Neil Williams pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
932d6085 by Neil Williams at 2022-05-13T09:55:18+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -23923,11 +23923,11 @@ CVE-2022-22800
CVE-2022-22799
RESERVED
CVE-2022-22798 (Sysaid – Pro Plus Edition, SysAid Help Desk Broken
Access Contro ...)
- TODO: check
+ NOT-FOR-US: SysAid Help Desk
CVE-2022-22797 (Sysaid – sysaid Open Redirect - An Attacker can change
the redir ...)
- TODO: check
+ NOT-FOR-US: SysAid Help Desk
CVE-2022-22796 (Sysaid – Sysaid System Takeover - An attacker can bypass
the aut ...)
- TODO: check
+ NOT-FOR-US: SysAid Help Desk
CVE-2022-22795 (Signiant - Manager+Agents XML External Entity (XXE) - Extract
internal ...)
NOT-FOR-US: Signiant Manager+Agents
CVE-2022-22794 (Cybonet - PineApp Mail Relay Unauthenticated Sql Injection.
Attacker c ...)
@@ -45562,7 +45562,7 @@ CVE-2021-40400 (An out-of-bounds read vulnerability
exists in the RS-274X apertu
NOTE: https://github.com/gerbv/gerbv/issues/79
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1413
CVE-2021-40399 (An exploitable use-after-free vulnerability exists in WPS
Spreadsheets ...)
- TODO: check
+ NOT-FOR-US: WPS Office
CVE-2021-40398 (An out-of-bounds write vulnerability exists in the
parse_raster_data f ...)
NOT-FOR-US: Accusoft ImageGear
CVE-2021-40397 (A privilege escalation vulnerability exists in the
installation of Adv ...)
@@ -77578,7 +77578,7 @@ CVE-2021-27779
CVE-2021-27778
RESERVED
CVE-2021-27777 (XML External Entity (XXE) injection vulnerabilities occur when
poorly ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2021-27776
RESERVED
CVE-2021-27775
@@ -77586,17 +77586,17 @@ CVE-2021-27775
CVE-2021-27774
RESERVED
CVE-2021-27773 (This vulnerability allows users to execute a clickjacking
attack in th ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2021-27772 (Users are able to read group conversations without actively
taking par ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2021-27771 (User SID can be modified resulting in an Arbitrary File Upload
or dele ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2021-27770 (The vulnerability was discovered within the
“FaviconService̶ ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2021-27769 (Information leakage occurs when a website reveals information
that cou ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2021-27768 (Using the ability to perform a Man-in-the-Middle (MITM)
attack, which ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2021-27767 (The BigFix Console installer is created with InstallShield,
which was ...)
NOT-FOR-US: HCL
CVE-2021-27766 (The BigFix Client installer is created with InstallShield,
which was a ...)
@@ -90291,7 +90291,7 @@ CVE-2021-22533
CVE-2021-22532
RESERVED
CVE-2021-22531 (A bug exist in the input parameter of Access Manager that
allows suppl ...)
- TODO: check
+ NOT-FOR-US: Microfocus
CVE-2021-22530
RESERVED
CVE-2021-22529
@@ -120668,13 +120668,13 @@ CVE-2020-22989
CVE-2020-22988
RESERVED
CVE-2020-22987 (Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web
SDK 10.1 ...)
- TODO: check
+ NOT-FOR-US: Microstrategy Web
CVE-2020-22986 (Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web
SDK 10.1 ...)
- TODO: check
+ NOT-FOR-US: Microstrategy Web
CVE-2020-22985 (Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web
SDK 10.1 ...)
- TODO: check
+ NOT-FOR-US: Microstrategy Web
CVE-2020-22984 (Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web
SDK 10.1 ...)
- TODO: check
+ NOT-FOR-US: Microstrategy Web
CVE-2020-22983
RESERVED
CVE-2020-22982
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/932d60852a6e16091979d11df138996e0020fc82
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/932d60852a6e16091979d11df138996e0020fc82
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
