Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: a48e5a35 by Salvatore Bonaccorso at 2022-08-16T10:43:59+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -5105,19 +5105,19 @@ CVE-2021-46828 (In libtirpc before 1.3.3rc1, remote attackers could exhaust the NOTE: Fixed by: http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed (libtirpc-1-3-3-rc1) NOTE: Introduced by: http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=b2c9430f46c4ac848957fb8adaac176a3f6ac03f (libtirpc-0-3-3-rc3) CVE-2022-36312 (Airspan AirVelocity 1500 software version 15.18.00.2511 lacks CSRF pro ...) - TODO: check + NOT-FOR-US: Airspan AirVelocity 1500 software CVE-2022-36311 (Airspan AirVelocity 1500 prior to software version 15.18.00.2511 is vu ...) - TODO: check + NOT-FOR-US: Airspan AirVelocity 1500 software CVE-2022-36310 (Airspan AirVelocity 1500 software prior to version 15.18.00.2511 had N ...) - TODO: check + NOT-FOR-US: Airspan AirVelocity 1500 software CVE-2022-36309 (Airspan AirVelocity 1500 software versions prior to 15.18.00.2511 have ...) - TODO: check + NOT-FOR-US: Airspan AirVelocity 1500 software CVE-2022-36308 (Airspan AirVelocity 1500 web management UI displays SNMP credentials i ...) - TODO: check + NOT-FOR-US: Airspan AirVelocity 1500 CVE-2022-36307 (The AirVelocity 1500 prints SNMP credentials on its physically accessi ...) - TODO: check + NOT-FOR-US: Airspan AirVelocity 1500 CVE-2022-36306 (An authenticated attacker can enumerate and download sensitive files, ...) - TODO: check + NOT-FOR-US: Airspan AirVelocity 1500 CVE-2022-36294 RESERVED CVE-2022-36290 @@ -6328,7 +6328,7 @@ CVE-2022-35824 (Azure Site Recovery Remote Code Execution Vulnerability. This CV CVE-2022-35823 RESERVED CVE-2022-35822 (Windows Defender Credential Guard Security Feature Bypass Vulnerabilit ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2022-35821 (Azure Sphere Information Disclosure Vulnerability. ...) NOT-FOR-US: Microsoft CVE-2022-35820 (Windows Bluetooth Driver Elevation of Privilege Vulnerability. ...) @@ -9118,7 +9118,7 @@ CVE-2022-34713 (Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Exe CVE-2022-34712 (Windows Defender Credential Guard Information Disclosure Vulnerability ...) NOT-FOR-US: Microsoft CVE-2022-34711 (Windows Defender Credential Guard Elevation of Privilege Vulnerability ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2022-34710 (Windows Defender Credential Guard Information Disclosure Vulnerability ...) NOT-FOR-US: Microsoft CVE-2022-34709 (Windows Defender Credential Guard Security Feature Bypass Vulnerabilit ...) @@ -25696,7 +25696,7 @@ CVE-2022-28758 CVE-2022-28757 RESERVED CVE-2022-28756 (The Zoom Client for Meetings for macOS (Standard and for IT Admin) sta ...) - TODO: check + NOT-FOR-US: Zoom CVE-2022-28755 (The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Wind ...) NOT-FOR-US: Zoom CVE-2022-28754 (Zoom On-Premise Meeting Connector MMR before version 4.8.129.20220714 ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a48e5a35a62e9db3a03d996a1b541cd56d848a07 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a48e5a35a62e9db3a03d996a1b541cd56d848a07 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits