Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: d0647558 by Salvatore Bonaccorso at 2022-04-22T10:53:59+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -3076,7 +3076,7 @@ CVE-2022-28368 (Dompdf 1.2.1 allows remote code execution via a .php file in the NOTE: https://github.com/dompdf/dompdf/pull/2808 NOTE: https://github.com/dompdf/dompdf/commit/4c70e1025bcd9b7694b95dd552499bd83cd6141d (v1.2.1) CVE-2022-28367 (OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE ...) - TODO: check + NOT-FOR-US: OWASP AntiSamy CVE-2022-28366 (Certain Neko-related HTML parsers allow a denial of service via crafte ...) TODO: check CVE-2022-28365 (Reprise License Manager 14.2 is affected by an Information Disclosure ...) @@ -4285,55 +4285,55 @@ CVE-2022-28032 (AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_aj CVE-2022-28031 RESERVED CVE-2022-28030 (Simple Real Estate Portal System v1.0 was discovered to contain a SQL ...) - TODO: check + NOT-FOR-US: Simple Real Estate Portal System CVE-2022-28029 (Simple Real Estate Portal System v1.0 was discovered to contain a SQL ...) - TODO: check + NOT-FOR-US: Simple Real Estate Portal System CVE-2022-28028 (Simple Real Estate Portal System v1.0 was discovered to contain a SQL ...) - TODO: check + NOT-FOR-US: Simple Real Estate Portal System CVE-2022-28027 RESERVED CVE-2022-28026 (Student Grading System v1.0 was discovered to contain a SQL injection ...) - TODO: check + NOT-FOR-US: Student Grading System CVE-2022-28025 (Student Grading System v1.0 was discovered to contain a SQL injection ...) - TODO: check + NOT-FOR-US: Student Grading System CVE-2022-28024 (Student Grading System v1.0 was discovered to contain a SQL injection ...) - TODO: check + NOT-FOR-US: Student Grading System CVE-2022-28023 (Purchase Order Management System v1.0 was discovered to contain a SQL ...) - TODO: check + NOT-FOR-US: Purchase Order Management System CVE-2022-28022 (Purchase Order Management System v1.0 was discovered to contain a SQL ...) - TODO: check + NOT-FOR-US: Purchase Order Management System CVE-2022-28021 (Purchase Order Management System v1.0 was discovered to contain a remo ...) - TODO: check + NOT-FOR-US: Purchase Order Management System CVE-2022-28020 (Attendance and Payroll System v1.0 was discovered to contain a SQL inj ...) - TODO: check + NOT-FOR-US: Attendance and Payroll System CVE-2022-28019 (Attendance and Payroll System v1.0 was discovered to contain a SQL inj ...) - TODO: check + NOT-FOR-US: Attendance and Payroll System CVE-2022-28018 (Attendance and Payroll System v1.0 was discovered to contain a SQL inj ...) - TODO: check + NOT-FOR-US: Attendance and Payroll System CVE-2022-28017 (Attendance and Payroll System v1.0 was discovered to contain a SQL inj ...) - TODO: check + NOT-FOR-US: Attendance and Payroll System CVE-2022-28016 (Attendance and Payroll System v1.0 was discovered to contain a SQL inj ...) - TODO: check + NOT-FOR-US: Attendance and Payroll System CVE-2022-28015 (Attendance and Payroll System v1.0 was discovered to contain a SQL inj ...) - TODO: check + NOT-FOR-US: Attendance and Payroll System CVE-2022-28014 (Attendance and Payroll System v1.0 was discovered to contain a SQL inj ...) - TODO: check + NOT-FOR-US: Attendance and Payroll System CVE-2022-28013 (Attendance and Payroll System v1.0 was discovered to contain a SQL inj ...) - TODO: check + NOT-FOR-US: Attendance and Payroll System CVE-2022-28012 (Attendance and Payroll System v1.0 was discovered to contain a SQL inj ...) - TODO: check + NOT-FOR-US: Attendance and Payroll System CVE-2022-28011 (Attendance and Payroll System v1.0 was discovered to contain a SQL inj ...) - TODO: check + NOT-FOR-US: Attendance and Payroll System CVE-2022-28010 (Attendance and Payroll System v1.0 was discovered to contain a SQL inj ...) - TODO: check + NOT-FOR-US: Attendance and Payroll System CVE-2022-28009 (Attendance and Payroll System v1.0 was discovered to contain a SQL inj ...) - TODO: check + NOT-FOR-US: Attendance and Payroll System CVE-2022-28008 (Attendance and Payroll System v1.0 was discovered to contain a SQL inj ...) - TODO: check + NOT-FOR-US: Attendance and Payroll System CVE-2022-28007 (Attendance and Payroll System v1.0 was discovered to contain a SQL inj ...) - TODO: check + NOT-FOR-US: Attendance and Payroll System CVE-2022-28006 (Attendance and Payroll System v1.0 was discovered to contain a SQL inj ...) - TODO: check + NOT-FOR-US: Attendance and Payroll System CVE-2022-28005 RESERVED CVE-2022-28004 @@ -6260,7 +6260,7 @@ CVE-2022-1024 CVE-2022-1023 (The Podcast Importer SecondLine WordPress plugin before 1.3.8 does not ...) NOT-FOR-US: WordPress plugin CVE-2022-1022 (Cross-site Scripting (XSS) - Stored in GitHub repository chatwoot/chat ...) - TODO: check + NOT-FOR-US: chatwoot CVE-2022-1021 RESERVED CVE-2022-1020 (The Product Table for WooCommerce (wooproducttable) WordPress plugin b ...) @@ -7922,11 +7922,11 @@ CVE-2022-26676 (aEnrich a+HRD has inadequate privilege restrictions, an unauthen CVE-2022-26675 (aEnrich a+HRD has inadequate filtering for special characters in URLs. ...) NOT-FOR-US: aEnrich a+HRD CVE-2022-26674 (ASUS RT-AX88U has a Format String vulnerability, which allows an unaut ...) - TODO: check + NOT-FOR-US: ASUS CVE-2022-26673 (ASUS RT-AX88U has insufficient filtering for special characters in the ...) - TODO: check + NOT-FOR-US: ASUS CVE-2022-26672 (ASUS WebStorage has a hardcoded API Token in the APP source code. An u ...) - TODO: check + NOT-FOR-US: ASUS CVE-2022-26671 (Taiwan Secom Dr.ID Access Control system’s login page has a hard ...) NOT-FOR-US: Taiwan Secom Dr.ID Access Control system CVE-2022-26670 (D-Link DIR-878 has inadequate filtering for special characters in the ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d064755879084ef61429193a24362ab6cd0beb72 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d064755879084ef61429193a24362ab6cd0beb72 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits