Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a48e5a35 by Salvatore Bonaccorso at 2022-08-16T10:43:59+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5105,19 +5105,19 @@ CVE-2021-46828 (In libtirpc before 1.3.3rc1, remote
attackers could exhaust the
NOTE: Fixed by:
http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed
(libtirpc-1-3-3-rc1)
NOTE: Introduced by:
http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=b2c9430f46c4ac848957fb8adaac176a3f6ac03f
(libtirpc-0-3-3-rc3)
CVE-2022-36312 (Airspan AirVelocity 1500 software version 15.18.00.2511 lacks
CSRF pro ...)
- TODO: check
+ NOT-FOR-US: Airspan AirVelocity 1500 software
CVE-2022-36311 (Airspan AirVelocity 1500 prior to software version
15.18.00.2511 is vu ...)
- TODO: check
+ NOT-FOR-US: Airspan AirVelocity 1500 software
CVE-2022-36310 (Airspan AirVelocity 1500 software prior to version
15.18.00.2511 had N ...)
- TODO: check
+ NOT-FOR-US: Airspan AirVelocity 1500 software
CVE-2022-36309 (Airspan AirVelocity 1500 software versions prior to
15.18.00.2511 have ...)
- TODO: check
+ NOT-FOR-US: Airspan AirVelocity 1500 software
CVE-2022-36308 (Airspan AirVelocity 1500 web management UI displays SNMP
credentials i ...)
- TODO: check
+ NOT-FOR-US: Airspan AirVelocity 1500
CVE-2022-36307 (The AirVelocity 1500 prints SNMP credentials on its physically
accessi ...)
- TODO: check
+ NOT-FOR-US: Airspan AirVelocity 1500
CVE-2022-36306 (An authenticated attacker can enumerate and download sensitive
files, ...)
- TODO: check
+ NOT-FOR-US: Airspan AirVelocity 1500
CVE-2022-36294
RESERVED
CVE-2022-36290
@@ -6328,7 +6328,7 @@ CVE-2022-35824 (Azure Site Recovery Remote Code Execution
Vulnerability. This CV
CVE-2022-35823
RESERVED
CVE-2022-35822 (Windows Defender Credential Guard Security Feature Bypass
Vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-35821 (Azure Sphere Information Disclosure Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-35820 (Windows Bluetooth Driver Elevation of Privilege Vulnerability.
...)
@@ -9118,7 +9118,7 @@ CVE-2022-34713 (Microsoft Windows Support Diagnostic Tool
(MSDT) Remote Code Exe
CVE-2022-34712 (Windows Defender Credential Guard Information Disclosure
Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-34711 (Windows Defender Credential Guard Elevation of Privilege
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-34710 (Windows Defender Credential Guard Information Disclosure
Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-34709 (Windows Defender Credential Guard Security Feature Bypass
Vulnerabilit ...)
@@ -25696,7 +25696,7 @@ CVE-2022-28758
CVE-2022-28757
RESERVED
CVE-2022-28756 (The Zoom Client for Meetings for macOS (Standard and for IT
Admin) sta ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2022-28755 (The Zoom Client for Meetings (for Android, iOS, Linux, macOS,
and Wind ...)
NOT-FOR-US: Zoom
CVE-2022-28754 (Zoom On-Premise Meeting Connector MMR before version
4.8.129.20220714 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a48e5a35a62e9db3a03d996a1b541cd56d848a07
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a48e5a35a62e9db3a03d996a1b541cd56d848a07
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
