Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 4c4fed1d by Salvatore Bonaccorso at 2022-08-06T10:32:00+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -59,7 +59,7 @@ CVE-2022-37433 CVE-2022-37432 RESERVED CVE-2022-2675 (Using off-the-shelf commodity hardware, the Unitree Go 1 robotics plat ...) - TODO: check + NOT-FOR-US: Unitree Go 1 robotics platform CVE-2022-2674 (A vulnerability was found in SourceCodester Best Fee Management System ...) NOT-FOR-US: SourceCodester CVE-2022-2673 (A vulnerability was found in Rigatur Online Booking and Hotel Manageme ...) @@ -123,7 +123,7 @@ CVE-2022-37400 CVE-2022-37399 RESERVED CVE-2022-37398 (A stack-based buffer overflow vulnerability was found inside ADM when ...) - TODO: check + NOT-FOR-US: ASUSTOR Data Master (ADM) CVE-2022-36350 RESERVED CVE-2022-2667 (A vulnerability was found in SourceCodester Loan Management System and ...) @@ -5704,9 +5704,9 @@ CVE-2022-35165 CVE-2022-35164 RESERVED CVE-2022-35163 (Complete Online Job Search System v1.0 was discovered to contain a cro ...) - TODO: check + NOT-FOR-US: Complete Online Job Search System CVE-2022-35162 (Complete Online Job Search System v1.0 was discovered to contain a cro ...) - TODO: check + NOT-FOR-US: Complete Online Job Search System CVE-2022-35161 (GVRET Stable Release as of Aug 15, 2015 was discovered to contain a bu ...) NOT-FOR-US: GVRET CVE-2022-35160 @@ -11867,7 +11867,7 @@ CVE-2022-32573 CVE-2022-30605 RESERVED CVE-2022-29886 (An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5. ...) - TODO: check + NOT-FOR-US: ESTsoft Alyac CVE-2022-29517 RESERVED CVE-2022-29511 @@ -12326,7 +12326,7 @@ CVE-2022-32545 (A vulnerability was found in ImageMagick, causing an outside the NOTE: https://github.com/ImageMagick/ImageMagick/commit/9c9a84cec4ab28ee0b57c2b9266d6fbe68183512 (7.1.0-28) NOTE: https://github.com/ImageMagick/ImageMagick6/commit/450949ed017f009b399c937cf362f0058eacc5fa (6.9.12-43) CVE-2022-32543 (An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5. ...) - TODO: check + NOT-FOR-US: ESTsoft Alyac CVE-2022-32542 RESERVED CVE-2022-32541 @@ -13115,7 +13115,7 @@ CVE-2022-31472 (Browse restriction bypass vulnerability in Cabinet of Cybozu Gar CVE-2022-29521 RESERVED CVE-2022-29465 (An out-of-bounds write vulnerability exists in the PSD Header processi ...) - TODO: check + NOT-FOR-US: Accusoft ImageGear CVE-2022-25958 RESERVED CVE-2022-1993 (Path Traversal in GitHub repository gogs/gogs prior to 0.12.9. ...) @@ -15098,7 +15098,7 @@ CVE-2022-1878 CVE-2022-1877 RESERVED CVE-2022-31618 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manag ...) - TODO: check + NOT-FOR-US: NVIDIA CVE-2022-31617 RESERVED CVE-2022-31616 @@ -15124,7 +15124,7 @@ CVE-2022-31615 [bullseye] - nvidia-graphics-drivers-tesla-470 <no-dsa> (Non-free not supported) - nvidia-graphics-drivers-tesla-510 <unfixed> (bug #1016621) CVE-2022-31614 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manag ...) - TODO: check + NOT-FOR-US: NVIDIA CVE-2022-31613 RESERVED CVE-2022-31612 @@ -15134,7 +15134,7 @@ CVE-2022-31611 CVE-2022-31610 RESERVED CVE-2022-31609 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manag ...) - TODO: check + NOT-FOR-US: NVIDIA CVE-2022-31608 RESERVED - nvidia-graphics-drivers <unfixed> (bug #1016614) @@ -22661,7 +22661,7 @@ CVE-2022-29073 CVE-2022-29072 (** DISPUTED ** 7-Zip through 21.07 on Windows allows privilege escalat ...) NOT-FOR-US: 7-Zip on Windows CVE-2022-29071 (This advisory documents an internally found vulnerability in the on pr ...) - TODO: check + NOT-FOR-US: Arista CVE-2022-29070 RESERVED CVE-2022-29069 @@ -23202,7 +23202,7 @@ CVE-2022-28882 CVE-2022-28881 RESERVED CVE-2022-28880 (A Denial-of-Service vulnerability was discovered in the F-Secure Atlan ...) - TODO: check + NOT-FOR-US: F-Secure CVE-2022-28879 (A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atl ...) NOT-FOR-US: F-Secure CVE-2022-28878 (A Denial-of-Service vulnerability was discovered in the F-Secure Atlan ...) @@ -23629,9 +23629,9 @@ CVE-2022-28668 (This vulnerability allows remote attackers to execute arbitrary CVE-2022-28667 RESERVED CVE-2022-28665 (A memory corruption vulnerability exists in the httpd unescape functio ...) - TODO: check + NOT-FOR-US: FreshTomato CVE-2022-28664 (A memory corruption vulnerability exists in the httpd unescape functio ...) - TODO: check + NOT-FOR-US: FreshTomato CVE-2022-28611 RESERVED CVE-2022-28126 @@ -23647,7 +23647,7 @@ CVE-2022-27639 CVE-2022-27638 RESERVED CVE-2022-27631 (A memory corruption vulnerability exists in the httpd unescape functio ...) - TODO: check + NOT-FOR-US: DD-WRT CVE-2022-27499 RESERVED CVE-2022-27234 @@ -23673,7 +23673,7 @@ CVE-2022-26509 CVE-2022-26508 RESERVED CVE-2022-26376 (A memory corruption vulnerability exists in the httpd unescape functio ...) - TODO: check + NOT-FOR-US: Asuswrt CVE-2022-26369 RESERVED CVE-2022-26367 @@ -26491,17 +26491,17 @@ CVE-2022-27784 (Adobe After Effects versions 22.2.1 (and earlier) and 18.4.5 (an CVE-2022-27783 (Adobe After Effects versions 22.2.1 (and earlier) and 18.4.5 (and earl ...) NOT-FOR-US: Adobe CVE-2022-27660 (A denial of service vulnerability exists in the confctl_set_guest_wlan ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-27633 (An information disclosure vulnerability exists in the confctl_get_gues ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wifi CVE-2022-27630 (An information disclosure vulnerability exists in the confctl_get_mast ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-27185 (A denial of service vulnerability exists in the confctl_set_master_wla ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wifi CVE-2022-27178 (A denial of service vulnerability exists in the confctl_set_wan_cfg fu ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-26346 (A denial of service vulnerability exists in the ucloud_del_node functi ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-1060 RESERVED CVE-2022-27782 (libcurl would reuse a previously created connection even when a TLS or ...) @@ -27116,7 +27116,7 @@ CVE-2022-27536 (Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can NOTE: https://groups.google.com/g/golang-announce/c/oecdBNLOml8 NOTE: https://go.dev/issue/51759 CVE-2022-27535 (Kaspersky VPN Secure Connection for Windows version up to 21.5 was vul ...) - TODO: check + NOT-FOR-US: Kaspersky VPN Secure Connection for Windows CVE-2022-27534 (Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security ...) NOT-FOR-US: Kaspersky CVE-2022-27533 @@ -29272,7 +29272,7 @@ CVE-2022-26425 CVE-2022-26421 RESERVED CVE-2022-26342 (A buffer overflow vulnerability exists in the confsrv ucloud_set_node_ ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-26076 RESERVED CVE-2022-26062 @@ -29282,9 +29282,9 @@ CVE-2022-26052 CVE-2022-26032 RESERVED CVE-2022-26009 (A stack-based buffer overflow vulnerability exists in the confsrv uclo ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-25996 (A stack-based buffer overflow vulnerability exists in the confsrv addT ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-25987 RESERVED CVE-2022-25915 (Improper access control vulnerability in ELECOM LAN routers (WRC-1167G ...) @@ -37602,55 +37602,55 @@ CVE-2022-24031 (An issue was discovered in NvmExpressDxe in Insyde InsydeH2O wit CVE-2022-24030 (An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel ...) NOT-FOR-US: Insyde CVE-2022-24029 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24028 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24027 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24026 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24025 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24024 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24023 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24022 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24021 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24020 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24019 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24018 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24017 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24016 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24015 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24014 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24013 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24012 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24011 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24010 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24009 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24008 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24007 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24006 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-24005 (A buffer overflow vulnerability exists in the GetValue functionality o ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-0387 (Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat ...) NOT-FOR-US: livehelperchat CVE-2022-0386 (A post-auth SQL injection vulnerability in the Mail Manager potentiall ...) @@ -37912,7 +37912,7 @@ CVE-2022-23975 (Cross-Site Request Forgery (CSRF) in Access Demo Importer <= CVE-2022-23974 (In 0.9.3 or older versions of Apache Pinot segment upload path allowed ...) NOT-FOR-US: Apache Pinot CVE-2022-23103 (A stack-based buffer overflow vulnerability exists in the confsrv conf ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-0383 (The WP Review Slider WordPress plugin before 11.0 does not sanitise an ...) NOT-FOR-US: WordPress plugin CVE-2022-0382 (An information leak flaw was found due to uninitialized memory in the ...) @@ -38161,19 +38161,19 @@ CVE-2022-23925 (Potential vulnerabilities have been identified in the system BIO CVE-2022-23924 (Potential vulnerabilities have been identified in the system BIOS of c ...) NOT-FOR-US: HP CVE-2022-23919 (A stack-based buffer overflow vulnerability exists in the confsrv set_ ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-23918 (A stack-based buffer overflow vulnerability exists in the confsrv set_ ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-23399 (A stack-based buffer overflow vulnerability exists in the confsrv set_ ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-22144 (A hard-coded password vulnerability exists in the libcommonprod.so pro ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-22140 (An os command injection vulnerability exists in the confsrv ucloud_add ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-21201 (A stack-based buffer overflow vulnerability exists in the confers uclo ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-21178 (An os command injection vulnerability exists in the confsrv ucloud_add ...) - TODO: check + NOT-FOR-US: TCL LinkHub Mesh Wi-Fi CVE-2022-0355 (Exposure of Sensitive Information to an Unauthorized Actor in NPM simp ...) NOT-FOR-US: simple-get nodejs module CVE-2022-0354 (A vulnerability was reported in Lenovo System Update that could allow ...) @@ -94714,7 +94714,7 @@ CVE-2021-28513 CVE-2021-28512 RESERVED CVE-2021-28511 (This advisory documents the impact of an internally found vulnerabilit ...) - TODO: check + NOT-FOR-US: Arista CVE-2021-28510 RESERVED CVE-2021-28509 (This advisory documents the impact of an internally found vulnerabilit ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c4fed1ddf5b6aea32b02ad8483975eb45673c6d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c4fed1ddf5b6aea32b02ad8483975eb45673c6d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits