From fec78624ee57aa713ee39844dbe6092fe8435524 Mon Sep 17 00:00:00 2001 From: Neil Williams Date: Thu, 19 May 2022 10:16:53 +0100 Subject: Process some NFUs --- data/CVE/list | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index e58df8e7aa..fa9cc3d1ef 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -6330,13 +6330,13 @@ CVE-2022-28926 CVE-2022-28925 RESERVED CVE-2022-28924 (An information disclosure vulnerability in UniverSIS-Students before v ...) - TODO: check + NOT-FOR-US: UniverSIS CVE-2022-28923 RESERVED CVE-2022-28922 RESERVED CVE-2022-28921 (A Cross-Site Request Forgery (CSRF) vulnerability discovered in BlogEn ...) - TODO: check + NOT-FOR-US: BlogEngine.NET CVE-2022-28920 (Tieba-Cloud-Sign v4.9 was discovered to contain a cross-site scripting ...) NOT-FOR-US: Baidu Tieba CVE-2022-28919 (HTMLCreator release_stable_2020-07-29 was discovered to contain a cros ...) @@ -12848,7 +12848,7 @@ CVE-2022-25943 (The installer of WPS Office for Windows versions prior to v11.2. CVE-2022-0880 (Cross-site Scripting (XSS) - Stored in GitHub repository star7th/showd ...) NOT-FOR-US: ShowDoc CVE-2022-26650 (In Apache ShenYui, ShenYu-Bootstrap, RegexPredicateJudge.java uses Pat ...) - TODO: check + NOT-FOR-US: Apache ShenYu CVE-2022-26649 RESERVED CVE-2022-26648 @@ -15632,7 +15632,7 @@ CVE-2022-25619 (Improper Neutralization of Special Elements used in a Command (' CVE-2022-25618 (Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability ...) NOT-FOR-US: WordPress plugin CVE-2022-25617 (Reflected Cross-Site Scripting (XSS) vulnerability in Code Snippets pl ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-25616 RESERVED CVE-2022-25615 (Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom ...) @@ -16965,9 +16965,9 @@ CVE-2022-25164 CVE-2022-25163 RESERVED CVE-2022-25162 (Improper Input Validation vulnerability in Mitsubishi Electric MELSEC ...) - TODO: check + NOT-FOR-US: Mitsubishi CVE-2022-25161 (Improper Input Validation vulnerability in Mitsubishi Electric MELSEC ...) - TODO: check + NOT-FOR-US: Mitsubishi CVE-2022-25160 (Cleartext Storage of Sensitive Information vulnerability in Mitsubishi ...) NOT-FOR-US: Mitsubishi CVE-2022-25159 (Authentication Bypass by Capture-replay vulnerability in Mitsubishi El ...) @@ -17761,7 +17761,7 @@ CVE-2022-24891 (ESAPI (The OWASP Enterprise Security API) is a free, open source NOTE: https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin8.pdf NOTE: https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.3.0.0-release-notes.txt CVE-2022-24890 (Nextcloud Talk is a video and audio conferencing app for Nextcloud. In ...) - TODO: check + NOT-FOR-US: Nextcloud talk app CVE-2022-24889 (Nextcloud Server is the file server software for Nextcloud, a self-hos ...) - nextcloud-server (bug #941708) CVE-2022-24888 (Nextcloud Server is the file server software for Nextcloud, a self-hos ...) @@ -24312,9 +24312,9 @@ CVE-2022-23070 CVE-2022-23069 RESERVED CVE-2022-23068 (ToolJet versions v0.6.0 to v1.10.2 are vulnerable to HTML injection wh ...) - TODO: check + NOT-FOR-US: ToolJet CVE-2022-23067 (ToolJet versions v0.5.0 to v1.2.2 are vulnerable to token leakage via ...) - TODO: check + NOT-FOR-US: ToolJet CVE-2022-23066 (In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Ca ...) NOT-FOR-US: Solana rBPF CVE-2022-23065 (In Vendure versions 0.1.0-alpha.2 to 1.5.1 are affected by Stored XSS ...) @@ -24546,7 +24546,7 @@ CVE-2022-22977 CVE-2022-22976 RESERVED CVE-2022-22975 (An issue was discovered in the Pinniped Supervisor with either LADPIde ...) - TODO: check + NOT-FOR-US: vmware-tanzu/pinniped CVE-2022-22974 RESERVED CVE-2022-22973 -- cgit v1.2.3