[Git][security-tracker-team/security-tracker][master] automatic update

Fri, 03 Jun 2022 01:10:33 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e931d30b by security tracker role at 2022-06-03T08:10:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,85 @@
+CVE-2022-32274
+       RESERVED
+CVE-2022-32273
+       RESERVED
+CVE-2022-32272
+       RESERVED
+CVE-2022-32271 (In Real Player 20.0.8.310, there is a DCP:// URI Remote 
Arbitrary Code ...)
+       TODO: check
+CVE-2022-32270 (In Real Player 20.0.7.309 and 20.0.8.310, external::Import() 
allows do ...)
+       TODO: check
+CVE-2022-32269 (In Real Player 20.0.8.310, the G2 Control allows injection of 
unsafe j ...)
+       TODO: check
+CVE-2022-32268 (StarWind SAN and NAS v0.2 build 1914 allow remote code 
execution. ...)
+       TODO: check
+CVE-2022-32267
+       RESERVED
+CVE-2022-32266
+       RESERVED
+CVE-2022-32265 (qDecoder before 12.1.0 does not ensure that the percent 
character is f ...)
+       TODO: check
+CVE-2022-32264
+       RESERVED
+CVE-2022-32263
+       RESERVED
+CVE-2022-32262
+       RESERVED
+CVE-2022-32261
+       RESERVED
+CVE-2022-32260
+       RESERVED
+CVE-2022-32259
+       RESERVED
+CVE-2022-32258
+       RESERVED
+CVE-2022-32257
+       RESERVED
+CVE-2022-32256
+       RESERVED
+CVE-2022-32255
+       RESERVED
+CVE-2022-32254
+       RESERVED
+CVE-2022-32253
+       RESERVED
+CVE-2022-32252
+       RESERVED
+CVE-2022-32251
+       RESERVED
+CVE-2022-32250 (net/netfilter/nf_tables_api.c in the Linux kernel through 
5.18.1 allow ...)
+       TODO: check
+CVE-2022-32249
+       RESERVED
+CVE-2022-32248
+       RESERVED
+CVE-2022-32247
+       RESERVED
+CVE-2022-32246
+       RESERVED
+CVE-2022-32245
+       RESERVED
+CVE-2022-32244
+       RESERVED
+CVE-2022-32243
+       RESERVED
+CVE-2022-32242
+       RESERVED
+CVE-2022-32241
+       RESERVED
+CVE-2022-32240
+       RESERVED
+CVE-2022-32239
+       RESERVED
+CVE-2022-32238
+       RESERVED
+CVE-2022-32237
+       RESERVED
+CVE-2022-32236
+       RESERVED
+CVE-2022-32235
+       RESERVED
+CVE-2022-1986
+       RESERVED
 CVE-2022-32234
        RESERVED
 CVE-2022-30943
@@ -2197,16 +2279,16 @@ CVE-2022-31465
        RESERVED
 CVE-2022-31464
        RESERVED
-CVE-2022-31463
-       RESERVED
-CVE-2022-31462
-       RESERVED
-CVE-2022-31461
-       RESERVED
-CVE-2022-31460
-       RESERVED
-CVE-2022-31459
-       RESERVED
+CVE-2022-31463 (Owl Labs Meeting Owl 5.2.0.15 does not require a password for 
Bluetoot ...)
+       TODO: check
+CVE-2022-31462 (Owl Labs Meeting Owl 5.2.0.15 allows attackers to control the 
device v ...)
+       TODO: check
+CVE-2022-31461 (Owl Labs Meeting Owl 5.2.0.15 allows attackers to deactivate 
the passc ...)
+       TODO: check
+CVE-2022-31460 (Owl Labs Meeting Owl 5.2.0.15 allows attackers to activate 
Tethering M ...)
+       TODO: check
+CVE-2022-31459 (Owl Labs Meeting Owl 5.2.0.15 allows attackers to retrieve the 
passcod ...)
+       TODO: check
 CVE-2022-31458
        RESERVED
 CVE-2022-31457
@@ -3187,8 +3269,8 @@ CVE-2022-31026
        RESERVED
 CVE-2022-31025
        RESERVED
-CVE-2022-31024
-       RESERVED
+CVE-2022-31024 (richdocuments is the repository for NextCloud Collabra, the 
app for Ne ...)
+       TODO: check
 CVE-2022-31023 (Play Framework is a web framework for Java and Scala. Verions 
prior to ...)
        TODO: check
 CVE-2022-31022 (Bleve is a text indexing library for go. Bleve includes HTTP 
utilities ...)
@@ -5516,20 +5598,20 @@ CVE-2022-30240 (An argument injection vulnerability in 
the browser-based authent
        NOT-FOR-US: Magnitude Simba Amazon Redshift JDBC Driver
 CVE-2022-30239 (An argument injection vulnerability in the browser-based 
authenticatio ...)
        NOT-FOR-US: Magnitude Simba Amazon Athena JDBC Driver
-CVE-2022-30238
-       RESERVED
-CVE-2022-30237
-       RESERVED
-CVE-2022-30236
-       RESERVED
-CVE-2022-30235
-       RESERVED
-CVE-2022-30234
-       RESERVED
-CVE-2022-30233
-       RESERVED
-CVE-2022-30232
-       RESERVED
+CVE-2022-30238 (A CWE-287: Improper Authentication vulnerability exists that 
could all ...)
+       TODO: check
+CVE-2022-30237 (A CWE-311: Missing Encryption of Sensitive Data vulnerability 
exists t ...)
+       TODO: check
+CVE-2022-30236 (A CWE-669: Incorrect Resource Transfer Between Spheres 
vulnerability e ...)
+       TODO: check
+CVE-2022-30235 (A CWE-307: Improper Restriction of Excessive Authentication 
Attempts v ...)
+       TODO: check
+CVE-2022-30234 (A CWE-798: Use of Hard-coded Credentials vulnerability exists 
that cou ...)
+       TODO: check
+CVE-2022-30233 (A CWE-20: Improper Input Validation vulnerability exists that 
could al ...)
+       TODO: check
+CVE-2022-30232 (A CWE-20: Improper Input Validation vulnerability exists that 
could ca ...)
+       TODO: check
 CVE-2022-30231
        RESERVED
 CVE-2022-30230
@@ -7037,8 +7119,8 @@ CVE-2022-29769
        RESERVED
 CVE-2022-29768
        RESERVED
-CVE-2022-29767
-       RESERVED
+CVE-2022-29767 (adbyby v2.7 allows external users to make connections via port 
8118. T ...)
+       TODO: check
 CVE-2022-29766
        RESERVED
 CVE-2022-29765
@@ -7135,8 +7217,8 @@ CVE-2022-29720 (74cmsSE v3.5.1 was discovered to contain 
an arbitrary file read
        NOT-FOR-US: 74cmsSE
 CVE-2022-29719
        RESERVED
-CVE-2022-29718
-       RESERVED
+CVE-2022-29718 (Caddy v2.4 was discovered to contain an open redirect 
vulnerability. A ...)
+       TODO: check
 CVE-2022-29717
        RESERVED
 CVE-2022-29716
@@ -7429,8 +7511,8 @@ CVE-2022-29596 (MicroStrategy Enterprise Manager 2022 
allows authentication bypa
        NOT-FOR-US: MicroStrategy Enterprise Manager
 CVE-2022-29595
        RESERVED
-CVE-2022-29594
-       RESERVED
+CVE-2022-29594 (eG Agent before 7.2 has weak file permissions that enable 
escalation o ...)
+       TODO: check
 CVE-2022-29593
        RESERVED
 CVE-2022-1441 (MP4Box is a component of GPAC-2.0.0, which is a widely-used 
third-part ...)
@@ -8862,10 +8944,10 @@ CVE-2022-29087
        RESERVED
 CVE-2022-29086
        RESERVED
-CVE-2022-29085
-       RESERVED
-CVE-2022-29084
-       RESERVED
+CVE-2022-29085 (Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 
5.2.0.0 ...)
+       TODO: check
+CVE-2022-29084 (Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 
5.2.0.0.5 ...)
+       TODO: check
 CVE-2022-29083
        RESERVED
 CVE-2022-29082 (Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 
19.2.x, 19.2.0 ...)
@@ -15308,14 +15390,14 @@ CVE-2022-26871 (An arbitrary file upload 
vulnerability in Trend Micro Apex Centr
        NOT-FOR-US: Trend Micro
 CVE-2022-26870
        RESERVED
-CVE-2022-26869
-       RESERVED
-CVE-2022-26868
-       RESERVED
-CVE-2022-26867
-       RESERVED
-CVE-2022-26866
-       RESERVED
+CVE-2022-26869 (Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x contains 
an open ...)
+       TODO: check
+CVE-2022-26868 (Dell EMC PowerStore versions 2.0.0.x, 2.0.1.x, and 2.1.0.x are 
vulnera ...)
+       TODO: check
+CVE-2022-26867 (PowerStore SW v2.1.1.0 supports the option to export data to 
either a  ...)
+       TODO: check
+CVE-2022-26866 (Dell PowerStore Versions before v2.1.1.0. contains a Stored 
Cross-Site ...)
+       TODO: check
 CVE-2022-26865 (Dell Support Assist OS Recovery versions before 5.5.2 contain 
an Authe ...)
        NOT-FOR-US: Dell SupportAssist
 CVE-2022-26864
@@ -29332,10 +29414,10 @@ CVE-2022-22559 (Dell PowerScale OneFS, version 9.3.0, 
contains a use of a broken
        NOT-FOR-US: Dell PowerScale OneFS
 CVE-2022-22558 (Dell PowerEdge Server BIOS contains an Improper SMM 
communication buff ...)
        NOT-FOR-US: Dell
-CVE-2022-22557
-       RESERVED
-CVE-2022-22556
-       RESERVED
+CVE-2022-22557 (PowerStore contains Plain-Text Password Storage Vulnerability 
in Power ...)
+       TODO: check
+CVE-2022-22556 (Dell PowerStore contains an Uncontrolled Resource Consumption 
Vulnerab ...)
+       TODO: check
 CVE-2022-22555
        RESERVED
 CVE-2022-22554 (Dell EMC System Update, version 1.9.2 and prior, contain an 
Unprotecte ...)
@@ -42721,12 +42803,12 @@ CVE-2021-42879
        RESERVED
 CVE-2021-42878
        RESERVED
-CVE-2021-42877
-       RESERVED
+CVE-2021-42877 (TOTOLINK EX1200T V4.1.2cu.5215 contains a denial of service 
vulnerabil ...)
+       TODO: check
 CVE-2021-42876
        RESERVED
-CVE-2021-42875
-       RESERVED
+CVE-2021-42875 (TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command 
injection vul ...)
+       TODO: check
 CVE-2021-42874
        RESERVED
 CVE-2021-42873
@@ -67305,8 +67387,8 @@ CVE-2021-33475
        RESERVED
 CVE-2021-33474
        RESERVED
-CVE-2021-33473
-       RESERVED
+CVE-2021-33473 (An argument injection vulnerability in Dragonfly Ruby Gem 
v1.3.0 allow ...)
+       TODO: check
 CVE-2021-33472
        RESERVED
 CVE-2021-33471



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e931d30b22e430caad67e744cdca7fbc63788b2f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e931d30b22e430caad67e744cdca7fbc63788b2f
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to