From 87dd0dc4d8b00f5c97ddf3465f85dae7a6a52ec6 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Sat, 24 Sep 2022 10:22:48 +0200 Subject: Process some NFUs --- data/CVE/list | 76 +++++++++++++++++++++++++++++------------------------------ 1 file changed, 38 insertions(+), 38 deletions(-) (limited to 'data/CVE/list') diff --git a/data/CVE/list b/data/CVE/list index 6e6aa26e68..0bc4cc2bd6 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -251,7 +251,7 @@ CVE-2022-41221 CVE-2022-40224 RESERVED CVE-2022-3263 (The security descriptor of Measuresoft ScadaPro Server version 6.7 has ...) - TODO: check + NOT-FOR-US: Measuresoft ScadaPro Server CVE-2022-3262 RESERVED NOT-FOR-US: OpenShift @@ -1329,7 +1329,7 @@ CVE-2022-40765 CVE-2022-40764 RESERVED CVE-2022-3236 (A code injection vulnerability in the User Portal and Webadmin allows ...) - TODO: check + NOT-FOR-US: Sophos CVE-2022-40763 RESERVED CVE-2022-3235 (Use After Free in GitHub repository vim/vim prior to 9.0.0490. ...) @@ -1523,15 +1523,15 @@ CVE-2022-40676 CVE-2022-40675 RESERVED CVE-2022-40672 (Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-40671 (Cross-Site Request Forgery (CSRF) vulnerability in Rate my Post – ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-40632 RESERVED CVE-2022-40312 RESERVED CVE-2022-40310 (Authenticated (subscriber+) Race Condition vulnerability in Rate my Po ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-40223 RESERVED CVE-2022-40219 (Cross-Site Request Forgery (CSRF) vulnerability in SedLex FavIcon Swit ...) @@ -1539,9 +1539,9 @@ CVE-2022-40219 (Cross-Site Request Forgery (CSRF) vulnerability in SedLex FavIco CVE-2022-40217 (Authenticated (admin+) Arbitrary File Edit/Upload vulnerability in Xpl ...) NOT-FOR-US: WordPress plugin CVE-2022-40215 (Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabiliti ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-40213 (Multiple Authenticated (contributor+) Stored Cross-Site Scripting (XSS ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-40211 RESERVED CVE-2022-40206 @@ -1549,7 +1549,7 @@ CVE-2022-40206 CVE-2022-40205 RESERVED CVE-2022-40193 (Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in Awe ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-40131 RESERVED CVE-2022-38974 @@ -1559,11 +1559,11 @@ CVE-2022-38468 CVE-2022-38461 RESERVED CVE-2022-38454 (Cross-Site Request Forgery (CSRF) vulnerability in Kraken.io Image Opt ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-38104 RESERVED CVE-2022-38079 (Cross-Site Request Forgery (CSRF) vulnerability Backup Scheduler plugi ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-38074 RESERVED CVE-2022-38073 (Multiple Authenticated (custom specific plugin role) Persistent Cross- ...) @@ -1571,11 +1571,11 @@ CVE-2022-38073 (Multiple Authenticated (custom specific plugin role) Persistent CVE-2022-36424 RESERVED CVE-2022-36417 (Multiple Stored Cross-Site Scripting (XSS) via Cross-Site Request Forg ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-36404 RESERVED CVE-2022-35238 (Unauthenticated Plugin Settings Change vulnerability in Awesome Filter ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-33978 RESERVED CVE-2022-3216 (A vulnerability has been found in Nintendo Game Boy Color and classifi ...) @@ -2668,25 +2668,25 @@ CVE-2022-40198 CVE-2022-40197 RESERVED CVE-2022-40195 (Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-40194 (Unauthenticated Sensitive Information Disclosure vulnerability in Cust ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-40191 (Authenticated (subscriber+) Stored Cross-Site Scripting (XSS) vulnerab ...) NOT-FOR-US: WordPress plugin CVE-2022-40189 RESERVED CVE-2022-40132 (Cross-Site Request Forgery (CSRF) vulnerability in Seriously Simple Po ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-38976 RESERVED CVE-2022-38704 (Cross-Site Request Forgery (CSRF) vulnerability in SEO Redirection plu ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-38703 (Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-38470 (Cross-Site Request Forgery (CSRF) vulnerability in Customer Reviews fo ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-38460 (Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnera ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-38144 (Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team wpFor ...) NOT-FOR-US: WordPress plugin CVE-2022-38140 @@ -2698,27 +2698,27 @@ CVE-2022-38137 CVE-2022-38135 (Broken Access Control vulnerability in Dean Oakley's Photospace Galler ...) NOT-FOR-US: WordPress plugin CVE-2022-38134 (Authenticated (subscriber+) Broken Access Control vulnerability in Cus ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-38098 RESERVED CVE-2022-38095 (Cross-Site Request Forgery (CSRF) vulnerability in AlgolPlus Advanced ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-38086 RESERVED CVE-2022-38085 (Cross-Site Request Forgery (CSRF) vulnerability in Read more By Adam p ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-38077 RESERVED CVE-2022-37342 (Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-36790 RESERVED CVE-2022-36388 (Cross-Site Request Forgery (CSRF) vulnerability in YDS Support Ticket ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-36356 (Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability ...) NOT-FOR-US: WordPress plugin CVE-2022-36340 (Unauthenticated Optin Campaign Cache Deletion vulnerability in MailOpt ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-36299 RESERVED CVE-2022-36295 @@ -2944,25 +2944,25 @@ CVE-2022-40124 CVE-2022-40123 RESERVED CVE-2022-40122 (Online Banking System v1.0 was discovered to contain a SQL injection v ...) - TODO: check + NOT-FOR-US: Online Banking System CVE-2022-40121 (Online Banking System v1.0 was discovered to contain a SQL injection v ...) - TODO: check + NOT-FOR-US: Online Banking System CVE-2022-40120 (Online Banking System v1.0 was discovered to contain a SQL injection v ...) - TODO: check + NOT-FOR-US: Online Banking System CVE-2022-40119 (Online Banking System v1.0 was discovered to contain a SQL injection v ...) - TODO: check + NOT-FOR-US: Online Banking System CVE-2022-40118 (Online Banking System v1.0 was discovered to contain a SQL injection v ...) - TODO: check + NOT-FOR-US: Online Banking System CVE-2022-40117 (Online Banking System v1.0 was discovered to contain a SQL injection v ...) - TODO: check + NOT-FOR-US: Online Banking System CVE-2022-40116 (Online Banking System v1.0 was discovered to contain a SQL injection v ...) - TODO: check + NOT-FOR-US: Online Banking System CVE-2022-40115 (Online Banking System v1.0 was discovered to contain a SQL injection v ...) - TODO: check + NOT-FOR-US: Online Banking System CVE-2022-40114 (Online Banking System v1.0 was discovered to contain a SQL injection v ...) - TODO: check + NOT-FOR-US: Online Banking System CVE-2022-40113 (Online Banking System v1.0 was discovered to contain a SQL injection v ...) - TODO: check + NOT-FOR-US: Online Banking System CVE-2022-40112 (TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable ...) NOT-FOR-US: TOTOLINK CVE-2022-40111 (In TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 in the sha ...) @@ -3002,11 +3002,11 @@ CVE-2022-40095 CVE-2022-40094 RESERVED CVE-2022-40093 (Online Tours & Travels Management System v1.0 was discovered to co ...) - TODO: check + NOT-FOR-US: Online Tours & Travels Management System CVE-2022-40092 (Online Tours & Travels Management System v1.0 was discovered to co ...) - TODO: check + NOT-FOR-US: Online Tours & Travels Management System CVE-2022-40091 (Online Tours & Travels Management System v1.0 was discovered to co ...) - TODO: check + NOT-FOR-US: Online Tours & Travels Management System CVE-2022-40090 RESERVED CVE-2022-40089 (A remote file inclusion (RFI) vulnerability in Simple College Website ...) -- cgit v1.2.3