Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: edac8f0f by Salvatore Bonaccorso at 2022-09-19T22:17:18+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -91,7 +91,7 @@ CVE-2022-40986 CVE-2022-40985 RESERVED CVE-2022-40980 (A potential unathenticated file deletion vulnerabilty on Trend Micro M ...) - TODO: check + NOT-FOR-US: Trend Micro CVE-2022-40979 RESERVED CVE-2022-40978 (The installer of JetBrains IntelliJ IDEA before 2022.2.2 was vulnerabl ...) @@ -991,7 +991,7 @@ CVE-2022-40610 CVE-2022-40609 RESERVED CVE-2022-40608 (IBM Spectrum Protect Plus 10.1.6 through 10.1.11 Microsoft File System ...) - TODO: check + NOT-FOR-US: IBM CVE-2022-40607 RESERVED CVE-2022-3192 @@ -1819,7 +1819,7 @@ CVE-2022-40236 CVE-2022-40235 RESERVED CVE-2022-40234 (Versions of IBM Spectrum Protect Plus prior to 10.1.12 (excluding 10.1 ...) - TODO: check + NOT-FOR-US: IBM CVE-2022-40233 RESERVED CVE-2022-40232 @@ -2032,17 +2032,17 @@ CVE-2022-3149 CVE-2022-3148 (Cross-site Scripting (XSS) - Generic in GitHub repository jgraph/drawi ...) NOT-FOR-US: jgraph/drawio CVE-2022-40144 (A vulnerability in Trend Micro Apex One and Trend Micro Apex One as a ...) - TODO: check + NOT-FOR-US: Trend Micro CVE-2022-40143 (A link following local privilege escalation vulnerability in Trend Mic ...) - TODO: check + NOT-FOR-US: Trend Micro CVE-2022-40142 (A security link following local privilege escalation vulnerability in ...) - TODO: check + NOT-FOR-US: Trend Micro CVE-2022-40141 (A vulnerability in Trend Micro Apex One and Apex One as a Service coul ...) - TODO: check + NOT-FOR-US: Trend Micro CVE-2022-40140 (An origin validation error vulnerability in Trend Micro Apex One and A ...) - TODO: check + NOT-FOR-US: Trend Micro CVE-2022-40139 (Improper validation of some components used by the rollback mechanism ...) - TODO: check + NOT-FOR-US: Trend Micro CVE-2022-40138 RESERVED CVE-2022-40133 (A use-after-free(UAF) vulnerability was found in function 'vmw_execbuf ...) @@ -2089,9 +2089,9 @@ CVE-2022-40127 CVE-2022-38972 (Cross-site scripting vulnerability in Movable Type plugin A-Form versi ...) NOT-FOR-US: Movable Type plugin CVE-2022-3142 (The NEX-Forms WordPress plugin before 7.9.7 does not properly sanitise ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-3141 (The Translate Multilingual sites WordPress plugin before 2.3.3 is vuln ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-3140 RESERVED CVE-2022-3139 @@ -2203,25 +2203,25 @@ CVE-2022-40078 CVE-2022-40077 RESERVED CVE-2022-40076 (Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via /bin/http ...) - TODO: check + NOT-FOR-US: Tenda CVE-2022-40075 (Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/htt ...) - TODO: check + NOT-FOR-US: Tenda CVE-2022-40074 (Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/htt ...) - TODO: check + NOT-FOR-US: Tenda CVE-2022-40073 (Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/htt ...) - TODO: check + NOT-FOR-US: Tenda CVE-2022-40072 (Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/htt ...) - TODO: check + NOT-FOR-US: Tenda CVE-2022-40071 (Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/htt ...) - TODO: check + NOT-FOR-US: Tenda CVE-2022-40070 (Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via bin/http ...) - TODO: check + NOT-FOR-US: Tenda CVE-2022-40069 (]Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/ht ...) - TODO: check + NOT-FOR-US: Tenda CVE-2022-40068 (Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via /bin/http ...) - TODO: check + NOT-FOR-US: Tenda CVE-2022-40067 (Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/htt ...) - TODO: check + NOT-FOR-US: Tenda CVE-2022-40066 RESERVED CVE-2022-40065 @@ -4667,7 +4667,7 @@ CVE-2022-3037 (Use After Free in GitHub repository vim/vim prior to 9.0.0322. .. NOTE: https://huntr.dev/bounties/af4c2f2d-d754-4607-b565-9e92f3f717b5 NOTE: https://github.com/vim/vim/commit/4f1b083be43f351bc107541e7b0c9655a5d2c0bb (v9.0.0322) CVE-2022-3036 (The Gettext override translations WordPress plugin before 2.0.0 does n ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-3035 (Cross-site Scripting (XSS) - Stored in GitHub repository snipe/snipe-i ...) - snipe-it <itp> (bug #1005172) CVE-2022-3034 @@ -5184,7 +5184,7 @@ CVE-2022-3023 CVE-2022-3022 REJECTED CVE-2022-3021 (The Slickr Flickr WordPress plugin through 2.8.1 does not sanitise and ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-3020 RESERVED CVE-2021-46836 (Implementation of the WLAN module interfaces has the information discl ...) @@ -5314,7 +5314,7 @@ CVE-2022-38766 CVE-2022-38765 RESERVED CVE-2022-38764 (A vulnerability on Trend Micro HouseCall version 1.62.1.1133 and below ...) - TODO: check + NOT-FOR-US: Trend Micro CVE-2022-38763 RESERVED CVE-2022-38762 @@ -5590,7 +5590,7 @@ CVE-2022-2959 (A race condition was found in the Linux kernel's watch queue due NOTE: https://www.zerodayinitiative.com/advisories/ZDI-CAN-17291/ NOTE: https://git.kernel.org/linus/189b0ddc245139af81198d1a3637cac74f96e13a (5.19-rc1) CVE-2022-2958 (The BadgeOS WordPress plugin before 3.7.1.3 does not sanitise and esca ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-2957 (A vulnerability classified as critical was found in SourceCodester Sim ...) NOT-FOR-US: SourceCodester Simple and Nice Shopping Cart Script CVE-2022-2956 (A vulnerability classified as problematic has been found in ConsoleTVs ...) @@ -6679,7 +6679,7 @@ CVE-2022-2842 (A vulnerability classified as critical has been found in SourceCo CVE-2022-2841 (A vulnerability was found in CrowdStrike Falcon 6.31.14505.0/6.42.1561 ...) NOT-FOR-US: CrowdStrike Falcon CVE-2022-2840 (The Zephyr Project Manager WordPress plugin before 3.2.5 does not sani ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-2839 RESERVED CVE-2022-2838 (In Eclipse Sphinx™ before version 0.13.1, Apache Xerces XML Pars ...) @@ -7402,9 +7402,9 @@ CVE-2022-2756 (Server-Side Request Forgery (SSRF) in GitHub repository kareadita CVE-2022-2755 RESERVED CVE-2022-2754 (The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 doe ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-2753 (The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 doe ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-2752 RESERVED CVE-2022-2751 (A vulnerability was found in SourceCodester Company Website CMS and cl ...) @@ -8013,9 +8013,9 @@ CVE-2022-2712 CVE-2022-2711 RESERVED CVE-2022-2710 (The Scroll To Top WordPress plugin before 1.4.1 does not escape some o ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-2709 (The Float to Top Button WordPress plugin through 2.3.6 does not escape ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-37863 RESERVED CVE-2022-37862 @@ -9313,9 +9313,9 @@ CVE-2022-2627 CVE-2022-2626 (Incorrect Privilege Assignment in GitHub repository hestiacp/hestiacp ...) NOT-FOR-US: Hestia Control Panel CVE-2022-37348 (Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out- ...) - TODO: check + NOT-FOR-US: Trend Micro CVE-2022-37347 (Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out- ...) - TODO: check + NOT-FOR-US: Trend Micro CVE-2022-37341 RESERVED CVE-2022-37340 @@ -10244,7 +10244,7 @@ CVE-2022-2569 (The affected device stores sensitive information in cleartext, wh CVE-2022-2568 (A privilege escalation flaw was found in the Ansible Automation Platfo ...) NOT-FOR-US: Red Hat Ansible Automation Platform CVE-2022-2567 (The Form Builder CP WordPress plugin before 1.2.32 does not sanitise a ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-2566 RESERVED - ffmpeg 7:5.1.1-1 @@ -15656,7 +15656,7 @@ CVE-2022-2277 (Improper Input Validation vulnerability exists in the Hitachi Ene CVE-2021-4234 (OpenVPN Access Server 2.10 and prior versions are susceptible to resen ...) NOT-FOR-US: OpenVPN Access Server CVE-2022-34893 (Trend Micro Security 2022 (consumer) has a link following vulnerabilit ...) - TODO: check + NOT-FOR-US: Trend Micro CVE-2022-34892 (This vulnerability allows local attackers to escalate privileges on af ...) NOT-FOR-US: Parallels CVE-2022-34891 (This vulnerability allows local attackers to escalate privileges on af ...) @@ -28462,7 +28462,7 @@ CVE-2022-1593 (The Site Offline or Coming Soon WordPress plugin through 1.6.6 do CVE-2022-1592 (Server-Side Request Forgery in scout in GitHub repository clinical-gen ...) NOT-FOR-US: clinical-genomics/scout CVE-2022-1591 (The WordPress Ping Optimizer WordPress plugin before 2.35.1.3.0 does n ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-1590 (A vulnerability was found in Bludit 3.13.1. It has been declared as pr ...) NOT-FOR-US: Bludit CVE-2022-1589 (The Change wp-admin login WordPress plugin before 1.1.0 does not prope ...) @@ -28634,7 +28634,7 @@ CVE-2022-1582 (The External Links in New Window / New Tab WordPress plugin befor CVE-2022-1581 RESERVED CVE-2022-1580 (The Site Offline Or Coming Soon Or Maintenance Mode WordPress plugin b ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-1579 RESERVED CVE-2022-1578 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/edac8f0f5b004ef40a0ae1abca1d82e4fe335822 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/edac8f0f5b004ef40a0ae1abca1d82e4fe335822 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits