Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1a525534 by Salvatore Bonaccorso at 2022-05-11T10:20:53+02:00
Process some NFUs
- - - - -
ee4d3f49 by Salvatore Bonaccorso at 2022-05-11T10:22:32+02:00
Process one more NFU
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1140,7 +1140,7 @@ CVE-2022-30128
CVE-2022-30127
RESERVED
CVE-2022-1567 (The WP-JS plugin for WordPress contains a script called
wp-js.php with ...)
- TODO: check
+ NOT-FOR-US: WP-JS plugin for WordPress
CVE-2022-1566
RESERVED
CVE-2022-1565
@@ -1990,7 +1990,7 @@ CVE-2022-1507 (chafa: NULL Pointer Dereference in
function gif_internal_decode_f
CVE-2022-1506
RESERVED
CVE-2022-1505 (The RSVPMaker plugin for WordPress is vulnerable to
unauthenticated SQ ...)
- TODO: check
+ NOT-FOR-US: RSVPMaker plugin for WordPress
CVE-2022-1504 (XSS in /demo/module/?module=HERE in GitHub repository
microweber/micro ...)
NOT-FOR-US: microweber
CVE-2022-29810 (The Hashicorp go-getter library before 1.5.11 does not redact
an SSH k ...)
@@ -2154,7 +2154,7 @@ CVE-2022-1477
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-1476 (The All-in-One WP Migration plugin for WordPress is vulnerable
to arbi ...)
- TODO: check
+ NOT-FOR-US: All-in-One WP Migration plugin for WordPress
CVE-2022-1475 (An integer overflow vulnerability was found in FFmpeg 5.0.1 and
in pre ...)
{DSA-5124-1}
- ffmpeg 7:4.4.2-1
@@ -2243,7 +2243,7 @@ CVE-2022-1465
CVE-2022-1464 (Stored xss bug in GitHub repository gogs/gogs prior to 0.12.7.
As the ...)
NOT-FOR-US: Go Git Service
CVE-2022-1463 (The Booking Calendar plugin for WordPress is vulnerable to PHP
Object ...)
- TODO: check
+ NOT-FOR-US: Booking Calendar plugin for WordPress
CVE-2022-1462
RESERVED
CVE-2022-1461 (Non Privilege User can Enable or Disable Registered in GitHub
reposito ...)
@@ -2651,7 +2651,7 @@ CVE-2022-1455
CVE-2022-1454
RESERVED
CVE-2022-1453 (The RSVPMaker plugin for WordPress is vulnerable to
unauthenticated SQ ...)
- TODO: check
+ NOT-FOR-US: RSVPMaker plugin for WordPress
CVE-2022-1452 (Out-of-bounds Read in r_bin_java_bootstrap_methods_attr_new
function i ...)
- radare2 <unfixed>
NOTE: https://huntr.dev/bounties/c8f4c2de-7d96-4ad4-857a-c099effca2d6
@@ -2686,7 +2686,7 @@ CVE-2022-1444 (heap-use-after-free in GitHub repository
radareorg/radare2 prior
CVE-2022-1443
RESERVED
CVE-2022-1442 (The Metform WordPress plugin is vulnerable to sensitive
information di ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-29598
RESERVED
CVE-2022-29597
@@ -6019,7 +6019,7 @@ CVE-2022-28343
CVE-2022-28342
RESERVED
CVE-2022-1209 (The Ultimate Member plugin for WordPress is vulnerable to open
redirec ...)
- TODO: check
+ NOT-FOR-US: Ultimate Member plugin for WordPress
CVE-2022-1208
RESERVED
CVE-2022-1207 (Out-of-bounds read in GitHub repository radareorg/radare2 prior
to 5.6 ...)
@@ -9606,7 +9606,7 @@ CVE-2021-46710
CVE-2022-27169
RESERVED
CVE-2022-27167 (Privilege escalation vulnerability in Windows products of
ESET, spol. ...)
- TODO: check
+ NOT-FOR-US: ESET
CVE-2022-27166
RESERVED
CVE-2022-26511 (WPS Presentation 11.8.0.5745 insecurely load d3dx9_41.dll when
opening ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1044b2cd87ff5a4f3e0e185d1f50636c0a783294...ee4d3f49e9b3397defcc0b0c6ed808867a340c3a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1044b2cd87ff5a4f3e0e185d1f50636c0a783294...ee4d3f49e9b3397defcc0b0c6ed808867a340c3a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
