summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2022-09-26 22:21:03 +0200
committerSalvatore Bonaccorso <carnil@debian.org>2022-09-26 22:21:03 +0200
commit0dd8ebf2bc49f85382240c3eb6c395164603a283 (patch)
treeee028b2ff761e6ae011912909e100155227451b7
parente39db614a808c0ba670f31757f35c434df8aa797 (diff)
Process some NFUs
-rw-r--r--data/CVE/list38
1 files changed, 19 insertions, 19 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 5008f13e42..352e396894 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3773,7 +3773,7 @@ CVE-2022-39961
CVE-2022-39960 (The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not ...)
NOT-FOR-US: Atlassian
CVE-2022-3135 (The SEO Smart Links WordPress plugin through 3.0.1 does not sanitise a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3134 (Use After Free in GitHub repository vim/vim prior to 9.0.0389. ...)
- vim <unfixed> (bug #1019590)
[bullseye] - vim <no-dsa> (Minor issue)
@@ -4139,7 +4139,7 @@ CVE-2022-36423 (OpenHarmony-v3.1.2 and prior versions have an incorrect configur
CVE-2022-3120 (A vulnerability classified as critical was found in SourceCodester Cli ...)
NOT-FOR-US: SourceCodester Clinics Patient Management System
CVE-2022-3119 (The OAuth client Single Sign On WordPress plugin before 3.0.4 does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3118 (A vulnerability was found in Sourcecodehero ERP System Project. It has ...)
NOT-FOR-US: Sourcecodehero ERP System Project
CVE-2022-39808
@@ -5413,7 +5413,7 @@ CVE-2022-3099 (Use After Free in GitHub repository vim/vim prior to 9.0.0360. ..
NOTE: https://huntr.dev/bounties/403210c7-6cc7-4874-8934-b57f88bd4f5e
NOTE: https://github.com/vim/vim/commit/35d21c6830fc2d68aca838424a0e786821c5891c (v9.0.0360)
CVE-2022-3098 (The Login Block IPs WordPress plugin through 1.0.0 does not have CSRF ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3097
RESERVED
CVE-2022-3096
@@ -5727,13 +5727,13 @@ CVE-2022-3077 (A buffer overflow vulnerability was found in the Linux kernel Int
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2123309
NOTE: https://git.kernel.org/linus/690b2549b19563ec5ad53e5c82f6a944d910086e (5.19-rc1)
CVE-2022-3076 (The CM Download Manager WordPress plugin before 2.8.6 allows high priv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3075 (Insufficient data validation in Mojo in Google Chrome prior to 105.0.5 ...)
{DSA-5225-1}
- chromium 105.0.5195.102-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-3074 (The Slider Hero WordPress plugin before 8.4.4 does not escape the slid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3073
RESERVED
CVE-2022-3072 (Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacqu ...)
@@ -5748,7 +5748,7 @@ CVE-2022-39079
CVE-2022-39078
RESERVED
CVE-2022-3070 (The Generate PDF WordPress plugin before 3.6 does not sanitise and esc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3071 (Use after free in Tab Strip in Google Chrome on Chrome OS, Lacros prio ...)
{DSA-5223-1}
- chromium 105.0.5195.52-1
@@ -5815,7 +5815,7 @@ CVE-2022-39049 (An attacker who is logged into OTRS as an admin user may manipul
NOT-FOR-US: OTRS
NOTE: Could possibly affect Znuny, we'll let their security team figure it out
CVE-2022-3069 (The WordLift WordPress plugin before 3.37.2 does not sanitise and esca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3068 (Improper Privilege Management in GitHub repository octoprint/octoprint ...)
- octoprint <itp> (bug #718591)
CVE-2022-39048
@@ -5837,7 +5837,7 @@ CVE-2022-3064
CVE-2022-3063
REJECTED
CVE-2022-3062 (The Simple File List WordPress plugin before 4.4.12 does not escape pa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3061 (Found Linux Kernel flaw in the i740 driver. The Userspace program coul ...)
- linux 5.18.2-1
NOTE: https://git.kernel.org/linus/15cf0b82271b1823fb02ab8c377badba614d95d5 (5.18-rc5)
@@ -6508,9 +6508,9 @@ CVE-2022-3027 (The CMS8000 device does not properly control or sanitize the SSID
CVE-2022-3026 (The WP Users Exporter plugin for WordPress is vulnerable to CSV Inject ...)
NOT-FOR-US: WP Users Exporter plugin for WordPress
CVE-2022-3025 (The Bitcoin / Altcoin Faucet WordPress plugin through 1.6.0 does not h ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3024 (The Simple Bitcoin Faucets WordPress plugin through 1.7.0 does not hav ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3023
RESERVED
CVE-2022-3022
@@ -6742,7 +6742,7 @@ CVE-2022-2989 (An incorrect handling of the supplementary groups in the Podman c
CVE-2022-2988
RESERVED
CVE-2022-2987 (The Ldap WP Login / Active Directory Integration WordPress plugin befo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-2986
RESERVED
- moodle <removed>
@@ -7107,7 +7107,7 @@ CVE-2022-2928
CVE-2022-2927 (Weak Password Requirements in GitHub repository notrinos/notrinoserp p ...)
NOT-FOR-US: NotrinosERP
CVE-2022-2926 (The Download Manager WordPress plugin before 3.2.55 does not validate ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-38647
RESERVED
CVE-2022-38646
@@ -7604,7 +7604,7 @@ CVE-2022-2905 (An out-of-bounds memory read flaw was found in the Linux kernel's
CVE-2022-2904
RESERVED
CVE-2022-2903 (The Ninja Forms Contact Form WordPress plugin before 3.6.13 unserialis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-2902
RESERVED
CVE-2022-2901 (Improper Authorization in GitHub repository chatwoot/chatwoot prior to ...)
@@ -14525,9 +14525,9 @@ CVE-2022-2407 (The WP phpMyAdmin WordPress plugin before 5.2.0.4 does not escape
CVE-2022-2406 (The legacy Slack import feature in Mattermost version 6.7.0 and earlie ...)
- mattermost-server <itp> (bug #823556)
CVE-2022-2405 (The WP Popup Builder WordPress plugin through 1.2.8 does not have auth ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-2404 (The WP Popup Builder WordPress plugin through 1.2.8 does not sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-2403 (A credentials leak was found in the OpenShift Container Platform. The ...)
NOT-FOR-US: OpenShift
CVE-2022-35863
@@ -15711,7 +15711,7 @@ CVE-2022-35402
CVE-2022-2353 (Prior to microweber/microweber v1.2.20, due to improper neutralization ...)
NOT-FOR-US: microweber
CVE-2022-2352 (The Post SMTP Mailer/Email Log WordPress plugin before 2.1.7 does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-2351 (The Post SMTP Mailer/Email Log WordPress plugin before 2.1.4 does not ...)
NOT-FOR-US: WordPress plugin
CVE-2022-2350
@@ -27843,7 +27843,7 @@ CVE-2022-1757 (The pagebar WordPress plugin before 2.70 does not have CSRF check
CVE-2022-1756 (The Newsletter WordPress plugin before 7.4.5 does not sanitize and esc ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1755 (The SVG Support WordPress plugin before 2.5 does not properly handle S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-30972 (A cross-site request forgery (CSRF) vulnerability in Jenkins Storable ...)
NOT-FOR-US: Jenkins plugin
CVE-2022-30971 (Jenkins Storable Configs Plugin 1.0 and earlier does not configure its ...)
@@ -29879,7 +29879,7 @@ CVE-2022-1615 (In Samba, GnuTLS gnutls_rnd() can fail and give predictable rando
CVE-2022-1614 (The WP-EMail WordPress plugin before 2.69.0 prioritizes getting a visi ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1613 (The Restricted Site Access WordPress plugin before 7.3.2 prioritizes g ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-1612 (The Webriti SMTP Mail WordPress plugin through 1.0 does not have CSRF ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1611 (The Bulk Page Creator WordPress plugin before 1.1.4 does not protect i ...)
@@ -114944,7 +114944,7 @@ CVE-2021-24892 (Insecure Direct Object Reference in edit function of Advanced Fo
CVE-2021-24891 (The Elementor Website Builder WordPress plugin before 3.4.8 does not s ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24890 (The Scripts Organizer WordPress plugin before 3.0 does not have capabi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24889 (The Ninja Forms Contact Form WordPress plugin before 3.6.4 does not es ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24888 (The ImageBoss WordPress plugin before 3.0.6 does not sanitise and esca ...)

© 2014-2024 Faster IT GmbH | imprint | privacy policy