[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Salvatore Bonaccorso (@carnil) Mon, 23 May 2022 13:36:32 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
0517d408 by Salvatore Bonaccorso at 2022-05-23T22:35:54+02:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6833,9 +6833,9 @@ CVE-2022-29007 (Multiple SQL injection vulnerabilities 
via the username and pass
 CVE-2022-29006 (Multiple SQL injection vulnerabilities via the username and 
password p ...)
        NOT-FOR-US: Directory Management System
 CVE-2022-29005 (Multiple cross-site scripting (XSS) vulnerabilities in the 
component / ...)
-       TODO: check
+       NOT-FOR-US: Online Birth Certificate System
 CVE-2022-29004 (Diary Management System v1.0 was discovered to contain a 
cross-site sc ...)
-       TODO: check
+       NOT-FOR-US: Diary Management System
 CVE-2022-29003
        RESERVED
 CVE-2022-29002
@@ -6847,9 +6847,9 @@ CVE-2022-29000
 CVE-2022-28999
        RESERVED
 CVE-2022-28998 (Xlight FTP v3.9.3.2 was discovered to contain a stack-based 
buffer ove ...)
-       TODO: check
+       NOT-FOR-US: Xlight FTP
 CVE-2022-28997 (CSZCMS v1.3.0 allows attackers to execute a Server-Side 
Request Forger ...)
-       TODO: check
+       NOT-FOR-US: CSZCMS
 CVE-2022-28996
        RESERVED
 CVE-2022-28995 (Rengine v1.0.2 was discovered to contain a remote code 
execution (RCE) ...)
@@ -6996,7 +6996,7 @@ CVE-2022-28934
 CVE-2022-28933
        RESERVED
 CVE-2022-28932 (D-Link DSL-G2452DG HW:T1\\tFW:ME_2.00 was discovered to 
contain insecu ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2022-28931
        RESERVED
 CVE-2022-28930 (ERP-Pro v3.7.5 was discovered to contain a SQL injection 
vulnerability ...)
@@ -7140,7 +7140,7 @@ CVE-2022-28876
 CVE-2022-28875
        RESERVED
 CVE-2022-28874 (Multiple Denial-of-Service vulnerabilities was discovered in 
the F-Sec ...)
-       TODO: check
+       NOT-FOR-US: F-Secure
 CVE-2022-28873 (A vulnerability affecting F-Secure SAFE browser was 
discovered. An att ...)
        NOT-FOR-US: F-Secure
 CVE-2022-28872 (A vulnerability affecting F-Secure SAFE browser was 
discovered. A mali ...)
@@ -41099,7 +41099,7 @@ CVE-2021-23225 (Cacti 1.1.38 allows authenticated users 
with User Management per
 CVE-2022-0005 (Sensitive information accessible by physical probing of JTAG 
interface ...)
        NOT-FOR-US: Intel
 CVE-2022-0004 (Hardware debug modes and processor INIT setting that allow 
override of ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2022-0003
        RESERVED
 CVE-2022-0002 (Non-transparent sharing of branch predictor within a context in 
some I ...)
@@ -43130,7 +43130,7 @@ CVE-2021-42235 (SQL injection in osTicket before 1.14.8 
and 1.15.4 login and pas
 CVE-2021-42234
        RESERVED
 CVE-2021-42233 (The Simple Blog plugin in Wondercms 3.4.1 is vulnerable to 
stored cros ...)
-       TODO: check
+       NOT-FOR-US: Simple Blog plugin in Wondercms
 CVE-2021-42232
        RESERVED
 CVE-2021-42231
@@ -66121,7 +66121,7 @@ CVE-2021-32943 (The affected product is vulnerable to a 
stack-based buffer overf
 CVE-2021-32942 (The vulnerability could expose cleartext credentials from 
AVEVA InTouc ...)
        NOT-FOR-US: AVEVA InTouch Runtime
 CVE-2021-32941 (Annke N48PBB (Network Video Recorder) products of version 
3.4.106 buil ...)
-       TODO: check
+       NOT-FOR-US: Annke N48PBB (Network Video Recorder) products
 CVE-2021-32940 (An out-of-bounds read issue exists in the DWG file-recovering 
procedur ...)
        NOT-FOR-US: Open Design Alliance
 CVE-2021-32939 (FATEK Automation FvDesigner, Versions 1.5.88 and prior is 
vulnerable t ...)
@@ -66133,7 +66133,7 @@ CVE-2021-32937 (An attacker can gain knowledge of a 
session temporary working fo
 CVE-2021-32936 (An out-of-bounds write issue exists in the DXF file-recovering 
procedu ...)
        NOT-FOR-US: Open Design Alliance
 CVE-2021-32935 (The affected Cognex product, the In-Sight OPC Server versions 
v5.7.4 ( ...)
-       TODO: check
+       NOT-FOR-US: Cognex
 CVE-2021-32934 (The affected ThroughTek P2P products (SDKs using versions 
before 3.1.5 ...)
        NOT-FOR-US: ThroughTek P2P SDK
 CVE-2021-32933 (An attacker could leverage an API to pass along a malicious 
file that  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0517d4088e40bc80aee9da9c2249ae5029f5192e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0517d4088e40bc80aee9da9c2249ae5029f5192e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Reply via email to