diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-19 10:28:06 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-19 10:28:06 +0100 |
| commit | 6da6432832d256997303389813d574a161062459 (patch) | |
| tree | 597bd72942d4527c522647611541603e30cc6e9c /data/CVE/2022.list | |
| parent | 35c439eff859bf79f06cc32b6895e1845d910eaa (diff) | |
Process NFUs
Diffstat (limited to 'data/CVE/2022.list')
| -rw-r--r-- | data/CVE/2022.list | 88 |
1 files changed, 44 insertions, 44 deletions
diff --git a/data/CVE/2022.list b/data/CVE/2022.list index 091e69ca33..fa58a5d594 100644 --- a/data/CVE/2022.list +++ b/data/CVE/2022.list @@ -17,7 +17,7 @@ CVE-2022-25360 CVE-2022-25359 RESERVED CVE-2022-25358 (A ..%2F path traversal vulnerability exists in the path handler of awf ...) - TODO: check + NOT-FOR-US: awful-salmonella-tar CVE-2022-25357 RESERVED CVE-2022-25356 @@ -294,7 +294,7 @@ CVE-2022-0649 CVE-2022-25257 RESERVED CVE-2022-25256 (SAS Web Report Studio 4.4 allows XSS. /SASWebReportStudio/logonAndRend ...) - TODO: check + NOT-FOR-US: SAS Web Report Studio CVE-2022-25255 (In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux ...) - qt6-base <unfixed> - qtbase-opensource-src <unfixed> @@ -736,21 +736,21 @@ CVE-2022-25139 (njs through 0.7.0, used in NGINX, was discovered to contain a he CVE-2022-25138 RESERVED CVE-2022-25137 (A command injection vulnerability in the function recvSlaveUpgstatus o ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2022-25136 (A command injection vulnerability in the function meshSlaveUpdate of T ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2022-25135 (A command injection vulnerability in the function recv_mesh_info_sync ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2022-25134 (A command injection vulnerability in the function setUpgradeFW of TOTO ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2022-25133 (A command injection vulnerability in the function isAssocPriDevice of ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2022-25132 (A command injection vulnerability in the function meshSlaveDlfw of TOT ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2022-25131 (A command injection vulnerability in the function recvSlaveCloudCheckS ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2022-25130 (A command injection vulnerability in the function updateWifiInfo of TO ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2022-25129 RESERVED CVE-2022-25128 @@ -1094,9 +1094,9 @@ CVE-2022-0581 (Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 a CVE-2022-0580 (Improper Access Control in Packagist librenms/librenms prior to 22.2.0 ...) NOT-FOR-US: LibreNMS CVE-2022-24980 (An issue was discovered in the Kitodo.Presentation (aka dif) extension ...) - TODO: check + NOT-FOR-US: TYPO3 extension CVE-2022-24979 (An issue was discovered in the Varnishcache extension before 2.0.1 for ...) - TODO: check + NOT-FOR-US: TYPO3 extension CVE-2022-24978 RESERVED CVE-2022-24977 (ImpressCMS before 1.4.2 allows unauthenticated remote code execution v ...) @@ -1148,7 +1148,7 @@ CVE-2022-24973 CVE-2022-24972 RESERVED CVE-2022-24971 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2022-24970 RESERVED CVE-2022-24969 @@ -2594,39 +2594,39 @@ CVE-2022-24372 CVE-2022-24371 RESERVED CVE-2022-24370 (This vulnerability allows remote attackers to disclose sensitive infor ...) - TODO: check + NOT-FOR-US: Foxit CVE-2022-24369 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2022-24368 (This vulnerability allows remote attackers to disclose sensitive infor ...) - TODO: check + NOT-FOR-US: Foxit CVE-2022-24367 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2022-24366 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2022-24365 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2022-24364 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2022-24363 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2022-24362 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2022-24361 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2022-24360 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2022-24359 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2022-24358 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2022-24357 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2022-24356 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2022-24355 (This vulnerability allows network-adjacent attackers to execute arbitr ...) - TODO: check + NOT-FOR-US: TP-Link CVE-2022-24354 (This vulnerability allows network-adjacent attackers to execute arbitr ...) - TODO: check + NOT-FOR-US: TP-Link CVE-2022-24353 RESERVED CVE-2022-24352 @@ -3399,7 +3399,7 @@ CVE-2022-24114 (Local privilege escalation due to race condition on application CVE-2022-24113 (Local privilege escalation due to excessive permissions assigned to ch ...) NOT-FOR-US: Acronis CVE-2022-0409 (Unrestricted Upload of File with Dangerous Type in Packagist showdoc/s ...) - TODO: check + NOT-FOR-US: ShowDoc CVE-2022-0408 (Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...) - vim <unfixed> [bullseye] - vim <no-dsa> (Minor issue) @@ -3536,25 +3536,25 @@ CVE-2022-0393 (Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. ... CVE-2022-24069 (An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel ...) NOT-FOR-US: Insyde CVE-2022-24064 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Sante DICOM Viewer CVE-2022-24063 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Sante DICOM Viewer CVE-2022-24062 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Sante DICOM Viewer CVE-2022-24061 (This vulnerability allows remote attackers to disclose sensitive infor ...) - TODO: check + NOT-FOR-US: Sante DICOM Viewer CVE-2022-24060 (This vulnerability allows remote attackers to disclose sensitive infor ...) - TODO: check + NOT-FOR-US: Sante DICOM Viewer CVE-2022-24059 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Sante DICOM Viewer CVE-2022-24058 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Sante DICOM Viewer CVE-2022-24057 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Sante DICOM Viewer CVE-2022-24056 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Sante DICOM Viewer CVE-2022-24055 (This vulnerability allows remote attackers to disclose sensitive infor ...) - TODO: check + NOT-FOR-US: Sante DICOM Viewer CVE-2022-24054 RESERVED CVE-2022-24053 @@ -3579,7 +3579,7 @@ CVE-2022-24050 (This vulnerability allows local attackers to escalate privileges NOTE: Fixed in MariaDB: 10.6.6, 10.5.14, 10.4.23, 10.3.33, 10.2.42 NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-364/ CVE-2022-24049 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Sonos One Speaker CVE-2022-24048 (This vulnerability allows local attackers to escalate privileges on af ...) - mariadb-10.6 <unfixed> - mariadb-10.5 <removed> @@ -3587,9 +3587,9 @@ CVE-2022-24048 (This vulnerability allows local attackers to escalate privileges NOTE: Fixed in MariaDB: 10.6.6, 10.5.14, 10.4.23, 10.3.33, 10.2.42 NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-363/ CVE-2022-24047 (This vulnerability allows remote attackers to bypass authentication on ...) - TODO: check + NOT-FOR-US: BMC Track-It! CVE-2022-24046 (This vulnerability allows network-adjacent attackers to execute arbitr ...) - TODO: check + NOT-FOR-US: Sonos One Speaker CVE-2022-24045 RESERVED CVE-2022-24044 |