[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 03 Aug 2022 13:20:47 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
7ce6f0b7 by Salvatore Bonaccorso at 2022-08-03T22:20:01+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3775,11 +3775,11 @@ CVE-2022-35868
 CVE-2022-35867 (This vulnerability allows local attackers to escalate 
privileges on af ...)
        TODO: check
 CVE-2022-35866 (This vulnerability allows remote attackers to bypass 
authentication on ...)
-       TODO: check
+       NOT-FOR-US: Vinchin Backup and Recovery
 CVE-2022-35865 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
-       TODO: check
+       NOT-FOR-US: BMC Track-It!
 CVE-2022-35864 (This vulnerability allows remote attackers to disclose 
sensitive infor ...)
-       TODO: check
+       NOT-FOR-US: BMC Track-It!
 CVE-2022-2414 (Access to external entities when parsing XML documents can lead 
to XML ...)
        - dogtag-pki <unfixed> (bug #1014957)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2104676
@@ -4383,9 +4383,9 @@ CVE-2022-35622
 CVE-2022-35621
        RESERVED
 CVE-2022-35620 (D-LINK DIR-818LW A1:DIR818L_FW105b01 was discovered to contain 
a remot ...)
-       TODO: check
+       NOT-FOR-US: D-LINK
 CVE-2022-35619 (D-LINK DIR-818LW A1:DIR818L_FW105b01 was discovered to contain 
a remot ...)
-       TODO: check
+       NOT-FOR-US: D-LINK
 CVE-2022-35618
        RESERVED
 CVE-2022-35617
@@ -5832,9 +5832,9 @@ CVE-2022-34976
 CVE-2022-34975
        RESERVED
 CVE-2022-34974 (D-Link DIR810LA1_FW102B22 was discovered to contain a command 
injectio ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2022-34973 (D-Link DIR820LA1_FW106B02 was discovered to contain a buffer 
overflow  ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2022-34972 (So Filter Shop v3.x was discovered to contain multiple blind 
SQL injec ...)
        NOT-FOR-US: So Filter Shop
 CVE-2022-34971 (An arbitrary file upload vulnerability in the Advertising 
Management m ...)
@@ -6178,9 +6178,9 @@ CVE-2022-34874 (This vulnerability allows remote 
attackers to disclose sensitive
 CVE-2022-34873 (This vulnerability allows remote attackers to disclose 
sensitive infor ...)
        NOT-FOR-US: Foxit
 CVE-2022-34872 (This vulnerability allows remote attackers to disclose 
sensitive infor ...)
-       TODO: check
+       NOT-FOR-US: Centreon
 CVE-2022-34871 (This vulnerability allows remote attackers to escalate 
privileges on a ...)
-       TODO: check
+       NOT-FOR-US: Centreon
 CVE-2022-34870
        RESERVED
 CVE-2022-34858
@@ -6263,7 +6263,7 @@ CVE-2022-2274 (The OpenSSL 3.0.4 release introduced a 
serious bug in the RSA imp
 CVE-2022-2273 (The Simple Membership WordPress plugin before 4.1.3 does not 
properly  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-2272 (This vulnerability allows remote attackers to bypass 
authentication on ...)
-       TODO: check
+       NOT-FOR-US: Sante PACS Server
 CVE-2022-2271
        RESERVED
 CVE-2022-2270 (An issue has been discovered in GitLab affecting all versions 
starting ...)
@@ -23276,7 +23276,7 @@ CVE-2022-28686
 CVE-2022-28685
        RESERVED
 CVE-2022-28684 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
-       TODO: check
+       NOT-FOR-US: DevExpress
 CVE-2022-28683 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
        NOT-FOR-US: Foxit
 CVE-2022-28682 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
@@ -26916,7 +26916,7 @@ CVE-2022-27486
 CVE-2022-27485
        RESERVED
 CVE-2022-27484 (A unverified password change in Fortinet FortiADC version 
6.2.0 throug ...)
-       TODO: check
+       NOT-FOR-US: FortiGuard
 CVE-2022-27483 (A improper neutralization of special elements used in an os 
command (' ...)
        NOT-FOR-US: Fortinet
 CVE-2022-27482
@@ -39462,7 +39462,7 @@ CVE-2022-23444
 CVE-2022-23443 (An improper access control in Fortinet FortiSOAR before 7.2.0 
allows u ...)
        NOT-FOR-US: FortiGuard
 CVE-2022-23442 (An improper access control vulnerability [CWE-284] in FortiOS 
versions ...)
-       TODO: check
+       NOT-FOR-US: FortiGuard
 CVE-2022-23441 (A use of hard-coded cryptographic key vulnerability [CWE-321] 
in Forti ...)
        NOT-FOR-US: Fortinet
 CVE-2022-23440 (A use of hard-coded cryptographic key vulnerability [CWE-321] 
in the r ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ce6f0b767486a57d9910912150ee5af4d2b9246

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ce6f0b767486a57d9910912150ee5af4d2b9246
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to