[Git][security-tracker-team/security-tracker][master] automatic update

Sat, 31 Dec 2022 00:10:35 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d327ae85 by security tracker role at 2022-12-31T08:10:11+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2022-4864 (Argument Injection in GitHub repository froxlor/froxlor prior 
to 2.0.0 ...)
+       TODO: check
+CVE-2017-20155 (A vulnerability was found in Sterc Google Analytics Dashboard 
for MODX ...)
+       TODO: check
+CVE-2017-20154 (A vulnerability was found in ghostlander Phoenixcoin. It has 
been clas ...)
+       TODO: check
 CVE-2022-4863 (Improper Handling of Insufficient Permissions or Privileges in 
GitHub  ...)
        NOT-FOR-US: usememos
 CVE-2022-4862
@@ -34,8 +40,8 @@ CVE-2017-20152 (A vulnerability, which was classified as 
problematic, was found
        TODO: check
 CVE-2017-20151 (A vulnerability classified as problematic was found in iText 
RUPS. Thi ...)
        NOT-FOR-US: iText RUPS
-CVE-2022-48195
-       RESERVED
+CVE-2022-48195 (An issue was discovered in Mellium mellium.im/sasl before 
0.3.1. When  ...)
+       TODO: check
 CVE-2022-48194 (TP-Link TL-WR902AC devices through V3 0.9.1 allow remote 
authenticated ...)
        NOT-FOR-US: TP-Link
 CVE-2022-48193
@@ -1397,7 +1403,7 @@ CVE-2022-4661
 CVE-2022-4660
        RESERVED
 CVE-2022-4659
-       RESERVED
+       REJECTED
 CVE-2022-4658
        RESERVED
 CVE-2022-4657
@@ -2233,7 +2239,7 @@ CVE-2022-4620
 CVE-2022-4619 (The Sidebar Widgets by CodeLights plugin for WordPress is 
vulnerable t ...)
        NOT-FOR-US: Sidebar Widgets by CodeLights plugin for WordPress
 CVE-2022-4618
-       RESERVED
+       REJECTED
 CVE-2022-4617 (Cross-site Scripting (XSS) - Reflected in GitHub repository 
microweber ...)
        NOT-FOR-US: microweber
 CVE-2022-47579
@@ -4872,34 +4878,34 @@ CVE-2022-47130
        RESERVED
 CVE-2022-47129
        RESERVED
-CVE-2022-47128
-       RESERVED
-CVE-2022-47127
-       RESERVED
-CVE-2022-47126
-       RESERVED
-CVE-2022-47125
-       RESERVED
-CVE-2022-47124
-       RESERVED
-CVE-2022-47123
-       RESERVED
-CVE-2022-47122
-       RESERVED
-CVE-2022-47121
-       RESERVED
-CVE-2022-47120
-       RESERVED
-CVE-2022-47119
-       RESERVED
-CVE-2022-47118
-       RESERVED
-CVE-2022-47117
-       RESERVED
-CVE-2022-47116
-       RESERVED
-CVE-2022-47115
-       RESERVED
+CVE-2022-47128 (Tenda A15 V15.13.07.13 was discovered to contain a stack 
overflow via  ...)
+       TODO: check
+CVE-2022-47127 (Tenda A15 V15.13.07.13 was discovered to contain a stack 
overflow via  ...)
+       TODO: check
+CVE-2022-47126 (Tenda A15 V15.13.07.13 was discovered to contain a stack 
overflow via  ...)
+       TODO: check
+CVE-2022-47125 (Tenda A15 V15.13.07.13 was discovered to contain a stack 
overflow via  ...)
+       TODO: check
+CVE-2022-47124 (Tenda A15 V15.13.07.13 was discovered to contain a stack 
overflow via  ...)
+       TODO: check
+CVE-2022-47123 (Tenda A15 V15.13.07.13 was discovered to contain a stack 
overflow via  ...)
+       TODO: check
+CVE-2022-47122 (Tenda A15 V15.13.07.13 was discovered to contain a stack 
overflow via  ...)
+       TODO: check
+CVE-2022-47121 (Tenda A15 V15.13.07.13 was discovered to contain a stack 
overflow via  ...)
+       TODO: check
+CVE-2022-47120 (Tenda A15 V15.13.07.13 was discovered to contain a stack 
overflow via  ...)
+       TODO: check
+CVE-2022-47119 (Tenda A15 V15.13.07.13 was discovered to contain a stack 
overflow via  ...)
+       TODO: check
+CVE-2022-47118 (Tenda A15 V15.13.07.13 was discovered to contain a stack 
overflow via  ...)
+       TODO: check
+CVE-2022-47117 (Tenda A15 V15.13.07.13 was discovered to contain a stack 
overflow via  ...)
+       TODO: check
+CVE-2022-47116 (Tenda A15 V15.13.07.13 was discovered to contain a stack 
overflow via  ...)
+       TODO: check
+CVE-2022-47115 (Tenda A15 V15.13.07.13 was discovered to contain a stack 
overflow via  ...)
+       TODO: check
 CVE-2022-47114
        RESERVED
 CVE-2022-47113
@@ -5912,7 +5918,7 @@ CVE-2022-46751
 CVE-2022-4340
        RESERVED
 CVE-2022-4339
-       RESERVED
+       REJECTED
 CVE-2022-4338 [Integer Underflow in Organization Specific TLV]
        RESERVED
        - openvswitch <unfixed> (bug #1027273)
@@ -5934,7 +5940,7 @@ CVE-2022-4336 (In BAOTA linux panel there exists a stored 
xss vulnerability atta
 CVE-2022-4335
        RESERVED
 CVE-2022-4334
-       RESERVED
+       REJECTED
 CVE-2022-4333
        RESERVED
 CVE-2022-4332
@@ -6138,14 +6144,17 @@ CVE-2022-46702 (The issue was addressed with improved 
memory handling. This issu
 CVE-2022-46701 (The issue was addressed with improved bounds checks. This 
issue is fix ...)
        NOT-FOR-US: Apple
 CVE-2022-46700 (A memory corruption issue was addressed with improved input 
validation ...)
+       {DSA-5309-1 DSA-5308-1}
        - webkit2gtk 2.38.3-1
        - wpewebkit 2.38.3-1
        NOTE: https://webkitgtk.org/security/WSA-2022-0011.html
 CVE-2022-46699 (A memory corruption issue was addressed with improved state 
management ...)
+       {DSA-5309-1 DSA-5308-1}
        - webkit2gtk 2.38.3-1
        - wpewebkit 2.38.3-1
        NOTE: https://webkitgtk.org/security/WSA-2022-0011.html
 CVE-2022-46698 (A logic issue was addressed with improved checks. This issue 
is fixed  ...)
+       {DSA-5309-1 DSA-5308-1}
        - webkit2gtk 2.38.3-1
        - wpewebkit 2.38.3-1
        NOTE: https://webkitgtk.org/security/WSA-2022-0011.html
@@ -6160,6 +6169,7 @@ CVE-2022-46694 (An out-of-bounds write issue was 
addressed with improved input v
 CVE-2022-46693 (An out-of-bounds write issue was addressed with improved input 
validat ...)
        NOT-FOR-US: Apple
 CVE-2022-46692 (A logic issue was addressed with improved state management. 
This issue ...)
+       {DSA-5309-1 DSA-5308-1}
        - webkit2gtk 2.38.3-1
        - wpewebkit 2.38.3-1
        NOTE: https://webkitgtk.org/security/WSA-2022-0011.html
@@ -6250,23 +6260,23 @@ CVE-2022-42700
 CVE-2022-46674
        RESERVED
 CVE-2022-46673
-       RESERVED
+       REJECTED
 CVE-2022-46672
-       RESERVED
+       REJECTED
 CVE-2022-46671
-       RESERVED
+       REJECTED
 CVE-2022-46670 (Rockwell Automation was made aware of a vulnerability by a 
security re ...)
        NOT-FOR-US: Rockwell Automation
 CVE-2022-46669
-       RESERVED
+       REJECTED
 CVE-2022-46668
-       RESERVED
+       REJECTED
 CVE-2022-46667
-       RESERVED
+       REJECTED
 CVE-2022-46666
-       RESERVED
+       REJECTED
 CVE-2022-46665
-       RESERVED
+       REJECTED
 CVE-2022-46664 (A vulnerability has been identified in Mendix Workflow Commons 
(All ve ...)
        NOT-FOR-US: Siemens
 CVE-2022-46662 (Roxio Creator LJB starts another program with an unquoted file 
path. S ...)
@@ -6421,50 +6431,50 @@ CVE-2022-46603
        RESERVED
 CVE-2022-46602
        RESERVED
-CVE-2022-46601
-       RESERVED
-CVE-2022-46600
-       RESERVED
-CVE-2022-46599
-       RESERVED
-CVE-2022-46598
-       RESERVED
-CVE-2022-46597
-       RESERVED
-CVE-2022-46596
-       RESERVED
+CVE-2022-46601 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack 
overflow v ...)
+       TODO: check
+CVE-2022-46600 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack 
overflow v ...)
+       TODO: check
+CVE-2022-46599 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack 
overflow v ...)
+       TODO: check
+CVE-2022-46598 (TRENDnet TEW755AP 1.13B01 was discovered to contain a command 
injectio ...)
+       TODO: check
+CVE-2022-46597 (TRENDnet TEW755AP 1.13B01 was discovered to contain a command 
injectio ...)
+       TODO: check
+CVE-2022-46596 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack 
overflow v ...)
+       TODO: check
 CVE-2022-46595
        RESERVED
-CVE-2022-46594
-       RESERVED
-CVE-2022-46593
-       RESERVED
-CVE-2022-46592
-       RESERVED
-CVE-2022-46591
-       RESERVED
-CVE-2022-46590
-       RESERVED
-CVE-2022-46589
-       RESERVED
-CVE-2022-46588
-       RESERVED
+CVE-2022-46594 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack 
overflow v ...)
+       TODO: check
+CVE-2022-46593 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack 
overflow v ...)
+       TODO: check
+CVE-2022-46592 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack 
overflow v ...)
+       TODO: check
+CVE-2022-46591 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack 
overflow v ...)
+       TODO: check
+CVE-2022-46590 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack 
overflow v ...)
+       TODO: check
+CVE-2022-46589 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack 
overflow v ...)
+       TODO: check
+CVE-2022-46588 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack 
overflow v ...)
+       TODO: check
 CVE-2022-46587
        RESERVED
-CVE-2022-46586
-       RESERVED
-CVE-2022-46585
-       RESERVED
-CVE-2022-46584
-       RESERVED
-CVE-2022-46583
-       RESERVED
-CVE-2022-46582
-       RESERVED
-CVE-2022-46581
-       RESERVED
-CVE-2022-46580
-       RESERVED
+CVE-2022-46586 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack 
overflow v ...)
+       TODO: check
+CVE-2022-46585 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack 
overflow v ...)
+       TODO: check
+CVE-2022-46584 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack 
overflow v ...)
+       TODO: check
+CVE-2022-46583 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack 
overflow v ...)
+       TODO: check
+CVE-2022-46582 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack 
overflow v ...)
+       TODO: check
+CVE-2022-46581 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack 
overflow v ...)
+       TODO: check
+CVE-2022-46580 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack 
overflow v ...)
+       TODO: check
 CVE-2022-46579
        RESERVED
 CVE-2022-46578
@@ -7855,7 +7865,7 @@ CVE-2022-46171 (Tauri is a framework for building 
binaries for all major desktop
 CVE-2022-46170 (CodeIgniter is a PHP full-stack web framework. When an 
application use ...)
        - codeigniter <itp> (bug #471583)
 CVE-2022-46169 (Cacti is an open source platform which provides a robust and 
extensibl ...)
-       {DSA-5298-1}
+       {DSA-5298-1 DLA-3252-1}
        - cacti 1.2.22+ds1-3 (bug #1025648)
        NOTE: Fixed by: 
https://github.com/Cacti/cacti/commit/7f0e16312dd5ce20f93744ef8b9c3b0f1ece2216
        NOTE: Fixup for 1.2.x with PHP < 7.0: 
https://github.com/Cacti/cacti/commit/a8d59e8fa5f0054aa9c6981b1cbe30ef0e2a0ec9
@@ -7948,7 +7958,7 @@ CVE-2022-4170 (The rxvt-unicode package is vulnerable to 
a remote code execution
 CVE-2022-4169 (The Theme and plugin translation for Polylang is vulnerable to 
authori ...)
        NOT-FOR-US: Polylang
 CVE-2022-4168
-       RESERVED
+       REJECTED
 CVE-2022-4167
        RESERVED
 CVE-2022-4166 (The Contest Gallery WordPress plugin before 19.1.5.1, Contest 
Gallery  ...)
@@ -11108,7 +11118,7 @@ CVE-2022-3907 (The Clerk WordPress plugin before 4.0.0 
is affected by time-based
 CVE-2022-3906 (The Easy Form Builder WordPress plugin before 3.4.0 does not 
sanitise  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-3905
-       RESERVED
+       REJECTED
 CVE-2022-3904
        RESERVED
 CVE-2022-3903 (An incorrect read request flaw was found in the Infrared 
Transceiver U ...)
@@ -13801,7 +13811,7 @@ CVE-2022-3780 (Database connections on deleted users 
could stay active on MySQL
 CVE-2022-3779
        RESERVED
 CVE-2022-3778
-       RESERVED
+       REJECTED
 CVE-2022-3777
        RESERVED
 CVE-2022-3776 (The Restaurant Menu &#8211; Food Ordering System &#8211; Table 
Reserva ...)
@@ -16699,11 +16709,11 @@ CVE-2022-43945 (The Linux kernel NFSD implementation 
prior to versions 5.19.17 a
        - linux 6.0.3-1
        NOTE: Merge: 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f90497a16e434c2211c66e3de8e77b17868382b8
 CVE-2022-43944
-       RESERVED
+       REJECTED
 CVE-2022-43943
-       RESERVED
+       REJECTED
 CVE-2022-43942
-       RESERVED
+       REJECTED
 CVE-2022-43941
        RESERVED
 CVE-2022-43940
@@ -17121,7 +17131,7 @@ CVE-2022-3694 (The Syncee WordPress plugin before 
1.0.10 leaks the administrator
 CVE-2022-3693
        RESERVED
 CVE-2022-3692
-       RESERVED
+       REJECTED
 CVE-2022-3691 (The DeepL Pro API translation plugin WordPress plugin before 
1.7.5 dis ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-3690 (The Popup Maker WordPress plugin before 1.16.11 does not 
sanitise and  ...)
@@ -19837,6 +19847,7 @@ CVE-2022-3459
 CVE-2022-3458 (A vulnerability has been found in SourceCodester Human Resource 
Manage ...)
        NOT-FOR-US: SourceCodester
 CVE-2022-42867 (A use after free issue was addressed with improved memory 
management.  ...)
+       {DSA-5309-1 DSA-5308-1}
        - webkit2gtk 2.38.3-1
        - wpewebkit 2.38.3-1
        NOTE: https://webkitgtk.org/security/WSA-2022-0011.html
@@ -19864,6 +19875,7 @@ CVE-2022-42858
 CVE-2022-42857
        RESERVED
 CVE-2022-42856 (A type confusion issue was addressed with improved state 
handling. Thi ...)
+       {DSA-5309-1 DSA-5308-1}
        - webkit2gtk 2.38.3-1
        - wpewebkit 2.38.3-1
        NOTE: https://webkitgtk.org/security/WSA-2022-0011.html
@@ -19874,6 +19886,7 @@ CVE-2022-42854 (The issue was addressed with improved 
memory handling. This issu
 CVE-2022-42853 (An access issue was addressed with improved access 
restrictions. This  ...)
        NOT-FOR-US: Apple
 CVE-2022-42852 (The issue was addressed with improved memory handling. This 
issue is f ...)
+       {DSA-5309-1 DSA-5308-1}
        - webkit2gtk 2.38.3-1
        - wpewebkit 2.38.3-1
        NOTE: https://webkitgtk.org/security/WSA-2022-0011.html
@@ -20117,17 +20130,17 @@ CVE-2022-42744 (CandidATS version 3.0.0 allows an 
external attacker to perform C
 CVE-2022-42743 (deep-parse-json version 1.0.2 allows an external attacker to 
edit or a ...)
        NOT-FOR-US: deep-parse-json Nodejs module
 CVE-2022-42742
-       RESERVED
+       REJECTED
 CVE-2022-42741
-       RESERVED
+       REJECTED
 CVE-2022-42740
-       RESERVED
+       REJECTED
 CVE-2022-42739
-       RESERVED
+       REJECTED
 CVE-2022-42738
-       RESERVED
+       REJECTED
 CVE-2022-42737
-       RESERVED
+       REJECTED
 CVE-2022-42736
        RESERVED
 CVE-2022-41797 (Improper authorization in handler for custom URL scheme 
vulnerability  ...)
@@ -21304,20 +21317,19 @@ CVE-2022-42272
        RESERVED
 CVE-2022-42271
        RESERVED
-CVE-2022-42270
-       RESERVED
-CVE-2022-42269
-       RESERVED
+CVE-2022-42270 (NVIDIA distributions of Linux contain a vulnerability in 
nvdla_emu_tas ...)
+       TODO: check
+CVE-2022-42269 (NVIDIA Trusted OS contains a vulnerability in an SMC call 
handler, whe ...)
+       TODO: check
 CVE-2022-42268
        RESERVED
-CVE-2022-42267
-       RESERVED
-CVE-2022-42266
-       RESERVED
-CVE-2022-42265
-       RESERVED
-CVE-2022-42264
-       RESERVED
+CVE-2022-42267 (NVIDIA GPU Display Driver for Windows contains a vulnerability 
where a ...)
+       TODO: check
+CVE-2022-42266 (NVIDIA GPU Display Driver for Windows contains a vulnerability 
in the  ...)
+       TODO: check
+CVE-2022-42265 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
+       TODO: check
+CVE-2022-42264 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
        [bullseye] - nvidia-graphics-drivers 470.161.03-1
        [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -21332,8 +21344,7 @@ CVE-2022-42264
        - nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
        [bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
        - nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-42263
-       RESERVED
+CVE-2022-42263 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
        [bullseye] - nvidia-graphics-drivers 470.161.03-1
        [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -21348,8 +21359,7 @@ CVE-2022-42263
        - nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
        [bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
        - nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-42262
-       RESERVED
+CVE-2022-42262 (NVIDIA vGPU software contains a vulnerability in the Virtual 
GPU Manag ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
        [bullseye] - nvidia-graphics-drivers 470.161.03-1
        [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -21364,8 +21374,7 @@ CVE-2022-42262
        - nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
        [bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
        - nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-42261
-       RESERVED
+CVE-2022-42261 (NVIDIA vGPU software contains a vulnerability in the Virtual 
GPU Manag ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
        [bullseye] - nvidia-graphics-drivers 470.161.03-1
        [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -21380,8 +21389,7 @@ CVE-2022-42261
        - nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
        [bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
        - nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-42260
-       RESERVED
+CVE-2022-42260 (NVIDIA vGPU Display Driver for Linux guest contains a 
vulnerability in ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
        [bullseye] - nvidia-graphics-drivers 470.161.03-1
        [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -21396,8 +21404,7 @@ CVE-2022-42260
        - nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
        [bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
        - nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-42259
-       RESERVED
+CVE-2022-42259 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
        [bullseye] - nvidia-graphics-drivers 470.161.03-1
        [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -21417,8 +21424,7 @@ CVE-2022-42259
        - nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
        [bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
        - nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-42258
-       RESERVED
+CVE-2022-42258 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
        [bullseye] - nvidia-graphics-drivers 470.161.03-1
        [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -21438,8 +21444,7 @@ CVE-2022-42258
        - nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
        [bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
        - nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-42257
-       RESERVED
+CVE-2022-42257 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
        [bullseye] - nvidia-graphics-drivers 470.161.03-1
        [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -21459,8 +21464,7 @@ CVE-2022-42257
        - nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
        [bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
        - nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-42256
-       RESERVED
+CVE-2022-42256 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
        [bullseye] - nvidia-graphics-drivers 470.161.03-1
        [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -21475,8 +21479,7 @@ CVE-2022-42256
        - nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
        [bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
        - nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-42255
-       RESERVED
+CVE-2022-42255 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
        [bullseye] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
        - nvidia-graphics-drivers-tesla 510.108.03-1 (bug #1025287)
@@ -21488,8 +21491,7 @@ CVE-2022-42255
        - nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
        [bullseye] - nvidia-graphics-drivers-tesla-470 <no-dsa> (Non-free not 
supported)
        - nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-42254
-       RESERVED
+CVE-2022-42254 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
        [bullseye] - nvidia-graphics-drivers 470.161.03-1
        [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -22400,11 +22402,11 @@ CVE-2022-41858
        [buster] - linux 4.19.249-1
        NOTE: 
https://git.kernel.org/linus/ec4eb8a86ade4d22633e1da2a7d85a846b7d1798 (5.18-rc2)
 CVE-2022-41857
-       RESERVED
+       REJECTED
 CVE-2022-41856
-       RESERVED
+       REJECTED
 CVE-2022-41855
-       RESERVED
+       REJECTED
 CVE-2022-41854 (Those using Snakeyaml to parse untrusted YAML files may be 
vulnerable  ...)
        - snakeyaml <unfixed>
        NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355
@@ -29186,7 +29188,7 @@ CVE-2022-39188 (An issue was discovered in 
include/asm-generic/tlb.h in the Linu
        NOTE: 
https://lore.kernel.org/stable/cag48ez3seqopcpcyghvzv4iqeapujd5vtm3re-tckldefde...@mail.gmail.com/
        NOTE: 
https://git.kernel.org/linus/b67fbebd4cf980aecbcc750e1462128bffe8ae15
 CVE-2022-39159
-       RESERVED
+       REJECTED
 CVE-2022-39158 (A vulnerability has been identified in RUGGEDCOM ROS RMC30 
V4.X (All v ...)
        NOT-FOR-US: Siemens
 CVE-2022-39157 (A vulnerability has been identified in Parasolid V34.0 (All 
versions & ...)
@@ -36649,7 +36651,7 @@ CVE-2022-2532 (The Feed Them Social WordPress plugin 
before 3.0.1 does not sanit
 CVE-2022-2531 (An issue has been discovered in GitLab EE affecting all 
versions start ...)
        - gitlab <not-affected> (Specific to EE)
 CVE-2022-2530
-       RESERVED
+       REJECTED
 CVE-2022-2529 (sflow decode package does not employ sufficient packet 
sanitisation wh ...)
        NOT-FOR-US: goflow
 CVE-2022-2528 (In affected versions of Octopus Deploy it is possible to upload 
a pack ...)
@@ -39530,9 +39532,9 @@ CVE-2022-2351 (The Post SMTP Mailer/Email Log WordPress 
plugin before 2.1.4 does
 CVE-2022-2350 (The Disable User Login WordPress plugin through 1.0.1 does not 
have au ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-2349
-       RESERVED
+       REJECTED
 CVE-2022-2348
-       RESERVED
+       REJECTED
 CVE-2022-2347 (There exists an unchecked length field in UBoot. The U-Boot DFU 
implem ...)
        [experimental] - u-boot 2023.01~rc2+dfsg-1
        - u-boot <unfixed> (bug #1014959)
@@ -41613,18 +41615,16 @@ CVE-2022-34686 (Azure RTOS GUIX Studio Information 
Disclosure Vulnerability. Thi
        NOT-FOR-US: Microsoft
 CVE-2022-34685 (Azure RTOS GUIX Studio Information Disclosure Vulnerability. 
This CVE  ...)
        NOT-FOR-US: Microsoft
-CVE-2022-34684
-       RESERVED
+CVE-2022-34684 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
        [bullseye] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
        - nvidia-graphics-drivers-tesla 510.108.03-1 (bug #1025287)
        - nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
        [bullseye] - nvidia-graphics-drivers-tesla-470 <no-dsa> (Non-free not 
supported)
        - nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-34683
-       RESERVED
-CVE-2022-34682
-       RESERVED
+CVE-2022-34683 (NVIDIA GPU Display Driver for Windows contains a vulnerability 
in the  ...)
+       TODO: check
+CVE-2022-34682 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
        [bullseye] - nvidia-graphics-drivers 470.161.03-1
        [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -41639,10 +41639,9 @@ CVE-2022-34682
        - nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
        [bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
        - nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-34681
-       RESERVED
-CVE-2022-34680
-       RESERVED
+CVE-2022-34681 (NVIDIA GPU Display Driver for Windows contains a vulnerability 
in the  ...)
+       TODO: check
+CVE-2022-34680 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
        [bullseye] - nvidia-graphics-drivers 470.161.03-1
        [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -41662,8 +41661,7 @@ CVE-2022-34680
        - nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
        [bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
        - nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-34679
-       RESERVED
+CVE-2022-34679 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
        [bullseye] - nvidia-graphics-drivers 470.161.03-1
        [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -41678,10 +41676,9 @@ CVE-2022-34679
        - nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
        [bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
        - nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-34678
-       RESERVED
-CVE-2022-34677
-       RESERVED
+CVE-2022-34678 (NVIDIA GPU Display Driver for Windows and Linux contains a 
vulnerabili ...)
+       TODO: check
+CVE-2022-34677 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
        [bullseye] - nvidia-graphics-drivers 470.161.03-1
        [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -41701,10 +41698,9 @@ CVE-2022-34677
        - nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
        [bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
        - nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-34676
-       RESERVED
-CVE-2022-34675
-       RESERVED
+CVE-2022-34676 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
+       TODO: check
+CVE-2022-34675 (NVIDIA Display Driver for Linux contains a vulnerability in 
the Virtua ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
        [bullseye] - nvidia-graphics-drivers 470.161.03-1
        [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -41724,8 +41720,7 @@ CVE-2022-34675
        - nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
        [bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
        - nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-34674
-       RESERVED
+CVE-2022-34674 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
        [bullseye] - nvidia-graphics-drivers 470.161.03-1
        [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -41745,14 +41740,13 @@ CVE-2022-34674
        - nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
        [bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
        - nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-34673
-       RESERVED
-CVE-2022-34672
-       RESERVED
-CVE-2022-34671
-       RESERVED
-CVE-2022-34670
-       RESERVED
+CVE-2022-34673 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
+       TODO: check
+CVE-2022-34672 (NVIDIA Control Panel for Windows contains a vulnerability 
where an una ...)
+       TODO: check
+CVE-2022-34671 (NVIDIA GPU Display Driver for Windows contains a vulnerability 
in the  ...)
+       TODO: check
+CVE-2022-34670 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
        [bullseye] - nvidia-graphics-drivers 470.161.03-1
        [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -41772,8 +41766,8 @@ CVE-2022-34670
        - nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
        [bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
        - nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-34669
-       RESERVED
+CVE-2022-34669 (NVIDIA GPU Display Driver for Windows contains a vulnerability 
in the  ...)
+       TODO: check
 CVE-2022-34668 (NVFLARE, versions prior to 2.1.4, contains a vulnerability 
that deseri ...)
        NOT-FOR-US: NVFLARE
 CVE-2022-34667 (NVIDIA CUDA Toolkit SDK contains a stack-based buffer overflow 
vulnera ...)
@@ -67515,7 +67509,7 @@ CVE-2022-21238 (A cross-site scripting (xss) 
vulnerability exists in the info.js
 CVE-2022-21209 (The affected product is vulnerable to an out-of-bounds read 
while proc ...)
        NOT-FOR-US: FATEK Automation
 CVE-2022-0730 (Under certain ldap conditions, Cacti authentication can be 
bypassed wi ...)
-       {DSA-5298-1 DLA-2965-1}
+       {DSA-5298-1 DLA-3252-1 DLA-2965-1}
        - cacti 1.2.20+ds1-1 (bug #1008693)
        NOTE: https://github.com/Cacti/cacti/issues/4562
        NOTE: 
https://github.com/Cacti/cacti/commit/1386bdbf7f845a32e24ac9415f3ebb7932e77fe7 
(1.2.x)
@@ -81414,9 +81408,9 @@ CVE-2022-22202 (An Improper Handling of Exceptional 
Conditions vulnerability on
 CVE-2022-22201 (An Improper Validation of Specified Index, Position, or Offset 
in Inpu ...)
        NOT-FOR-US: Juniper
 CVE-2022-22200
-       RESERVED
+       REJECTED
 CVE-2022-22199
-       RESERVED
+       REJECTED
        NOT-FOR-US: Juniper
 CVE-2022-22198 (An Access of Uninitialized Pointer vulnerability in the SIP 
ALG of Jun ...)
        NOT-FOR-US: Juniper
@@ -81485,7 +81479,7 @@ CVE-2022-22167 (A traffic classification vulnerability 
in Juniper Networks Junos
 CVE-2022-22166 (An Improper Validation of Specified Quantity in Input 
vulnerability in ...)
        NOT-FOR-US: Juniper
 CVE-2022-22165
-       RESERVED
+       REJECTED
 CVE-2022-22164 (An Improper Initialization vulnerability in Juniper Networks 
Junos OS  ...)
        NOT-FOR-US: Juniper
 CVE-2022-22163 (An Improper Input Validation vulnerability in the Juniper DHCP 
daemon  ...)
@@ -81499,7 +81493,7 @@ CVE-2022-22160 (An Unchecked Error Condition 
vulnerability in the subscriber man
 CVE-2022-22159 (A vulnerability in the NETISR network queue functionality of 
Juniper N ...)
        NOT-FOR-US: Juniper
 CVE-2022-22158
-       RESERVED
+       REJECTED
 CVE-2022-22157 (A traffic classification vulnerability in Juniper Networks 
Junos OS on ...)
        NOT-FOR-US: Juniper
 CVE-2022-22156 (An Improper Certificate Validation weakness in the Juniper 
Networks Ju ...)
@@ -114126,9 +114120,9 @@ CVE-2021-34610 (A remote arbitrary command execution 
vulnerability was discovere
 CVE-2021-34609 (A remote SQL injection vulnerability was discovered in Aruba 
ClearPass ...)
        NOT-FOR-US: Aruba
 CVE-2021-34608
-       RESERVED
+       REJECTED
 CVE-2021-34607
-       RESERVED
+       REJECTED
 CVE-2021-34606 (A vulnerability exists in XINJE XD/E Series PLC Program Tool 
in versio ...)
        NOT-FOR-US: XINJE PLC Program Tool
 CVE-2021-34605 (A zip slip vulnerability in XINJE XD/E Series PLC Program Tool 
up to v ...)
@@ -114136,7 +114130,7 @@ CVE-2021-34605 (A zip slip vulnerability in XINJE 
XD/E Series PLC Program Tool u
 CVE-2021-34604
        REJECTED
 CVE-2021-34603
-       RESERVED
+       REJECTED
 CVE-2021-34602 (In Bender/ebee Charge Controllers in multiple versions are 
prone to Co ...)
        NOT-FOR-US: Bender/ebee Charge Controllers
 CVE-2021-34601 (In Bender/ebee Charge Controllers in multiple versions are 
prone to Ha ...)
@@ -132307,7 +132301,7 @@ CVE-2021-27651 (In versions 8.2.1 through 8.5.2 of 
Pega Infinity, the password r
 CVE-2021-3415
        RESERVED
 CVE-2021-27650
-       RESERVED
+       REJECTED
 CVE-2021-27649 (Use after free vulnerability in file transfer protocol 
component in Sy ...)
        NOT-FOR-US: Synology
 CVE-2021-27648 (Externally controlled reference to a resource in another 
sphere in qua ...)
@@ -134864,7 +134858,7 @@ CVE-2021-26570 (The Baseboard Management Controller 
(BMC) firmware in HPE Apollo
 CVE-2021-26569 (Race Condition within a Thread vulnerability in 
iscsi_snapshot_comm_co ...)
        NOT-FOR-US: Synology
 CVE-2021-26568
-       RESERVED
+       REJECTED
 CVE-2021-26567 (Stack-based buffer overflow vulnerability in frontend/main.c 
in faad2  ...)
        NOT-FOR-US: Synology
 CVE-2021-26566 (Insertion of sensitive information into sent data 
vulnerability in syn ...)
@@ -140223,7 +140217,7 @@ CVE-2021-24419 (The WP YouTube Lyte WordPress plugin 
before 1.7.16 did not sanit
 CVE-2021-24418 (The Smooth Scroll Page Up/Down Buttons WordPress plugin 
through 1.4 do ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24417
-       RESERVED
+       REJECTED
 CVE-2021-24416 (The StreamCast &#8211; Radio Player for WordPress plugin 
before 2.1.1  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24415 (The Polo Video Gallery &#8211; Best wordpress video gallery 
plugin Wor ...)
@@ -143058,13 +143052,13 @@ CVE-2021-23238
 CVE-2021-23237
        RESERVED
 CVE-2021-3105
-       RESERVED
+       REJECTED
 CVE-2021-3104
-       RESERVED
+       REJECTED
 CVE-2021-3103
-       RESERVED
+       REJECTED
 CVE-2021-3102
-       RESERVED
+       REJECTED
 CVE-2021-3101 (Hotdog, prior to v1.0.1, did not mimic the capabilities or the 
SELinux ...)
        NOT-FOR-US: Amazon Web Services hotpatch
 CVE-2021-3100 (The Apache Log4j hotpatch package before 
log4j-cve-2021-44228-hotpatch ...)
@@ -143072,19 +143066,19 @@ CVE-2021-3100 (The Apache Log4j hotpatch package 
before log4j-cve-2021-44228-hot
 CVE-2021-3099
        RESERVED
 CVE-2021-3098
-       RESERVED
+       REJECTED
 CVE-2021-3097
-       RESERVED
+       REJECTED
 CVE-2021-3096
-       RESERVED
+       REJECTED
 CVE-2021-3095
        REJECTED
 CVE-2021-3094
-       RESERVED
+       REJECTED
 CVE-2021-3093
-       RESERVED
+       REJECTED
 CVE-2021-3092
-       RESERVED
+       REJECTED
 CVE-2021-3091
        RESERVED
 CVE-2021-3090
@@ -143246,139 +143240,139 @@ CVE-2021-23124 (An issue was discovered in 
Joomla! 3.9.0 through 3.9.23. The lac
 CVE-2021-23123 (An issue was discovered in Joomla! 3.0.0 through 3.9.23. The 
lack of A ...)
        NOT-FOR-US: Joomla!
 CVE-2021-23122
-       RESERVED
+       REJECTED
 CVE-2021-23121
-       RESERVED
+       REJECTED
 CVE-2021-23120
-       RESERVED
+       REJECTED
 CVE-2021-23119
-       RESERVED
+       REJECTED
 CVE-2021-23118
-       RESERVED
+       REJECTED
 CVE-2021-23117
-       RESERVED
+       REJECTED
 CVE-2021-23116
-       RESERVED
+       REJECTED
 CVE-2021-23115
-       RESERVED
+       REJECTED
 CVE-2021-23114
-       RESERVED
+       REJECTED
 CVE-2021-23113
-       RESERVED
+       REJECTED
 CVE-2021-23112
-       RESERVED
+       REJECTED
 CVE-2021-23111
-       RESERVED
+       REJECTED
 CVE-2021-23110
-       RESERVED
+       REJECTED
 CVE-2021-23109
-       RESERVED
+       REJECTED
 CVE-2021-23108
-       RESERVED
+       REJECTED
 CVE-2021-23107
-       RESERVED
+       REJECTED
 CVE-2021-23106
-       RESERVED
+       REJECTED
 CVE-2021-23105
-       RESERVED
+       REJECTED
 CVE-2021-23104
-       RESERVED
+       REJECTED
 CVE-2021-23103
-       RESERVED
+       REJECTED
 CVE-2021-23102
-       RESERVED
+       REJECTED
 CVE-2021-23101
-       RESERVED
+       REJECTED
 CVE-2021-23100
-       RESERVED
+       REJECTED
 CVE-2021-23099
-       RESERVED
+       REJECTED
 CVE-2021-23098
-       RESERVED
+       REJECTED
 CVE-2021-23097
-       RESERVED
+       REJECTED
 CVE-2021-23096
-       RESERVED
+       REJECTED
 CVE-2021-23095
-       RESERVED
+       REJECTED
 CVE-2021-23094
-       RESERVED
+       REJECTED
 CVE-2021-23093
-       RESERVED
+       REJECTED
 CVE-2021-23092
-       RESERVED
+       REJECTED
 CVE-2021-23091
-       RESERVED
+       REJECTED
 CVE-2021-23090
-       RESERVED
+       REJECTED
 CVE-2021-23089
-       RESERVED
+       REJECTED
 CVE-2021-23088
-       RESERVED
+       REJECTED
 CVE-2021-23087
-       RESERVED
+       REJECTED
 CVE-2021-23086
-       RESERVED
+       REJECTED
 CVE-2021-23085
-       RESERVED
+       REJECTED
 CVE-2021-23084
-       RESERVED
+       REJECTED
 CVE-2021-23083
-       RESERVED
+       REJECTED
 CVE-2021-23082
-       RESERVED
+       REJECTED
 CVE-2021-23081
-       RESERVED
+       REJECTED
 CVE-2021-23080
-       RESERVED
+       REJECTED
 CVE-2021-23079
-       RESERVED
+       REJECTED
 CVE-2021-23078
-       RESERVED
+       REJECTED
 CVE-2021-23077
-       RESERVED
+       REJECTED
 CVE-2021-23076
-       RESERVED
+       REJECTED
 CVE-2021-23075
-       RESERVED
+       REJECTED
 CVE-2021-23074
-       RESERVED
+       REJECTED
 CVE-2021-23073
-       RESERVED
+       REJECTED
 CVE-2021-23072
-       RESERVED
+       REJECTED
 CVE-2021-23071
-       RESERVED
+       REJECTED
 CVE-2021-23070
-       RESERVED
+       REJECTED
 CVE-2021-23069
-       RESERVED
+       REJECTED
 CVE-2021-23068
-       RESERVED
+       REJECTED
 CVE-2021-23067
-       RESERVED
+       REJECTED
 CVE-2021-23066
-       RESERVED
+       REJECTED
 CVE-2021-23065
-       RESERVED
+       REJECTED
 CVE-2021-23064
-       RESERVED
+       REJECTED
 CVE-2021-23063
-       RESERVED
+       REJECTED
 CVE-2021-23062
-       RESERVED
+       REJECTED
 CVE-2021-23061
-       RESERVED
+       REJECTED
 CVE-2021-23060
-       RESERVED
+       REJECTED
 CVE-2021-23059
-       RESERVED
+       REJECTED
 CVE-2021-23058
-       RESERVED
+       REJECTED
 CVE-2021-23057
-       RESERVED
+       REJECTED
 CVE-2021-23056
-       RESERVED
+       REJECTED
 CVE-2021-23055 (On version 2.x before 2.0.3 and 1.x before 1.12.3, the command 
line re ...)
        NOT-FOR-US: Kubernetes ingress-nginx component
 CVE-2021-23054 (On version 16.x before 16.1.0, 15.1.x before 15.1.4, 14.1.x 
before 14. ...)
@@ -168869,6 +168863,7 @@ CVE-2020-25708 (A divide by zero issue was found to 
occur in libvncserver-0.9.12
 CVE-2020-25707
        REJECTED
 CVE-2020-25706 (A cross-site scripting (XSS) vulnerability exists in 
templates_import. ...)
+       {DLA-3252-1}
        - cacti 1.2.14+ds1-1
        [stretch] - cacti <not-affected> (Vulnerable code introduced in 1.0.0)
        NOTE: https://github.com/Cacti/cacti/issues/3723
@@ -174717,7 +174712,7 @@ CVE-2020-23228
 CVE-2020-23227
        RESERVED
 CVE-2020-23226 (Multiple Cross Site Scripting (XSS) vulneratiblities exist in 
Cacti 1. ...)
-       {DLA-2965-1}
+       {DLA-3252-1 DLA-2965-1}
        - cacti 1.2.13+ds1-1
        NOTE: https://github.com/Cacti/cacti/issues/3549
        NOTE: 
https://github.com/Cacti/cacti/commit/8d5fbc48debddc91a66b5aed877060566c6b6232 
(1.2.13)
@@ -199624,129 +199619,129 @@ CVE-2020-12594 (A privilege escalation flaw 
allows a malicious, authenticated, p
 CVE-2020-12593 (Symantec Endpoint Detection &amp; Response, prior to 4.5, may 
be susce ...)
        NOT-FOR-US: Symantec
 CVE-2020-12592
-       RESERVED
+       REJECTED
 CVE-2020-12591
-       RESERVED
+       REJECTED
 CVE-2020-12590
-       RESERVED
+       REJECTED
 CVE-2020-12589
-       RESERVED
+       REJECTED
 CVE-2020-12588
-       RESERVED
+       REJECTED
 CVE-2020-12587
-       RESERVED
+       REJECTED
 CVE-2020-12586
-       RESERVED
+       REJECTED
 CVE-2020-12585
-       RESERVED
+       REJECTED
 CVE-2020-12584
-       RESERVED
+       REJECTED
 CVE-2020-12583
-       RESERVED
+       REJECTED
 CVE-2020-12582
-       RESERVED
+       REJECTED
 CVE-2020-12581
-       RESERVED
+       REJECTED
 CVE-2020-12580
-       RESERVED
+       REJECTED
 CVE-2020-12579
-       RESERVED
+       REJECTED
 CVE-2020-12578
-       RESERVED
+       REJECTED
 CVE-2020-12577
-       RESERVED
+       REJECTED
 CVE-2020-12576
-       RESERVED
+       REJECTED
 CVE-2020-12575
-       RESERVED
+       REJECTED
 CVE-2020-12574
-       RESERVED
+       REJECTED
 CVE-2020-12573
-       RESERVED
+       REJECTED
 CVE-2020-12572
-       RESERVED
+       REJECTED
 CVE-2020-12571
-       RESERVED
+       REJECTED
 CVE-2020-12570
-       RESERVED
+       REJECTED
 CVE-2020-12569
-       RESERVED
+       REJECTED
 CVE-2020-12568
-       RESERVED
+       REJECTED
 CVE-2020-12567
-       RESERVED
+       REJECTED
 CVE-2020-12566
-       RESERVED
+       REJECTED
 CVE-2020-12565
-       RESERVED
+       REJECTED
 CVE-2020-12564
-       RESERVED
+       REJECTED
 CVE-2020-12563
-       RESERVED
+       REJECTED
 CVE-2020-12562
-       RESERVED
+       REJECTED
 CVE-2020-12561
-       RESERVED
+       REJECTED
 CVE-2020-12560
-       RESERVED
+       REJECTED
 CVE-2020-12559
-       RESERVED
+       REJECTED
 CVE-2020-12558
-       RESERVED
+       REJECTED
 CVE-2020-12557
-       RESERVED
+       REJECTED
 CVE-2020-12556
-       RESERVED
+       REJECTED
 CVE-2020-12555
-       RESERVED
+       REJECTED
 CVE-2020-12554
-       RESERVED
+       REJECTED
 CVE-2020-12553
-       RESERVED
+       REJECTED
 CVE-2020-12552
-       RESERVED
+       REJECTED
 CVE-2020-12551
-       RESERVED
+       REJECTED
 CVE-2020-12550
-       RESERVED
+       REJECTED
 CVE-2020-12549
-       RESERVED
+       REJECTED
 CVE-2020-12548
-       RESERVED
+       REJECTED
 CVE-2020-12547
-       RESERVED
+       REJECTED
 CVE-2020-12546
-       RESERVED
+       REJECTED
 CVE-2020-12545
-       RESERVED
+       REJECTED
 CVE-2020-12544
-       RESERVED
+       REJECTED
 CVE-2020-12543
-       RESERVED
+       REJECTED
 CVE-2020-12542
-       RESERVED
+       REJECTED
 CVE-2020-12541
-       RESERVED
+       REJECTED
 CVE-2020-12540
-       RESERVED
+       REJECTED
 CVE-2020-12539
-       RESERVED
+       REJECTED
 CVE-2020-12538
-       RESERVED
+       REJECTED
 CVE-2020-12537
-       RESERVED
+       REJECTED
 CVE-2020-12536
-       RESERVED
+       REJECTED
 CVE-2020-12535
-       RESERVED
+       REJECTED
 CVE-2020-12534
-       RESERVED
+       REJECTED
 CVE-2020-12533
-       RESERVED
+       REJECTED
 CVE-2020-12532
-       RESERVED
+       REJECTED
 CVE-2020-12531
-       RESERVED
+       REJECTED
 CVE-2020-12530 (An issue was discovered in MB connect line mymbCONNECT24 and 
mbCONNECT ...)
        NOT-FOR-US: MB connect software
 CVE-2020-12529 (An issue was discovered in MB connect line mymbCONNECT24 and 
mbCONNECT ...)
@@ -199768,7 +199763,7 @@ CVE-2020-12522 (The reported vulnerability allows an 
attacker who has network ac
 CVE-2020-12521 (On Phoenix Contact PLCnext Control Devices versions before 
2021.0 LTS  ...)
        NOT-FOR-US: Phoenix Contact PLCnext Control Devices
 CVE-2020-12520
-       RESERVED
+       REJECTED
 CVE-2020-12519 (On Phoenix Contact PLCnext Control Devices versions before 
2021.0 LTS  ...)
        NOT-FOR-US: Phoenix Contact PLCnext Control Devices
 CVE-2020-12518 (On Phoenix Contact PLCnext Control Devices versions before 
2021.0 LTS  ...)
@@ -199778,7 +199773,7 @@ CVE-2020-12517 (On Phoenix Contact PLCnext Control 
Devices versions before 2021.
 CVE-2020-12516 (Older firmware versions (FW1 up to FW10) of the WAGO PLC 
family 750-88 ...)
        NOT-FOR-US: WAGO
 CVE-2020-12515
-       RESERVED
+       REJECTED
 CVE-2020-12514 (Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and 
below is pr ...)
        NOT-FOR-US: Pepperl+Fuchs Comtrol IO-Link Master
 CVE-2020-12513 (Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and 
below is pr ...)
@@ -210834,6 +210829,7 @@ CVE-2017-18641 (In LXC 2.0, many template scripts 
download code over cleartext H
        NOTE: Some of the templates were switched to fetch the pacakges over 
HTTPS, cf.
        NOTE: https://github.com/lxc/lxc/pull/1371 for the lxc-fedora template.
 CVE-2020-8813 (graph_realtime.php in Cacti 1.2.8 allows remote attackers to 
execute a ...)
+       {DLA-3252-1}
        - cacti 1.2.10+ds1-1 (bug #951832)
        [stretch] - cacti <not-affected> (Vulnerable code not present)
        [jessie] - cacti <not-affected> (Vulnerable code not present)
@@ -228806,53 +228802,53 @@ CVE-2020-2076 (SICK Package Analytics software up 
to and including version V04.0
 CVE-2020-2075 (Platform mechanism AutoIP allows remote attackers to reboot the 
device ...)
        NOT-FOR-US: SICK
 CVE-2020-2074
-       RESERVED
+       REJECTED
 CVE-2020-2073
-       RESERVED
+       REJECTED
 CVE-2020-2072
-       RESERVED
+       REJECTED
 CVE-2020-2071
-       RESERVED
+       REJECTED
 CVE-2020-2070
        RESERVED
 CVE-2020-2069
-       RESERVED
+       REJECTED
 CVE-2020-2068
-       RESERVED
+       REJECTED
 CVE-2020-2067
-       RESERVED
+       REJECTED
 CVE-2020-2066
        RESERVED
 CVE-2020-2065
-       RESERVED
+       REJECTED
 CVE-2020-2064
-       RESERVED
+       REJECTED
 CVE-2020-2063
        RESERVED
 CVE-2020-2062
-       RESERVED
+       REJECTED
 CVE-2020-2061
-       RESERVED
+       REJECTED
 CVE-2020-2060
        RESERVED
 CVE-2020-2059
-       RESERVED
+       REJECTED
 CVE-2020-2058
-       RESERVED
+       REJECTED
 CVE-2020-2057
-       RESERVED
+       REJECTED
 CVE-2020-2056
-       RESERVED
+       REJECTED
 CVE-2020-2055
        RESERVED
 CVE-2020-2054
-       RESERVED
+       REJECTED
 CVE-2020-2053
-       RESERVED
+       REJECTED
 CVE-2020-2052
-       RESERVED
+       REJECTED
 CVE-2020-2051
-       RESERVED
+       REJECTED
 CVE-2020-2050 (An authentication bypass vulnerability exists in the 
GlobalProtect SSL ...)
        NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2020-2049 (A local privilege escalation vulnerability exists in Palo Alto 
Network ...)
@@ -228860,11 +228856,11 @@ CVE-2020-2049 (A local privilege escalation 
vulnerability exists in Palo Alto Ne
 CVE-2020-2048 (An information exposure through log file vulnerability exists 
where th ...)
        NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2020-2047
-       RESERVED
+       REJECTED
 CVE-2020-2046
-       RESERVED
+       REJECTED
 CVE-2020-2045
-       RESERVED
+       REJECTED
 CVE-2020-2044 (An information exposure through log file vulnerability where an 
admini ...)
        NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2020-2043 (An information exposure through log file vulnerability where 
sensitive ...)
@@ -239031,17 +239027,17 @@ CVE-2019-17445 (An issue was discovered in Eracent 
EDA, EPA, EPM, EUA, FLW, and
 CVE-2019-17444 (Jfrog Artifactory uses default passwords (such as "password") 
for admi ...)
        NOT-FOR-US: JFrog Artifactory
 CVE-2019-17443
-       RESERVED
+       REJECTED
 CVE-2019-17442
-       RESERVED
+       REJECTED
 CVE-2019-17441
-       RESERVED
+       REJECTED
 CVE-2019-17440 (Improper restriction of communications to Log Forwarding Card 
(LFC) on ...)
        NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2019-17439
-       RESERVED
+       REJECTED
 CVE-2019-17438
-       RESERVED
+       REJECTED
 CVE-2019-17437 (An improper authentication check in Palo Alto Networks PAN-OS 
may allo ...)
        NOT-FOR-US: PAN-OS
 CVE-2019-17436 (A Local Privilege Escalation vulnerability exists in 
GlobalProtect Age ...)
@@ -256901,7 +256897,7 @@ CVE-2019-11826 (Relative path traversal vulnerability 
in SYNO.PhotoTeam.Upload.I
 CVE-2019-11825 (Cross-site scripting (XSS) vulnerability in Event Editor in 
Synology C ...)
        NOT-FOR-US: Synology
 CVE-2019-11824
-       RESERVED
+       REJECTED
 CVE-2019-11823 (CRLF injection vulnerability in Network Center in Synology 
Router Mana ...)
        NOT-FOR-US: Synology
 CVE-2019-11822 (Relative path traversal vulnerability in 
SYNO.PhotoStation.File in Syn ...)
@@ -360918,7 +360914,7 @@ CVE-2017-12075 (Command injection vulnerability in 
EZ-Internet in Synology DiskS
 CVE-2017-12074 (Directory traversal vulnerability in the 
SYNO.DNSServer.Zone.MasterZon ...)
        NOT-FOR-US: Synology
 CVE-2017-12073
-       RESERVED
+       REJECTED
 CVE-2017-12072 (Cross-site scripting (XSS) vulnerability in 
PixlrEditorHandler.php in  ...)
        NOT-FOR-US: Synology
 CVE-2017-12071 (Server-side request forgery (SSRF) vulnerability in 
file_upload.php in ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d327ae851eb8c9d22aa5df42c8506eea1c30e0a5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d327ae851eb8c9d22aa5df42c8506eea1c30e0a5
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to