[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Salvatore Bonaccorso (@carnil) Thu, 07 Jul 2022 01:31:47 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ef2b1cb0 by Salvatore Bonaccorso at 2022-07-07T10:31:26+02:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8691,7 +8691,7 @@ CVE-2022-31858
 CVE-2022-31857
        RESERVED
 CVE-2022-31856 (Newsletter Module v3.x was discovered to contain a SQL 
injection vulne ...)
-       TODO: check
+       NOT-FOR-US: OpenCart Newsletter Module
 CVE-2022-31855
        RESERVED
 CVE-2022-31854
@@ -8731,7 +8731,7 @@ CVE-2022-31838
 CVE-2022-31837
        RESERVED
 CVE-2022-31836 (The leafInfo.match() function in Beego v2.0.3 and below uses 
path.join ...)
-       TODO: check
+       NOT-FOR-US: Beego
 CVE-2022-31835
        RESERVED
 CVE-2022-31834
@@ -9581,9 +9581,9 @@ CVE-2022-31607
 CVE-2022-31606
        RESERVED
 CVE-2022-31605 (NVFLARE, versions prior to 2.1.2, contains a vulnerability in 
its util ...)
-       TODO: check
+       NOT-FOR-US: NVFLARE
 CVE-2022-31604 (NVFLARE, versions prior to 2.1.2, contains a vulnerability in 
its PKI  ...)
-       TODO: check
+       NOT-FOR-US: NVFLARE
 CVE-2022-31603 (NVIDIA DGX A100 contains a vulnerability in SBIOS in the 
IpSecDxe, whe ...)
        NOT-FOR-US: NVIDIA
 CVE-2022-31602 (NVIDIA DGX A100 contains a vulnerability in SBIOS in the 
IpSecDxe, whe ...)
@@ -10844,7 +10844,7 @@ CVE-2022-31133
 CVE-2022-31132
        RESERVED
 CVE-2022-31131 (Nextcloud mail is a Mail app for the Nextcloud home server 
product. Ve ...)
-       TODO: check
+       NOT-FOR-US: Nextcloud Mail app
 CVE-2022-31130
        RESERVED
 CVE-2022-31129 (moment is a JavaScript date library for parsing, validating, 
manipulat ...)
@@ -17432,7 +17432,7 @@ CVE-2022-28937 (FISCO-BCOS release-3.0.0-rc2 was 
discovered to contain an issue
 CVE-2022-28936 (FISCO-BCOS release-3.0.0-rc2 was discovered to contain an 
issue where  ...)
        NOT-FOR-US: FISCO-BCOS
 CVE-2022-28935 (Totolink A830R V5.9c.4729_B20191112, Totolink A3100R 
V4.1.2cu.5050_B20 ...)
-       TODO: check
+       NOT-FOR-US: Totolink
 CVE-2022-28934
        RESERVED
 CVE-2022-28933
@@ -21466,9 +21466,9 @@ CVE-2022-27551
 CVE-2022-27550
        RESERVED
 CVE-2022-27549 (HCL Launch may store certain data for recurring activities in 
a plain  ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2022-27548 (HCL Launch stores user credentials in plain clear text which 
can be re ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2022-27547
        RESERVED
 CVE-2022-27546
@@ -24617,7 +24617,7 @@ CVE-2022-26414 (A potential buffer overflow 
vulnerability was identified in some
 CVE-2022-26413 (A command injection vulnerability in the CGI program of Zyxel 
VMG3312- ...)
        NOT-FOR-US: Zyxel
 CVE-2022-26348 (Command Centre Server is vulnerable to SQL Injection via 
Windows Regis ...)
-       TODO: check
+       NOT-FOR-US: gallagher
 CVE-2022-26347
        RESERVED
 CVE-2022-26339
@@ -24627,7 +24627,7 @@ CVE-2022-26123
 CVE-2022-26087
        RESERVED
 CVE-2022-26078 (Gallagher Controller 6000 is vulnerable to a Denial of Service 
attack  ...)
-       TODO: check
+       NOT-FOR-US: Gallagher
 CVE-2022-26058
        RESERVED
 CVE-2022-26055
@@ -31485,13 +31485,13 @@ CVE-2022-24143 (Tenda AX3 v16.03.12.10_CN and AX12 
22.03.01.2_CN was discovered
 CVE-2022-24142 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack 
overflow i ...)
        NOT-FOR-US: Tenda routers
 CVE-2022-24141 (The iTopVPNmini.exe component of iTop VPN 3.2 will try to 
connect to d ...)
-       TODO: check
+       NOT-FOR-US: iTop VPN
 CVE-2022-24140 (IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop 
VPN 3.2, ...)
        TODO: check
 CVE-2022-24139 (In IOBit Advanced System Care (AscService.exe) 15, an attacker 
with SE ...)
-       TODO: check
+       NOT-FOR-US: IOBit Advanced System Care
 CVE-2022-24138 (IOBit Advanced System Care (Asc.exe) 15 and Action Download 
Center bot ...)
-       TODO: check
+       NOT-FOR-US: IOBit Advanced System Care
 CVE-2022-24137
        RESERVED
 CVE-2022-24136 (Hospital Management System v1.0 is affected by an unrestricted 
upload  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef2b1cb0ec386c976d63dbe819549d1e45a36fc9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef2b1cb0ec386c976d63dbe819549d1e45a36fc9
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Reply via email to