diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2022-03-21 21:21:17 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-03-21 21:21:17 +0100 |
| commit | ad2eaf088e969080dccd64f7d64f3bb87d4c922f (patch) | |
| tree | 28e48b14b0b6cd28ee31444d42b9494da5dc8dc6 /data | |
| parent | 9b31a24e32e6de27e121bd4e7446587b6af7e517 (diff) | |
Process NFUs
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 36 |
1 files changed, 18 insertions, 18 deletions
diff --git a/data/CVE/list b/data/CVE/list index 906f70effd..d946b1101a 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -3800,7 +3800,7 @@ CVE-2022-26088 CVE-2022-0761 RESERVED CVE-2022-0760 (The Simple Link Directory WordPress plugin before 7.7.2 does not valid ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0759 RESERVED CVE-2022-26085 @@ -4329,7 +4329,7 @@ CVE-2022-0749 (This affects all versions of package SinGooCMS.Utility. The socke CVE-2022-0748 (The package post-loader from 0.0.0 are vulnerable to Arbitrary Code Ex ...) TODO: check CVE-2022-0747 (The Infographic Maker WordPress plugin before 4.3.8 does not validate ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0746 (Business Logic Errors in GitHub repository dolibarr/dolibarr prior to ...) - dolibarr <removed> CVE-2022-0745 @@ -4417,7 +4417,7 @@ CVE-2022-0741 CVE-2022-0740 RESERVED CVE-2022-0739 (The BookingPress WordPress plugin before 1.0.11 fails to properly sani ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0738 RESERVED - gitlab <not-affected> (Vulnerable code introduced later) @@ -5474,7 +5474,7 @@ CVE-2022-25370 CVE-2022-25355 (EC-CUBE 3.0.0 to 3.0.18-p3 and EC-CUBE 4.0.0 to 4.1.1 improperly handl ...) NOT-FOR-US: EC-CUBE CVE-2022-0694 (The Advanced Booking Calendar WordPress plugin before 1.7.0 does not v ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0693 RESERVED CVE-2022-0692 (Open Redirect on Rudloff/alltube in Packagist rudloff/alltube prior to ...) @@ -5496,7 +5496,7 @@ CVE-2022-0689 (Use multiple time the one-time coupon in Packagist microweber/mic CVE-2022-0688 (Business Logic Errors in Packagist microweber/microweber prior to 1.2. ...) NOT-FOR-US: microweber CVE-2022-0687 (The Amelia WordPress plugin before 1.0.47 stores image blobs into actu ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0686 (Authorization Bypass Through User-Controlled Key in NPM url-parse prio ...) - node-url-parse 1.5.9+~1.4.8-1 [stretch] - node-url-parse <end-of-life> (Nodejs in stretch not covered by security support) @@ -5629,7 +5629,7 @@ CVE-2022-0683 (The Essential Addons for Elementor Lite WordPress plugin is vulne CVE-2022-0682 RESERVED CVE-2022-0681 (The Simple Membership WordPress plugin before 4.1.0 does not have CSRF ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0680 RESERVED CVE-2022-0679 @@ -5920,7 +5920,7 @@ CVE-2022-0642 CVE-2022-0641 RESERVED CVE-2022-0640 (The Pricing Table Builder WordPress plugin before 1.1.5 does not sanit ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0639 (Authorization Bypass Through User-Controlled Key in NPM url-parse prio ...) - node-url-parse 1.5.7-1 [bullseye] - node-url-parse <no-dsa> (Minor issue) @@ -5965,9 +5965,9 @@ CVE-2022-0629 (Stack-based Buffer Overflow in GitHub repository vim/vim prior to NOTE: https://huntr.dev/bounties/95e2b0da-e480-4ee8-9324-a93a2ab0a877/ NOTE: https://github.com/vim/vim/commit/34f8117dec685ace52cd9e578e2729db278163fc (v8.2.4397) CVE-2022-0628 (The Mega Menu WordPress plugin before 3.0.8 does not sanitize and esca ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0627 (The Amelia WordPress plugin before 1.0.47 does not sanitize and escape ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0626 RESERVED CVE-2022-0625 @@ -6095,7 +6095,7 @@ CVE-2022-0617 (A flaw null pointer dereference in the Linux kernel UDF file syst NOTE: https://git.kernel.org/linus/7fc3b7c2981bbd1047916ade327beccb90994eee NOTE: https://git.kernel.org/linus/ea8569194b43f0f01f0a84c689388542c7254a1f CVE-2022-0616 (The Amelia WordPress plugin before 1.0.47 does not have CSRF check in ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0615 (Use-after-free in eset_rtp kernel module used in ESET products for Lin ...) NOT-FOR-US: ESET CVE-2022-0614 (Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2. ...) @@ -6310,9 +6310,9 @@ CVE-2022-0593 (The Login with phone number WordPress plugin before 1.3.7 include CVE-2022-0592 RESERVED CVE-2022-0591 (The FormCraft WordPress plugin before 3.8.28 does not validate the URL ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0590 (The BulletProof Security WordPress plugin before 5.8 does not sanitise ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0589 (Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms pri ...) NOT-FOR-US: LibreNMS CVE-2022-0588 (Exposure of Sensitive Information to an Unauthorized Actor in Packagis ...) @@ -8926,7 +8926,7 @@ CVE-2022-0425 CVE-2022-0424 RESERVED CVE-2022-0423 (The 3D FlipBook WordPress plugin before 1.12.1 does not have authorisa ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0422 (The White Label CMS WordPress plugin before 2.2.9 does not sanitise an ...) NOT-FOR-US: WordPress plugin CVE-2022-0421 @@ -10097,7 +10097,7 @@ CVE-2022-0366 (An authenticated and authorized agent user could potentially gain CVE-2022-0365 (The affected product is vulnerable to an authenticated OS command inje ...) NOT-FOR-US: Ricon Mobile CVE-2022-0364 (The Modern Events Calendar Lite WordPress plugin before 6.4.0 does not ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0363 RESERVED CVE-2022-0362 (SQL Injection in Packagist showdoc/showdoc prior to 2.10.3. ...) @@ -12752,7 +12752,7 @@ CVE-2022-0231 (livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) CVE-2022-0230 (The Better WordPress Google XML Sitemaps WordPress plugin through 1.4. ...) NOT-FOR-US: WordPress plugin CVE-2022-0229 (The miniOrange's Google Authenticator WordPress plugin before 5.5 does ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0228 (The Popup Builder WordPress plugin before 4.0.7 does not validate and ...) NOT-FOR-US: WordPress plugin CVE-2021-46304 @@ -15635,7 +15635,7 @@ CVE-2022-22396 CVE-2022-22395 RESERVED CVE-2022-22394 (The IBM Spectrum Protect 8.1.14.000 server could allow a remote attack ...) - TODO: check + NOT-FOR-US: IBM CVE-2022-22393 RESERVED CVE-2022-22392 @@ -74394,7 +74394,7 @@ CVE-2021-25021 (The OMGF | Host Google Fonts Locally WordPress plugin before 4.5 CVE-2021-25020 (The CAOS | Host Google Analytics Locally WordPress plugin before 4.1.9 ...) NOT-FOR-US: WordPress plugin CVE-2021-25019 (The SEO Plugin by Squirrly SEO WordPress plugin before 11.1.12 does no ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-25018 (The PPOM for WooCommerce WordPress plugin before 24.0 does not have au ...) NOT-FOR-US: WordPress plugin CVE-2021-25017 (The Tutor LMS WordPress plugin before 1.9.12 does not escape the searc ...) @@ -74622,7 +74622,7 @@ CVE-2021-24907 (The Contact Form, Drag and Drop Form Builder for WordPress plugi CVE-2021-24906 (The Protect WP Admin WordPress plugin before 3.6.2 does not check for ...) NOT-FOR-US: WordPress plugin CVE-2021-24905 (The Advanced Contact form 7 DB WordPress plugin before 1.8.7 does not ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24904 (The Mortgage Calculators WP WordPress plugin before 1.56 does not impl ...) NOT-FOR-US: WordPress plugin CVE-2021-24903 (The GRAND FlaGallery WordPress plugin through 6.1.2 does not sanitise ...) |