diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-18 21:41:51 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-18 21:41:51 +0100 |
| commit | d53a4ce1adca81c5c0bd55047e26aa33d9753d3f (patch) | |
| tree | 0deedf16b73ee4a80a78e0c208e0966e17216073 /data/CVE/2022.list | |
| parent | 64820e086a445648fcdd7728711791d693861b7a (diff) | |
Process several NFUs
Diffstat (limited to 'data/CVE/2022.list')
| -rw-r--r-- | data/CVE/2022.list | 38 |
1 files changed, 19 insertions, 19 deletions
diff --git a/data/CVE/2022.list b/data/CVE/2022.list index b432fb3193..80d7e7db32 100644 --- a/data/CVE/2022.list +++ b/data/CVE/2022.list @@ -1,9 +1,9 @@ CVE-2022-25337 (Ibexa DXP ezsystems/ezpublish-kernel 7.5.x before 7.5.26 and 1.3.x bef ...) - TODO: check + NOT-FOR-US: Ibexa CVE-2022-25336 (Ibexa DXP ezsystems/ezpublish-kernel 7.5.x before 7.5.26 and 1.3.x bef ...) - TODO: check + NOT-FOR-US: Ibexa CVE-2022-25335 (RigoBlock Dragos through 2022-02-17 lacks the onlyOwner modifier for s ...) - TODO: check + NOT-FOR-US: RigoBlock Dragos CVE-2022-25334 RESERVED CVE-2022-25333 @@ -41,9 +41,9 @@ CVE-2022-0678 CVE-2022-0677 RESERVED CVE-2022-25323 (ZEROF Web Server 2.0 allows /admin.back XSS. ...) - TODO: check + NOT-FOR-US: ZEROF Web Server CVE-2022-25322 (ZEROF Web Server 2.0 allows /HandleEvent SQL Injection. ...) - TODO: check + NOT-FOR-US: ZEROF Web Server CVE-2022-25321 (An issue was discovered in Cerebrate through 1.4. XSS could occur in t ...) NOT-FOR-US: Cerebrate CVE-2022-25320 (An issue was discovered in Cerebrate through 1.4. Username enumeration ...) @@ -95,9 +95,9 @@ CVE-2022-21158 CVE-2022-0674 RESERVED CVE-2022-0673 (A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoni ...) - TODO: check + NOT-FOR-US: LemMinX CVE-2022-0672 (A flaw was found in LemMinX in versions prior to 0.19.0. Insecure redi ...) - TODO: check + NOT-FOR-US: LemMinX CVE-2022-0671 (A flaw was found in vscode-xml in versions prior to 0.19.0. Schema dow ...) TODO: check CVE-2022-0670 @@ -109,11 +109,11 @@ CVE-2022-0668 CVE-2022-0667 RESERVED CVE-2022-0666 (CRLF Injection leads to Stack Trace Exposure due to lack of filtering ...) - TODO: check + NOT-FOR-US: microweber CVE-2022-0665 RESERVED CVE-2022-0664 (Use of Hard-coded Cryptographic Key in Go github.com/gravitl/netmaker ...) - TODO: check + NOT-FOR-US: Go github.com/gravitl/netmaker CVE-2022-0663 RESERVED CVE-2022-0662 @@ -121,7 +121,7 @@ CVE-2022-0662 CVE-2022-0661 RESERVED CVE-2022-0660 (Generation of Error Message Containing Sensitive Information in Packag ...) - TODO: check + NOT-FOR-US: microweber CVE-2022-0659 RESERVED CVE-2022-0658 @@ -3708,9 +3708,9 @@ CVE-2022-23984 CVE-2022-23983 RESERVED CVE-2022-23982 (The vulnerability discovered in WordPress Perfect Brands for WooCommer ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-23981 (The vulnerability allows Subscriber+ level users to create brands in W ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-23980 (Cross-Site Scripting (XSS) vulnerability discovered in Yasr – Ye ...) NOT-FOR-US: WordPress plugin CVE-2022-23979 (Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability ...) @@ -4231,11 +4231,11 @@ CVE-2022-22146 (Cross-site scripting vulnerability in TransmitMail 2.5.0 to 2.6. CVE-2022-21193 (Directory traversal vulnerability in TransmitMail 2.5.0 to 2.6.1 allow ...) NOT-FOR-US: TransmitMail CVE-2022-21176 (MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior ...) - TODO: check + NOT-FOR-US: Airspan Networks CVE-2022-21143 (MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior ...) - TODO: check + NOT-FOR-US: Airspan Networks CVE-2022-21141 (MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior ...) - TODO: check + NOT-FOR-US: Airspan Networks CVE-2022-0335 (A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, ...) - moodle <removed> CVE-2022-0334 (A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, ...) @@ -7426,7 +7426,7 @@ CVE-2022-0139 (Use After Free in GitHub repository radareorg/radare2 prior to 5. NOTE: https://huntr.dev/bounties/3dcb6f40-45cd-403b-929f-db123fde32c0/ NOTE: https://github.com/radareorg/radare2/commit/37897226a1a31f982bfefdc4aeefc2e50355c73c (5.6.0) CVE-2022-0138 (MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior ...) - TODO: check + NOT-FOR-US: Airspan Networks CVE-2022-0137 RESERVED CVE-2022-0136 @@ -8899,11 +8899,11 @@ CVE-2022-22153 (An Insufficient Algorithmic Complexity combined with an Allocati CVE-2022-22152 (A Protection Mechanism Failure vulnerability in the REST API of Junipe ...) NOT-FOR-US: Juniper CVE-2022-21800 (MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior ...) - TODO: check + NOT-FOR-US: Airspan Networks CVE-2022-21215 (This vulnerability could allow an attacker to force the server to crea ...) - TODO: check + NOT-FOR-US: Airspan Networks CVE-2022-21196 (MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior ...) - TODO: check + NOT-FOR-US: Airspan Networks CVE-2022-21155 RESERVED CVE-2022-21137 (Omron CX-One Versions 4.60 and prior are vulnerable to a stack-based b ...) |