From a2145f3e5e61cd725053ab28c28918c7aebcf51b Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Mon, 4 Jul 2022 22:16:38 +0200 Subject: Process some NFUs --- data/CVE/list | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index d02e641380..3f43169e51 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -294,7 +294,7 @@ CVE-2022-2270 (An issue has been discovered in GitLab affecting all versions sta CVE-2022-2269 RESERVED CVE-2022-2268 (The Import any XML or CSV File to WordPress plugin before 3.6.8 accept ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-2267 RESERVED CVE-2022-2266 @@ -7040,7 +7040,7 @@ CVE-2022-1968 (Use After Free in GitHub repository vim/vim prior to 8.2. ...) NOTE: https://huntr.dev/bounties/949090e5-f4ea-4edf-bd79-cd98f0498a5b NOTE: https://github.com/vim/vim/commit/409510c588b1eec1ae33511ae97a21eb8e110895 (v8.2.5050) CVE-2022-1967 (The WP Championship WordPress plugin before 9.3 is lacking CSRF checks ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-1966 REJECTED CVE-2022-1965 (Multiple products of CODESYS implement a improper error handling. A lo ...) @@ -7916,7 +7916,7 @@ CVE-2022-1948 CVE-2022-1947 (Use of Incorrect Operator in GitHub repository polonel/trudesk prior t ...) NOT-FOR-US: Trudesk CVE-2022-1946 (The Gallery WordPress plugin before 2.0.0 does not sanitise and escape ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-31813 (Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* h ...) - apache2 2.4.54-1 (bug #1012513) [bullseye] - apache2 (Minor issue; can be fixed in point release) @@ -16297,7 +16297,7 @@ CVE-2022-1303 (The Slide Anything WordPress plugin before 2.3.44 does not saniti CVE-2022-1302 (In the MZ Automation LibIEC61850 in versions prior to 1.5.1 an unauthe ...) NOT-FOR-US: MZ Automation LibIEC61850 CVE-2022-1301 (The WP Contact Slider WordPress plugin before 2.4.7 does not sanitize ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-1300 (Multiple Version of TRUMPF TruTops products expose a service function ...) NOT-FOR-US: TRUMPF TruTops CVE-2022-1299 (The Slideshow WordPress plugin through 2.3.1 does not sanitize and esc ...) @@ -33929,7 +33929,7 @@ CVE-2022-0252 (The GiveWP WordPress plugin before 2.17.3 does not escape the jso CVE-2022-0251 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimco ...) NOT-FOR-US: pimcore CVE-2022-0250 (The Redirection for Contact Form 7 WordPress plugin before 2.5.0 does ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0249 (A vulnerability was discovered in GitLab starting with version 12. Git ...) - gitlab CVE-2022-0248 (The Contact Form Submissions WordPress plugin before 1.7.3 does not sa ...) @@ -96743,7 +96743,7 @@ CVE-2021-25068 (The Sync WooCommerce Product feed to Google Shopping WordPress p CVE-2021-25067 (The Landing Page Builder WordPress plugin before 1.4.9.6 was affected ...) NOT-FOR-US: WordPress plugin CVE-2021-25066 (The Ninja Forms Contact Form WordPress plugin before 3.6.10 does not s ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-25065 (The Smash Balloon Social Post Feed WordPress plugin before 4.1.1 was a ...) NOT-FOR-US: WordPress plugin CVE-2021-25064 (The Wow Countdowns WordPress plugin through 3.1.2 does not sanitize us ...) @@ -96763,7 +96763,7 @@ CVE-2021-25058 (The Buffer Button WordPress plugin through 1.0 was vulnerable to CVE-2021-25057 (The Translation Exchange WordPress plugin through 1.0.14 was vulnerabl ...) NOT-FOR-US: WordPress plugin CVE-2021-25056 (The Ninja Forms Contact Form WordPress plugin before 3.6.10 does not s ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-25055 (The FeedWordPress plugin before 2022.0123 is affected by a Reflected C ...) NOT-FOR-US: WordPress plugin CVE-2021-25054 (The WPcalc WordPress plugin through 2.1 does not sanitize user input i ...) -- cgit v1.2.3