Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: ba13bfcd by Salvatore Bonaccorso at 2022-08-29T22:17:50+02:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -4370,7 +4370,7 @@ CVE-2022-2639 [buster] - linux 4.19.249-1 NOTE: https://git.kernel.org/linus/cefa91b2332d7009bc0be5d951d6cbbf349f90f8 (5.18-rc4) CVE-2022-2638 (The Export All URLs WordPress plugin before 4.4 does not validate the ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-2637 RESERVED CVE-2022-2636 (Improper Input Validation in GitHub repository hestiacp/hestiacp prior ...) @@ -4667,7 +4667,7 @@ CVE-2022-2601 CVE-2022-2600 (The Auto-hyperlink URLs WordPress plugin through 5.4.1 does not set re ...) NOT-FOR-US: WordPress plugin CVE-2022-2599 (The Anti-Malware Security and Brute-Force Firewall WordPress plugin be ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-2598 (Undefined Behavior for Input to API in GitHub repository vim/vim prior ...) - vim 2:9.0.0135-1 NOTE: https://huntr.dev/bounties/2f08363a-47a2-422d-a7de-ce96a89ad08e/ @@ -5577,7 +5577,7 @@ CVE-2022-2561 CVE-2022-2560 RESERVED CVE-2022-2559 (The Fluent Support WordPress plugin before 1.5.8 does not properly san ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-2558 (The Simple Job Board WordPress plugin before 2.10.0 is susceptible to ...) NOT-FOR-US: WordPress plugin CVE-2022-2557 (The Team WordPress plugin before 4.1.2 contains a file which could all ...) @@ -5627,7 +5627,7 @@ CVE-2022-36924 CVE-2022-36923 (Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Co ...) NOT-FOR-US: Zoho ManageEngine CVE-2022-2556 (The Mailchimp for WooCommerce WordPress plugin before 2.7.2 has an AJA ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-2555 (The Yotpo Reviews for WooCommerce WordPress plugin through 2.0.4 lacks ...) NOT-FOR-US: WordPress plugin CVE-2022-2554 @@ -5961,7 +5961,7 @@ CVE-2022-2540 CVE-2022-2539 (An issue has been discovered in GitLab CE/EE affecting all versions st ...) - gitlab <unfixed> CVE-2022-2538 (The WP Hide & Security Enhancer WordPress plugin before 1.8 does n ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-XXXX [spip: security issues from 4.1.5 release] - spip 4.1.5+dfsg-1 [bullseye] - spip 3.2.11-3+deb11u5 @@ -6625,7 +6625,7 @@ CVE-2022-36441 CVE-2022-36440 RESERVED CVE-2022-2537 (The WooCommerce PDF Invoices & Packing Slips WordPress plugin befo ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-2536 RESERVED CVE-2022-2535 (The SearchWP Live Ajax Search WordPress plugin before 1.6.2 does not e ...) @@ -8795,9 +8795,9 @@ CVE-2022-2376 CVE-2022-2375 (The WP Sticky Button WordPress plugin before 1.4.1 does not have autho ...) NOT-FOR-US: WordPress plugin CVE-2022-2374 (The Simply Schedule Appointments WordPress plugin before 1.5.7.7 does ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-2373 (The Simply Schedule Appointments WordPress plugin before 1.5.7.7 is mi ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-2372 (The YaySMTP WordPress plugin before 2.2.2 does not sanitise and escape ...) NOT-FOR-US: WordPress plugin CVE-2022-2371 (The YaySMTP WordPress plugin before 2.2.1 does not have proper authori ...) @@ -10857,7 +10857,7 @@ CVE-2022-2269 (The Website File Changes Monitor WordPress plugin before 1.8.3 do CVE-2022-2268 (The Import any XML or CSV File to WordPress plugin before 3.6.8 accept ...) NOT-FOR-US: WordPress plugin CVE-2022-2267 (The Mailchimp for WooCommerce WordPress plugin before 2.7.1 has an AJA ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-2266 RESERVED CVE-2022-2265 @@ -10872,7 +10872,7 @@ CVE-2022-2263 (A vulnerability was found in Online Hotel Booking System 1.0 and CVE-2022-2262 (A vulnerability has been found in Online Hotel Booking System 1.0 and ...) NOT-FOR-US: Online Hotel Booking System CVE-2022-2261 (The WPIDE WordPress plugin before 3.0 does not sanitize and validate t ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-2260 (The GiveWP WordPress plugin before 2.21.3 does not have CSRF in place ...) NOT-FOR-US: WordPress plugin CVE-2022-34835 (In Das U-Boot through 2022.07-rc5, an integer signedness error and res ...) @@ -15094,7 +15094,7 @@ CVE-2022-2082 CVE-2022-2081 RESERVED CVE-2022-2080 (The Sensei LMS WordPress plugin before 4.5.2 does not ensure that the ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-2079 (Cross-site Scripting (XSS) - Stored in GitHub repository nocodb/nocodb ...) NOT-FOR-US: nocodb CVE-2022-2078 (A vulnerability was found in the Linux kernel's nft_set_desc_concat_pa ...) @@ -16646,7 +16646,7 @@ CVE-2022-25649 (Multiple Improper Access Control vulnerabilities in StoreApps Af CVE-2022-2035 (A reflected cross-site scripting (XSS) vulnerability exists in the pla ...) NOT-FOR-US: SCORM Engine CVE-2022-2034 (The Sensei LMS WordPress plugin before 4.5.0 does not have proper perm ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-2033 RESERVED CVE-2022-2032 (In Pandora FMS v7.0NG.761 and below, in the file manager section, the ...) @@ -22724,7 +22724,7 @@ CVE-2022-1664 (Dpkg::Source::Archive in dpkg, the Debian package management syst NOTE: https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495 (1.19.8) NOTE: https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be (1.18.26) CVE-2022-1663 (The Stop Spam Comments WordPress plugin through 0.2.1.2 does not prope ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-30529 RESERVED CVE-2022-30528 @@ -30009,7 +30009,7 @@ CVE-2022-1125 (Use after free in Portals in Google Chrome prior to 100.0.4896.60 CVE-2022-1124 (An improper authorization issue has been discovered in GitLab CE/EE af ...) - gitlab <unfixed> CVE-2022-1123 (The Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) WordPr ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-46743 (In Firebase PHP-JWT before 6.0.0, an algorithm-confusion issue (e.g., ...) NOT-FOR-US: Firebase PHP-JWT CVE-2020-36521 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ba13bfcd92b7e23005e7163e2379f40832aecc57 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ba13bfcd92b7e23005e7163e2379f40832aecc57 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits