[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Thu, 25 Aug 2022 01:10:35 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
80fe4f5c by security tracker role at 2022-08-25T08:10:14+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,43 @@
+CVE-2022-38744
+       RESERVED
+CVE-2022-38743
+       RESERVED
+CVE-2022-38742
+       RESERVED
+CVE-2022-38741
+       RESERVED
+CVE-2022-38740
+       RESERVED
+CVE-2022-38739
+       RESERVED
+CVE-2022-38738
+       RESERVED
+CVE-2022-38737
+       RESERVED
+CVE-2022-38736
+       RESERVED
+CVE-2022-38735
+       RESERVED
+CVE-2022-38734
+       RESERVED
+CVE-2022-38733
+       RESERVED
+CVE-2022-38732
+       RESERVED
+CVE-2022-38731
+       RESERVED
+CVE-2022-2985
+       RESERVED
+CVE-2022-2984
+       RESERVED
+CVE-2022-2983
+       RESERVED
+CVE-2022-2982
+       RESERVED
+CVE-2022-2981
+       RESERVED
+CVE-2022-2980
+       RESERVED
 CVE-2022-2979
        RESERVED
 CVE-2022-2978 (A flaw use after free in the Linux kernel NILFS file system was 
found  ...)
@@ -5162,8 +5202,8 @@ CVE-2022-36806
        RESERVED
 CVE-2022-36805
        RESERVED
-CVE-2022-36804
-       RESERVED
+CVE-2022-36804 (Multiple API endpoints in Atlassian Bitbucket Server and Data 
Center 7 ...)
+       TODO: check
 CVE-2022-36803
        RESERVED
 CVE-2022-36802
@@ -9712,8 +9752,8 @@ CVE-2022-34962 (OpenTeknik LLC OSSN OPEN SOURCE SOCIAL 
NETWORK v6.3 LTS was disc
        NOT-FOR-US: OpenTeknik
 CVE-2022-34961 (OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was 
discovered ...)
        NOT-FOR-US: OpenTeknik
-CVE-2022-34960
-       RESERVED
+CVE-2022-34960 (The container package in MikroTik RouterOS 7.4beta4 allows an 
attacker ...)
+       TODO: check
 CVE-2022-34959
        RESERVED
 CVE-2022-34958
@@ -15149,10 +15189,10 @@ CVE-2022-32896
        RESERVED
 CVE-2022-32895
        RESERVED
-CVE-2022-32894
-       RESERVED
-CVE-2022-32893
-       RESERVED
+CVE-2022-32894 (An out-of-bounds write issue was addressed with improved 
bounds checki ...)
+       TODO: check
+CVE-2022-32893 (An out-of-bounds write issue was addressed with improved 
bounds checki ...)
+       TODO: check
 CVE-2022-32892
        RESERVED
 CVE-2022-32891
@@ -15223,8 +15263,8 @@ CVE-2022-32859
        RESERVED
 CVE-2022-32858
        RESERVED
-CVE-2022-32857
-       RESERVED
+CVE-2022-32857 (This issue was addressed by using HTTPS when sending 
information over  ...)
+       TODO: check
 CVE-2022-32856
        RESERVED
 CVE-2022-32855
@@ -15257,20 +15297,20 @@ CVE-2022-32842
        RESERVED
 CVE-2022-32841
        RESERVED
-CVE-2022-32840
-       RESERVED
-CVE-2022-32839
-       RESERVED
-CVE-2022-32838
-       RESERVED
-CVE-2022-32837
-       RESERVED
+CVE-2022-32840 (This issue was addressed with improved checks. This issue is 
fixed in  ...)
+       TODO: check
+CVE-2022-32839 (The issue was addressed with improved bounds checks. This 
issue is fix ...)
+       TODO: check
+CVE-2022-32838 (A logic issue was addressed with improved state management. 
This issue ...)
+       TODO: check
+CVE-2022-32837 (This issue was addressed with improved checks. This issue is 
fixed in  ...)
+       TODO: check
 CVE-2022-32836
        RESERVED
 CVE-2022-32835
        RESERVED
-CVE-2022-32834
-       RESERVED
+CVE-2022-32834 (An access issue was addressed with improvements to the 
sandbox. This i ...)
+       TODO: check
 CVE-2022-32833
        RESERVED
 CVE-2022-32832
@@ -15315,14 +15355,14 @@ CVE-2022-32815
        RESERVED
 CVE-2022-32814
        RESERVED
-CVE-2022-32813
-       RESERVED
-CVE-2022-32812
-       RESERVED
-CVE-2022-32811
-       RESERVED
-CVE-2022-32810
-       RESERVED
+CVE-2022-32813 (The issue was addressed with improved memory handling. This 
issue is f ...)
+       TODO: check
+CVE-2022-32812 (The issue was addressed with improved memory handling. This 
issue is f ...)
+       TODO: check
+CVE-2022-32811 (A memory corruption vulnerability was addressed with improved 
locking. ...)
+       TODO: check
+CVE-2022-32810 (The issue was addressed with improved memory handling. This 
issue is f ...)
+       TODO: check
 CVE-2022-32809
        RESERVED
 CVE-2022-32808
@@ -15355,8 +15395,8 @@ CVE-2022-32795
        RESERVED
 CVE-2022-32794
        RESERVED
-CVE-2022-32793
-       RESERVED
+CVE-2022-32793 (Multiple out-of-bounds write issues were addressed with 
improved bound ...)
+       TODO: check
 CVE-2022-32792 [An out-of-bounds write issue was addressed with improved input 
validation]
        RESERVED
        {DSA-5211-1 DSA-5210-1 DLA-3073-1}
@@ -16316,8 +16356,8 @@ CVE-2022-32429 (An authentication-bypass issue in the 
component http://MYDEVICEI
        NOT-FOR-US: Mega System Technologies Inc MSNSwitch
 CVE-2022-32428
        RESERVED
-CVE-2022-32427
-       RESERVED
+CVE-2022-32427 (PrinterLogic Windows Client through 25.0.0.676 allows 
attackers to exe ...)
+       TODO: check
 CVE-2022-32426
        RESERVED
 CVE-2022-32425 (The login function of Mealie v1.0.0beta-2 allows attackers to 
enumerat ...)
@@ -18540,7 +18580,7 @@ CVE-2022-31678
 CVE-2022-31677
        RESERVED
 CVE-2022-31676 (VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local 
privilege es ...)
-       {DSA-5215-1}
+       {DSA-5215-1 DLA-3081-1}
        - open-vm-tools 2:12.1.0-1 (bug #1018012)
        NOTE: Fixed by: 
https://github.com/vmware/open-vm-tools/commit/70a74758bfe0042c27f15ce590fb21a2bc54d745
 (stable-12.1.0)
        NOTE: 
https://github.com/vmware/open-vm-tools/blob/CVE-2022-31676.patch/1205-Properly-check-authorization-on-incoming-guestOps-re.patch
@@ -97542,7 +97582,7 @@ CVE-2021-28863
        RESERVED
 CVE-2021-28862
        RESERVED
-CVE-2021-28861 (Python 3.x through 3.10 has an open redirection vulnerability 
in lib/h ...)
+CVE-2021-28861 (** DISPUTED ** Python 3.x through 3.10 has an open redirection 
vulnera ...)
        TODO: check
 CVE-2021-28860 (In Node.js mixme, prior to v0.5.1, an attacker can add or 
alter proper ...)
        NOT-FOR-US: Node mixme
@@ -272362,10 +272402,10 @@ CVE-2018-14521 (An issue was discovered in aubio 
0.4.6. A SEGV signal can occur
        [stretch] - aubio <no-dsa> (Minor issue)
        [jessie] - aubio <no-dsa> (Minor issue)
        NOTE: https://github.com/aubio/aubio/issues/187
-CVE-2018-14520
-       RESERVED
-CVE-2018-14519
-       RESERVED
+CVE-2018-14520 (An issue was discovered in Kirby 2.5.12. The application 
allows malici ...)
+       TODO: check
+CVE-2018-14519 (An issue was discovered in Kirby 2.5.12. The delete page 
functionality ...)
+       TODO: check
 CVE-2018-14518
        RESERVED
 CVE-2018-14517 (SeaCMS 6.61 has two XSS issues in the admin_config.php file 
via certai ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80fe4f5cce84faa5a9f78aa22cd77bac3e35b9de

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80fe4f5cce84faa5a9f78aa22cd77bac3e35b9de
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to