diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-14 21:23:56 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-14 21:23:56 +0100 |
| commit | 29dd3280316ada10ea3ce198a89bb390a212a455 (patch) | |
| tree | 274d13e662d32f9d7d86523730f4f690f471bcc1 /data/CVE/2022.list | |
| parent | 6f8fdd2fd1835991e1df4b57142e33045d543c0d (diff) | |
Process NFUs
Diffstat (limited to 'data/CVE/2022.list')
| -rw-r--r-- | data/CVE/2022.list | 26 |
1 files changed, 13 insertions, 13 deletions
diff --git a/data/CVE/2022.list b/data/CVE/2022.list index 8858efa23d..2e60cb9a0f 100644 --- a/data/CVE/2022.list +++ b/data/CVE/2022.list @@ -4735,7 +4735,7 @@ CVE-2022-23369 CVE-2022-23368 RESERVED CVE-2022-23367 (Fulusso v1.1 was discovered to contain a DOM-based cross-site scriptin ...) - TODO: check + NOT-FOR-US: Fulusso CVE-2022-23366 (HMS v1.0 was discovered to contain a SQL injection vulnerability via p ...) NOT-FOR-US: HMS (Hospital Managment System) CVE-2022-23365 (HMS v1.0 was discovered to contain a SQL injection vulnerability via d ...) @@ -5245,7 +5245,7 @@ CVE-2022-0216 CVE-2022-0215 (The Login/Signup Popup, Waitlist Woocommerce ( Back in stock notifier ...) NOT-FOR-US: WordPress plugin CVE-2022-0214 (The Popup | Custom Popup Builder WordPress plugin before 1.3.1 autoloa ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0213 (vim is vulnerable to Heap-based Buffer Overflow ...) - vim <unfixed> [bullseye] - vim <no-dsa> (Minor issue) @@ -5253,7 +5253,7 @@ CVE-2022-0213 (vim is vulnerable to Heap-based Buffer Overflow ...) NOTE: https://huntr.dev/bounties/f3afe1a5-e6f8-4579-b68a-6e5c7e39afed NOTE: Fixed by: https://github.com/vim/vim/commit/de05bb25733c3319e18dca44e9b59c6ee389eb26 (v8.2.4074) CVE-2022-0212 (The SpiderCalendar WordPress plugin through 1.5.65 does not sanitise a ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0211 RESERVED CVE-2022-23206 (In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unpr ...) @@ -5334,12 +5334,12 @@ CVE-2022-0210 (The Random Banner WordPress plugin is vulnerable to Stored Cross- CVE-2022-0209 RESERVED CVE-2022-0208 (The MapPress Maps for WordPress plugin before 2.73.4 does not sanitise ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0207 RESERVED - vdsm <itp> (bug #668538) CVE-2022-0206 (The NewStatPress WordPress plugin before 1.3.6 does not properly escap ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0205 RESERVED CVE-2022-0204 [Heap overflow vulnerability in the implementation of the gatt protocol] @@ -5356,9 +5356,9 @@ CVE-2022-0203 (Improper Access Control in GitHub repository crater-invoice/crate CVE-2022-0202 RESERVED CVE-2022-0201 (The Permalink Manager Lite WordPress plugin before 2.2.15 and Permalin ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0200 (Themify Portfolio Post WordPress plugin before 1.1.7 does not sanitise ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0199 RESERVED CVE-2022-23178 (An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. ...) @@ -5541,17 +5541,17 @@ CVE-2022-21134 (A firmware update vulnerability exists in the &quot;update&a CVE-2022-0194 RESERVED CVE-2022-0193 (The Complianz WordPress plugin before 6.0.0 does not escape the s para ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0192 RESERVED CVE-2022-0191 RESERVED CVE-2022-0190 (The Ad Invalid Click Protector (AICP) WordPress plugin before 1.2.6 is ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0189 RESERVED CVE-2022-0188 (The CMP WordPress plugin before 4.0.19 allows any user, even not logge ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0187 RESERVED CVE-2022-0186 @@ -6144,7 +6144,7 @@ CVE-2022-22856 CVE-2022-22855 RESERVED CVE-2022-22854 (An access control issue in hprms/admin/?page=user/list of Hospital Pat ...) - TODO: check + NOT-FOR-US: Hospital Patient Record Management System CVE-2022-22853 RESERVED CVE-2022-22852 (A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodt ...) @@ -6158,7 +6158,7 @@ CVE-2022-22849 CVE-2022-22149 RESERVED CVE-2022-0176 (The PowerPack Lite for Beaver Builder WordPress plugin before 1.2.9.3 ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0175 [memory initialization issue in vrend_resource_alloc_buffer() can lead to info leak] RESERVED - virglrenderer <unfixed> @@ -9327,7 +9327,7 @@ CVE-2022-21661 (WordPress is a free and open-source content management system wr NOTE: https://hackerone.com/reports/1378209 NOTE: https://www.zerodayinitiative.com/blog/2022/1/18/cve-2021-21661-exposing-database-info-via-wordpress-sql-injection CVE-2022-21660 (Gin-vue-admin is a backstage management system based on vue and gin. I ...) - TODO: check + NOT-FOR-US: Gin-vue-admin CVE-2022-21659 (Flask-AppBuilder is an application development framework, built on top ...) - flask-appbuilder <itp> (bug #998029) NOTE: https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-wfjw-w6pv-8p7f |