Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: bd10aa3b by security tracker role at 2022-08-25T20:10:17+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,39 @@ +CVE-2022-38752 + RESERVED +CVE-2022-38751 + RESERVED +CVE-2022-38750 + RESERVED +CVE-2022-38749 + RESERVED +CVE-2022-38748 + RESERVED +CVE-2022-38747 + RESERVED +CVE-2022-38746 + RESERVED +CVE-2022-38745 + RESERVED +CVE-2022-2993 + RESERVED +CVE-2022-2992 + RESERVED +CVE-2022-2991 (A heap-based buffer overflow was found in the Linux kernel's LightNVM ...) + TODO: check +CVE-2022-2990 + RESERVED +CVE-2022-2989 + RESERVED +CVE-2022-2988 + RESERVED +CVE-2022-2987 + RESERVED +CVE-2022-2986 + RESERVED +CVE-2021-46835 + RESERVED +CVE-2020-36602 + RESERVED CVE-2022-38744 RESERVED CVE-2022-38743 @@ -151,8 +187,7 @@ CVE-2022-2961 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2120595 CVE-2022-2960 RESERVED -CVE-2022-2959 - RESERVED +CVE-2022-2959 (A race condition was found in the Linux kernel's watch queue due to a ...) - linux 5.18.2-1 [bullseye] - linux 5.10.120-1 [buster] - linux <not-affected> (Vulnerable code introduced later) @@ -160,8 +195,8 @@ CVE-2022-2959 NOTE: https://git.kernel.org/linus/189b0ddc245139af81198d1a3637cac74f96e13a (5.19-rc1) CVE-2022-2958 RESERVED -CVE-2022-2957 - RESERVED +CVE-2022-2957 (A vulnerability classified as critical was found in SourceCodester Sim ...) + TODO: check CVE-2022-2956 (A vulnerability classified as problematic has been found in ConsoleTVs ...) NOT-FOR-US: Noxen CVE-2022-2955 @@ -2036,8 +2071,8 @@ CVE-2022-36373 RESERVED CVE-2022-36365 RESERVED -CVE-2022-36358 - RESERVED +CVE-2022-36358 (Cross-Site Request Forgery (CSRF) vulnerability in SEO Scout plugin &l ...) + TODO: check CVE-2022-36355 RESERVED CVE-2022-36352 @@ -2300,10 +2335,10 @@ CVE-2022-37955 RESERVED CVE-2022-37954 RESERVED -CVE-2022-37953 - RESERVED -CVE-2022-37952 - RESERVED +CVE-2022-37953 (An HTTP response splitting vulnerability exists in the AM Gateway Chal ...) + TODO: check +CVE-2022-37952 (A reflected cross-site scripting (XSS) vulnerability exists in the iHi ...) + TODO: check CVE-2022-37951 RESERVED CVE-2022-37950 @@ -2600,60 +2635,60 @@ CVE-2022-37826 RESERVED CVE-2022-37825 RESERVED -CVE-2022-37824 - RESERVED -CVE-2022-37823 - RESERVED -CVE-2022-37822 - RESERVED -CVE-2022-37821 - RESERVED -CVE-2022-37820 - RESERVED -CVE-2022-37819 - RESERVED -CVE-2022-37818 - RESERVED -CVE-2022-37817 - RESERVED -CVE-2022-37816 - RESERVED -CVE-2022-37815 - RESERVED -CVE-2022-37814 - RESERVED -CVE-2022-37813 - RESERVED -CVE-2022-37812 - RESERVED -CVE-2022-37811 - RESERVED -CVE-2022-37810 - RESERVED -CVE-2022-37809 - RESERVED -CVE-2022-37808 - RESERVED -CVE-2022-37807 - RESERVED -CVE-2022-37806 - RESERVED -CVE-2022-37805 - RESERVED -CVE-2022-37804 - RESERVED -CVE-2022-37803 - RESERVED -CVE-2022-37802 - RESERVED -CVE-2022-37801 - RESERVED -CVE-2022-37800 - RESERVED -CVE-2022-37799 - RESERVED -CVE-2022-37798 - RESERVED +CVE-2022-37824 (Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37823 (Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37822 (Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37821 (Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37820 (Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37819 (Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37818 (Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37817 (Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37816 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow v ...) + TODO: check +CVE-2022-37815 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow v ...) + TODO: check +CVE-2022-37814 (Tenda AC1206 V15.03.06.23 was discovered to contain multiple stack ove ...) + TODO: check +CVE-2022-37813 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow v ...) + TODO: check +CVE-2022-37812 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow v ...) + TODO: check +CVE-2022-37811 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow v ...) + TODO: check +CVE-2022-37810 (Tenda AC1206 V15.03.06.23 was discovered to contain a command injectio ...) + TODO: check +CVE-2022-37809 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow v ...) + TODO: check +CVE-2022-37808 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow v ...) + TODO: check +CVE-2022-37807 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow v ...) + TODO: check +CVE-2022-37806 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow v ...) + TODO: check +CVE-2022-37805 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow v ...) + TODO: check +CVE-2022-37804 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow v ...) + TODO: check +CVE-2022-37803 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow v ...) + TODO: check +CVE-2022-37802 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow v ...) + TODO: check +CVE-2022-37801 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow v ...) + TODO: check +CVE-2022-37800 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow v ...) + TODO: check +CVE-2022-37799 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow v ...) + TODO: check +CVE-2022-37798 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow v ...) + TODO: check CVE-2022-37797 RESERVED CVE-2022-37796 @@ -3487,6 +3522,7 @@ CVE-2022-2669 CVE-2022-2668 (An issue was discovered in Keycloak that allows arbitrary Javascript t ...) NOT-FOR-US: Keycloak CVE-2022-37434 (zlib through 1.2.12 has a heap-based buffer over-read or buffer overfl ...) + {DSA-5218-1} - zlib 1:1.2.11.dfsg-4.1 (bug #1016710) NOTE: https://github.com/ivd38/zlib_overflow NOTE: https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1 @@ -4015,8 +4051,8 @@ CVE-2022-37294 RESERVED CVE-2022-37293 RESERVED -CVE-2022-37292 - RESERVED +CVE-2022-37292 (Tenda AX12 V22.03.01.21_CN is vulnerable to Buffer Overflow. This over ...) + TODO: check CVE-2022-37291 RESERVED CVE-2022-37290 @@ -4109,22 +4145,22 @@ CVE-2022-37247 RESERVED CVE-2022-37246 RESERVED -CVE-2022-37245 - RESERVED -CVE-2022-37244 - RESERVED -CVE-2022-37243 - RESERVED -CVE-2022-37242 - RESERVED -CVE-2022-37241 - RESERVED -CVE-2022-37240 - RESERVED -CVE-2022-37239 - RESERVED -CVE-2022-37238 - RESERVED +CVE-2022-37245 (MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulner ...) + TODO: check +CVE-2022-37244 (MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulner ...) + TODO: check +CVE-2022-37243 (MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulner ...) + TODO: check +CVE-2022-37242 (MDaemon Technologies SecurityGateway for Email Servers 8.5.2, is vulne ...) + TODO: check +CVE-2022-37241 (MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulner ...) + TODO: check +CVE-2022-37240 (MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulner ...) + TODO: check +CVE-2022-37239 (MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulner ...) + TODO: check +CVE-2022-37238 (MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulner ...) + TODO: check CVE-2022-37237 RESERVED CVE-2022-37236 @@ -4275,16 +4311,16 @@ CVE-2022-37164 RESERVED CVE-2022-37163 RESERVED -CVE-2022-37162 - RESERVED -CVE-2022-37161 - RESERVED -CVE-2022-37160 - RESERVED -CVE-2022-37159 - RESERVED -CVE-2022-37158 - RESERVED +CVE-2022-37162 (Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting (XSS) ...) + TODO: check +CVE-2022-37161 (Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting (XSS) ...) + TODO: check +CVE-2022-37160 (Claroline 13.5.7 and prior allows an authenticated attacker to elevate ...) + TODO: check +CVE-2022-37159 (Claroline 13.5.7 and prior is vulnerable to Remote code execution via ...) + TODO: check +CVE-2022-37158 (RuoYi v3.8.3 has a Weak password vulnerability in the management syste ...) + TODO: check CVE-2022-37157 RESERVED CVE-2022-37156 @@ -4399,76 +4435,76 @@ CVE-2022-37102 RESERVED CVE-2022-37101 RESERVED -CVE-2022-37100 - RESERVED -CVE-2022-37099 - RESERVED -CVE-2022-37098 - RESERVED -CVE-2022-37097 - RESERVED -CVE-2022-37096 - RESERVED -CVE-2022-37095 - RESERVED -CVE-2022-37094 - RESERVED -CVE-2022-37093 - RESERVED -CVE-2022-37092 - RESERVED -CVE-2022-37091 - RESERVED -CVE-2022-37090 - RESERVED -CVE-2022-37089 - RESERVED -CVE-2022-37088 - RESERVED -CVE-2022-37087 - RESERVED -CVE-2022-37086 - RESERVED -CVE-2022-37085 - RESERVED -CVE-2022-37084 - RESERVED -CVE-2022-37083 - RESERVED -CVE-2022-37082 - RESERVED -CVE-2022-37081 - RESERVED -CVE-2022-37080 - RESERVED -CVE-2022-37079 - RESERVED -CVE-2022-37078 - RESERVED -CVE-2022-37077 - RESERVED -CVE-2022-37076 - RESERVED -CVE-2022-37075 - RESERVED -CVE-2022-37074 - RESERVED -CVE-2022-37073 - RESERVED -CVE-2022-37072 - RESERVED -CVE-2022-37071 - RESERVED -CVE-2022-37070 - RESERVED -CVE-2022-37069 - RESERVED -CVE-2022-37068 - RESERVED -CVE-2022-37067 - RESERVED -CVE-2022-37066 - RESERVED +CVE-2022-37100 (H3C H200 H200V100R004 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37099 (H3C H200 H200V100R004 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37098 (H3C H200 H200V100R004 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37097 (H3C H200 H200V100R004 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37096 (H3C H200 H200V100R004 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37095 (H3C H200 H200V100R004 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37094 (H3C H200 H200V100R004 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37093 (H3C H200 H200V100R004 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37092 (H3C H200 H200V100R004 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37091 (H3C H200 H200V100R004 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37090 (H3C H200 H200V100R004 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37089 (H3C H200 H200V100R004 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37088 (H3C H200 H200V100R004 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37087 (H3C H200 H200V100R004 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37086 (H3C H200 H200V100R004 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37085 (H3C H200 H200V100R004 was discovered to contain a stack overflow via t ...) + TODO: check +CVE-2022-37084 (TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a sta ...) + TODO: check +CVE-2022-37083 (TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a com ...) + TODO: check +CVE-2022-37082 (TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a com ...) + TODO: check +CVE-2022-37081 (TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a com ...) + TODO: check +CVE-2022-37080 (TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a sta ...) + TODO: check +CVE-2022-37079 (TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a com ...) + TODO: check +CVE-2022-37078 (TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a com ...) + TODO: check +CVE-2022-37077 (TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a sta ...) + TODO: check +CVE-2022-37076 (TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a com ...) + TODO: check +CVE-2022-37075 (TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a sta ...) + TODO: check +CVE-2022-37074 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack over ...) + TODO: check +CVE-2022-37073 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack over ...) + TODO: check +CVE-2022-37072 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack over ...) + TODO: check +CVE-2022-37071 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack over ...) + TODO: check +CVE-2022-37070 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a command in ...) + TODO: check +CVE-2022-37069 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack over ...) + TODO: check +CVE-2022-37068 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack over ...) + TODO: check +CVE-2022-37067 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack over ...) + TODO: check +CVE-2022-37066 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack over ...) + TODO: check CVE-2022-37065 RESERVED CVE-2022-37064 @@ -5777,138 +5813,138 @@ CVE-2022-36522 RESERVED CVE-2022-36521 RESERVED -CVE-2022-36520 - RESERVED -CVE-2022-36519 - RESERVED -CVE-2022-36518 - RESERVED -CVE-2022-36517 - RESERVED -CVE-2022-36516 - RESERVED -CVE-2022-36515 - RESERVED -CVE-2022-36514 - RESERVED -CVE-2022-36513 - RESERVED +CVE-2022-36520 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack over ...) + TODO: check +CVE-2022-36519 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack over ...) + TODO: check +CVE-2022-36518 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack over ...) + TODO: check +CVE-2022-36517 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack over ...) + TODO: check +CVE-2022-36516 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack over ...) + TODO: check +CVE-2022-36515 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack over ...) + TODO: check +CVE-2022-36514 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack over ...) + TODO: check +CVE-2022-36513 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack over ...) + TODO: check CVE-2022-36512 RESERVED -CVE-2022-36511 - RESERVED -CVE-2022-36510 - RESERVED -CVE-2022-36509 - RESERVED -CVE-2022-36508 - RESERVED -CVE-2022-36507 - RESERVED -CVE-2022-36506 - RESERVED -CVE-2022-36505 - RESERVED -CVE-2022-36504 - RESERVED -CVE-2022-36503 - RESERVED -CVE-2022-36502 - RESERVED -CVE-2022-36501 - RESERVED -CVE-2022-36500 - RESERVED -CVE-2022-36499 - RESERVED -CVE-2022-36498 - RESERVED -CVE-2022-36497 - RESERVED -CVE-2022-36496 - RESERVED -CVE-2022-36495 - RESERVED -CVE-2022-36494 - RESERVED -CVE-2022-36493 - RESERVED -CVE-2022-36492 - RESERVED -CVE-2022-36491 - RESERVED -CVE-2022-36490 - RESERVED -CVE-2022-36489 - RESERVED -CVE-2022-36488 - RESERVED -CVE-2022-36487 - RESERVED -CVE-2022-36486 - RESERVED -CVE-2022-36485 - RESERVED -CVE-2022-36484 - RESERVED -CVE-2022-36483 - RESERVED -CVE-2022-36482 - RESERVED -CVE-2022-36481 - RESERVED -CVE-2022-36480 - RESERVED -CVE-2022-36479 - RESERVED -CVE-2022-36478 - RESERVED -CVE-2022-36477 - RESERVED +CVE-2022-36511 (H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack over ...) + TODO: check +CVE-2022-36510 (H3C GR2200 MiniGR1A0V100R014 was discovered to contain a command injec ...) + TODO: check +CVE-2022-36509 (H3C GR3200 MiniGR1B0V100R014 was discovered to contain a command injec ...) + TODO: check +CVE-2022-36508 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack ov ...) + TODO: check +CVE-2022-36507 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack ov ...) + TODO: check +CVE-2022-36506 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack ov ...) + TODO: check +CVE-2022-36505 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack ov ...) + TODO: check +CVE-2022-36504 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack ov ...) + TODO: check +CVE-2022-36503 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack ov ...) + TODO: check +CVE-2022-36502 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack ov ...) + TODO: check +CVE-2022-36501 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack ov ...) + TODO: check +CVE-2022-36500 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack ov ...) + TODO: check +CVE-2022-36499 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack ov ...) + TODO: check +CVE-2022-36498 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack ov ...) + TODO: check +CVE-2022-36497 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack ov ...) + TODO: check +CVE-2022-36496 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack ov ...) + TODO: check +CVE-2022-36495 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack ov ...) + TODO: check +CVE-2022-36494 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack ov ...) + TODO: check +CVE-2022-36493 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack ov ...) + TODO: check +CVE-2022-36492 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack ov ...) + TODO: check +CVE-2022-36491 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack ov ...) + TODO: check +CVE-2022-36490 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack ov ...) + TODO: check +CVE-2022-36489 (H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack ov ...) + TODO: check +CVE-2022-36488 (TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a sta ...) + TODO: check +CVE-2022-36487 (TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a com ...) + TODO: check +CVE-2022-36486 (TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a com ...) + TODO: check +CVE-2022-36485 (TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a com ...) + TODO: check +CVE-2022-36484 (TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a sta ...) + TODO: check +CVE-2022-36483 (TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a sta ...) + TODO: check +CVE-2022-36482 (TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a com ...) + TODO: check +CVE-2022-36481 (TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a com ...) + TODO: check +CVE-2022-36480 (TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a sta ...) + TODO: check +CVE-2022-36479 (TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a com ...) + TODO: check +CVE-2022-36478 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow ...) + TODO: check +CVE-2022-36477 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow ...) + TODO: check CVE-2022-36476 RESERVED -CVE-2022-36475 - RESERVED -CVE-2022-36474 - RESERVED -CVE-2022-36473 - RESERVED -CVE-2022-36472 - RESERVED -CVE-2022-36471 - RESERVED -CVE-2022-36470 - RESERVED -CVE-2022-36469 - RESERVED -CVE-2022-36468 - RESERVED -CVE-2022-36467 - RESERVED -CVE-2022-36466 - RESERVED -CVE-2022-36465 - RESERVED -CVE-2022-36464 - RESERVED -CVE-2022-36463 - RESERVED -CVE-2022-36462 - RESERVED -CVE-2022-36461 - RESERVED -CVE-2022-36460 - RESERVED -CVE-2022-36459 - RESERVED -CVE-2022-36458 - RESERVED +CVE-2022-36475 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow ...) + TODO: check +CVE-2022-36474 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow ...) + TODO: check +CVE-2022-36473 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow ...) + TODO: check +CVE-2022-36472 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow ...) + TODO: check +CVE-2022-36471 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow ...) + TODO: check +CVE-2022-36470 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow ...) + TODO: check +CVE-2022-36469 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow ...) + TODO: check +CVE-2022-36468 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow ...) + TODO: check +CVE-2022-36467 (H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow ...) + TODO: check +CVE-2022-36466 (TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a sta ...) + TODO: check +CVE-2022-36465 (TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a sta ...) + TODO: check +CVE-2022-36464 (TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a sta ...) + TODO: check +CVE-2022-36463 (TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a sta ...) + TODO: check +CVE-2022-36462 (TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a sta ...) + TODO: check +CVE-2022-36461 (TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a com ...) + TODO: check +CVE-2022-36460 (TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a com ...) + TODO: check +CVE-2022-36459 (TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a com ...) + TODO: check +CVE-2022-36458 (TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a com ...) + TODO: check CVE-2022-36457 RESERVED -CVE-2022-36456 - RESERVED -CVE-2022-36455 - RESERVED +CVE-2022-36456 (TOTOLink A720R V4.1.5cu.532_B20210610 was discovered to contain a comm ...) + TODO: check +CVE-2022-36455 (TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a co ...) + TODO: check CVE-2022-36454 RESERVED CVE-2022-36453 @@ -6536,12 +6572,12 @@ CVE-2022-30535 (In versions 2.x before 2.3.0 and all versions of 1.x, An attacke NOT-FOR-US: F5 CVE-2022-2466 RESERVED -CVE-2022-2465 - RESERVED -CVE-2022-2464 - RESERVED -CVE-2022-2463 - RESERVED +CVE-2022-2465 (Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6. ...) + TODO: check +CVE-2022-2464 (Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6. ...) + TODO: check +CVE-2022-2463 (Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6. ...) + TODO: check CVE-2022-2462 RESERVED CVE-2022-2461 @@ -10234,8 +10270,7 @@ CVE-2022-2257 (Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. ... CVE-2022-2256 RESERVED NOT-FOR-US: Keycloak -CVE-2022-2255 [Trusted Proxy Headers Removing Bypass] - RESERVED +CVE-2022-2255 (A vulnerability was found in mod_wsgi. The X-Client-IP header is not r ...) - mod-wsgi 4.9.0-1.1 (bug #1016476) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2100563 NOTE: https://github.com/GrahamDumpleton/mod_wsgi/commit/af3c0c2736bc0b0b01fa0f0aad3c904b7fa9c751 (4.9.3) @@ -15514,28 +15549,24 @@ CVE-2022-32748 RESERVED CVE-2022-32747 RESERVED -CVE-2022-32746 [Samba AD users can induce a use-after-free in the server process with an LDAP add or modify request] - RESERVED +CVE-2022-32746 (A flaw was found in the Samba AD LDAP server. The AD DC database audit ...) {DSA-5205-1} - samba 2:4.16.4+dfsg-1 (bug #1016449) [buster] - samba <no-dsa> (Minor issue; affects Samba as AD DC) NOTE: https://www.samba.org/samba/security/CVE-2022-32746.html -CVE-2022-32745 [Samba AD users can crash the server process with an LDAP add or modify request] - RESERVED +CVE-2022-32745 (A flaw was found in Samba. Samba AD users can cause the server to acce ...) {DSA-5205-1} - samba 2:4.16.4+dfsg-1 (bug #1016449) [buster] - samba <not-affected> (Only affects 4.13 and later) NOTE: https://www.samba.org/samba/security/CVE-2022-32745.html -CVE-2022-32744 [Samba AD users can forge password change requests for any user] - RESERVED +CVE-2022-32744 (A flaw was found in Samba. The KDC accepts kpasswd requests encrypted ...) {DSA-5205-1} - samba 2:4.16.4+dfsg-1 (bug #1016449) [buster] - samba <no-dsa> (Minor issue; affects Samba as AD DC) NOTE: https://www.samba.org/samba/security/CVE-2022-32744.html CVE-2022-32743 RESERVED -CVE-2022-32742 [Server memory information leak via SMB1] - RESERVED +CVE-2022-32742 (A flaw was found in Samba. Some SMB1 write requests were not correctly ...) {DSA-5205-1} - samba 2:4.16.4+dfsg-1 (bug #1016449) NOTE: https://www.samba.org/samba/security/CVE-2022-32742.html @@ -15960,8 +15991,7 @@ CVE-2022-2033 RESERVED CVE-2022-2032 (In Pandora FMS v7.0NG.761 and below, in the file manager section, the ...) NOT-FOR-US: Pandora FMS -CVE-2022-2031 [Samba AD users can bypass certain restrictions associated with changing passwords] - RESERVED +CVE-2022-2031 (A flaw was found in Samba. The security vulnerability occurs when KDC ...) {DSA-5205-1} - samba 2:4.16.4+dfsg-1 (bug #1016449) [buster] - samba <no-dsa> (Minor issue; affects Samba as AD DC) @@ -42901,8 +42931,8 @@ CVE-2022-23717 (PingID Windows Login prior to 2.8 is vulnerable to a denial of s NOT-FOR-US: PingID Integration for Windows Login CVE-2022-23716 RESERVED -CVE-2022-23715 - RESERVED +CVE-2022-23715 (A flaw was discovered in ECE before 3.4.0 that might lead to the discl ...) + TODO: check CVE-2022-23714 (A local privilege escalation (LPE) issue was discovered in the ransomw ...) NOT-FOR-US: Elastic Endpoint Security for Windows CVE-2022-23713 (A cross-site-scripting (XSS) vulnerability was discovered in the Vega ...) @@ -44474,8 +44504,8 @@ CVE-2022-23237 (E-Series SANtricity OS Controller Software 11.x versions through NOT-FOR-US: E-Series SANtricity OS Controller Software CVE-2022-23236 (E-Series SANtricity OS Controller Software versions 11.40 through 11.7 ...) NOT-FOR-US: E-Series SANtricity OS Controller Software -CVE-2022-23235 - RESERVED +CVE-2022-23235 (Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Win ...) + TODO: check CVE-2022-23234 (SnapCenter versions prior to 4.5 are susceptible to a vulnerability wh ...) NOT-FOR-US: SnapCenter CVE-2022-23233 (StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 a ...) @@ -46574,8 +46604,8 @@ CVE-2021-46147 (An issue was discovered in MediaWiki before 1.35.5, 1.36.x befor NOT-FOR-US: MediaWiki extension MassEditRegex CVE-2021-46146 (An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36 ...) NOT-FOR-US: MediaWiki extension WikiBaseMediainfo -CVE-2022-22728 - RESERVED +CVE-2022-22728 (A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buf ...) + TODO: check CVE-2022-22727 (A CWE-20: Improper Input Validation vulnerability exists that could al ...) NOT-FOR-US: Schneider Electric CVE-2022-22726 (A CWE-20: Improper Input Validation vulnerability exists that could al ...) @@ -46641,8 +46671,7 @@ CVE-2022-0137 RESERVED CVE-2022-0136 (A vulnerability was discovered in GitLab versions 10.5 to 14.5.4, 14.6 ...) - gitlab <unfixed> -CVE-2022-0135 [out-of-bounds write in read_transfer_data()] - RESERVED +CVE-2022-0135 (An out-of-bounds write issue was found in the VirGL virtual OpenGL ren ...) - virglrenderer <unfixed> (bug #1009073) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2037790 NOTE: https://gitlab.freedesktop.org/virgl/virglrenderer/-/merge_requests/654 @@ -50931,7 +50960,7 @@ CVE-2021-45234 CVE-2021-4142 (The Candlepin component of Red Hat Satellite was affected by an improp ...) NOT-FOR-US: Red Hat Satellite / Candlepin CVE-2021-4141 - RESERVED + REJECTED CVE-2021-4140 RESERVED {DSA-5045-1 DSA-5044-1 DLA-2881-1 DLA-2880-1} @@ -53661,7 +53690,7 @@ CVE-2021-4043 (NULL Pointer Dereference in GitHub repository gpac/gpac prior to NOTE: https://github.com/gpac/gpac/commit/64a2e1b799352ac7d7aad1989bc06e7b0f2b01db (v2.0.0) NOTE: Introduced by https://github.com/gpac/gpac/commit/bc1704db1523eb3161af90da44b8394d4512855f CVE-2021-4042 - RESERVED + REJECTED CVE-2021-4041 (A flaw was found in ansible-runner. An improper escaping of the shell ...) - ansible-runner 2.1.1-1 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2028074 @@ -54570,8 +54599,7 @@ CVE-2021-4023 (A flaw was found in the io-workqueue implementation in the Linux [buster] - linux <not-affected> (Vulnerable code not present) [stretch] - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/713b9825a4c47897f66ad69409581e7734a8728e (5.15-rc1) -CVE-2021-4022 - RESERVED +CVE-2021-4022 (A vulnerability was found in rizin. The bug involves an ELF64 binary f ...) NOT-FOR-US: Rizin CVE-2021-44225 (In Keepalived through 2.2.4, the D-Bus policy does not sufficiently re ...) - keepalived 1:2.2.4-0.2 @@ -57106,10 +57134,10 @@ CVE-2021-43769 RESERVED CVE-2021-43768 RESERVED -CVE-2021-43767 - RESERVED -CVE-2021-43766 - RESERVED +CVE-2021-43767 (Odyssey passes to client unencrypted bytes from man-in-the-middle When ...) + TODO: check +CVE-2021-43766 (Odyssey passes to server unencrypted bytes from man-in-the-middle When ...) + TODO: check CVE-2021-43765 (AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) ...) NOT-FOR-US: Adobe CVE-2021-43764 (AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) ...) @@ -62519,12 +62547,12 @@ CVE-2022-20113 (In mPreference of DefaultUsbConfigurationPreferenceController.ja NOT-FOR-US: Android CVE-2022-20112 (In getAvailabilityStatus of PrivateDnsPreferenceController.java, there ...) NOT-FOR-US: Android -CVE-2021-42523 - RESERVED -CVE-2021-42522 - RESERVED -CVE-2021-42521 - RESERVED +CVE-2021-42523 (There are two Information Disclosure vulnerabilities in colord, and th ...) + TODO: check +CVE-2021-42522 (There is a Information Disclosure vulnerability in anjuta/plugins/docu ...) + TODO: check +CVE-2021-42521 (There is a NULL pointer dereference vulnerability in VTK, and it lies ...) + TODO: check CVE-2021-42520 RESERVED CVE-2021-42519 @@ -105784,8 +105812,8 @@ CVE-2020-36200 (TinyCheck before commits 9fd360d and ea53de8 allowed an authenti NOT-FOR-US: TinyCheck CVE-2020-36199 (TinyCheck before commits 9fd360d and ea53de8 was vulnerable to command ...) NOT-FOR-US: TinyCheck -CVE-2021-25642 - RESERVED +CVE-2021-25642 (ZKConfigurationStore which is optionally used by CapacityScheduler of ...) + TODO: check CVE-2021-25641 (Each Apache Dubbo server will set a serialization id to tell the clien ...) NOT-FOR-US: Apache Dubbo CVE-2021-25640 (In Apache Dubbo prior to 2.6.9 and 2.7.9, the usage of parseURL method ...) @@ -119955,7 +119983,7 @@ CVE-2021-20302 (A flaw was found in OpenEXR's TiledInputFile functionality. This NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25894 NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/842 CVE-2021-20301 - RESERVED + REJECTED CVE-2021-20300 (A flaw was found in OpenEXR's hufUncompress functionality in OpenEXR/I ...) {DLA-2732-1} - openexr 2.5.4-1 @@ -120023,7 +120051,7 @@ CVE-2021-20288 (An authentication flaw was found in ceph in versions before 14.2 NOTE: https://github.com/ceph/ceph/commit/059eabcc0ada81078a898cdc25cf72bf3d506ad0 NOTE: https://github.com/ceph/ceph/commit/05b3b6a305ddbb56cc53bbeadf5866db4d785f49 CVE-2021-20287 - RESERVED + REJECTED CVE-2021-20286 (A flaw was found in libnbd 1.7.3. An assertion failure in nbd_unlocked ...) - libnbd 1.6.2-1 [bullseye] - libnbd <no-dsa> (Minor issue) @@ -120150,7 +120178,7 @@ CVE-2021-20260 CVE-2021-20259 (A flaw was found in the Foreman project. The Proxmox compute resource ...) - foreman <itp> (bug #663101) CVE-2021-20258 - RESERVED + REJECTED CVE-2021-20257 (An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. ...) {DLA-2623-1} - qemu 1:5.2+dfsg-9 (bug #984450) @@ -120504,7 +120532,7 @@ CVE-2021-20193 (A flaw was found in the src/list.c of tar 1.33 and earlier. This NOTE: https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777 NOTE: Memory leak in CLI tool, no security impact CVE-2021-20192 - RESERVED + REJECTED CVE-2021-20191 (A flaw was found in ansible. Credentials, such as secrets, are being d ...) - ansible 5.4.0-1 (bug #985753) [bullseye] - ansible <no-dsa> (Minor issue) @@ -297784,7 +297812,7 @@ CVE-2018-5496 (Data ONTAP operating in 7-Mode versions prior to 8.2.5P2 are susc CVE-2018-5495 (All StorageGRID Webscale versions are susceptible to a vulnerability w ...) NOT-FOR-US: NetApp CVE-2018-5494 - RESERVED + REJECTED CVE-2018-5493 (ATTO FibreBridge 7500N firmware versions prior to 2.90 are susceptible ...) NOT-FOR-US: ATTO CVE-2018-5492 (NetApp E-Series SANtricity OS Controller Software 11.30 and later vers ...) @@ -297806,7 +297834,7 @@ CVE-2018-5485 (NetApp OnCommand Unified Manager for Windows versions 7.2 through CVE-2018-5484 REJECTED CVE-2018-5483 - RESERVED + REJECTED CVE-2018-5482 (NetApp SnapCenter Server prior to 4.1 does not set the secure flag for ...) NOT-FOR-US: NetApp SnapCenter Server CVE-2018-5481 (OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 use ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd10aa3b2e47953f94250c8da96e8165c0dc5a24 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd10aa3b2e47953f94250c8da96e8165c0dc5a24 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits