Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 0b9ac79d by security tracker role at 2022-11-14T20:10:25+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,673 @@ +CVE-2023-21518 + RESERVED +CVE-2023-21517 + RESERVED +CVE-2023-21516 + RESERVED +CVE-2023-21515 + RESERVED +CVE-2023-21514 + RESERVED +CVE-2023-21513 + RESERVED +CVE-2023-21512 + RESERVED +CVE-2023-21511 + RESERVED +CVE-2023-21510 + RESERVED +CVE-2023-21509 + RESERVED +CVE-2023-21508 + RESERVED +CVE-2023-21507 + RESERVED +CVE-2023-21506 + RESERVED +CVE-2023-21505 + RESERVED +CVE-2023-21504 + RESERVED +CVE-2023-21503 + RESERVED +CVE-2023-21502 + RESERVED +CVE-2023-21501 + RESERVED +CVE-2023-21500 + RESERVED +CVE-2023-21499 + RESERVED +CVE-2023-21498 + RESERVED +CVE-2023-21497 + RESERVED +CVE-2023-21496 + RESERVED +CVE-2023-21495 + RESERVED +CVE-2023-21494 + RESERVED +CVE-2023-21493 + RESERVED +CVE-2023-21492 + RESERVED +CVE-2023-21491 + RESERVED +CVE-2023-21490 + RESERVED +CVE-2023-21489 + RESERVED +CVE-2023-21488 + RESERVED +CVE-2023-21487 + RESERVED +CVE-2023-21486 + RESERVED +CVE-2023-21485 + RESERVED +CVE-2023-21484 + RESERVED +CVE-2023-21483 + RESERVED +CVE-2023-21482 + RESERVED +CVE-2023-21481 + RESERVED +CVE-2023-21480 + RESERVED +CVE-2023-21479 + RESERVED +CVE-2023-21478 + RESERVED +CVE-2023-21477 + RESERVED +CVE-2023-21476 + RESERVED +CVE-2023-21475 + RESERVED +CVE-2023-21474 + RESERVED +CVE-2023-21473 + RESERVED +CVE-2023-21472 + RESERVED +CVE-2023-21471 + RESERVED +CVE-2023-21470 + RESERVED +CVE-2023-21469 + RESERVED +CVE-2023-21468 + RESERVED +CVE-2023-21467 + RESERVED +CVE-2023-21466 + RESERVED +CVE-2023-21465 + RESERVED +CVE-2023-21464 + RESERVED +CVE-2023-21463 + RESERVED +CVE-2023-21462 + RESERVED +CVE-2023-21461 + RESERVED +CVE-2023-21460 + RESERVED +CVE-2023-21459 + RESERVED +CVE-2023-21458 + RESERVED +CVE-2023-21457 + RESERVED +CVE-2023-21456 + RESERVED +CVE-2023-21455 + RESERVED +CVE-2023-21454 + RESERVED +CVE-2023-21453 + RESERVED +CVE-2023-21452 + RESERVED +CVE-2023-21451 + RESERVED +CVE-2023-21450 + RESERVED +CVE-2023-21449 + RESERVED +CVE-2023-21448 + RESERVED +CVE-2023-21447 + RESERVED +CVE-2023-21446 + RESERVED +CVE-2023-21445 + RESERVED +CVE-2023-21444 + RESERVED +CVE-2023-21443 + RESERVED +CVE-2023-21442 + RESERVED +CVE-2023-21441 + RESERVED +CVE-2023-21440 + RESERVED +CVE-2023-21439 + RESERVED +CVE-2023-21438 + RESERVED +CVE-2023-21437 + RESERVED +CVE-2023-21436 + RESERVED +CVE-2023-21435 + RESERVED +CVE-2023-21434 + RESERVED +CVE-2023-21433 + RESERVED +CVE-2023-21432 + RESERVED +CVE-2023-21431 + RESERVED +CVE-2023-21430 + RESERVED +CVE-2023-21429 + RESERVED +CVE-2023-21428 + RESERVED +CVE-2023-21427 + RESERVED +CVE-2023-21426 + RESERVED +CVE-2023-21425 + RESERVED +CVE-2023-21424 + RESERVED +CVE-2023-21423 + RESERVED +CVE-2023-21422 + RESERVED +CVE-2023-21421 + RESERVED +CVE-2023-21420 + RESERVED +CVE-2023-21419 + RESERVED +CVE-2022-45421 + RESERVED +CVE-2022-45420 + RESERVED +CVE-2022-45419 + RESERVED +CVE-2022-45418 + RESERVED +CVE-2022-45417 + RESERVED +CVE-2022-45416 + RESERVED +CVE-2022-45415 + RESERVED +CVE-2022-45414 + RESERVED +CVE-2022-45413 + RESERVED +CVE-2022-45412 + RESERVED +CVE-2022-45411 + RESERVED +CVE-2022-45410 + RESERVED +CVE-2022-45409 + RESERVED +CVE-2022-45408 + RESERVED +CVE-2022-45407 + RESERVED +CVE-2022-45406 + RESERVED +CVE-2022-45405 + RESERVED +CVE-2022-45404 + RESERVED +CVE-2022-45403 + RESERVED +CVE-2022-45402 + RESERVED +CVE-2022-45401 + RESERVED +CVE-2022-45400 + RESERVED +CVE-2022-45399 + RESERVED +CVE-2022-45398 + RESERVED +CVE-2022-45397 + RESERVED +CVE-2022-45396 + RESERVED +CVE-2022-45395 + RESERVED +CVE-2022-45394 + RESERVED +CVE-2022-45393 + RESERVED +CVE-2022-45392 + RESERVED +CVE-2022-45391 + RESERVED +CVE-2022-45390 + RESERVED +CVE-2022-45389 + RESERVED +CVE-2022-45388 + RESERVED +CVE-2022-45387 + RESERVED +CVE-2022-45386 + RESERVED +CVE-2022-45385 + RESERVED +CVE-2022-45384 + RESERVED +CVE-2022-45383 + RESERVED +CVE-2022-45382 + RESERVED +CVE-2022-45381 + RESERVED +CVE-2022-45380 + RESERVED +CVE-2022-45379 + RESERVED +CVE-2022-45378 (** UNSUPPORTED WHEN ASSIGNED ** In the default configuration of Apache ...) + TODO: check +CVE-2022-45377 + RESERVED +CVE-2022-45376 + RESERVED +CVE-2022-45375 + RESERVED +CVE-2022-45374 + RESERVED +CVE-2022-45373 + RESERVED +CVE-2022-45372 + RESERVED +CVE-2022-45371 + RESERVED +CVE-2022-45370 + RESERVED +CVE-2022-45369 + RESERVED +CVE-2022-45368 + RESERVED +CVE-2022-45367 + RESERVED +CVE-2022-45366 + RESERVED +CVE-2022-45365 + RESERVED +CVE-2022-45364 + RESERVED +CVE-2022-45363 + RESERVED +CVE-2022-45362 + RESERVED +CVE-2022-45361 + RESERVED +CVE-2022-45360 + RESERVED +CVE-2022-45359 + RESERVED +CVE-2022-45358 + RESERVED +CVE-2022-45357 + RESERVED +CVE-2022-45356 + RESERVED +CVE-2022-45355 + RESERVED +CVE-2022-45354 + RESERVED +CVE-2022-45353 + RESERVED +CVE-2022-45352 + RESERVED +CVE-2022-45351 + RESERVED +CVE-2022-45350 + RESERVED +CVE-2022-45349 + RESERVED +CVE-2022-45348 + RESERVED +CVE-2022-45347 + RESERVED +CVE-2022-45344 + RESERVED +CVE-2022-45343 + RESERVED +CVE-2022-45342 + RESERVED +CVE-2022-45341 + RESERVED +CVE-2022-45340 + RESERVED +CVE-2022-45339 + RESERVED +CVE-2022-45338 + RESERVED +CVE-2022-45337 + RESERVED +CVE-2022-45336 + RESERVED +CVE-2022-45335 + RESERVED +CVE-2022-45334 + RESERVED +CVE-2022-45333 + RESERVED +CVE-2022-45332 + RESERVED +CVE-2022-45331 + RESERVED +CVE-2022-45330 + RESERVED +CVE-2022-45329 + RESERVED +CVE-2022-45328 + RESERVED +CVE-2022-45327 + RESERVED +CVE-2022-45326 + RESERVED +CVE-2022-45325 + RESERVED +CVE-2022-45324 + RESERVED +CVE-2022-45323 + RESERVED +CVE-2022-45322 + RESERVED +CVE-2022-45321 + RESERVED +CVE-2022-45320 + RESERVED +CVE-2022-45319 + RESERVED +CVE-2022-45318 + RESERVED +CVE-2022-45317 + RESERVED +CVE-2022-45316 + RESERVED +CVE-2022-45315 + RESERVED +CVE-2022-45314 + RESERVED +CVE-2022-45313 + RESERVED +CVE-2022-45312 + RESERVED +CVE-2022-45311 + RESERVED +CVE-2022-45310 + RESERVED +CVE-2022-45309 + RESERVED +CVE-2022-45308 + RESERVED +CVE-2022-45307 + RESERVED +CVE-2022-45306 + RESERVED +CVE-2022-45305 + RESERVED +CVE-2022-45304 + RESERVED +CVE-2022-45303 + RESERVED +CVE-2022-45302 + RESERVED +CVE-2022-45301 + RESERVED +CVE-2022-45300 + RESERVED +CVE-2022-45299 + RESERVED +CVE-2022-45298 + RESERVED +CVE-2022-45297 + RESERVED +CVE-2022-45296 + RESERVED +CVE-2022-45295 + RESERVED +CVE-2022-45294 + RESERVED +CVE-2022-45293 + RESERVED +CVE-2022-45292 + RESERVED +CVE-2022-45291 + RESERVED +CVE-2022-45290 + RESERVED +CVE-2022-45289 + RESERVED +CVE-2022-45288 + RESERVED +CVE-2022-45287 + RESERVED +CVE-2022-45286 + RESERVED +CVE-2022-45285 + RESERVED +CVE-2022-45284 + RESERVED +CVE-2022-45283 + RESERVED +CVE-2022-45282 + RESERVED +CVE-2022-45281 + RESERVED +CVE-2022-45280 + RESERVED +CVE-2022-45279 + RESERVED +CVE-2022-45278 + RESERVED +CVE-2022-45277 + RESERVED +CVE-2022-45276 + RESERVED +CVE-2022-45275 + RESERVED +CVE-2022-45274 + RESERVED +CVE-2022-45273 + RESERVED +CVE-2022-45272 + RESERVED +CVE-2022-45271 + RESERVED +CVE-2022-45270 + RESERVED +CVE-2022-45269 + RESERVED +CVE-2022-45268 + RESERVED +CVE-2022-45267 + RESERVED +CVE-2022-45266 + RESERVED +CVE-2022-45265 + RESERVED +CVE-2022-45264 + RESERVED +CVE-2022-45263 + RESERVED +CVE-2022-45262 + RESERVED +CVE-2022-45261 + RESERVED +CVE-2022-45260 + RESERVED +CVE-2022-45259 + RESERVED +CVE-2022-45258 + RESERVED +CVE-2022-45257 + RESERVED +CVE-2022-45256 + RESERVED +CVE-2022-45255 + RESERVED +CVE-2022-45254 + RESERVED +CVE-2022-45253 + RESERVED +CVE-2022-45252 + RESERVED +CVE-2022-45251 + RESERVED +CVE-2022-45250 + RESERVED +CVE-2022-45249 + RESERVED +CVE-2022-45248 + RESERVED +CVE-2022-45247 + RESERVED +CVE-2022-45246 + RESERVED +CVE-2022-45245 + RESERVED +CVE-2022-45244 + RESERVED +CVE-2022-45243 + RESERVED +CVE-2022-45242 + RESERVED +CVE-2022-45241 + RESERVED +CVE-2022-45240 + RESERVED +CVE-2022-45239 + RESERVED +CVE-2022-45238 + RESERVED +CVE-2022-45237 + RESERVED +CVE-2022-45236 + RESERVED +CVE-2022-45235 + RESERVED +CVE-2022-45234 + RESERVED +CVE-2022-45233 + RESERVED +CVE-2022-45232 + RESERVED +CVE-2022-45231 + RESERVED +CVE-2022-45230 + RESERVED +CVE-2022-45229 + RESERVED +CVE-2022-45228 + RESERVED +CVE-2022-45227 + RESERVED +CVE-2022-45226 + RESERVED +CVE-2022-45225 + RESERVED +CVE-2022-45224 + RESERVED +CVE-2022-45223 + RESERVED +CVE-2022-45222 + RESERVED +CVE-2022-45221 + RESERVED +CVE-2022-45220 + RESERVED +CVE-2022-45219 + RESERVED +CVE-2022-45218 + RESERVED +CVE-2022-45217 + RESERVED +CVE-2022-45216 + RESERVED +CVE-2022-45215 + RESERVED +CVE-2022-45214 + RESERVED +CVE-2022-45213 + RESERVED +CVE-2022-45212 + RESERVED +CVE-2022-45211 + RESERVED +CVE-2022-45210 + RESERVED +CVE-2022-45209 + RESERVED +CVE-2022-45208 + RESERVED +CVE-2022-45207 + RESERVED +CVE-2022-45206 + RESERVED +CVE-2022-45205 + RESERVED +CVE-2022-45204 + RESERVED +CVE-2022-45203 + RESERVED +CVE-2022-45202 + RESERVED +CVE-2022-45201 + RESERVED +CVE-2022-45200 + RESERVED +CVE-2022-3993 (Authentication Bypass by Primary Weakness in GitHub repository kareadi ...) + TODO: check +CVE-2022-3992 (A vulnerability classified as problematic was found in SourceCodester ...) + TODO: check +CVE-2022-3991 + RESERVED +CVE-2022-3990 + RESERVED +CVE-2022-3989 + RESERVED +CVE-2022-3988 (A vulnerability was found in Frappe. It has been rated as problematic. ...) + TODO: check +CVE-2022-3987 + RESERVED +CVE-2022-3986 + RESERVED +CVE-2022-3985 + RESERVED +CVE-2022-3984 + RESERVED +CVE-2022-3983 + RESERVED +CVE-2022-3982 + RESERVED +CVE-2022-3981 + RESERVED +CVE-2022-3980 + RESERVED +CVE-2022-37406 + RESERVED CVE-2022-45199 (Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL. ...) - pillow <unfixed> [bullseye] - pillow <not-affected> (Vulnerable code not present, introduced in 9.2.0) @@ -83,8 +753,8 @@ CVE-2022-45186 RESERVED CVE-2022-45185 RESERVED -CVE-2022-45184 - RESERVED +CVE-2022-45184 (The Web Server in Ironman Software PowerShell Universal v3.x and v2.x ...) + TODO: check CVE-2022-45183 (Escalation of privileges in the Web Server in Ironman Software PowerSh ...) NOT-FOR-US: Ironman CVE-2022-45182 (Pi-Star_DV_Dash (for Pi-Star DV) before 5aa194d mishandles the module ...) @@ -245,8 +915,8 @@ CVE-2022-45138 RESERVED CVE-2022-45137 RESERVED -CVE-2022-45136 - RESERVED +CVE-2022-45136 (** UNSUPPORTED WHEN ASSIGNED ** Apache Jena SDB 3.17.0 and earlier is ...) + TODO: check CVE-2022-45135 RESERVED CVE-2022-43668 @@ -6613,12 +7283,12 @@ CVE-2022-43696 RESERVED CVE-2022-43695 RESERVED -CVE-2022-43694 - RESERVED -CVE-2022-43693 - RESERVED -CVE-2022-43692 - RESERVED +CVE-2022-43694 (Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9 ...) + TODO: check +CVE-2022-43693 (Concrete CMS is vulnerable to CSRF due to the lack of "State" paramete ...) + TODO: check +CVE-2022-43692 (Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9 ...) + TODO: check CVE-2022-43691 RESERVED CVE-2022-43690 @@ -7302,10 +7972,10 @@ CVE-2022-3633 (A vulnerability classified as problematic has been found in Linux [bullseye] - linux 5.10.140-1 [buster] - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/8c21c54a53ab21842f5050fa090f26b03c0313d6 (6.0-rc1) -CVE-2022-3632 - RESERVED -CVE-2022-3631 - RESERVED +CVE-2022-3632 (The OAuth Client by DigitialPixies WordPress plugin through 1.1.0 does ...) + TODO: check +CVE-2022-3631 (The OAuth Client by DigitialPixies WordPress plugin through 1.1.0 does ...) + TODO: check CVE-2022-3630 (A vulnerability was found in Linux Kernel. It has been rated as proble ...) - linux 5.19.6-1 [bullseye] - linux <not-affected> (Vulnerable code not present) @@ -7552,8 +8222,8 @@ CVE-2022-3580 (A vulnerability, which was classified as problematic, has been fo NOT-FOR-US: SourceCodester Cashier Queuing System CVE-2022-3579 (A vulnerability classified as critical was found in SourceCodester Cas ...) NOT-FOR-US: SourceCodester Cashier Queuing System -CVE-2022-3578 - RESERVED +CVE-2022-3578 (The ProfileGrid WordPress plugin before 5.1.1 does not sanitise and es ...) + TODO: check CVE-2022-3577 (An out-of-bounds memory write flaw was found in the Linux kernel’ ...) - linux 5.18.5-1 [bullseye] - linux 5.10.127-1 @@ -7603,8 +8273,8 @@ CVE-2022-41642 RESERVED CVE-2022-3575 (Frauscher Sensortechnik GmbH FDS102 for FAdC R2 and FAdCi R2 v2.8.0 to ...) NOT-FOR-US: Frauscher Sensortechnik -CVE-2022-3574 - RESERVED +CVE-2022-3574 (The WPForms Pro WordPress plugin before 1.7.7 does not validate its fo ...) + TODO: check CVE-2022-3573 RESERVED CVE-2022-3572 @@ -7692,8 +8362,8 @@ CVE-2022-43344 RESERVED CVE-2022-43343 (N-Prolog v1.91 was discovered to contain a global buffer overflow vuln ...) NOT-FOR-US: N-Prolog -CVE-2022-43342 - RESERVED +CVE-2022-43342 (A stored cross-site scripting (XSS) vulnerability in the Add function ...) + TODO: check CVE-2022-43341 RESERVED CVE-2022-43340 (A Cross-Site Request Forgery (CSRF) in dzzoffice 2.02.1_SC_UTF8 allows ...) @@ -7800,8 +8470,8 @@ CVE-2022-43290 (Canteen Management System v1.0 was discovered to contain a SQL i NOT-FOR-US: Canteen Management System CVE-2022-43289 RESERVED -CVE-2022-43288 - RESERVED +CVE-2022-43288 (Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerabi ...) + TODO: check CVE-2022-43287 RESERVED CVE-2022-43286 (Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug c ...) @@ -8547,10 +9217,10 @@ CVE-2022-3541 (A vulnerability classified as critical has been found in Linux Ke NOTE: https://git.kernel.org/linus/12aece8b01507a2d357a1861f470e83621fbb6f2 (6.1-rc1) CVE-2022-3540 (An issue has been discovered in hunter2 affecting all versions before ...) NOT-FOR-US: hunter2 -CVE-2022-3539 - RESERVED -CVE-2022-3538 - RESERVED +CVE-2022-3539 (The Testimonials WordPress plugin before 2.7, super-testimonial-pro Wo ...) + TODO: check +CVE-2022-3538 (The Webmaster Tools Verification WordPress plugin through 1.2 does not ...) + TODO: check CVE-2022-3537 (The Role Based Pricing for WooCommerce WordPress plugin before 1.6.2 d ...) NOT-FOR-US: WordPress plugin CVE-2022-3536 (The Role Based Pricing for WooCommerce WordPress plugin before 1.6.3 d ...) @@ -8921,8 +9591,8 @@ CVE-2022-3486 (An open redirect vulnerability in GitLab EE/CE affecting all vers - gitlab <unfixed> CVE-2022-3485 RESERVED -CVE-2022-3484 - RESERVED +CVE-2022-3484 (The WPB Show Core WordPress plugin through TODO does not sanitise and ...) + TODO: check CVE-2022-3483 (An issue has been discovered in GitLab CE/EE affecting all versions st ...) - gitlab <unfixed> CVE-2022-3482 @@ -8990,8 +9660,8 @@ CVE-2022-42890 (A vulnerability in Batik of Apache XML Graphics allows an attack NOTE: https://www.openwall.com/lists/oss-security/2022/10/25/3 NOTE: https://issues.apache.org/jira/browse/BATIK-1345 NOTE: http://svn.apache.org/viewvc?view=revision&revision=1904549 -CVE-2022-3477 - RESERVED +CVE-2022-3477 (The tagDiv Composer WordPress plugin before 3.5, required by the Newsp ...) + TODO: check CVE-2022-3476 RESERVED CVE-2022-3475 @@ -9006,8 +9676,8 @@ CVE-2022-3471 (A vulnerability was found in SourceCodester Human Resource Manage NOT-FOR-US: SourceCodester CVE-2022-3470 (A vulnerability was found in SourceCodester Human Resource Management ...) NOT-FOR-US: SourceCodester -CVE-2022-3469 - RESERVED +CVE-2022-3469 (The WP Attachments WordPress plugin before 5.0.5 does not sanitize and ...) + TODO: check CVE-2022-3468 RESERVED CVE-2022-3467 (A vulnerability classified as critical was found in Jiusi OA. Affected ...) @@ -10049,8 +10719,8 @@ CVE-2022-3417 RESERVED CVE-2022-3416 RESERVED -CVE-2022-3415 - RESERVED +CVE-2022-3415 (The Chat Bubble WordPress plugin before 2.3 does not sanitise and esca ...) + TODO: check CVE-2022-3414 (A vulnerability was found in SourceCodester Web-Based Student Clearanc ...) NOT-FOR-US: SourceCodester Web-Based Student Clearance System CVE-2022-3413 (Incorrect authorization during display of Audit Events in GitLab EE af ...) @@ -15765,8 +16435,7 @@ CVE-2022-40135 RESERVED CVE-2022-40134 RESERVED -CVE-2022-40127 - RESERVED +CVE-2022-40127 (A vulnerability in Example Dags of Apache Airflow allows an attacker w ...) - airflow <itp> (bug #819700) CVE-2022-38972 (Cross-site scripting vulnerability in Movable Type plugin A-Form versi ...) NOT-FOR-US: Movable Type plugin @@ -19390,8 +20059,8 @@ CVE-2022-38707 RESERVED CVE-2022-38706 RESERVED -CVE-2022-38705 - RESERVED +CVE-2022-38705 (IBM CICS TX 11.1 Standard and Advanced could allow a remote attacker t ...) + TODO: check CVE-2022-38458 RESERVED CVE-2022-38394 (Use of hard-coded credentials for the telnet server of CentreCOM AR260 ...) @@ -23500,8 +24169,8 @@ CVE-2022-37292 (Tenda AX12 V22.03.01.21_CN is vulnerable to Buffer Overflow. Thi NOT-FOR-US: Tenda CVE-2022-37291 RESERVED -CVE-2022-37290 - RESERVED +CVE-2022-37290 (GNOME Nautilus 42.2 allows a NULL pointer dereference and get_basename ...) + TODO: check CVE-2022-37289 RESERVED CVE-2022-37288 @@ -26444,10 +27113,10 @@ CVE-2022-2451 RESERVED CVE-2022-36126 (An issue was discovered in Inductive Automation Ignition before 7.9.20 ...) NOT-FOR-US: Inductive Automation Ignition -CVE-2022-2450 - RESERVED -CVE-2022-2449 - RESERVED +CVE-2022-2450 (The reSmush.it : the only free Image Optimizer & compress plugin W ...) + TODO: check +CVE-2022-2449 (The reSmush.it : the only free Image Optimizer & compress plugin W ...) + TODO: check CVE-2022-2448 (The reSmush.it WordPress plugin before 0.4.6 does not sanitise and esc ...) NOT-FOR-US: WordPress plugin CVE-2022-2447 (A flaw was found in Keystone. There is a time lag (up to one hour in a ...) @@ -27437,8 +28106,8 @@ CVE-2022-35721 (IBM Jazz for Service Management 1.1.3 is vulnerable to stored cr NOT-FOR-US: IBM CVE-2022-35720 RESERVED -CVE-2022-35719 - RESERVED +CVE-2022-35719 (IBM MQ Internet Pass-Thru 2.1, 9.2 LTS and 9.2 CD stores potentially s ...) + TODO: check CVE-2022-35718 RESERVED CVE-2022-35717 ("IBM InfoSphere Information Server 11.7 could allow a locally authenti ...) @@ -31404,8 +32073,8 @@ CVE-2022-34331 (After performing a sequence of Power FW950, FW1010 maintenance o NOT-FOR-US: IBM CVE-2022-34330 RESERVED -CVE-2022-34329 - RESERVED +CVE-2022-34329 (IBM CICS TX 11.7 could allow an attacker to obtain sensitive informati ...) + TODO: check CVE-2022-34328 (PMB 7.3.10 allows reflected XSS via the id parameter in an lvl=author_ ...) NOT-FOR-US: PMB CVE-2022-32284 (Use of insufficiently random values vulnerability exists in Vnet/IP co ...) @@ -31444,22 +32113,22 @@ CVE-2022-34321 RESERVED CVE-2022-34320 RESERVED -CVE-2022-34319 - RESERVED -CVE-2022-34318 - RESERVED +CVE-2022-34319 (IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms th ...) + TODO: check +CVE-2022-34318 (IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking ...) + TODO: check CVE-2022-34317 RESERVED -CVE-2022-34316 - RESERVED -CVE-2022-34315 - RESERVED -CVE-2022-34314 - RESERVED -CVE-2022-34313 - RESERVED -CVE-2022-34312 - RESERVED +CVE-2022-34316 (IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web sc ...) + TODO: check +CVE-2022-34315 (IBM CICS TX 11.1 is vulnerable to cross-site scripting. This vulnerabi ...) + TODO: check +CVE-2022-34314 (IBM CICS TX 11.1 could disclose sensitive information to a local user ...) + TODO: check +CVE-2022-34313 (IBM CICS TX 11.1 does not set the secure attribute on authorization to ...) + TODO: check +CVE-2022-34312 (IBM CICS TX 11.1 allows web pages to be stored locally which can be re ...) + TODO: check CVE-2022-34311 RESERVED CVE-2022-34310 @@ -49703,8 +50372,7 @@ CVE-2022-27950 (In drivers/hid/hid-elo.c in the Linux kernel before 5.16.11, a m [stretch] - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/817b8b9c5396d2b2d92311b46719aad5d3339dbe (5.17-rc5) NOTE: https://www.openwall.com/lists/oss-security/2022/03/13/1 -CVE-2022-27949 - RESERVED +CVE-2022-27949 (A vulnerability in UI of Apache Airflow allows an attacker to view unm ...) - airflow <itp> (bug #819700) CVE-2022-27948 (** DISPUTED ** Certain Tesla vehicles through 2022-03-26 allow attacke ...) NOT-FOR-US: Tesla @@ -58325,10 +58993,10 @@ CVE-2022-24940 RESERVED CVE-2022-24939 RESERVED -CVE-2022-24938 - RESERVED -CVE-2022-24937 - RESERVED +CVE-2022-24938 (A malformed packet causes a stack overflow in the Ember ZNet stack. Th ...) + TODO: check +CVE-2022-24937 (Improper Restriction of Operations within the Bounds of a Memory Buffe ...) + TODO: check CVE-2022-24936 (Out-of-Bounds error in GBL parser in Silicon Labs Gecko Bootloader ver ...) NOT-FOR-US: Silicon Labs Gecko Bootloader CVE-2022-24935 (Lexmark products through 2022-02-10 have Incorrect Access Control. ...) @@ -62712,8 +63380,8 @@ CVE-2022-0326 (NULL Pointer Dereference in Homebrew mruby prior to 3.2. ...) NOTE: Fixed by: https://github.com/mruby/mruby/commit/b611c43a5de061ec21b343967e1b64c45c373d7e CVE-2022-0325 RESERVED -CVE-2022-0324 - RESERVED +CVE-2022-0324 (There is a vulnerability in DHCPv6 packet parsing code that could be e ...) + TODO: check CVE-2021-46402 RESERVED CVE-2022-23792 @@ -66653,8 +67321,8 @@ CVE-2022-0139 (Use After Free in GitHub repository radareorg/radare2 prior to 5. NOTE: https://github.com/radareorg/radare2/commit/37897226a1a31f982bfefdc4aeefc2e50355c73c (5.6.0) CVE-2022-0138 (MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior ...) NOT-FOR-US: Airspan Networks -CVE-2022-0137 - RESERVED +CVE-2022-0137 (A heap buffer overflow in image_set_mask function of HTMLDOC before 1. ...) + TODO: check CVE-2022-0136 (A vulnerability was discovered in GitLab versions 10.5 to 14.5.4, 14.6 ...) - gitlab <unfixed> CVE-2022-0135 (An out-of-bounds write issue was found in the VirGL virtual OpenGL ren ...) @@ -83934,7 +84602,7 @@ CVE-2021-42102 (An uncontrolled search path element vulnerabilities in Trend Mic CVE-2021-42101 (An uncontrolled search path element vulnerabilities in Trend Micro Ape ...) NOT-FOR-US: Trend Micro CVE-2021-3872 (vim is vulnerable to Heap-based Buffer Overflow ...) - {DLA-2947-1} + {DLA-3182-1 DLA-2947-1} - vim 2:8.2.3565-1 [bullseye] - vim <no-dsa> (Minor issue) NOTE: https://huntr.dev/bounties/c958013b-1c09-4939-92ca-92f50aa169e8 @@ -88743,8 +89411,8 @@ CVE-2021-40274 RESERVED CVE-2021-40273 RESERVED -CVE-2021-40272 - RESERVED +CVE-2021-40272 (OP5 Monitor 8.3.1, 8.3.2, and OP5 8.3.3 are vulnerable to Cross Site S ...) + TODO: check CVE-2021-40271 RESERVED CVE-2021-40270 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b9ac79d870251cc4ddf3a6b5f73136e4e6a56e9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b9ac79d870251cc4ddf3a6b5f73136e4e6a56e9 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits