diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2022-03-18 10:50:36 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-03-18 10:50:36 +0100 |
commit | 4809e9c1ecb8ab4ebef1aaa515bb77f2814acb0c (patch) | |
tree | baaa68e000009a23c6710f43642e69d5024024e5 /data | |
parent | 22e0b1dc9499ad399a47b41806142054d117d9ff (diff) |
Process some NFUs
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/data/CVE/list b/data/CVE/list index 76c97d4525..ba0ca7c795 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -353,7 +353,7 @@ CVE-2022-26026 CVE-2022-25969 (The installer of WPS Office Version 10.8.0.6186 insecurely load VERSIO ...) NOT-FOR-US: WPS Office CVE-2022-25949 (The kernel mode driver kwatch3 of KINGSOFT Internet Security 9 Plus Ve ...) - TODO: check + NOT-FOR-US: KINGSOFT CVE-2022-0970 (Cross-site Scripting (XSS) - Stored in GitHub repository getgrav/grav ...) TODO: check CVE-2022-0969 @@ -843,7 +843,7 @@ CVE-2022-26966 (An issue was discovered in the Linux kernel before 5.16.12. driv [buster] - linux 4.19.232-1 NOTE: https://git.kernel.org/linus/e9da0b56fe27206b49f39805f7dcda8a89379062 (5.17-rc6) CVE-2022-26965 (In Pluck 4.7.16, an admin user can use the theme upload functionality ...) - TODO: check + NOT-FOR-US: Pluck CMS CVE-2022-26964 RESERVED CVE-2022-26963 @@ -1936,15 +1936,15 @@ CVE-2022-26505 (A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1 NOTE: https://sourceforge.net/p/minidlna/git/ci/c21208508dbc131712281ec5340687e5ae89e940/ NOTE: https://www.openwall.com/lists/oss-security/2022/03/03/1 CVE-2022-26504 (Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4 ...) - TODO: check + NOT-FOR-US: Veeam CVE-2022-26503 (Deserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, ...) NOT-FOR-US: Veeam CVE-2022-26502 RESERVED CVE-2022-26501 (Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4 ...) - TODO: check + NOT-FOR-US: Veeam CVE-2022-26500 (Improper limitation of path names in Veeam Backup & Replication 9. ...) - TODO: check + NOT-FOR-US: Veeam CVE-2022-26499 RESERVED CVE-2022-26498 @@ -3730,9 +3730,9 @@ CVE-2022-21126 CVE-2022-21122 RESERVED CVE-2022-0758 (Rapid7 Nexpose versions 6.6.129 and earlier suffer from a reflected cr ...) - TODO: check + NOT-FOR-US: Rapid7 Nexpose CVE-2022-0757 (Rapid7 Nexpose versions 6.6.93 and earlier are susceptible to an SQL I ...) - TODO: check + NOT-FOR-US: Rapid7 Nexpose CVE-2022-0756 (Improper Authorization in GitHub repository salesagility/suitecrm prio ...) NOT-FOR-US: SuiteCRM CVE-2022-0755 (Improper Access Control in GitHub repository salesagility/suitecrm pri ...) @@ -12133,7 +12133,7 @@ CVE-2022-23220 (USBView 2.1 before 2.2 allows some local users (e.g., ones logge NOTE: Fixed by: https://github.com/gregkh/usbview/commit/bf374fa4e5b9a756789dfd88efa93806a395463b (v2.2) NOTE: Hardening: https://github.com/gregkh/usbview/commit/1282782301570b3ee27f82f4f34c2c1a82bfd91a (v2.2) CVE-2022-0237 (Rapid7 Insight Agent versions 3.1.2.38 and earlier suffer from a privi ...) - TODO: check + NOT-FOR-US: Rapid7 Insight Agent CVE-2022-0236 (The WP Import Export WordPress plugin (both free and premium versions) ...) NOT-FOR-US: WordPress plugin CVE-2022-0235 (node-fetch is vulnerable to Exposure of Sensitive Information to an Un ...) @@ -15287,7 +15287,7 @@ CVE-2021-46109 (Invalid input sanitizing leads to reflected Cross Site Scripting CVE-2021-46108 (D-Link DSL-2730E CT-20131125 devices allow XSS via the username parame ...) NOT-FOR-US: D-Link CVE-2021-46107 (Ligeo Archives Ligeo Basics as of 02_01-2022 is vulnerable to Server S ...) - TODO: check + NOT-FOR-US: Ligeo Archives Ligeo Basics CVE-2021-46106 RESERVED CVE-2021-46105 @@ -15663,9 +15663,9 @@ CVE-2021-45969 (An issue was discovered in AhciBusDxe in Insyde InsydeH2O with k CVE-2021-45968 (An issue was discovered in xmppserver jar in the XMPP Server component ...) TODO: check CVE-2021-45967 (An issue was discovered in Pascom Cloud Phone System before 7.20.x. A ...) - TODO: check + NOT-FOR-US: Pascom Cloud Phone System CVE-2021-45966 (An issue was discovered in Pascom Cloud Phone System before 7.20.x. In ...) - TODO: check + NOT-FOR-US: Pascom Cloud Phone System CVE-2021-45965 RESERVED CVE-2021-45964 |