Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 68801279 by Salvatore Bonaccorso at 2022-04-13T09:13:41+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -2348,13 +2348,13 @@ CVE-2022-28218 CVE-2022-28217 RESERVED CVE-2022-28216 (SAP BusinessObjects Business Intelligence Platform (BI Workspace) - ve ...) - TODO: check + NOT-FOR-US: SAP CVE-2022-28215 (SAP NetWeaver ABAP Server and ABAP Platform - versions 740, 750, 787, ...) - TODO: check + NOT-FOR-US: SAP CVE-2022-28214 RESERVED CVE-2022-28213 (When a user access SOAP Web services in SAP BusinessObjects Business I ...) - TODO: check + NOT-FOR-US: SAP CVE-2022-28212 RESERVED CVE-2022-28211 @@ -3843,13 +3843,13 @@ CVE-2022-27672 CVE-2022-27671 (A CSRF token visible in the URL may possibly lead to information discl ...) TODO: check CVE-2022-27670 (SAP SQL Anywhere - version 17.0, allows an authenticated attacker to p ...) - TODO: check + NOT-FOR-US: SAP CVE-2022-27669 (An unauthenticated user can use functions of XML Data Archiving Servic ...) - TODO: check + NOT-FOR-US: SAP CVE-2022-27668 RESERVED CVE-2022-27667 (Under certain conditions, SAP BusinessObjects Business Intelligence pl ...) - TODO: check + NOT-FOR-US: SAP CVE-2022-1059 RESERVED CVE-2022-1058 (Open Redirect on login in GitHub repository go-gitea/gitea prior to 1. ...) @@ -3871,13 +3871,13 @@ CVE-2022-27663 CVE-2022-27658 (Under certain conditions, SAP Innovation management - version 2.0, all ...) NOT-FOR-US: SAP CVE-2022-27657 (A highly privileged remote attacker, can gain unauthorized access to d ...) - TODO: check + NOT-FOR-US: SAP CVE-2022-27656 RESERVED CVE-2022-27655 (When a user opens a manipulated Universal 3D (.u3d, 3difr.x3d) receive ...) - TODO: check + NOT-FOR-US: SAP CVE-2022-27654 (When a user opens a manipulated Photoshop Document (.psd, 2d.x3d) rece ...) - TODO: check + NOT-FOR-US: SAP CVE-2022-26518 RESERVED CVE-2022-26422 @@ -8113,15 +8113,15 @@ CVE-2022-26110 (An issue was discovered in HTCondor 8.8.x before 8.8.16, 9.0.x b NOTE: https://github.com/htcondor/htcondor/commit/1cae7601d796725e7f5dd73fedf37f6fbbe379ca (V8_8_16) NOTE: https://github.com/htcondor/htcondor/commit/8568e8ba65c9490f30a1089b6d4f8910e4bfbd6b (V8_8_16) CVE-2022-26109 (When a user opens a manipulated Portable Document Format (.pdf, PDFVie ...) - TODO: check + NOT-FOR-US: SAP CVE-2022-26108 (When a user opens a manipulated Picture Exchange (.pcx, 2d.x3d) receiv ...) - TODO: check + NOT-FOR-US: SAP CVE-2022-26107 (When a user opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d ...) - TODO: check + NOT-FOR-US: SAP CVE-2022-26106 (When a user opens a manipulated Computer Graphics Metafile (.cgm, CgmC ...) - TODO: check + NOT-FOR-US: SAP CVE-2022-26105 (SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.3 ...) - TODO: check + NOT-FOR-US: SAP CVE-2022-26104 (SAP Financial Consolidation - version 10.1, does not perform necessary ...) NOT-FOR-US: SAP CVE-2022-26103 (Under certain conditions, SAP NetWeaver (Real Time Messaging Framework ...) @@ -12658,7 +12658,7 @@ CVE-2022-24414 CVE-2022-24413 (Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-t ...) TODO: check CVE-2022-24412 (Dell EMC PowerScale OneFS 8.2.x - 9.3.0.x contain an improper handling ...) - TODO: check + NOT-FOR-US: EMC CVE-2022-24411 (Dell PowerScale OneFS 8.2.2 and above contain an elevation of privileg ...) TODO: check CVE-2022-24410 @@ -19191,11 +19191,11 @@ CVE-2022-0144 (shelljs is vulnerable to Improper Privilege Management ...) CVE-2022-0143 RESERVED CVE-2022-0142 (The Visual Form Builder WordPress plugin before 3.0.6 is vulnerable to ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0141 (The Visual Form Builder WordPress plugin before 3.0.8 does not enforce ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0140 (The Visual Form Builder WordPress plugin before 3.0.6 does not perform ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-46150 (An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36 ...) NOT-FOR-US: MediaWiki extension CheckUser CVE-2021-46149 (An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36 ...) @@ -19669,7 +19669,7 @@ CVE-2022-22562 (Dell PowerScale OneFS, versions 8.2.0-9.3.0, contain a improper CVE-2022-22561 (Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contain an improper res ...) TODO: check CVE-2022-22560 (Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials ...) - TODO: check + NOT-FOR-US: EMC CVE-2022-22559 (Dell PowerScale OneFS, version 9.3.0, contains a use of a broken or ri ...) TODO: check CVE-2022-22558 @@ -19707,7 +19707,7 @@ CVE-2022-22543 (SAP NetWeaver Application Server for ABAP (Kernel) and ABAP Plat CVE-2022-22542 (S/4HANA Supplier Factsheet exposes the private address and bank detail ...) NOT-FOR-US: SAP CVE-2022-22541 (SAP BusinessObjects Business Intelligence Platform - versions 420, 430 ...) - TODO: check + NOT-FOR-US: SAP CVE-2022-22540 (SAP NetWeaver AS ABAP (Workplace Server) - versions 700, 701, 702, 731 ...) NOT-FOR-US: SAP CVE-2022-22539 (When a user opens a manipulated JPEG file format (.jpg, 2d.x3d) receiv ...) @@ -48914,7 +48914,7 @@ CVE-2021-36916 (The SQL injection vulnerability in the Hide My WP WordPress plug CVE-2021-36915 RESERVED CVE-2021-36914 (Cross-Site Request Forgery (CSRF) vulnerability leading to Reflected C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-36913 RESERVED CVE-2021-36912 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/688012790aefb952418e44decb39bb8e8df996dd -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/688012790aefb952418e44decb39bb8e8df996dd You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits