diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2022-02-04 09:24:37 +0100 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2022-02-04 09:27:16 +0100 |
commit | 4aa100be6ac2ae9b8c0afabf69aa48976fd6ff76 (patch) | |
tree | 561204b8e50cc69e5f3be95775dbfa252a5f17ae /data | |
parent | 8bbd4d6e91e08b87c14f28ece85979266ada55ce (diff) |
NFUs
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 26 |
1 files changed, 13 insertions, 13 deletions
diff --git a/data/CVE/list b/data/CVE/list index 252d3a0e89..75ac5c223d 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -262,7 +262,7 @@ CVE-2022-0473 CVE-2022-24308 RESERVED CVE-2022-24307 (Mastodon before 3.3.2 and 3.4.x before 3.4.6 has incorrect access cont ...) - TODO: check + NOT-FOR-US: Mastodon CVE-2022-24306 RESERVED CVE-2022-24305 @@ -529,7 +529,7 @@ CVE-2022-0433 [missing initialization in bloom filter map in kernel/bpf/bloom_fi NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2048259 NOTE: Fixed by: https://git.kernel.org/linus/3ccdcee28415c4226de05438b4d89eb5514edf73 (5.17-rc1) CVE-2022-0432 (Prototype Pollution in GitHub repository mastodon/mastodon prior to 3. ...) - TODO: check + NOT-FOR-US: Mastodon CVE-2022-0431 RESERVED CVE-2022-0430 @@ -874,7 +874,7 @@ CVE-2022-24125 CVE-2022-24124 (The query API in Casdoor before 1.13.1 has a SQL injection vulnerabili ...) NOT-FOR-US: Casdoor CVE-2022-24123 (MarkText through 0.16.3 does not sanitize the input of a mermaid block ...) - TODO: check + NOT-FOR-US: MarkText CVE-2022-24121 (SQL Injection vulnerability discovered in Unified Office Total Connect ...) NOT-FOR-US: Unified Office CVE-2021-46660 (Signiant Manager+Agents before 15.1 allows XML External Entity (XXE) a ...) @@ -963,7 +963,7 @@ CVE-2022-0403 CVE-2022-0402 RESERVED CVE-2022-0401 (Path Traversal in NPM w-zip prior to 1.0.12. ...) - TODO: check + NOT-FOR-US: Node w-zip CVE-2022-0400 [Out of bounds read in the smc protocol stack] RESERVED - linux <unfixed> @@ -2831,9 +2831,9 @@ CVE-2022-23605 CVE-2022-23604 RESERVED CVE-2022-23603 (iTunesRPC-Remastered is a discord rich presence application for use wi ...) - TODO: check + NOT-FOR-US: iTunesRPC-Remastered CVE-2022-23602 (Nimforum is a lightweight alternative to Discourse written in Nim. In ...) - TODO: check + NOT-FOR-US: Nimforum CVE-2022-23601 (Symfony is a PHP framework for web and console applications and a set ...) - symfony <not-affected> (Vulnerable code not present; no Debian released version contained the vulnerable code) NOTE: https://symfony.com/blog/cve-2022-23601-csrf-token-missing-in-forms @@ -11522,11 +11522,11 @@ CVE-2021-44884 CVE-2021-44883 RESERVED CVE-2021-44882 (D-Link device DIR_878_FW1.30B08_Hotfix_02 was discovered to contain a ...) - TODO: check + NOT-FOR-US: D-Link CVE-2021-44881 (D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered to co ...) - TODO: check + NOT-FOR-US: D-Link CVE-2021-44880 (D-Link devices DIR_878 DIR_878_FW1.30B08_Hotfix_02 and DIR_882 DIR_882 ...) - TODO: check + NOT-FOR-US: D-Link CVE-2021-44879 RESERVED CVE-2021-44878 (Pac4j v5.1 and earlier allows (by default) clients to accept and succe ...) @@ -11554,7 +11554,7 @@ CVE-2021-44868 CVE-2021-44867 RESERVED CVE-2021-44866 (An issue was discovered in Online-Movie-Ticket-Booking-System 1.0. The ...) - TODO: check + NOT-FOR-US: Online-Movie-Ticket-Booking-System CVE-2021-44865 RESERVED CVE-2021-44864 @@ -13392,9 +13392,9 @@ CVE-2021-44249 (Online Motorcycle (Bike) Rental System 1.0 is vulnerable to a Bl CVE-2021-44248 RESERVED CVE-2021-44247 (Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B201 ...) - TODO: check + NOT-FOR-US: Totolink CVE-2021-44246 (Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B201 ...) - TODO: check + NOT-FOR-US: Totolink CVE-2021-44245 (An SQL Injection vulnerability exists in Courcecodester COVID 19 Testi ...) NOT-FOR-US: Sourcecodester COVID 19 Testing Management System (CTMS) CVE-2021-44244 (An SQL Injection vulnerabiity exists in Sourcecodester Logistic Hub Pa ...) @@ -14494,7 +14494,7 @@ CVE-2022-21712 CVE-2022-21711 (elfspirit is an ELF static analysis and injection framework that parse ...) NOT-FOR-US: elfspirit CVE-2022-21710 (ShortDescription is a MediaWiki extension that provides local short de ...) - TODO: check + NOT-FOR-US: ShortDescription MediaWiki extension CVE-2022-21709 RESERVED CVE-2022-21708 (graphql-go is a GraphQL server with a focus on ease of use. In version ...) |