Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 0e4dd0a1 by security tracker role at 2022-02-04T20:10:17+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,23 @@ +CVE-2022-24408 + RESERVED +CVE-2022-0501 + RESERVED +CVE-2022-0500 + RESERVED +CVE-2022-0499 + RESERVED +CVE-2022-0498 + RESERVED +CVE-2022-0497 + RESERVED +CVE-2022-0496 + RESERVED +CVE-2022-0495 + RESERVED +CVE-2022-0494 + RESERVED +CVE-2022-0493 + RESERVED CVE-2022-XXXX [information leak] - atftp 0.7.git20210915-1 (bug #1004974) NOTE: https://sourceforge.net/p/atftp/code/ci/9cf799c40738722001552618518279e9f0ef62e5 (v0.7.5) @@ -3599,8 +3619,8 @@ CVE-2022-23318 RESERVED CVE-2022-23317 RESERVED -CVE-2022-23316 - RESERVED +CVE-2022-23316 (An issue was discovered in taoCMS v3.0.2. There is an arbitrary file r ...) + TODO: check CVE-2022-23315 (MCMS v5.2.4 was discovered to contain an arbitrary file upload vulnera ...) NOT-FOR-US: MCMS CVE-2022-23314 (MCMS v5.2.4 was discovered to contain a SQL injection vulnerability vi ...) @@ -3631,8 +3651,8 @@ CVE-2022-0267 RESERVED CVE-2021-46399 RESERVED -CVE-2021-46398 - RESERVED +CVE-2021-46398 (A Cross-Site Request Forgery (CSRF) vulnerability exists in Filebrowse ...) + TODO: check CVE-2021-46397 RESERVED CVE-2021-46396 @@ -3827,8 +3847,8 @@ CVE-2021-46322 (Duktape v2.99.99 was discovered to contain a SEGV vulnerability NOT-FOR-US: Duktape CVE-2021-46321 RESERVED -CVE-2021-46320 - RESERVED +CVE-2021-46320 (In OpenZeppelin <=v4.4.0, initializer functions that are invoked se ...) + TODO: check CVE-2021-46319 RESERVED CVE-2021-46318 @@ -11312,8 +11332,8 @@ CVE-2021-44985 RESERVED CVE-2021-44984 RESERVED -CVE-2021-44983 - RESERVED +CVE-2021-44983 (In taocms 3.0.1 after logging in to the background, there is an Arbitr ...) + TODO: check CVE-2021-44982 RESERVED CVE-2021-44981 (In QuickBox Pro v2.5.8 and below, the config.php file has a variable w ...) @@ -11322,10 +11342,10 @@ CVE-2021-44980 RESERVED CVE-2021-44979 RESERVED -CVE-2021-44978 - RESERVED -CVE-2021-44977 - RESERVED +CVE-2021-44978 (iCMS <= 8.0.0 allows users to add and render a comtom template, whi ...) + TODO: check +CVE-2021-44977 (In iCMS <=8.0.0, a directory traversal vulnerability allows an atta ...) + TODO: check CVE-2021-44976 RESERVED CVE-2021-44975 @@ -11501,16 +11521,16 @@ CVE-2021-44905 RESERVED CVE-2021-44904 RESERVED -CVE-2021-44903 - RESERVED +CVE-2021-44903 (Micro-Star International (MSI) Center Pro <= 2.0.16.0 is vulnerable ...) + TODO: check CVE-2021-44902 RESERVED -CVE-2021-44901 - RESERVED -CVE-2021-44900 - RESERVED -CVE-2021-44899 - RESERVED +CVE-2021-44901 (Micro-Star International (MSI) Dragon Center <= 2.0.116.0 is vulner ...) + TODO: check +CVE-2021-44900 (Micro-Star International (MSI) App Player <= 4.280.1.6309 is vulner ...) + TODO: check +CVE-2021-44899 (Micro-Star International (MSI) Center <= 1.0.31.0 is vulnerable to ...) + TODO: check CVE-2021-44898 RESERVED CVE-2021-44897 @@ -11535,8 +11555,8 @@ CVE-2021-44888 RESERVED CVE-2021-44887 RESERVED -CVE-2021-44886 - RESERVED +CVE-2021-44886 (In Zammad 5.0.2, agents can configure "out of office" periods and subs ...) + TODO: check CVE-2021-44885 RESERVED CVE-2021-44884 @@ -18679,8 +18699,8 @@ CVE-2021-43147 RESERVED CVE-2021-43146 RESERVED -CVE-2021-43145 - RESERVED +CVE-2021-43145 (With certain LDAP configurations, Zammad 5.0.1 was found to be vulnera ...) + TODO: check CVE-2021-43144 RESERVED CVE-2021-43143 @@ -302856,15 +302876,17 @@ CVE-2017-6964 (dmcrypt-get-device, as shipped in the eject package of Debian and CVE-2017-6963 RESERVED CVE-2017-6962 (An issue was discovered in apng2gif 1.7. There is an integer overflow ...) + {DLA-2911-1} - apng2gif 1.8-0.1 (bug #854447) [jessie] - apng2gif <not-affected> (Vulnerable code introduced later with refactoring) [wheezy] - apng2gif <not-affected> (Vulnerable code introduced later with refactoring) CVE-2017-6961 (An issue was discovered in apng2gif 1.7. There is improper sanitizatio ...) + {DLA-2911-1} - apng2gif 1.8-0.1 (bug #854441) [jessie] - apng2gif <not-affected> (Vulnerable code introduced later with refactoring) [wheezy] - apng2gif <not-affected> (Vulnerable code introduced later with refactoring) CVE-2017-6960 (An issue was discovered in apng2gif 1.7. There is an integer overflow ...) - {DLA-2165-1 DLA-981-1} + {DLA-2911-1 DLA-2165-1 DLA-981-1} - apng2gif 1.8-0.1 (bug #854367) CVE-2017-6959 REJECTED View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e4dd0a183e4b3324da121acb8911e2e06a19f6e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e4dd0a183e4b3324da121acb8911e2e06a19f6e You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits