2022-42269 (NVIDIA Trusted OS contains a vulnerability in an SMC call 
handler, whe ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2022-42268
        RESERVED
 CVE-2022-42267 (NVIDIA GPU Display Driver for Windows contains a vulnerability 
where a ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2022-42266 (NVIDIA GPU Display Driver for Windows contains a vulnerability 
in the  ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2022-42265 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
        TODO: check
 CVE-2022-42264 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
@@ -25667,7 +25667,7 @@ CVE-2022-40742 (Mail SQR Expert system has a Local File 
Inclusion vulnerability.
 CVE-2022-40741 (Mail SQR Expert&#8217;s specific function has insufficient 
filtering f ...)
        NOT-FOR-US: Mail SQR Expert system
 CVE-2022-40740 (Realtek GPON router has insufficient filtering for special 
characters. ...)
-       TODO: check
+       NOT-FOR-US: Realtek
 CVE-2022-40739 (Ragic report generation page has insufficient filtering for 
special ch ...)
        NOT-FOR-US: Ragic
 CVE-2022-3227
@@ -27638,7 +27638,7 @@ CVE-2022-39949 (An improper control of a resource 
through its lifetime vulnerabi
 CVE-2022-39948
        RESERVED
 CVE-2022-39947 (A improper neutralization of special elements used in an os 
command (' ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2022-39946
        RESERVED
 CVE-2022-39945 (An improper access control vulnerability [CWE-284] in 
FortiMail 7.2.0, ...)
@@ -29913,13 +29913,13 @@ CVE-2022-3061 (Found Linux Kernel flaw in the i740 
driver. The Userspace program
 CVE-2022-39043
        RESERVED
 CVE-2022-39042 (aEnrich a+HRD has improper validation for login function. An 
unauthent ...)
-       TODO: check
+       NOT-FOR-US: aEnrich a+HRD
 CVE-2022-39041 (aEnrich a+HRD has insufficient user input validation for 
specific API  ...)
-       TODO: check
+       NOT-FOR-US: aEnrich a+HRD
 CVE-2022-39040 (aEnrich a+HRD log read function has a path traversal 
vulnerability. An ...)
-       TODO: check
+       NOT-FOR-US: aEnrich a+HRD
 CVE-2022-39039 (aEnrich&#8217;s a+HRD has inadequate filtering for specific 
URL parame ...)
-       TODO: check
+       NOT-FOR-US: aEnrich a+HRD
 CVE-2022-39038 (Agentflow BPM enterprise management system has improper 
authentication ...)
        NOT-FOR-US: Agentflow BPM enterprise management system
 CVE-2022-39037 (Agentflow BPM file download function has a path traversal 
vulnerabilit ...)
@@ -30736,7 +30736,7 @@ CVE-2022-38768 (The mobile application in Transtek 
Mojodat FAM (Fixed Asset Mana
 CVE-2022-38767 (An issue was discovered in Wind River VxWorks 6.9 and 7, that 
allows a ...)
        NOT-FOR-US: Wind River VxWorks
 CVE-2022-38766 (The remote keyless system on Renault ZOE 2021 vehicles sends 
433.92 MH ...)
-       TODO: check
+       NOT-FOR-US: Renault
 CVE-2022-38765 (Canon Medical Informatics Vitrea Vision 7.7.76.1 does not 
adequately e ...)
        NOT-FOR-US: Canon Medical Informatics Vitrea
 CVE-2022-38764 (A vulnerability on Trend Micro HouseCall version 1.62.1.1133 
and below ...)
@@ -30923,7 +30923,7 @@ CVE-2022-38725
 CVE-2022-38724 (Silverstripe silverstripe/framework through 4.11.0, 
silverstripe/asset ...)
        NOT-FOR-US: SilverStripe CMS
 CVE-2022-38723 (Gravitee API Management before 3.15.13 allows path traversal 
through H ...)
-       TODO: check
+       NOT-FOR-US: Gravitee API Management
 CVE-2022-38722
        RESERVED
 CVE-2022-38721
@@ -30998,7 +30998,7 @@ CVE-2022-2969 (Delta Industrial Automation DIALink 
versions prior to v1.5.0.0 Be
 CVE-2022-2968
        RESERVED
 CVE-2022-2967 (Prosys OPC UA Simulation Server version prior to v5.3.0-64 and 
UA Modb ...)
-       TODO: check
+       NOT-FOR-US: Prosys OPC UA Simulation Server
 CVE-2022-2966 (Out-of-bounds Read vulnerability in Delta Electronics 
DOPSoft.This iss ...)
        NOT-FOR-US: Delta Electronics DOPSoft
 CVE-2022-2965 (Improper Restriction of Rendered UI Layers or Frames in GitHub 
reposit ...)
@@ -31270,7 +31270,7 @@ CVE-2022-38629
 CVE-2022-38628 (Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 
0.32-09c, ...)
        NOT-FOR-US: Nortek Linear eMerge E3-Series
 CVE-2022-38627 (Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 
0.32-09c, ...)
-       TODO: check
+       NOT-FOR-US: Nortek Linear eMerge E3-Series
 CVE-2022-38626
        RESERVED
 CVE-2022-38625 (** DISPUTED ** Patlite NH-FB v1.46 and below was discovered to 
contain ...)
@@ -33330,9 +33330,9 @@ CVE-2022-37936
 CVE-2022-37935
        RESERVED
 CVE-2022-37934 (A potential security vulnerability has been identified in HPE 
OfficeCo ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2022-37933 (A potential security vulnerability has been identified in HPE 
Superdom ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2022-37932 (A potential security vulnerability has been identified in 
Hewlett Pack ...)
        NOT-FOR-US: HPE
 CVE-2022-37931 (A vulnerability in NetBatch-Plus software allows unauthorized 
access t ...)
@@ -33669,11 +33669,11 @@ CVE-2022-37789
 CVE-2022-37788
        RESERVED
 CVE-2022-37787 (An issue was discovered in WeCube platform 3.2.2. A DOM XSS 
vulnerabil ...)
-       TODO: check
+       NOT-FOR-US: WeCube
 CVE-2022-37786 (An issue was discovered in WeCube Platform 3.2.2. There are 
multiple C ...)
-       TODO: check
+       NOT-FOR-US: WeCube
 CVE-2022-37785 (An issue was discovered in WeCube Platform 3.2.2. Cleartext 
passwords  ...)
-       TODO: check
+       NOT-FOR-US: WeCube
 CVE-2022-37784
        RESERVED
 CVE-2022-37783 (All Craft CMS versions between 3.0.0 and 3.7.32 disclose 
password hash ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/920f7eadc64cee8529c2a5ff4dff04103db21916

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/920f7eadc64cee8529c2a5ff4dff04103db21916
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to