Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
63aa86db by Salvatore Bonaccorso at 2022-12-14T21:43:57+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -29,11 +29,11 @@ CVE-2022-4497
CVE-2022-4496
RESERVED
CVE-2022-4495 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: collective.dms.basecontent
CVE-2022-4494 (A vulnerability, which was classified as critical, has been
found in b ...)
TODO: check
CVE-2022-4493 (A vulnerability classified as critical was found in scifio.
Affected b ...)
- TODO: check
+ NOT-FOR-US: SCIFIO (SCientific Image Format Input & Output)
CVE-2022-4492
RESERVED
CVE-2022-4491
@@ -1168,9 +1168,9 @@ CVE-2022-46999
CVE-2022-46998
RESERVED
CVE-2022-46997 (Passhunt commit 54eb987d30ead2b8ebbf1f0b880aa14249323867 was
discovere ...)
- TODO: check
+ NOT-FOR-US: Passhunt
CVE-2022-46996 (vSphere_selfuse commit
2a9fe074a64f6a0dd8ac02f21e2f10d66cac5749 was di ...)
- TODO: check
+ NOT-FOR-US: vSphere_selfuse
CVE-2022-46995
RESERVED
CVE-2022-46994
@@ -2725,7 +2725,7 @@ CVE-2022-46445
CVE-2022-46444
RESERVED
CVE-2022-46443 (mesinkasir Bangresto 1.0 is vulnberable to SQL Injection via
the itemq ...)
- TODO: check
+ NOT-FOR-US: mesinkasir Bangresto
CVE-2022-46442
RESERVED
CVE-2022-46441
@@ -3986,27 +3986,27 @@ CVE-2022-46129
CVE-2022-46128
RESERVED
CVE-2022-46127 (Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection
via /hs ...)
- TODO: check
+ NOT-FOR-US: Helmet Store Showroom Site
CVE-2022-46126 (Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection
via /hs ...)
- TODO: check
+ NOT-FOR-US: Helmet Store Showroom Site
CVE-2022-46125 (Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection
via /hs ...)
- TODO: check
+ NOT-FOR-US: Helmet Store Showroom Site
CVE-2022-46124 (Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection
via /hs ...)
- TODO: check
+ NOT-FOR-US: Helmet Store Showroom Site
CVE-2022-46123 (Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection
via /hs ...)
- TODO: check
+ NOT-FOR-US: Helmet Store Showroom Site
CVE-2022-46122 (Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection
via /hs ...)
- TODO: check
+ NOT-FOR-US: Helmet Store Showroom Site
CVE-2022-46121 (Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection
via /hs ...)
- TODO: check
+ NOT-FOR-US: Helmet Store Showroom Site
CVE-2022-46120 (Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection
via /hs ...)
- TODO: check
+ NOT-FOR-US: Helmet Store Showroom Site
CVE-2022-46119 (Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection
via /hs ...)
- TODO: check
+ NOT-FOR-US: Helmet Store Showroom Site
CVE-2022-46118 (Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection
via /hs ...)
- TODO: check
+ NOT-FOR-US: Helmet Store Showroom Site
CVE-2022-46117 (Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection
via /hs ...)
- TODO: check
+ NOT-FOR-US: Helmet Store Showroom Site
CVE-2022-46116
RESERVED
CVE-2022-46115
@@ -4092,13 +4092,13 @@ CVE-2022-46076
CVE-2022-46075
RESERVED
CVE-2022-46074 (Helmet Store Showroom 1.0 is vulnerable to Cross Site Request
Forgery ...)
- TODO: check
+ NOT-FOR-US: Helmet Store Showroom
CVE-2022-46073 (Helmet Store Showroom 1.0 is vulnerable to Cross Site
Scripting (XSS). ...)
- TODO: check
+ NOT-FOR-US: Helmet Store Showroom
CVE-2022-46072 (Helmet Store Showroom v1.0 vulnerable to unauthenticated SQL
Injection ...)
- TODO: check
+ NOT-FOR-US: Helmet Store Showroom
CVE-2022-46071 (There is SQL Injection vulnerability at Helmet Store Showroom
v1.0 Log ...)
- TODO: check
+ NOT-FOR-US: Helmet Store Showroom
CVE-2022-46070
RESERVED
CVE-2022-46069
@@ -7492,7 +7492,7 @@ CVE-2022-44900 (A directory traversal vulnerability in
the SevenZipFile.extracta
CVE-2022-44899
RESERVED
CVE-2022-44898 (The MsIo64.sys component in Asus Aura Sync through v1.07.79
does not p ...)
- TODO: check
+ NOT-FOR-US: Asus Aura Sync
CVE-2022-44897
RESERVED
CVE-2022-44896
@@ -7624,7 +7624,7 @@ CVE-2022-44834
CVE-2022-44833
RESERVED
CVE-2022-44832 (D-Link DIR-3040 device with firmware 120B03 was discovered to
contain ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2022-44831
RESERVED
CVE-2022-44830 (Sourcecodester Event Registration App v1.0 was discovered to
contain m ...)
@@ -30065,7 +30065,7 @@ CVE-2022-2662 (Sequi PortBloque S has a improper
authentication issues which may
CVE-2022-2661 (Sequi PortBloque S has an improper authorization vulnerability,
which ...)
NOT-FOR-US: Sequi PortBloque S
CVE-2022-2660 (Delta Industrial Automation DIALink versions 1.4.0.0 and prior
are vul ...)
- TODO: check
+ NOT-FOR-US: Delta Industrial Automation
CVE-2022-2659
RESERVED
CVE-2022-2658
@@ -38726,7 +38726,7 @@ CVE-2022-34273 (A vulnerability has been identified in
PADS Standard/Plus Viewer
CVE-2022-34272 (A vulnerability has been identified in PADS Standard/Plus
Viewer (All ...)
NOT-FOR-US: Siemens
CVE-2022-34271 (A vulnerability in import module of Apache Atlas allows an
authenticat ...)
- TODO: check
+ NOT-FOR-US: Apache Atlas
CVE-2022-2180 (The GREYD.SUITE WordPress theme does not properly validate
uploaded cu ...)
NOT-FOR-US: WordPress theme
CVE-2022-2179 (The X-Frame-Options header in Rockwell Automation MicroLogix
1100/1400 ...)
@@ -45587,25 +45587,25 @@ CVE-2022-31707
CVE-2022-31706
RESERVED
CVE-2022-31705 (VMware ESXi, Workstation, and Fusion contain a heap
out-of-bounds writ ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2022-31704
RESERVED
CVE-2022-31703 (vRealize Network Insight (vRNI) directory traversal
vulnerability in v ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2022-31702 (vRealize Network Insight (vRNI) contains a command injection
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2022-31701 (VMware Workspace ONE Access and Identity Manager contain a
broken auth ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2022-31700 (VMware Workspace ONE Access and Identity Manager contain an
authentica ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2022-31699 (VMware ESXi contains a heap-overflow vulnerability. A
malicious local ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2022-31698 (The vCenter Server contains a denial-of-service vulnerability
in the c ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2022-31697 (The vCenter Server contains an information disclosure
vulnerability du ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2022-31696 (VMware ESXi contains a memory corruption vulnerability that
exists in ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2022-31695
RESERVED
CVE-2022-31694 (InstallBuilder Qt installers built with versions previous to
22.10 try ...)
@@ -46631,7 +46631,7 @@ CVE-2022-31360
CVE-2022-31359
RESERVED
CVE-2022-31358 (A reflected cross-site scripting (XSS) vulnerability in
Proxmox Virtua ...)
- TODO: check
+ NOT-FOR-US: Proxmox Virtual Environment
CVE-2022-31357 (Online Ordering System v2.3.2 was discovered to contain a SQL
injectio ...)
NOT-FOR-US: Online Ordering System
CVE-2022-31356 (Online Ordering System v2.3.2 was discovered to contain a SQL
injectio ...)
@@ -60162,11 +60162,11 @@ CVE-2022-26808 (Windows File Explorer Elevation of
Privilege Vulnerability. ...)
CVE-2022-26807 (Windows Work Folder Service Elevation of Privilege
Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-26806 (Microsoft Office Graphics Remote Code Execution Vulnerability.
This CV ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-26805 (Microsoft Office Graphics Remote Code Execution Vulnerability.
This CV ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-26804 (Microsoft Office Graphics Remote Code Execution Vulnerability.
This CV ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-26803 (Windows Print Spooler Elevation of Privilege Vulnerability.
This CVE I ...)
NOT-FOR-US: Microsoft
CVE-2022-26802 (Windows Print Spooler Elevation of Privilege Vulnerability.
This CVE I ...)
@@ -63237,9 +63237,9 @@ CVE-2022-25714
CVE-2022-25713
RESERVED
CVE-2022-25712 (Memory corruption in camera due to buffer copy without
checking size o ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-25711 (Memory corruption in camera due to improper validation of
array index ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-25710 (Denial of service due to null pointer dereference when GATT is
disconn ...)
NOT-FOR-US: Snapdragon
CVE-2022-25709
@@ -63257,7 +63257,7 @@ CVE-2022-25704
CVE-2022-25703
RESERVED
CVE-2022-25702 (Denial of service in modem due to reachable assertion while
processing ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-25701
RESERVED
CVE-2022-25700
@@ -63265,19 +63265,19 @@ CVE-2022-25700
CVE-2022-25699
RESERVED
CVE-2022-25698 (Memory corruption in SPI buses due to improper input
validation while ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-25697 (Memory corruption in i2c buses due to improper input
validation while ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-25696 (Memory corruption in display due to time-of-check time-of-use
race con ...)
NOT-FOR-US: Qualcomm
CVE-2022-25695 (Memory corruption in MODEM due to Improper Validation of Array
Index w ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-25694
RESERVED
CVE-2022-25693 (Memory corruption in graphics due to use-after-free while
graphics pro ...)
NOT-FOR-US: Qualcomm
CVE-2022-25692 (Denial of service in Modem due to reachable assertion while
processing ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-25691 (Denial of service in Modem due to reachable assertion while
processing ...)
TODO: check
CVE-2022-25690 (Information disclosure in WLAN due to improper validation of
array ind ...)
@@ -63291,7 +63291,7 @@ CVE-2022-25687 (memory corruption in video due to
buffer overflow while parsing
CVE-2022-25686 (Memory corruption in video module due to buffer overflow while
process ...)
NOT-FOR-US: Qualcomm
CVE-2022-25685 (Denial of service in Modem module due to improper
authorization while ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-25684
RESERVED
CVE-2022-25683
@@ -67036,7 +67036,7 @@ CVE-2022-24482 (Windows ALPC Elevation of Privilege
Vulnerability. This CVE ID i
CVE-2022-24481 (Windows Common Log File System Driver Elevation of Privilege
Vulnerabi ...)
NOT-FOR-US: Microsoft
CVE-2022-24480 (Outlook for Android Elevation of Privilege Vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2022-24479 (Connected User Experiences and Telemetry Elevation of
Privilege Vulner ...)
NOT-FOR-US: Microsoft
CVE-2022-24478
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/63aa86dbc0bdbad2f64857bd12d8688eaa25ada9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/63aa86dbc0bdbad2f64857bd12d8688eaa25ada9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
