From a69f26b803c3660d4316ca7e0bfbf522819f2e80 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Mon, 4 Jul 2022 11:28:48 +0200 Subject: Process some NFUs --- data/CVE/list | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index 98a5f21fba..f583e469cd 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -33,7 +33,7 @@ CVE-2022-34911 (An issue was discovered in MediaWiki before 1.35.7, 1.36.x and 1 NOTE: https://phabricator.wikimedia.org/T308471 NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/805208 CVE-2022-2290 (Cross-site Scripting (XSS) - Reflected in GitHub repository zadam/tril ...) - TODO: check + NOT-FOR-US: Trilium Notes CVE-2022-2289 (Use After Free in GitHub repository vim/vim prior to 9.0. ...) - vim (unimportant) NOTE: https://huntr.dev/bounties/7447d2ea-db5b-4883-adf4-1eaf7deace64/ @@ -1677,7 +1677,7 @@ CVE-2022-34329 CVE-2022-34328 (PMB 7.3.10 allows reflected XSS via the id parameter in an lvl=author_ ...) NOT-FOR-US: PMB CVE-2022-32284 (Use of insufficiently random values vulnerability exists in Vnet/IP co ...) - TODO: check + NOT-FOR-US: YOKOGAWA CVE-2022-2185 (A critical issue has been discovered in GitLab affecting all versions ...) TODO: check CVE-2022-2184 @@ -5890,7 +5890,7 @@ CVE-2022-28697 CVE-2022-2036 (Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacqu ...) NOT-FOR-US: francoisjacquet/rosariosis CVE-2022-32551 (Zoho ManageEngine ServiceDesk Plus MSP before 10604 allows path traver ...) - TODO: check + NOT-FOR-US: Zoho ManageEngine CVE-2022-32550 (An issue was discovered in AgileBits 1Password, involving the method v ...) NOT-FOR-US: AgileBits 1Password CVE-2022-32549 (Apache Sling Commons Log <= 5.4.0 and Apache Sling API <= 2.25.0 ...) @@ -6334,7 +6334,7 @@ CVE-2022-32422 CVE-2022-32421 RESERVED CVE-2022-32420 (College Management System v1.0 was discovered to contain a remote code ...) - TODO: check + NOT-FOR-US: College Management System CVE-2022-32419 RESERVED CVE-2022-32418 @@ -6350,9 +6350,9 @@ CVE-2022-32414 (Nginx NJS v0.7.2 was discovered to contain a segmentation violat CVE-2022-32413 RESERVED CVE-2022-32412 (An issue in the /template/edit component of HongCMS v3.0 allows attack ...) - TODO: check + NOT-FOR-US: HongCMS CVE-2022-32411 (An issue in the languages config file of HongCMS v3.0 allows attackers ...) - TODO: check + NOT-FOR-US: HongCMS CVE-2022-32410 RESERVED CVE-2022-32409 @@ -7283,11 +7283,11 @@ CVE-2022-32097 CVE-2022-32096 RESERVED CVE-2022-32095 (Hospital Management System v1.0 was discovered to contain a SQL inject ...) - TODO: check + NOT-FOR-US: Hospital Management System CVE-2022-32094 (Hospital Management System v1.0 was discovered to contain a SQL inject ...) - TODO: check + NOT-FOR-US: Hospital Management System CVE-2022-32093 (Hospital Management System v1.0 was discovered to contain a SQL inject ...) - TODO: check + NOT-FOR-US: Hospital Management System CVE-2022-32092 (D-Link DIR-645 v1.03 was discovered to contain a command injection vul ...) NOT-FOR-US: D-Link CVE-2022-32091 (MariaDB v10.7 was discovered to contain an use-after-poison in in __in ...) @@ -7401,25 +7401,25 @@ CVE-2022-32055 CVE-2022-32054 RESERVED CVE-2022-32053 (TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2022-32052 (TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2022-32051 (TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2022-32050 (TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2022-32049 (TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2022-32048 (TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2022-32047 (TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2022-32046 (TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2022-32045 (TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2022-32044 (TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2022-32043 (Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the ...) NOT-FOR-US: Tenda CVE-2022-32042 @@ -7621,7 +7621,7 @@ CVE-2022-31945 (Rescue Dispatch Management System v1.0 is vulnerable to Delete a CVE-2022-31944 RESERVED CVE-2022-31943 (MCMS v5.2.8 was discovered to contain an arbitrary file upload vulnera ...) - TODO: check + NOT-FOR-US: MCMS CVE-2022-31942 RESERVED CVE-2022-31941 (Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection ...) -- cgit v1.2.3