Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0b9ac79d by security tracker role at 2022-11-14T20:10:25+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,673 @@
+CVE-2023-21518
+ RESERVED
+CVE-2023-21517
+ RESERVED
+CVE-2023-21516
+ RESERVED
+CVE-2023-21515
+ RESERVED
+CVE-2023-21514
+ RESERVED
+CVE-2023-21513
+ RESERVED
+CVE-2023-21512
+ RESERVED
+CVE-2023-21511
+ RESERVED
+CVE-2023-21510
+ RESERVED
+CVE-2023-21509
+ RESERVED
+CVE-2023-21508
+ RESERVED
+CVE-2023-21507
+ RESERVED
+CVE-2023-21506
+ RESERVED
+CVE-2023-21505
+ RESERVED
+CVE-2023-21504
+ RESERVED
+CVE-2023-21503
+ RESERVED
+CVE-2023-21502
+ RESERVED
+CVE-2023-21501
+ RESERVED
+CVE-2023-21500
+ RESERVED
+CVE-2023-21499
+ RESERVED
+CVE-2023-21498
+ RESERVED
+CVE-2023-21497
+ RESERVED
+CVE-2023-21496
+ RESERVED
+CVE-2023-21495
+ RESERVED
+CVE-2023-21494
+ RESERVED
+CVE-2023-21493
+ RESERVED
+CVE-2023-21492
+ RESERVED
+CVE-2023-21491
+ RESERVED
+CVE-2023-21490
+ RESERVED
+CVE-2023-21489
+ RESERVED
+CVE-2023-21488
+ RESERVED
+CVE-2023-21487
+ RESERVED
+CVE-2023-21486
+ RESERVED
+CVE-2023-21485
+ RESERVED
+CVE-2023-21484
+ RESERVED
+CVE-2023-21483
+ RESERVED
+CVE-2023-21482
+ RESERVED
+CVE-2023-21481
+ RESERVED
+CVE-2023-21480
+ RESERVED
+CVE-2023-21479
+ RESERVED
+CVE-2023-21478
+ RESERVED
+CVE-2023-21477
+ RESERVED
+CVE-2023-21476
+ RESERVED
+CVE-2023-21475
+ RESERVED
+CVE-2023-21474
+ RESERVED
+CVE-2023-21473
+ RESERVED
+CVE-2023-21472
+ RESERVED
+CVE-2023-21471
+ RESERVED
+CVE-2023-21470
+ RESERVED
+CVE-2023-21469
+ RESERVED
+CVE-2023-21468
+ RESERVED
+CVE-2023-21467
+ RESERVED
+CVE-2023-21466
+ RESERVED
+CVE-2023-21465
+ RESERVED
+CVE-2023-21464
+ RESERVED
+CVE-2023-21463
+ RESERVED
+CVE-2023-21462
+ RESERVED
+CVE-2023-21461
+ RESERVED
+CVE-2023-21460
+ RESERVED
+CVE-2023-21459
+ RESERVED
+CVE-2023-21458
+ RESERVED
+CVE-2023-21457
+ RESERVED
+CVE-2023-21456
+ RESERVED
+CVE-2023-21455
+ RESERVED
+CVE-2023-21454
+ RESERVED
+CVE-2023-21453
+ RESERVED
+CVE-2023-21452
+ RESERVED
+CVE-2023-21451
+ RESERVED
+CVE-2023-21450
+ RESERVED
+CVE-2023-21449
+ RESERVED
+CVE-2023-21448
+ RESERVED
+CVE-2023-21447
+ RESERVED
+CVE-2023-21446
+ RESERVED
+CVE-2023-21445
+ RESERVED
+CVE-2023-21444
+ RESERVED
+CVE-2023-21443
+ RESERVED
+CVE-2023-21442
+ RESERVED
+CVE-2023-21441
+ RESERVED
+CVE-2023-21440
+ RESERVED
+CVE-2023-21439
+ RESERVED
+CVE-2023-21438
+ RESERVED
+CVE-2023-21437
+ RESERVED
+CVE-2023-21436
+ RESERVED
+CVE-2023-21435
+ RESERVED
+CVE-2023-21434
+ RESERVED
+CVE-2023-21433
+ RESERVED
+CVE-2023-21432
+ RESERVED
+CVE-2023-21431
+ RESERVED
+CVE-2023-21430
+ RESERVED
+CVE-2023-21429
+ RESERVED
+CVE-2023-21428
+ RESERVED
+CVE-2023-21427
+ RESERVED
+CVE-2023-21426
+ RESERVED
+CVE-2023-21425
+ RESERVED
+CVE-2023-21424
+ RESERVED
+CVE-2023-21423
+ RESERVED
+CVE-2023-21422
+ RESERVED
+CVE-2023-21421
+ RESERVED
+CVE-2023-21420
+ RESERVED
+CVE-2023-21419
+ RESERVED
+CVE-2022-45421
+ RESERVED
+CVE-2022-45420
+ RESERVED
+CVE-2022-45419
+ RESERVED
+CVE-2022-45418
+ RESERVED
+CVE-2022-45417
+ RESERVED
+CVE-2022-45416
+ RESERVED
+CVE-2022-45415
+ RESERVED
+CVE-2022-45414
+ RESERVED
+CVE-2022-45413
+ RESERVED
+CVE-2022-45412
+ RESERVED
+CVE-2022-45411
+ RESERVED
+CVE-2022-45410
+ RESERVED
+CVE-2022-45409
+ RESERVED
+CVE-2022-45408
+ RESERVED
+CVE-2022-45407
+ RESERVED
+CVE-2022-45406
+ RESERVED
+CVE-2022-45405
+ RESERVED
+CVE-2022-45404
+ RESERVED
+CVE-2022-45403
+ RESERVED
+CVE-2022-45402
+ RESERVED
+CVE-2022-45401
+ RESERVED
+CVE-2022-45400
+ RESERVED
+CVE-2022-45399
+ RESERVED
+CVE-2022-45398
+ RESERVED
+CVE-2022-45397
+ RESERVED
+CVE-2022-45396
+ RESERVED
+CVE-2022-45395
+ RESERVED
+CVE-2022-45394
+ RESERVED
+CVE-2022-45393
+ RESERVED
+CVE-2022-45392
+ RESERVED
+CVE-2022-45391
+ RESERVED
+CVE-2022-45390
+ RESERVED
+CVE-2022-45389
+ RESERVED
+CVE-2022-45388
+ RESERVED
+CVE-2022-45387
+ RESERVED
+CVE-2022-45386
+ RESERVED
+CVE-2022-45385
+ RESERVED
+CVE-2022-45384
+ RESERVED
+CVE-2022-45383
+ RESERVED
+CVE-2022-45382
+ RESERVED
+CVE-2022-45381
+ RESERVED
+CVE-2022-45380
+ RESERVED
+CVE-2022-45379
+ RESERVED
+CVE-2022-45378 (** UNSUPPORTED WHEN ASSIGNED ** In the default configuration
of Apache ...)
+ TODO: check
+CVE-2022-45377
+ RESERVED
+CVE-2022-45376
+ RESERVED
+CVE-2022-45375
+ RESERVED
+CVE-2022-45374
+ RESERVED
+CVE-2022-45373
+ RESERVED
+CVE-2022-45372
+ RESERVED
+CVE-2022-45371
+ RESERVED
+CVE-2022-45370
+ RESERVED
+CVE-2022-45369
+ RESERVED
+CVE-2022-45368
+ RESERVED
+CVE-2022-45367
+ RESERVED
+CVE-2022-45366
+ RESERVED
+CVE-2022-45365
+ RESERVED
+CVE-2022-45364
+ RESERVED
+CVE-2022-45363
+ RESERVED
+CVE-2022-45362
+ RESERVED
+CVE-2022-45361
+ RESERVED
+CVE-2022-45360
+ RESERVED
+CVE-2022-45359
+ RESERVED
+CVE-2022-45358
+ RESERVED
+CVE-2022-45357
+ RESERVED
+CVE-2022-45356
+ RESERVED
+CVE-2022-45355
+ RESERVED
+CVE-2022-45354
+ RESERVED
+CVE-2022-45353
+ RESERVED
+CVE-2022-45352
+ RESERVED
+CVE-2022-45351
+ RESERVED
+CVE-2022-45350
+ RESERVED
+CVE-2022-45349
+ RESERVED
+CVE-2022-45348
+ RESERVED
+CVE-2022-45347
+ RESERVED
+CVE-2022-45344
+ RESERVED
+CVE-2022-45343
+ RESERVED
+CVE-2022-45342
+ RESERVED
+CVE-2022-45341
+ RESERVED
+CVE-2022-45340
+ RESERVED
+CVE-2022-45339
+ RESERVED
+CVE-2022-45338
+ RESERVED
+CVE-2022-45337
+ RESERVED
+CVE-2022-45336
+ RESERVED
+CVE-2022-45335
+ RESERVED
+CVE-2022-45334
+ RESERVED
+CVE-2022-45333
+ RESERVED
+CVE-2022-45332
+ RESERVED
+CVE-2022-45331
+ RESERVED
+CVE-2022-45330
+ RESERVED
+CVE-2022-45329
+ RESERVED
+CVE-2022-45328
+ RESERVED
+CVE-2022-45327
+ RESERVED
+CVE-2022-45326
+ RESERVED
+CVE-2022-45325
+ RESERVED
+CVE-2022-45324
+ RESERVED
+CVE-2022-45323
+ RESERVED
+CVE-2022-45322
+ RESERVED
+CVE-2022-45321
+ RESERVED
+CVE-2022-45320
+ RESERVED
+CVE-2022-45319
+ RESERVED
+CVE-2022-45318
+ RESERVED
+CVE-2022-45317
+ RESERVED
+CVE-2022-45316
+ RESERVED
+CVE-2022-45315
+ RESERVED
+CVE-2022-45314
+ RESERVED
+CVE-2022-45313
+ RESERVED
+CVE-2022-45312
+ RESERVED
+CVE-2022-45311
+ RESERVED
+CVE-2022-45310
+ RESERVED
+CVE-2022-45309
+ RESERVED
+CVE-2022-45308
+ RESERVED
+CVE-2022-45307
+ RESERVED
+CVE-2022-45306
+ RESERVED
+CVE-2022-45305
+ RESERVED
+CVE-2022-45304
+ RESERVED
+CVE-2022-45303
+ RESERVED
+CVE-2022-45302
+ RESERVED
+CVE-2022-45301
+ RESERVED
+CVE-2022-45300
+ RESERVED
+CVE-2022-45299
+ RESERVED
+CVE-2022-45298
+ RESERVED
+CVE-2022-45297
+ RESERVED
+CVE-2022-45296
+ RESERVED
+CVE-2022-45295
+ RESERVED
+CVE-2022-45294
+ RESERVED
+CVE-2022-45293
+ RESERVED
+CVE-2022-45292
+ RESERVED
+CVE-2022-45291
+ RESERVED
+CVE-2022-45290
+ RESERVED
+CVE-2022-45289
+ RESERVED
+CVE-2022-45288
+ RESERVED
+CVE-2022-45287
+ RESERVED
+CVE-2022-45286
+ RESERVED
+CVE-2022-45285
+ RESERVED
+CVE-2022-45284
+ RESERVED
+CVE-2022-45283
+ RESERVED
+CVE-2022-45282
+ RESERVED
+CVE-2022-45281
+ RESERVED
+CVE-2022-45280
+ RESERVED
+CVE-2022-45279
+ RESERVED
+CVE-2022-45278
+ RESERVED
+CVE-2022-45277
+ RESERVED
+CVE-2022-45276
+ RESERVED
+CVE-2022-45275
+ RESERVED
+CVE-2022-45274
+ RESERVED
+CVE-2022-45273
+ RESERVED
+CVE-2022-45272
+ RESERVED
+CVE-2022-45271
+ RESERVED
+CVE-2022-45270
+ RESERVED
+CVE-2022-45269
+ RESERVED
+CVE-2022-45268
+ RESERVED
+CVE-2022-45267
+ RESERVED
+CVE-2022-45266
+ RESERVED
+CVE-2022-45265
+ RESERVED
+CVE-2022-45264
+ RESERVED
+CVE-2022-45263
+ RESERVED
+CVE-2022-45262
+ RESERVED
+CVE-2022-45261
+ RESERVED
+CVE-2022-45260
+ RESERVED
+CVE-2022-45259
+ RESERVED
+CVE-2022-45258
+ RESERVED
+CVE-2022-45257
+ RESERVED
+CVE-2022-45256
+ RESERVED
+CVE-2022-45255
+ RESERVED
+CVE-2022-45254
+ RESERVED
+CVE-2022-45253
+ RESERVED
+CVE-2022-45252
+ RESERVED
+CVE-2022-45251
+ RESERVED
+CVE-2022-45250
+ RESERVED
+CVE-2022-45249
+ RESERVED
+CVE-2022-45248
+ RESERVED
+CVE-2022-45247
+ RESERVED
+CVE-2022-45246
+ RESERVED
+CVE-2022-45245
+ RESERVED
+CVE-2022-45244
+ RESERVED
+CVE-2022-45243
+ RESERVED
+CVE-2022-45242
+ RESERVED
+CVE-2022-45241
+ RESERVED
+CVE-2022-45240
+ RESERVED
+CVE-2022-45239
+ RESERVED
+CVE-2022-45238
+ RESERVED
+CVE-2022-45237
+ RESERVED
+CVE-2022-45236
+ RESERVED
+CVE-2022-45235
+ RESERVED
+CVE-2022-45234
+ RESERVED
+CVE-2022-45233
+ RESERVED
+CVE-2022-45232
+ RESERVED
+CVE-2022-45231
+ RESERVED
+CVE-2022-45230
+ RESERVED
+CVE-2022-45229
+ RESERVED
+CVE-2022-45228
+ RESERVED
+CVE-2022-45227
+ RESERVED
+CVE-2022-45226
+ RESERVED
+CVE-2022-45225
+ RESERVED
+CVE-2022-45224
+ RESERVED
+CVE-2022-45223
+ RESERVED
+CVE-2022-45222
+ RESERVED
+CVE-2022-45221
+ RESERVED
+CVE-2022-45220
+ RESERVED
+CVE-2022-45219
+ RESERVED
+CVE-2022-45218
+ RESERVED
+CVE-2022-45217
+ RESERVED
+CVE-2022-45216
+ RESERVED
+CVE-2022-45215
+ RESERVED
+CVE-2022-45214
+ RESERVED
+CVE-2022-45213
+ RESERVED
+CVE-2022-45212
+ RESERVED
+CVE-2022-45211
+ RESERVED
+CVE-2022-45210
+ RESERVED
+CVE-2022-45209
+ RESERVED
+CVE-2022-45208
+ RESERVED
+CVE-2022-45207
+ RESERVED
+CVE-2022-45206
+ RESERVED
+CVE-2022-45205
+ RESERVED
+CVE-2022-45204
+ RESERVED
+CVE-2022-45203
+ RESERVED
+CVE-2022-45202
+ RESERVED
+CVE-2022-45201
+ RESERVED
+CVE-2022-45200
+ RESERVED
+CVE-2022-3993 (Authentication Bypass by Primary Weakness in GitHub repository
kareadi ...)
+ TODO: check
+CVE-2022-3992 (A vulnerability classified as problematic was found in
SourceCodester ...)
+ TODO: check
+CVE-2022-3991
+ RESERVED
+CVE-2022-3990
+ RESERVED
+CVE-2022-3989
+ RESERVED
+CVE-2022-3988 (A vulnerability was found in Frappe. It has been rated as
problematic. ...)
+ TODO: check
+CVE-2022-3987
+ RESERVED
+CVE-2022-3986
+ RESERVED
+CVE-2022-3985
+ RESERVED
+CVE-2022-3984
+ RESERVED
+CVE-2022-3983
+ RESERVED
+CVE-2022-3982
+ RESERVED
+CVE-2022-3981
+ RESERVED
+CVE-2022-3980
+ RESERVED
+CVE-2022-37406
+ RESERVED
CVE-2022-45199 (Pillow before 9.3.0 allows denial of service via
SAMPLESPERPIXEL. ...)
- pillow <unfixed>
[bullseye] - pillow <not-affected> (Vulnerable code not present,
introduced in 9.2.0)
@@ -83,8 +753,8 @@ CVE-2022-45186
RESERVED
CVE-2022-45185
RESERVED
-CVE-2022-45184
- RESERVED
+CVE-2022-45184 (The Web Server in Ironman Software PowerShell Universal v3.x
and v2.x ...)
+ TODO: check
CVE-2022-45183 (Escalation of privileges in the Web Server in Ironman Software
PowerSh ...)
NOT-FOR-US: Ironman
CVE-2022-45182 (Pi-Star_DV_Dash (for Pi-Star DV) before 5aa194d mishandles the
module ...)
@@ -245,8 +915,8 @@ CVE-2022-45138
RESERVED
CVE-2022-45137
RESERVED
-CVE-2022-45136
- RESERVED
+CVE-2022-45136 (** UNSUPPORTED WHEN ASSIGNED ** Apache Jena SDB 3.17.0 and
earlier is ...)
+ TODO: check
CVE-2022-45135
RESERVED
CVE-2022-43668
@@ -6613,12 +7283,12 @@ CVE-2022-43696
RESERVED
CVE-2022-43695
RESERVED
-CVE-2022-43694
- RESERVED
-CVE-2022-43693
- RESERVED
-CVE-2022-43692
- RESERVED
+CVE-2022-43694 (Concrete CMS (formerly concrete5) below 8.5.10 and between
9.0.0 and 9 ...)
+ TODO: check
+CVE-2022-43693 (Concrete CMS is vulnerable to CSRF due to the lack of "State"
paramete ...)
+ TODO: check
+CVE-2022-43692 (Concrete CMS (formerly concrete5) below 8.5.10 and between
9.0.0 and 9 ...)
+ TODO: check
CVE-2022-43691
RESERVED
CVE-2022-43690
@@ -7302,10 +7972,10 @@ CVE-2022-3633 (A vulnerability classified as
problematic has been found in Linux
[bullseye] - linux 5.10.140-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/8c21c54a53ab21842f5050fa090f26b03c0313d6 (6.0-rc1)
-CVE-2022-3632
- RESERVED
-CVE-2022-3631
- RESERVED
+CVE-2022-3632 (The OAuth Client by DigitialPixies WordPress plugin through
1.1.0 does ...)
+ TODO: check
+CVE-2022-3631 (The OAuth Client by DigitialPixies WordPress plugin through
1.1.0 does ...)
+ TODO: check
CVE-2022-3630 (A vulnerability was found in Linux Kernel. It has been rated as
proble ...)
- linux 5.19.6-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -7552,8 +8222,8 @@ CVE-2022-3580 (A vulnerability, which was classified as
problematic, has been fo
NOT-FOR-US: SourceCodester Cashier Queuing System
CVE-2022-3579 (A vulnerability classified as critical was found in
SourceCodester Cas ...)
NOT-FOR-US: SourceCodester Cashier Queuing System
-CVE-2022-3578
- RESERVED
+CVE-2022-3578 (The ProfileGrid WordPress plugin before 5.1.1 does not sanitise
and es ...)
+ TODO: check
CVE-2022-3577 (An out-of-bounds memory write flaw was found in the Linux
kernel’ ...)
- linux 5.18.5-1
[bullseye] - linux 5.10.127-1
@@ -7603,8 +8273,8 @@ CVE-2022-41642
RESERVED
CVE-2022-3575 (Frauscher Sensortechnik GmbH FDS102 for FAdC R2 and FAdCi R2
v2.8.0 to ...)
NOT-FOR-US: Frauscher Sensortechnik
-CVE-2022-3574
- RESERVED
+CVE-2022-3574 (The WPForms Pro WordPress plugin before 1.7.7 does not validate
its fo ...)
+ TODO: check
CVE-2022-3573
RESERVED
CVE-2022-3572
@@ -7692,8 +8362,8 @@ CVE-2022-43344
RESERVED
CVE-2022-43343 (N-Prolog v1.91 was discovered to contain a global buffer
overflow vuln ...)
NOT-FOR-US: N-Prolog
-CVE-2022-43342
- RESERVED
+CVE-2022-43342 (A stored cross-site scripting (XSS) vulnerability in the Add
function ...)
+ TODO: check
CVE-2022-43341
RESERVED
CVE-2022-43340 (A Cross-Site Request Forgery (CSRF) in dzzoffice
2.02.1_SC_UTF8 allows ...)
@@ -7800,8 +8470,8 @@ CVE-2022-43290 (Canteen Management System v1.0 was
discovered to contain a SQL i
NOT-FOR-US: Canteen Management System
CVE-2022-43289
RESERVED
-CVE-2022-43288
- RESERVED
+CVE-2022-43288 (Rukovoditel v3.2.1 was discovered to contain a SQL injection
vulnerabi ...)
+ TODO: check
CVE-2022-43287
RESERVED
CVE-2022-43286 (Nginx NJS v0.7.2 was discovered to contain a
heap-use-after-free bug c ...)
@@ -8547,10 +9217,10 @@ CVE-2022-3541 (A vulnerability classified as critical
has been found in Linux Ke
NOTE:
https://git.kernel.org/linus/12aece8b01507a2d357a1861f470e83621fbb6f2 (6.1-rc1)
CVE-2022-3540 (An issue has been discovered in hunter2 affecting all versions
before ...)
NOT-FOR-US: hunter2
-CVE-2022-3539
- RESERVED
-CVE-2022-3538
- RESERVED
+CVE-2022-3539 (The Testimonials WordPress plugin before 2.7,
super-testimonial-pro Wo ...)
+ TODO: check
+CVE-2022-3538 (The Webmaster Tools Verification WordPress plugin through 1.2
does not ...)
+ TODO: check
CVE-2022-3537 (The Role Based Pricing for WooCommerce WordPress plugin before
1.6.2 d ...)
NOT-FOR-US: WordPress plugin
CVE-2022-3536 (The Role Based Pricing for WooCommerce WordPress plugin before
1.6.3 d ...)
@@ -8921,8 +9591,8 @@ CVE-2022-3486 (An open redirect vulnerability in GitLab
EE/CE affecting all vers
- gitlab <unfixed>
CVE-2022-3485
RESERVED
-CVE-2022-3484
- RESERVED
+CVE-2022-3484 (The WPB Show Core WordPress plugin through TODO does not
sanitise and ...)
+ TODO: check
CVE-2022-3483 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
- gitlab <unfixed>
CVE-2022-3482
@@ -8990,8 +9660,8 @@ CVE-2022-42890 (A vulnerability in Batik of Apache XML
Graphics allows an attack
NOTE: https://www.openwall.com/lists/oss-security/2022/10/25/3
NOTE: https://issues.apache.org/jira/browse/BATIK-1345
NOTE: http://svn.apache.org/viewvc?view=revision&revision=1904549
-CVE-2022-3477
- RESERVED
+CVE-2022-3477 (The tagDiv Composer WordPress plugin before 3.5, required by
the Newsp ...)
+ TODO: check
CVE-2022-3476
RESERVED
CVE-2022-3475
@@ -9006,8 +9676,8 @@ CVE-2022-3471 (A vulnerability was found in
SourceCodester Human Resource Manage
NOT-FOR-US: SourceCodester
CVE-2022-3470 (A vulnerability was found in SourceCodester Human Resource
Management ...)
NOT-FOR-US: SourceCodester
-CVE-2022-3469
- RESERVED
+CVE-2022-3469 (The WP Attachments WordPress plugin before 5.0.5 does not
sanitize and ...)
+ TODO: check
CVE-2022-3468
RESERVED
CVE-2022-3467 (A vulnerability classified as critical was found in Jiusi OA.
Affected ...)
@@ -10049,8 +10719,8 @@ CVE-2022-3417
RESERVED
CVE-2022-3416
RESERVED
-CVE-2022-3415
- RESERVED
+CVE-2022-3415 (The Chat Bubble WordPress plugin before 2.3 does not sanitise
and esca ...)
+ TODO: check
CVE-2022-3414 (A vulnerability was found in SourceCodester Web-Based Student
Clearanc ...)
NOT-FOR-US: SourceCodester Web-Based Student Clearance System
CVE-2022-3413 (Incorrect authorization during display of Audit Events in
GitLab EE af ...)
@@ -15765,8 +16435,7 @@ CVE-2022-40135
RESERVED
CVE-2022-40134
RESERVED
-CVE-2022-40127
- RESERVED
+CVE-2022-40127 (A vulnerability in Example Dags of Apache Airflow allows an
attacker w ...)
- airflow <itp> (bug #819700)
CVE-2022-38972 (Cross-site scripting vulnerability in Movable Type plugin
A-Form versi ...)
NOT-FOR-US: Movable Type plugin
@@ -19390,8 +20059,8 @@ CVE-2022-38707
RESERVED
CVE-2022-38706
RESERVED
-CVE-2022-38705
- RESERVED
+CVE-2022-38705 (IBM CICS TX 11.1 Standard and Advanced could allow a remote
attacker t ...)
+ TODO: check
CVE-2022-38458
RESERVED
CVE-2022-38394 (Use of hard-coded credentials for the telnet server of
CentreCOM AR260 ...)
@@ -23500,8 +24169,8 @@ CVE-2022-37292 (Tenda AX12 V22.03.01.21_CN is
vulnerable to Buffer Overflow. Thi
NOT-FOR-US: Tenda
CVE-2022-37291
RESERVED
-CVE-2022-37290
- RESERVED
+CVE-2022-37290 (GNOME Nautilus 42.2 allows a NULL pointer dereference and
get_basename ...)
+ TODO: check
CVE-2022-37289
RESERVED
CVE-2022-37288
@@ -26444,10 +27113,10 @@ CVE-2022-2451
RESERVED
CVE-2022-36126 (An issue was discovered in Inductive Automation Ignition
before 7.9.20 ...)
NOT-FOR-US: Inductive Automation Ignition
-CVE-2022-2450
- RESERVED
-CVE-2022-2449
- RESERVED
+CVE-2022-2450 (The reSmush.it : the only free Image Optimizer & compress
plugin W ...)
+ TODO: check
+CVE-2022-2449 (The reSmush.it : the only free Image Optimizer & compress
plugin W ...)
+ TODO: check
CVE-2022-2448 (The reSmush.it WordPress plugin before 0.4.6 does not sanitise
and esc ...)
NOT-FOR-US: WordPress plugin
CVE-2022-2447 (A flaw was found in Keystone. There is a time lag (up to one
hour in a ...)
@@ -27437,8 +28106,8 @@ CVE-2022-35721 (IBM Jazz for Service Management 1.1.3
is vulnerable to stored cr
NOT-FOR-US: IBM
CVE-2022-35720
RESERVED
-CVE-2022-35719
- RESERVED
+CVE-2022-35719 (IBM MQ Internet Pass-Thru 2.1, 9.2 LTS and 9.2 CD stores
potentially s ...)
+ TODO: check
CVE-2022-35718
RESERVED
CVE-2022-35717 ("IBM InfoSphere Information Server 11.7 could allow a locally
authenti ...)
@@ -31404,8 +32073,8 @@ CVE-2022-34331 (After performing a sequence of Power
FW950, FW1010 maintenance o
NOT-FOR-US: IBM
CVE-2022-34330
RESERVED
-CVE-2022-34329
- RESERVED
+CVE-2022-34329 (IBM CICS TX 11.7 could allow an attacker to obtain sensitive
informati ...)
+ TODO: check
CVE-2022-34328 (PMB 7.3.10 allows reflected XSS via the id parameter in an
lvl=author_ ...)
NOT-FOR-US: PMB
CVE-2022-32284 (Use of insufficiently random values vulnerability exists in
Vnet/IP co ...)
@@ -31444,22 +32113,22 @@ CVE-2022-34321
RESERVED
CVE-2022-34320
RESERVED
-CVE-2022-34319
- RESERVED
-CVE-2022-34318
- RESERVED
+CVE-2022-34319 (IBM CICS TX 11.7 uses weaker than expected cryptographic
algorithms th ...)
+ TODO: check
+CVE-2022-34318 (IBM CICS TX 11.1 could allow a remote attacker to hijack the
clicking ...)
+ TODO: check
CVE-2022-34317
RESERVED
-CVE-2022-34316
- RESERVED
-CVE-2022-34315
- RESERVED
-CVE-2022-34314
- RESERVED
-CVE-2022-34313
- RESERVED
-CVE-2022-34312
- RESERVED
+CVE-2022-34316 (IBM CICS TX 11.1 does not neutralize or incorrectly
neutralizes web sc ...)
+ TODO: check
+CVE-2022-34315 (IBM CICS TX 11.1 is vulnerable to cross-site scripting. This
vulnerabi ...)
+ TODO: check
+CVE-2022-34314 (IBM CICS TX 11.1 could disclose sensitive information to a
local user ...)
+ TODO: check
+CVE-2022-34313 (IBM CICS TX 11.1 does not set the secure attribute on
authorization to ...)
+ TODO: check
+CVE-2022-34312 (IBM CICS TX 11.1 allows web pages to be stored locally which
can be re ...)
+ TODO: check
CVE-2022-34311
RESERVED
CVE-2022-34310
@@ -49703,8 +50372,7 @@ CVE-2022-27950 (In drivers/hid/hid-elo.c in the Linux
kernel before 5.16.11, a m
[stretch] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/817b8b9c5396d2b2d92311b46719aad5d3339dbe (5.17-rc5)
NOTE: https://www.openwall.com/lists/oss-security/2022/03/13/1
-CVE-2022-27949
- RESERVED
+CVE-2022-27949 (A vulnerability in UI of Apache Airflow allows an attacker to
view unm ...)
- airflow <itp> (bug #819700)
CVE-2022-27948 (** DISPUTED ** Certain Tesla vehicles through 2022-03-26 allow
attacke ...)
NOT-FOR-US: Tesla
@@ -58325,10 +58993,10 @@ CVE-2022-24940
RESERVED
CVE-2022-24939
RESERVED
-CVE-2022-24938
- RESERVED
-CVE-2022-24937
- RESERVED
+CVE-2022-24938 (A malformed packet causes a stack overflow in the Ember ZNet
stack. Th ...)
+ TODO: check
+CVE-2022-24937 (Improper Restriction of Operations within the Bounds of a
Memory Buffe ...)
+ TODO: check
CVE-2022-24936 (Out-of-Bounds error in GBL parser in Silicon Labs Gecko
Bootloader ver ...)
NOT-FOR-US: Silicon Labs Gecko Bootloader
CVE-2022-24935 (Lexmark products through 2022-02-10 have Incorrect Access
Control. ...)
@@ -62712,8 +63380,8 @@ CVE-2022-0326 (NULL Pointer Dereference in Homebrew
mruby prior to 3.2. ...)
NOTE: Fixed by:
https://github.com/mruby/mruby/commit/b611c43a5de061ec21b343967e1b64c45c373d7e
CVE-2022-0325
RESERVED
-CVE-2022-0324
- RESERVED
+CVE-2022-0324 (There is a vulnerability in DHCPv6 packet parsing code that
could be e ...)
+ TODO: check
CVE-2021-46402
RESERVED
CVE-2022-23792
@@ -66653,8 +67321,8 @@ CVE-2022-0139 (Use After Free in GitHub repository
radareorg/radare2 prior to 5.
NOTE:
https://github.com/radareorg/radare2/commit/37897226a1a31f982bfefdc4aeefc2e50355c73c
(5.6.0)
CVE-2022-0138 (MMP: All versions prior to v1.0.3, PTP C-series: Device
versions prior ...)
NOT-FOR-US: Airspan Networks
-CVE-2022-0137
- RESERVED
+CVE-2022-0137 (A heap buffer overflow in image_set_mask function of HTMLDOC
before 1. ...)
+ TODO: check
CVE-2022-0136 (A vulnerability was discovered in GitLab versions 10.5 to
14.5.4, 14.6 ...)
- gitlab <unfixed>
CVE-2022-0135 (An out-of-bounds write issue was found in the VirGL virtual
OpenGL ren ...)
@@ -83934,7 +84602,7 @@ CVE-2021-42102 (An uncontrolled search path element
vulnerabilities in Trend Mic
CVE-2021-42101 (An uncontrolled search path element vulnerabilities in Trend
Micro Ape ...)
NOT-FOR-US: Trend Micro
CVE-2021-3872 (vim is vulnerable to Heap-based Buffer Overflow ...)
- {DLA-2947-1}
+ {DLA-3182-1 DLA-2947-1}
- vim 2:8.2.3565-1
[bullseye] - vim <no-dsa> (Minor issue)
NOTE: https://huntr.dev/bounties/c958013b-1c09-4939-92ca-92f50aa169e8
@@ -88743,8 +89411,8 @@ CVE-2021-40274
RESERVED
CVE-2021-40273
RESERVED
-CVE-2021-40272
- RESERVED
+CVE-2021-40272 (OP5 Monitor 8.3.1, 8.3.2, and OP5 8.3.3 are vulnerable to
Cross Site S ...)
+ TODO: check
CVE-2021-40271
RESERVED
CVE-2021-40270
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b9ac79d870251cc4ddf3a6b5f73136e4e6a56e9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b9ac79d870251cc4ddf3a6b5f73136e4e6a56e9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
