[Git][security-tracker-team/security-tracker][master] Process some NFUs

Sun, 29 May 2022 01:42:02 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
acc90b49 by Salvatore Bonaccorso at 2022-05-29T10:41:18+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -107,7 +107,7 @@ CVE-2022-1911
 CVE-2022-1910
        RESERVED
 CVE-2022-1909 (Cross-site Scripting (XSS) - Stored in GitHub repository 
causefx/organ ...)
-       TODO: check
+       NOT-FOR-US: organizr
 CVE-2022-1908 (Buffer Over-read in GitHub repository bfabiszewski/libmobi 
prior to 0. ...)
        - libmobi 0.11+dfsg-1 (bug #1011971)
        NOTE: https://huntr.dev/bounties/a7436e88-0488-4bd4-816f-2e2c803e93e8
@@ -3779,7 +3779,7 @@ CVE-2022-30425 (Tenda Technology Co.,Ltd HG6 3.3.0-210926 
was discovered to cont
 CVE-2022-30424
        RESERVED
 CVE-2022-30423 (Merchandise Online Store v1.0 by oretnom23 has an arbitrary 
code execu ...)
-       TODO: check
+       NOT-FOR-US: Merchandise Online Store
 CVE-2022-30422
        RESERVED
 CVE-2022-30421
@@ -3921,13 +3921,13 @@ CVE-2022-30354
 CVE-2022-30353
        RESERVED
 CVE-2022-30352 (phpABook 0.9i is vulnerable to SQL Injection due to 
insufficient sanit ...)
-       TODO: check
+       NOT-FOR-US: phpABook
 CVE-2022-30351
        RESERVED
 CVE-2022-30350
        RESERVED
 CVE-2022-30349 (siteserver SSCMS 6.15.51 is vulnerable to Cross Site Scripting 
(XSS). ...)
-       TODO: check
+       NOT-FOR-US: siteserver SSCMS
 CVE-2022-30348
        RESERVED
 CVE-2022-30347
@@ -4688,7 +4688,7 @@ CVE-2022-30112
 CVE-2022-30111 (Due to the use of an insecure algorithm for rolling codes in 
MCK Smart ...)
        TODO: check
 CVE-2022-30110 (The file preview functionality in Jirafeau < 4.4.0, which 
is enable ...)
-       TODO: check
+       NOT-FOR-US: Jirafeau
 CVE-2022-30109
        RESERVED
 CVE-2022-30108
@@ -5783,9 +5783,9 @@ CVE-2022-29782
 CVE-2022-29781
        RESERVED
 CVE-2022-29780 (Nginx NJS v0.7.2 was discovered to contain a segmentation 
violation in ...)
-       TODO: check
+       NOT-FOR-US: njs
 CVE-2022-29779 (Nginx NJS v0.7.2 was discovered to contain a segmentation 
violation in ...)
-       TODO: check
+       NOT-FOR-US: njs
 CVE-2022-29778
        RESERVED
 CVE-2022-29777
@@ -5873,19 +5873,19 @@ CVE-2022-29737
 CVE-2022-29736
        RESERVED
 CVE-2022-29735 (Delta Controls enteliTOUCH 3.40.3935, 3.40.3706, and 3.33.4005 
allows  ...)
-       TODO: check
+       NOT-FOR-US: Delta Controls enteliTOUCH
 CVE-2022-29734 (A cross-site scripting (XSS) vulnerability in ICT Protege 
GX/WX v2.08  ...)
-       TODO: check
+       NOT-FOR-US: ICT Protege GX/WX
 CVE-2022-29733 (Delta Controls enteliTOUCH 3.40.3935, 3.40.3706, and 3.33.4005 
was dis ...)
-       TODO: check
+       NOT-FOR-US: Delta Controls enteliTOUCH
 CVE-2022-29732 (Delta Controls enteliTOUCH 3.40.3935, 3.40.3706, and 3.33.4005 
was dis ...)
-       TODO: check
+       NOT-FOR-US: Delta Controls enteliTOUCH
 CVE-2022-29731 (An access control issue in ICT Protege GX/WX 2.08 allows 
attackers to  ...)
-       TODO: check
+       NOT-FOR-US: ICT Protege GX/WX
 CVE-2022-29730 (USR IOT 4G LTE Industrial Cellular VPN Router v1.0.36 was 
discovered t ...)
-       TODO: check
+       NOT-FOR-US: USR IOT 4G LTE Industrial Cellular VPN Router
 CVE-2022-29729 (Verizon 4G LTE Network Extender GA4.38 - V0.4.038.2131 
utilizes a weak ...)
-       TODO: check
+       NOT-FOR-US: Verizon 4G LTE Network Extender GA4.38
 CVE-2022-29728 (Survey Sparrow Enterprise Survey Software 2022 has a Reflected 
cross-s ...)
        NOT-FOR-US: Survey Sparrow Enterprise Survey Software
 CVE-2022-29727 (Survey Sparrow Enterprise Survey Software 2022 has a Stored 
cross-site ...)
@@ -5953,13 +5953,13 @@ CVE-2022-29697
 CVE-2022-29696
        RESERVED
 CVE-2022-29695 (Unicorn Engine v2.0.0-rc7 contains memory leaks caused by an 
incomplet ...)
-       TODO: check
+       NOT-FOR-US: Unicorn Engine
 CVE-2022-29694 (Unicorn Engine v2.0.0-rc7 and below was discovered to contain 
a NULL p ...)
-       TODO: check
+       NOT-FOR-US: Unicorn Engine
 CVE-2022-29693 (Unicorn Engine v2.0.0-rc7 and below was discovered to contain 
a memory ...)
-       TODO: check
+       NOT-FOR-US: Unicorn Engine
 CVE-2022-29692 (Unicorn Engine v1.0.3 was discovered to contain a 
use-after-free vulne ...)
-       TODO: check
+       NOT-FOR-US: Unicorn Engine
 CVE-2022-29691
        RESERVED
 CVE-2022-29690



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acc90b49284cbbaee25d7eb0aa11b0af8790f61d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acc90b49284cbbaee25d7eb0aa11b0af8790f61d
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to