Neil Williams pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
12256909 by Neil Williams at 2022-04-06T11:59:58+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3228,7 +3228,7 @@ CVE-2022-27437
CVE-2022-27436 (A cross-site scripting (XSS) vulnerability in
/public/admin/index.php? ...)
TODO: check
CVE-2022-27435 (An unrestricted file upload at
/public/admin/index.php?add_product of ...)
- TODO: check
+ NOT-FOR-US: ashymuzuro/Full-Ecommece-Website
CVE-2022-27434
RESERVED
CVE-2022-27433
@@ -5428,7 +5428,7 @@ CVE-2022-26621
CVE-2022-26620
REJECTED
CVE-2022-26619 (Halo Blog CMS v1.4.17 was discovered to allow attackers to
upload arbi ...)
- TODO: check
+ NOT-FOR-US: Halo Blog CMS
CVE-2022-26618
RESERVED
CVE-2022-26617
@@ -5436,7 +5436,7 @@ CVE-2022-26617
CVE-2022-26616 (PKP Vendor Open Journal System v2.4.8 to v3.3.8 allows
attackers to pe ...)
TODO: check
CVE-2022-26615 (A cross-site scripting (XSS) vulnerability in College Website
Content ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Simple College Website
CVE-2022-26614
RESERVED
CVE-2022-26613
@@ -5522,7 +5522,7 @@ CVE-2022-26574
CVE-2022-26573 (Maccms v10 was discovered to contain multiple reflected
cross-site scr ...)
NOT-FOR-US: Maccms
CVE-2022-26572 (Xerox ColorQube 8580 was discovered to contain an access
control issue ...)
- TODO: check
+ NOT-FOR-US: Xerox ColorQube
CVE-2022-26571
RESERVED
CVE-2022-26570
@@ -8209,7 +8209,7 @@ CVE-2022-25586
CVE-2022-25585
RESERVED
CVE-2022-25584 (Seyeon Tech Co., Ltd FlexWATCH FW3170-PS-E Network Video
System 4.23-3 ...)
- TODO: check
+ NOT-FOR-US: FlexWATCH FW3170-PS-E
CVE-2022-25583
RESERVED
CVE-2022-25582 (A stored cross-site scripting (XSS) vulnerability in the
Column module ...)
@@ -8239,7 +8239,7 @@ CVE-2022-25571 (Bluedon Information Security Technologies
Co.,Ltd Internet Acces
CVE-2022-25570 (In Click Studios (SA) Pty Ltd Passwordstate 9435, users with
access to ...)
NOT-FOR-US: Passwordstate
CVE-2022-25569 (Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use
static S ...)
- TODO: check
+ NOT-FOR-US: Bettini SGSetup
CVE-2022-25568 (MotionEye v0.42.1 and below allows attackers to access
sensitive infor ...)
NOT-FOR-US: MotionEye
CVE-2022-25567
@@ -8744,7 +8744,7 @@ CVE-2022-25358 (A ..%2F path traversal vulnerability
exists in the path handler
CVE-2022-25357
RESERVED
CVE-2022-25356 (ALIN MDaemon Security Gateway through 8.5.0 allows XML
Injection. ...)
- TODO: check
+ NOT-FOR-US: Alt-N Technologies Mdaemon
CVE-2022-25344
RESERVED
CVE-2022-25343
@@ -9437,7 +9437,7 @@ CVE-2022-25156 (Use of Weak Hash vulnerability in
Mitsubishi Electric MELSEC iQ-
CVE-2022-25155 (Use of Password Hash Instead of Password for Authentication
vulnerabil ...)
NOT-FOR-US: Mitsubishi
CVE-2022-25154 (A DLL hijacking vulnerability in Samsung portable SSD T5 PC
software b ...)
- TODO: check
+ NOT-FOR-US: Samsung portable SSD T5
CVE-2022-25153
RESERVED
CVE-2022-25152
@@ -10356,9 +10356,9 @@ CVE-2022-24816
CVE-2022-24815
RESERVED
CVE-2022-24814 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
- TODO: check
+ NOT-FOR-US: Directus
CVE-2022-24813 (CreateWiki is Miraheze's MediaWiki extension for requesting
& crea ...)
- TODO: check
+ NOT-FOR-US: Miraheze CreateWiki
CVE-2022-24812
RESERVED
CVE-2022-24811
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12256909a9b09e099c6f9bbdccbefd6db03b6fbc
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12256909a9b09e099c6f9bbdccbefd6db03b6fbc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
