diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2022-01-18 21:40:30 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-01-18 21:41:13 +0100 |
| commit | 18a272249e9c6d39ea048a7e15f10873bd2e3d6e (patch) | |
| tree | f9ca2b2e9a7df23ebe9afbe6e2d384483027d6ca /data/CVE/list.2022 | |
| parent | e8e05d2ae1fbd04948cc376891ed1f619a0e0a4b (diff) | |
Process several NFUs
Diffstat (limited to 'data/CVE/list.2022')
| -rw-r--r-- | data/CVE/list.2022 | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/data/CVE/list.2022 b/data/CVE/list.2022 index 6ba5d9c897..f196dbbf1f 100644 --- a/data/CVE/list.2022 +++ b/data/CVE/list.2022 @@ -213,9 +213,9 @@ CVE-2022-23306 CVE-2022-23305 (By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as ...) TODO: check CVE-2022-0263 (Unrestricted Upload of File with Dangerous Type in Packagist pimcore/p ...) - TODO: check + NOT-FOR-US: pimcore CVE-2022-0262 (Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior ...) - TODO: check + NOT-FOR-US: pimcore CVE-2022-0261 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...) TODO: check CVE-2022-0260 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimco ...) @@ -450,7 +450,7 @@ CVE-2022-23220 CVE-2022-0237 RESERVED CVE-2022-0236 (The WP Import Export WordPress plugin (both free and premium versions) ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0235 (node-fetch is vulnerable to Exposure of Sensitive Information to an Un ...) - node-fetch <unfixed> NOTE: https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/ @@ -458,9 +458,9 @@ CVE-2022-0235 (node-fetch is vulnerable to Exposure of Sensitive Information to CVE-2022-0234 RESERVED CVE-2022-0233 (The ProfileGrid – User Profiles, Memberships, Groups and Communi ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0232 (The User Registration, Login & Landing Pages WordPress plugin is v ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0231 (livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) ...) NOT-FOR-US: livehelperchat CVE-2022-0230 @@ -530,7 +530,7 @@ CVE-2022-0218 CVE-2022-0216 RESERVED CVE-2022-0215 (The Login/Signup Popup, Waitlist Woocommerce ( Back in stock notifier ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0214 RESERVED CVE-2022-0213 (vim is vulnerable to Heap-based Buffer Overflow ...) @@ -606,7 +606,7 @@ CVE-2022-0217 [Unauthenticated Remote Denial of Service Attack in the WebSocket NOTE: https://hg.prosody.im/0.11/raw-rev/783056b4e448 NOTE: https://www.openwall.com/lists/oss-security/2022/01/13/3 CVE-2022-0210 (The Random Banner WordPress plugin is vulnerable to Stored Cross-Site ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-0209 RESERVED CVE-2022-0208 @@ -1915,7 +1915,7 @@ CVE-2022-22692 CVE-2022-22691 (The password reset component deployed within Umbraco uses the hostname ...) TODO: check CVE-2022-22690 (Within the Umbraco CMS, a configuration element named "UmbracoApplicat ...) - TODO: check + NOT-FOR-US: Umbraco CMS CVE-2022-22689 RESERVED CVE-2022-22688 |