From 35be4da3b4a9a58e9b1bf324603e1a9e3c15e8ba Mon Sep 17 00:00:00 2001 From: Neil Williams Date: Wed, 18 May 2022 11:41:47 +0100 Subject: Process some NFUs --- data/CVE/list | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index 90f122f389..e40a5cbc71 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -17308,7 +17308,7 @@ CVE-2022-24858 (next-auth v3 users before version 3.29.2 are impacted. next-auth CVE-2022-24857 (django-mfa3 is a library that implements multi factor authentication f ...) NOT-FOR-US: django-mfa3 CVE-2022-24856 (FlyteConsole is the web user interface for the Flyte platform. FlyteCo ...) - TODO: check + NOT-FOR-US: flyteorg/flyteconsole CVE-2022-24855 (Metabase is an open source business intelligence and analytics applica ...) NOT-FOR-US: Metabase CVE-2022-24854 (Metabase is an open source business intelligence and analytics applica ...) @@ -18191,7 +18191,7 @@ CVE-2022-24613 (metadata-extractor up to 2.16.0 can throw various uncaught excep CVE-2022-24612 (An authenticated user can upload an XML file containing an XSS via the ...) NOT-FOR-US: EyesOfNetwork (EON) eonweb CVE-2022-24611 (Denial of Service (DoS) in the Z-Wave S0 NonceGet protocol specificati ...) - TODO: check + NOT-FOR-US: Z-Wave devices CVE-2022-24610 (Settings/network settings/wireless settings on the Alecto DVC-215IP ca ...) NOT-FOR-US: Alecto CVE-2022-24609 (Luocms v2.0 is affected by an incorrect access control vulnerability. ...) @@ -18749,19 +18749,19 @@ CVE-2022-24396 (The Simple Diagnostics Agent - versions 1.0 up to version 1.57, CVE-2022-24395 (SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.3 ...) NOT-FOR-US: SAP CVE-2022-24394 (Vulnerability in Fidelis Network and Deception CommandPost enables aut ...) - TODO: check + NOT-FOR-US: Fidelis CVE-2022-24393 (Vulnerability in Fidelis Network and Deception CommandPost enables aut ...) - TODO: check + NOT-FOR-US: Fidelis CVE-2022-24392 (Vulnerability in Fidelis Network and Deception CommandPost enables aut ...) - TODO: check + NOT-FOR-US: Fidelis CVE-2022-24391 (Vulnerability in Fidelis Network and Deception CommandPost enables SQL ...) - TODO: check + NOT-FOR-US: Fidelis CVE-2022-24390 (Vulnerability in rconfig “remote_text_file” enables an att ...) - TODO: check + NOT-FOR-US: Fidelis CVE-2022-24389 (Vulnerability in rconfig “cert_utils” enables an attacker ...) - TODO: check + NOT-FOR-US: Fidelis CVE-2022-24388 (Vulnerability in rconfig “date” enables an attacker with u ...) - TODO: check + NOT-FOR-US: Fidelis CVE-2022-24387 (With administrator or admin privileges the application can be tricked ...) NOT-FOR-US: SmarterTrack CVE-2022-24386 (Stored XSS in SmarterTools SmarterTrack This issue affects: SmarterToo ...) @@ -19800,7 +19800,7 @@ CVE-2022-24110 (Kiteworks MFT 7.5 may allow an unauthorized user to reset other CVE-2022-24109 RESERVED CVE-2022-24108 (The Skyoftech So Listing Tabs module 2.2.0 for OpenCart allows a remot ...) - TODO: check + NOT-FOR-US: OpenCart plugin CVE-2022-24107 RESERVED CVE-2022-24106 @@ -21582,7 +21582,7 @@ CVE-2022-23708 (A flaw was discovered in Elasticsearch 7.17.0’s upgrade as CVE-2022-23707 (An XSS vulnerability was found in Kibana index patterns. Using this vu ...) - kibana (bug #700337) CVE-2022-23706 (A remote cross-site scripting (xss) vulnerability was discovered in HP ...) - TODO: check + NOT-FOR-US: HPE OneView CVE-2022-23705 (A security vulnerability has been identified in HPE Nimble Storage Hyb ...) NOT-FOR-US: HPE CVE-2022-23704 (A potential security vulnerability has been identified in Integrated L ...) -- cgit v1.2.3