Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bd10aa3b by security tracker role at 2022-08-25T20:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,39 @@
+CVE-2022-38752
+ RESERVED
+CVE-2022-38751
+ RESERVED
+CVE-2022-38750
+ RESERVED
+CVE-2022-38749
+ RESERVED
+CVE-2022-38748
+ RESERVED
+CVE-2022-38747
+ RESERVED
+CVE-2022-38746
+ RESERVED
+CVE-2022-38745
+ RESERVED
+CVE-2022-2993
+ RESERVED
+CVE-2022-2992
+ RESERVED
+CVE-2022-2991 (A heap-based buffer overflow was found in the Linux kernel's
LightNVM ...)
+ TODO: check
+CVE-2022-2990
+ RESERVED
+CVE-2022-2989
+ RESERVED
+CVE-2022-2988
+ RESERVED
+CVE-2022-2987
+ RESERVED
+CVE-2022-2986
+ RESERVED
+CVE-2021-46835
+ RESERVED
+CVE-2020-36602
+ RESERVED
CVE-2022-38744
RESERVED
CVE-2022-38743
@@ -151,8 +187,7 @@ CVE-2022-2961
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2120595
CVE-2022-2960
RESERVED
-CVE-2022-2959
- RESERVED
+CVE-2022-2959 (A race condition was found in the Linux kernel's watch queue
due to a ...)
- linux 5.18.2-1
[bullseye] - linux 5.10.120-1
[buster] - linux <not-affected> (Vulnerable code introduced later)
@@ -160,8 +195,8 @@ CVE-2022-2959
NOTE:
https://git.kernel.org/linus/189b0ddc245139af81198d1a3637cac74f96e13a (5.19-rc1)
CVE-2022-2958
RESERVED
-CVE-2022-2957
- RESERVED
+CVE-2022-2957 (A vulnerability classified as critical was found in
SourceCodester Sim ...)
+ TODO: check
CVE-2022-2956 (A vulnerability classified as problematic has been found in
ConsoleTVs ...)
NOT-FOR-US: Noxen
CVE-2022-2955
@@ -2036,8 +2071,8 @@ CVE-2022-36373
RESERVED
CVE-2022-36365
RESERVED
-CVE-2022-36358
- RESERVED
+CVE-2022-36358 (Cross-Site Request Forgery (CSRF) vulnerability in SEO Scout
plugin &l ...)
+ TODO: check
CVE-2022-36355
RESERVED
CVE-2022-36352
@@ -2300,10 +2335,10 @@ CVE-2022-37955
RESERVED
CVE-2022-37954
RESERVED
-CVE-2022-37953
- RESERVED
-CVE-2022-37952
- RESERVED
+CVE-2022-37953 (An HTTP response splitting vulnerability exists in the AM
Gateway Chal ...)
+ TODO: check
+CVE-2022-37952 (A reflected cross-site scripting (XSS) vulnerability exists in
the iHi ...)
+ TODO: check
CVE-2022-37951
RESERVED
CVE-2022-37950
@@ -2600,60 +2635,60 @@ CVE-2022-37826
RESERVED
CVE-2022-37825
RESERVED
-CVE-2022-37824
- RESERVED
-CVE-2022-37823
- RESERVED
-CVE-2022-37822
- RESERVED
-CVE-2022-37821
- RESERVED
-CVE-2022-37820
- RESERVED
-CVE-2022-37819
- RESERVED
-CVE-2022-37818
- RESERVED
-CVE-2022-37817
- RESERVED
-CVE-2022-37816
- RESERVED
-CVE-2022-37815
- RESERVED
-CVE-2022-37814
- RESERVED
-CVE-2022-37813
- RESERVED
-CVE-2022-37812
- RESERVED
-CVE-2022-37811
- RESERVED
-CVE-2022-37810
- RESERVED
-CVE-2022-37809
- RESERVED
-CVE-2022-37808
- RESERVED
-CVE-2022-37807
- RESERVED
-CVE-2022-37806
- RESERVED
-CVE-2022-37805
- RESERVED
-CVE-2022-37804
- RESERVED
-CVE-2022-37803
- RESERVED
-CVE-2022-37802
- RESERVED
-CVE-2022-37801
- RESERVED
-CVE-2022-37800
- RESERVED
-CVE-2022-37799
- RESERVED
-CVE-2022-37798
- RESERVED
+CVE-2022-37824 (Tenda AX1803 v1.0.0.1 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37823 (Tenda AX1803 v1.0.0.1 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37822 (Tenda AX1803 v1.0.0.1 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37821 (Tenda AX1803 v1.0.0.1 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37820 (Tenda AX1803 v1.0.0.1 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37819 (Tenda AX1803 v1.0.0.1 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37818 (Tenda AX1803 v1.0.0.1 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37817 (Tenda AX1803 v1.0.0.1 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37816 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack
overflow v ...)
+ TODO: check
+CVE-2022-37815 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack
overflow v ...)
+ TODO: check
+CVE-2022-37814 (Tenda AC1206 V15.03.06.23 was discovered to contain multiple
stack ove ...)
+ TODO: check
+CVE-2022-37813 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack
overflow v ...)
+ TODO: check
+CVE-2022-37812 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack
overflow v ...)
+ TODO: check
+CVE-2022-37811 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack
overflow v ...)
+ TODO: check
+CVE-2022-37810 (Tenda AC1206 V15.03.06.23 was discovered to contain a command
injectio ...)
+ TODO: check
+CVE-2022-37809 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack
overflow v ...)
+ TODO: check
+CVE-2022-37808 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack
overflow v ...)
+ TODO: check
+CVE-2022-37807 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack
overflow v ...)
+ TODO: check
+CVE-2022-37806 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack
overflow v ...)
+ TODO: check
+CVE-2022-37805 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack
overflow v ...)
+ TODO: check
+CVE-2022-37804 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack
overflow v ...)
+ TODO: check
+CVE-2022-37803 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack
overflow v ...)
+ TODO: check
+CVE-2022-37802 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack
overflow v ...)
+ TODO: check
+CVE-2022-37801 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack
overflow v ...)
+ TODO: check
+CVE-2022-37800 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack
overflow v ...)
+ TODO: check
+CVE-2022-37799 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack
overflow v ...)
+ TODO: check
+CVE-2022-37798 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack
overflow v ...)
+ TODO: check
CVE-2022-37797
RESERVED
CVE-2022-37796
@@ -3487,6 +3522,7 @@ CVE-2022-2669
CVE-2022-2668 (An issue was discovered in Keycloak that allows arbitrary
Javascript t ...)
NOT-FOR-US: Keycloak
CVE-2022-37434 (zlib through 1.2.12 has a heap-based buffer over-read or
buffer overfl ...)
+ {DSA-5218-1}
- zlib 1:1.2.11.dfsg-4.1 (bug #1016710)
NOTE: https://github.com/ivd38/zlib_overflow
NOTE:
https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1
@@ -4015,8 +4051,8 @@ CVE-2022-37294
RESERVED
CVE-2022-37293
RESERVED
-CVE-2022-37292
- RESERVED
+CVE-2022-37292 (Tenda AX12 V22.03.01.21_CN is vulnerable to Buffer Overflow.
This over ...)
+ TODO: check
CVE-2022-37291
RESERVED
CVE-2022-37290
@@ -4109,22 +4145,22 @@ CVE-2022-37247
RESERVED
CVE-2022-37246
RESERVED
-CVE-2022-37245
- RESERVED
-CVE-2022-37244
- RESERVED
-CVE-2022-37243
- RESERVED
-CVE-2022-37242
- RESERVED
-CVE-2022-37241
- RESERVED
-CVE-2022-37240
- RESERVED
-CVE-2022-37239
- RESERVED
-CVE-2022-37238
- RESERVED
+CVE-2022-37245 (MDaemon Technologies SecurityGateway for Email Servers 8.5.2
is vulner ...)
+ TODO: check
+CVE-2022-37244 (MDaemon Technologies SecurityGateway for Email Servers 8.5.2
is vulner ...)
+ TODO: check
+CVE-2022-37243 (MDaemon Technologies SecurityGateway for Email Servers 8.5.2
is vulner ...)
+ TODO: check
+CVE-2022-37242 (MDaemon Technologies SecurityGateway for Email Servers 8.5.2,
is vulne ...)
+ TODO: check
+CVE-2022-37241 (MDaemon Technologies SecurityGateway for Email Servers 8.5.2
is vulner ...)
+ TODO: check
+CVE-2022-37240 (MDaemon Technologies SecurityGateway for Email Servers 8.5.2
is vulner ...)
+ TODO: check
+CVE-2022-37239 (MDaemon Technologies SecurityGateway for Email Servers 8.5.2
is vulner ...)
+ TODO: check
+CVE-2022-37238 (MDaemon Technologies SecurityGateway for Email Servers 8.5.2
is vulner ...)
+ TODO: check
CVE-2022-37237
RESERVED
CVE-2022-37236
@@ -4275,16 +4311,16 @@ CVE-2022-37164
RESERVED
CVE-2022-37163
RESERVED
-CVE-2022-37162
- RESERVED
-CVE-2022-37161
- RESERVED
-CVE-2022-37160
- RESERVED
-CVE-2022-37159
- RESERVED
-CVE-2022-37158
- RESERVED
+CVE-2022-37162 (Claroline 13.5.7 and prior is vulnerable to Cross Site
Scripting (XSS) ...)
+ TODO: check
+CVE-2022-37161 (Claroline 13.5.7 and prior is vulnerable to Cross Site
Scripting (XSS) ...)
+ TODO: check
+CVE-2022-37160 (Claroline 13.5.7 and prior allows an authenticated attacker to
elevate ...)
+ TODO: check
+CVE-2022-37159 (Claroline 13.5.7 and prior is vulnerable to Remote code
execution via ...)
+ TODO: check
+CVE-2022-37158 (RuoYi v3.8.3 has a Weak password vulnerability in the
management syste ...)
+ TODO: check
CVE-2022-37157
RESERVED
CVE-2022-37156
@@ -4399,76 +4435,76 @@ CVE-2022-37102
RESERVED
CVE-2022-37101
RESERVED
-CVE-2022-37100
- RESERVED
-CVE-2022-37099
- RESERVED
-CVE-2022-37098
- RESERVED
-CVE-2022-37097
- RESERVED
-CVE-2022-37096
- RESERVED
-CVE-2022-37095
- RESERVED
-CVE-2022-37094
- RESERVED
-CVE-2022-37093
- RESERVED
-CVE-2022-37092
- RESERVED
-CVE-2022-37091
- RESERVED
-CVE-2022-37090
- RESERVED
-CVE-2022-37089
- RESERVED
-CVE-2022-37088
- RESERVED
-CVE-2022-37087
- RESERVED
-CVE-2022-37086
- RESERVED
-CVE-2022-37085
- RESERVED
-CVE-2022-37084
- RESERVED
-CVE-2022-37083
- RESERVED
-CVE-2022-37082
- RESERVED
-CVE-2022-37081
- RESERVED
-CVE-2022-37080
- RESERVED
-CVE-2022-37079
- RESERVED
-CVE-2022-37078
- RESERVED
-CVE-2022-37077
- RESERVED
-CVE-2022-37076
- RESERVED
-CVE-2022-37075
- RESERVED
-CVE-2022-37074
- RESERVED
-CVE-2022-37073
- RESERVED
-CVE-2022-37072
- RESERVED
-CVE-2022-37071
- RESERVED
-CVE-2022-37070
- RESERVED
-CVE-2022-37069
- RESERVED
-CVE-2022-37068
- RESERVED
-CVE-2022-37067
- RESERVED
-CVE-2022-37066
- RESERVED
+CVE-2022-37100 (H3C H200 H200V100R004 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37099 (H3C H200 H200V100R004 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37098 (H3C H200 H200V100R004 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37097 (H3C H200 H200V100R004 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37096 (H3C H200 H200V100R004 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37095 (H3C H200 H200V100R004 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37094 (H3C H200 H200V100R004 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37093 (H3C H200 H200V100R004 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37092 (H3C H200 H200V100R004 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37091 (H3C H200 H200V100R004 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37090 (H3C H200 H200V100R004 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37089 (H3C H200 H200V100R004 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37088 (H3C H200 H200V100R004 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37087 (H3C H200 H200V100R004 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37086 (H3C H200 H200V100R004 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37085 (H3C H200 H200V100R004 was discovered to contain a stack
overflow via t ...)
+ TODO: check
+CVE-2022-37084 (TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to
contain a sta ...)
+ TODO: check
+CVE-2022-37083 (TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to
contain a com ...)
+ TODO: check
+CVE-2022-37082 (TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to
contain a com ...)
+ TODO: check
+CVE-2022-37081 (TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to
contain a com ...)
+ TODO: check
+CVE-2022-37080 (TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to
contain a sta ...)
+ TODO: check
+CVE-2022-37079 (TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to
contain a com ...)
+ TODO: check
+CVE-2022-37078 (TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to
contain a com ...)
+ TODO: check
+CVE-2022-37077 (TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to
contain a sta ...)
+ TODO: check
+CVE-2022-37076 (TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to
contain a com ...)
+ TODO: check
+CVE-2022-37075 (TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to
contain a sta ...)
+ TODO: check
+CVE-2022-37074 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a
stack over ...)
+ TODO: check
+CVE-2022-37073 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a
stack over ...)
+ TODO: check
+CVE-2022-37072 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a
stack over ...)
+ TODO: check
+CVE-2022-37071 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a
stack over ...)
+ TODO: check
+CVE-2022-37070 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a
command in ...)
+ TODO: check
+CVE-2022-37069 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a
stack over ...)
+ TODO: check
+CVE-2022-37068 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a
stack over ...)
+ TODO: check
+CVE-2022-37067 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a
stack over ...)
+ TODO: check
+CVE-2022-37066 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a
stack over ...)
+ TODO: check
CVE-2022-37065
RESERVED
CVE-2022-37064
@@ -5777,138 +5813,138 @@ CVE-2022-36522
RESERVED
CVE-2022-36521
RESERVED
-CVE-2022-36520
- RESERVED
-CVE-2022-36519
- RESERVED
-CVE-2022-36518
- RESERVED
-CVE-2022-36517
- RESERVED
-CVE-2022-36516
- RESERVED
-CVE-2022-36515
- RESERVED
-CVE-2022-36514
- RESERVED
-CVE-2022-36513
- RESERVED
+CVE-2022-36520 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a
stack over ...)
+ TODO: check
+CVE-2022-36519 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a
stack over ...)
+ TODO: check
+CVE-2022-36518 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a
stack over ...)
+ TODO: check
+CVE-2022-36517 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a
stack over ...)
+ TODO: check
+CVE-2022-36516 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a
stack over ...)
+ TODO: check
+CVE-2022-36515 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a
stack over ...)
+ TODO: check
+CVE-2022-36514 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a
stack over ...)
+ TODO: check
+CVE-2022-36513 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a
stack over ...)
+ TODO: check
CVE-2022-36512
RESERVED
-CVE-2022-36511
- RESERVED
-CVE-2022-36510
- RESERVED
-CVE-2022-36509
- RESERVED
-CVE-2022-36508
- RESERVED
-CVE-2022-36507
- RESERVED
-CVE-2022-36506
- RESERVED
-CVE-2022-36505
- RESERVED
-CVE-2022-36504
- RESERVED
-CVE-2022-36503
- RESERVED
-CVE-2022-36502
- RESERVED
-CVE-2022-36501
- RESERVED
-CVE-2022-36500
- RESERVED
-CVE-2022-36499
- RESERVED
-CVE-2022-36498
- RESERVED
-CVE-2022-36497
- RESERVED
-CVE-2022-36496
- RESERVED
-CVE-2022-36495
- RESERVED
-CVE-2022-36494
- RESERVED
-CVE-2022-36493
- RESERVED
-CVE-2022-36492
- RESERVED
-CVE-2022-36491
- RESERVED
-CVE-2022-36490
- RESERVED
-CVE-2022-36489
- RESERVED
-CVE-2022-36488
- RESERVED
-CVE-2022-36487
- RESERVED
-CVE-2022-36486
- RESERVED
-CVE-2022-36485
- RESERVED
-CVE-2022-36484
- RESERVED
-CVE-2022-36483
- RESERVED
-CVE-2022-36482
- RESERVED
-CVE-2022-36481
- RESERVED
-CVE-2022-36480
- RESERVED
-CVE-2022-36479
- RESERVED
-CVE-2022-36478
- RESERVED
-CVE-2022-36477
- RESERVED
+CVE-2022-36511 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a
stack over ...)
+ TODO: check
+CVE-2022-36510 (H3C GR2200 MiniGR1A0V100R014 was discovered to contain a
command injec ...)
+ TODO: check
+CVE-2022-36509 (H3C GR3200 MiniGR1B0V100R014 was discovered to contain a
command injec ...)
+ TODO: check
+CVE-2022-36508 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2022-36507 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2022-36506 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2022-36505 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2022-36504 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2022-36503 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2022-36502 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2022-36501 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2022-36500 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2022-36499 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2022-36498 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2022-36497 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2022-36496 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2022-36495 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2022-36494 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2022-36493 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2022-36492 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2022-36491 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2022-36490 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2022-36489 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a
stack ov ...)
+ TODO: check
+CVE-2022-36488 (TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to
contain a sta ...)
+ TODO: check
+CVE-2022-36487 (TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to
contain a com ...)
+ TODO: check
+CVE-2022-36486 (TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to
contain a com ...)
+ TODO: check
+CVE-2022-36485 (TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to
contain a com ...)
+ TODO: check
+CVE-2022-36484 (TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to
contain a sta ...)
+ TODO: check
+CVE-2022-36483 (TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to
contain a sta ...)
+ TODO: check
+CVE-2022-36482 (TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to
contain a com ...)
+ TODO: check
+CVE-2022-36481 (TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to
contain a com ...)
+ TODO: check
+CVE-2022-36480 (TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to
contain a sta ...)
+ TODO: check
+CVE-2022-36479 (TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to
contain a com ...)
+ TODO: check
+CVE-2022-36478 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack
overflow ...)
+ TODO: check
+CVE-2022-36477 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack
overflow ...)
+ TODO: check
CVE-2022-36476
RESERVED
-CVE-2022-36475
- RESERVED
-CVE-2022-36474
- RESERVED
-CVE-2022-36473
- RESERVED
-CVE-2022-36472
- RESERVED
-CVE-2022-36471
- RESERVED
-CVE-2022-36470
- RESERVED
-CVE-2022-36469
- RESERVED
-CVE-2022-36468
- RESERVED
-CVE-2022-36467
- RESERVED
-CVE-2022-36466
- RESERVED
-CVE-2022-36465
- RESERVED
-CVE-2022-36464
- RESERVED
-CVE-2022-36463
- RESERVED
-CVE-2022-36462
- RESERVED
-CVE-2022-36461
- RESERVED
-CVE-2022-36460
- RESERVED
-CVE-2022-36459
- RESERVED
-CVE-2022-36458
- RESERVED
+CVE-2022-36475 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack
overflow ...)
+ TODO: check
+CVE-2022-36474 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack
overflow ...)
+ TODO: check
+CVE-2022-36473 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack
overflow ...)
+ TODO: check
+CVE-2022-36472 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack
overflow ...)
+ TODO: check
+CVE-2022-36471 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack
overflow ...)
+ TODO: check
+CVE-2022-36470 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack
overflow ...)
+ TODO: check
+CVE-2022-36469 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack
overflow ...)
+ TODO: check
+CVE-2022-36468 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack
overflow ...)
+ TODO: check
+CVE-2022-36467 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack
overflow ...)
+ TODO: check
+CVE-2022-36466 (TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to
contain a sta ...)
+ TODO: check
+CVE-2022-36465 (TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to
contain a sta ...)
+ TODO: check
+CVE-2022-36464 (TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to
contain a sta ...)
+ TODO: check
+CVE-2022-36463 (TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to
contain a sta ...)
+ TODO: check
+CVE-2022-36462 (TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to
contain a sta ...)
+ TODO: check
+CVE-2022-36461 (TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to
contain a com ...)
+ TODO: check
+CVE-2022-36460 (TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to
contain a com ...)
+ TODO: check
+CVE-2022-36459 (TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to
contain a com ...)
+ TODO: check
+CVE-2022-36458 (TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to
contain a com ...)
+ TODO: check
CVE-2022-36457
RESERVED
-CVE-2022-36456
- RESERVED
-CVE-2022-36455
- RESERVED
+CVE-2022-36456 (TOTOLink A720R V4.1.5cu.532_B20210610 was discovered to
contain a comm ...)
+ TODO: check
+CVE-2022-36455 (TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to
contain a co ...)
+ TODO: check
CVE-2022-36454
RESERVED
CVE-2022-36453
@@ -6536,12 +6572,12 @@ CVE-2022-30535 (In versions 2.x before 2.3.0 and all
versions of 1.x, An attacke
NOT-FOR-US: F5
CVE-2022-2466
RESERVED
-CVE-2022-2465
- RESERVED
-CVE-2022-2464
- RESERVED
-CVE-2022-2463
- RESERVED
+CVE-2022-2465 (Rockwell Automation ISaGRAF Workbench software versions 6.0
through 6. ...)
+ TODO: check
+CVE-2022-2464 (Rockwell Automation ISaGRAF Workbench software versions 6.0
through 6. ...)
+ TODO: check
+CVE-2022-2463 (Rockwell Automation ISaGRAF Workbench software versions 6.0
through 6. ...)
+ TODO: check
CVE-2022-2462
RESERVED
CVE-2022-2461
@@ -10234,8 +10270,7 @@ CVE-2022-2257 (Out-of-bounds Read in GitHub repository
vim/vim prior to 9.0. ...
CVE-2022-2256
RESERVED
NOT-FOR-US: Keycloak
-CVE-2022-2255 [Trusted Proxy Headers Removing Bypass]
- RESERVED
+CVE-2022-2255 (A vulnerability was found in mod_wsgi. The X-Client-IP header
is not r ...)
- mod-wsgi 4.9.0-1.1 (bug #1016476)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2100563
NOTE:
https://github.com/GrahamDumpleton/mod_wsgi/commit/af3c0c2736bc0b0b01fa0f0aad3c904b7fa9c751
(4.9.3)
@@ -15514,28 +15549,24 @@ CVE-2022-32748
RESERVED
CVE-2022-32747
RESERVED
-CVE-2022-32746 [Samba AD users can induce a use-after-free in the server
process with an LDAP add or modify request]
- RESERVED
+CVE-2022-32746 (A flaw was found in the Samba AD LDAP server. The AD DC
database audit ...)
{DSA-5205-1}
- samba 2:4.16.4+dfsg-1 (bug #1016449)
[buster] - samba <no-dsa> (Minor issue; affects Samba as AD DC)
NOTE: https://www.samba.org/samba/security/CVE-2022-32746.html
-CVE-2022-32745 [Samba AD users can crash the server process with an LDAP add
or modify request]
- RESERVED
+CVE-2022-32745 (A flaw was found in Samba. Samba AD users can cause the server
to acce ...)
{DSA-5205-1}
- samba 2:4.16.4+dfsg-1 (bug #1016449)
[buster] - samba <not-affected> (Only affects 4.13 and later)
NOTE: https://www.samba.org/samba/security/CVE-2022-32745.html
-CVE-2022-32744 [Samba AD users can forge password change requests for any user]
- RESERVED
+CVE-2022-32744 (A flaw was found in Samba. The KDC accepts kpasswd requests
encrypted ...)
{DSA-5205-1}
- samba 2:4.16.4+dfsg-1 (bug #1016449)
[buster] - samba <no-dsa> (Minor issue; affects Samba as AD DC)
NOTE: https://www.samba.org/samba/security/CVE-2022-32744.html
CVE-2022-32743
RESERVED
-CVE-2022-32742 [Server memory information leak via SMB1]
- RESERVED
+CVE-2022-32742 (A flaw was found in Samba. Some SMB1 write requests were not
correctly ...)
{DSA-5205-1}
- samba 2:4.16.4+dfsg-1 (bug #1016449)
NOTE: https://www.samba.org/samba/security/CVE-2022-32742.html
@@ -15960,8 +15991,7 @@ CVE-2022-2033
RESERVED
CVE-2022-2032 (In Pandora FMS v7.0NG.761 and below, in the file manager
section, the ...)
NOT-FOR-US: Pandora FMS
-CVE-2022-2031 [Samba AD users can bypass certain restrictions associated with
changing passwords]
- RESERVED
+CVE-2022-2031 (A flaw was found in Samba. The security vulnerability occurs
when KDC ...)
{DSA-5205-1}
- samba 2:4.16.4+dfsg-1 (bug #1016449)
[buster] - samba <no-dsa> (Minor issue; affects Samba as AD DC)
@@ -42901,8 +42931,8 @@ CVE-2022-23717 (PingID Windows Login prior to 2.8 is
vulnerable to a denial of s
NOT-FOR-US: PingID Integration for Windows Login
CVE-2022-23716
RESERVED
-CVE-2022-23715
- RESERVED
+CVE-2022-23715 (A flaw was discovered in ECE before 3.4.0 that might lead to
the discl ...)
+ TODO: check
CVE-2022-23714 (A local privilege escalation (LPE) issue was discovered in the
ransomw ...)
NOT-FOR-US: Elastic Endpoint Security for Windows
CVE-2022-23713 (A cross-site-scripting (XSS) vulnerability was discovered in
the Vega ...)
@@ -44474,8 +44504,8 @@ CVE-2022-23237 (E-Series SANtricity OS Controller
Software 11.x versions through
NOT-FOR-US: E-Series SANtricity OS Controller Software
CVE-2022-23236 (E-Series SANtricity OS Controller Software versions 11.40
through 11.7 ...)
NOT-FOR-US: E-Series SANtricity OS Controller Software
-CVE-2022-23235
- RESERVED
+CVE-2022-23235 (Active IQ Unified Manager for VMware vSphere, Linux, and
Microsoft Win ...)
+ TODO: check
CVE-2022-23234 (SnapCenter versions prior to 4.5 are susceptible to a
vulnerability wh ...)
NOT-FOR-US: SnapCenter
CVE-2022-23233 (StorageGRID (formerly StorageGRID Webscale) versions prior to
11.6.0 a ...)
@@ -46574,8 +46604,8 @@ CVE-2021-46147 (An issue was discovered in MediaWiki
before 1.35.5, 1.36.x befor
NOT-FOR-US: MediaWiki extension MassEditRegex
CVE-2021-46146 (An issue was discovered in MediaWiki before 1.35.5, 1.36.x
before 1.36 ...)
NOT-FOR-US: MediaWiki extension WikiBaseMediainfo
-CVE-2022-22728
- RESERVED
+CVE-2022-22728 (A flaw in Apache libapreq2 versions 2.16 and earlier could
cause a buf ...)
+ TODO: check
CVE-2022-22727 (A CWE-20: Improper Input Validation vulnerability exists that
could al ...)
NOT-FOR-US: Schneider Electric
CVE-2022-22726 (A CWE-20: Improper Input Validation vulnerability exists that
could al ...)
@@ -46641,8 +46671,7 @@ CVE-2022-0137
RESERVED
CVE-2022-0136 (A vulnerability was discovered in GitLab versions 10.5 to
14.5.4, 14.6 ...)
- gitlab <unfixed>
-CVE-2022-0135 [out-of-bounds write in read_transfer_data()]
- RESERVED
+CVE-2022-0135 (An out-of-bounds write issue was found in the VirGL virtual
OpenGL ren ...)
- virglrenderer <unfixed> (bug #1009073)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2037790
NOTE:
https://gitlab.freedesktop.org/virgl/virglrenderer/-/merge_requests/654
@@ -50931,7 +50960,7 @@ CVE-2021-45234
CVE-2021-4142 (The Candlepin component of Red Hat Satellite was affected by an
improp ...)
NOT-FOR-US: Red Hat Satellite / Candlepin
CVE-2021-4141
- RESERVED
+ REJECTED
CVE-2021-4140
RESERVED
{DSA-5045-1 DSA-5044-1 DLA-2881-1 DLA-2880-1}
@@ -53661,7 +53690,7 @@ CVE-2021-4043 (NULL Pointer Dereference in GitHub
repository gpac/gpac prior to
NOTE:
https://github.com/gpac/gpac/commit/64a2e1b799352ac7d7aad1989bc06e7b0f2b01db
(v2.0.0)
NOTE: Introduced by
https://github.com/gpac/gpac/commit/bc1704db1523eb3161af90da44b8394d4512855f
CVE-2021-4042
- RESERVED
+ REJECTED
CVE-2021-4041 (A flaw was found in ansible-runner. An improper escaping of the
shell ...)
- ansible-runner 2.1.1-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2028074
@@ -54570,8 +54599,7 @@ CVE-2021-4023 (A flaw was found in the io-workqueue
implementation in the Linux
[buster] - linux <not-affected> (Vulnerable code not present)
[stretch] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/713b9825a4c47897f66ad69409581e7734a8728e (5.15-rc1)
-CVE-2021-4022
- RESERVED
+CVE-2021-4022 (A vulnerability was found in rizin. The bug involves an ELF64
binary f ...)
NOT-FOR-US: Rizin
CVE-2021-44225 (In Keepalived through 2.2.4, the D-Bus policy does not
sufficiently re ...)
- keepalived 1:2.2.4-0.2
@@ -57106,10 +57134,10 @@ CVE-2021-43769
RESERVED
CVE-2021-43768
RESERVED
-CVE-2021-43767
- RESERVED
-CVE-2021-43766
- RESERVED
+CVE-2021-43767 (Odyssey passes to client unencrypted bytes from
man-in-the-middle When ...)
+ TODO: check
+CVE-2021-43766 (Odyssey passes to server unencrypted bytes from
man-in-the-middle When ...)
+ TODO: check
CVE-2021-43765 (AEM's Cloud Service offering, as well as version 6.5.10.0 (and
below) ...)
NOT-FOR-US: Adobe
CVE-2021-43764 (AEM's Cloud Service offering, as well as version 6.5.10.0 (and
below) ...)
@@ -62519,12 +62547,12 @@ CVE-2022-20113 (In mPreference of
DefaultUsbConfigurationPreferenceController.ja
NOT-FOR-US: Android
CVE-2022-20112 (In getAvailabilityStatus of
PrivateDnsPreferenceController.java, there ...)
NOT-FOR-US: Android
-CVE-2021-42523
- RESERVED
-CVE-2021-42522
- RESERVED
-CVE-2021-42521
- RESERVED
+CVE-2021-42523 (There are two Information Disclosure vulnerabilities in
colord, and th ...)
+ TODO: check
+CVE-2021-42522 (There is a Information Disclosure vulnerability in
anjuta/plugins/docu ...)
+ TODO: check
+CVE-2021-42521 (There is a NULL pointer dereference vulnerability in VTK, and
it lies ...)
+ TODO: check
CVE-2021-42520
RESERVED
CVE-2021-42519
@@ -105784,8 +105812,8 @@ CVE-2020-36200 (TinyCheck before commits 9fd360d and
ea53de8 allowed an authenti
NOT-FOR-US: TinyCheck
CVE-2020-36199 (TinyCheck before commits 9fd360d and ea53de8 was vulnerable to
command ...)
NOT-FOR-US: TinyCheck
-CVE-2021-25642
- RESERVED
+CVE-2021-25642 (ZKConfigurationStore which is optionally used by
CapacityScheduler of ...)
+ TODO: check
CVE-2021-25641 (Each Apache Dubbo server will set a serialization id to tell
the clien ...)
NOT-FOR-US: Apache Dubbo
CVE-2021-25640 (In Apache Dubbo prior to 2.6.9 and 2.7.9, the usage of
parseURL method ...)
@@ -119955,7 +119983,7 @@ CVE-2021-20302 (A flaw was found in OpenEXR's
TiledInputFile functionality. This
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25894
NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/842
CVE-2021-20301
- RESERVED
+ REJECTED
CVE-2021-20300 (A flaw was found in OpenEXR's hufUncompress functionality in
OpenEXR/I ...)
{DLA-2732-1}
- openexr 2.5.4-1
@@ -120023,7 +120051,7 @@ CVE-2021-20288 (An authentication flaw was found in
ceph in versions before 14.2
NOTE:
https://github.com/ceph/ceph/commit/059eabcc0ada81078a898cdc25cf72bf3d506ad0
NOTE:
https://github.com/ceph/ceph/commit/05b3b6a305ddbb56cc53bbeadf5866db4d785f49
CVE-2021-20287
- RESERVED
+ REJECTED
CVE-2021-20286 (A flaw was found in libnbd 1.7.3. An assertion failure in
nbd_unlocked ...)
- libnbd 1.6.2-1
[bullseye] - libnbd <no-dsa> (Minor issue)
@@ -120150,7 +120178,7 @@ CVE-2021-20260
CVE-2021-20259 (A flaw was found in the Foreman project. The Proxmox compute
resource ...)
- foreman <itp> (bug #663101)
CVE-2021-20258
- RESERVED
+ REJECTED
CVE-2021-20257 (An infinite loop flaw was found in the e1000 NIC emulator of
the QEMU. ...)
{DLA-2623-1}
- qemu 1:5.2+dfsg-9 (bug #984450)
@@ -120504,7 +120532,7 @@ CVE-2021-20193 (A flaw was found in the src/list.c of
tar 1.33 and earlier. This
NOTE:
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777
NOTE: Memory leak in CLI tool, no security impact
CVE-2021-20192
- RESERVED
+ REJECTED
CVE-2021-20191 (A flaw was found in ansible. Credentials, such as secrets, are
being d ...)
- ansible 5.4.0-1 (bug #985753)
[bullseye] - ansible <no-dsa> (Minor issue)
@@ -297784,7 +297812,7 @@ CVE-2018-5496 (Data ONTAP operating in 7-Mode
versions prior to 8.2.5P2 are susc
CVE-2018-5495 (All StorageGRID Webscale versions are susceptible to a
vulnerability w ...)
NOT-FOR-US: NetApp
CVE-2018-5494
- RESERVED
+ REJECTED
CVE-2018-5493 (ATTO FibreBridge 7500N firmware versions prior to 2.90 are
susceptible ...)
NOT-FOR-US: ATTO
CVE-2018-5492 (NetApp E-Series SANtricity OS Controller Software 11.30 and
later vers ...)
@@ -297806,7 +297834,7 @@ CVE-2018-5485 (NetApp OnCommand Unified Manager for
Windows versions 7.2 through
CVE-2018-5484
REJECTED
CVE-2018-5483
- RESERVED
+ REJECTED
CVE-2018-5482 (NetApp SnapCenter Server prior to 4.1 does not set the secure
flag for ...)
NOT-FOR-US: NetApp SnapCenter Server
CVE-2018-5481 (OnCommand Unified Manager for 7-Mode (core package) prior to
5.2.4 use ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd10aa3b2e47953f94250c8da96e8165c0dc5a24
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd10aa3b2e47953f94250c8da96e8165c0dc5a24
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
