[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
59433d65 by security tracker role at 2022-01-27T20:10:16+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,85 @@
+CVE-2022-24069
+       RESERVED
+CVE-2022-24064
+       RESERVED
+CVE-2022-24063
+       RESERVED
+CVE-2022-24062
+       RESERVED
+CVE-2022-24061
+       RESERVED
+CVE-2022-24060
+       RESERVED
+CVE-2022-24059
+       RESERVED
+CVE-2022-24058
+       RESERVED
+CVE-2022-24057
+       RESERVED
+CVE-2022-24056
+       RESERVED
+CVE-2022-24055
+       RESERVED
+CVE-2022-24054
+       RESERVED
+CVE-2022-24053
+       RESERVED
+CVE-2022-24052
+       RESERVED
+CVE-2022-24051
+       RESERVED
+CVE-2022-24050
+       RESERVED
+CVE-2022-24049
+       RESERVED
+CVE-2022-24048
+       RESERVED
+CVE-2022-24047
+       RESERVED
+CVE-2022-24046
+       RESERVED
+CVE-2022-24045
+       RESERVED
+CVE-2022-24044
+       RESERVED
+CVE-2022-24043
+       RESERVED
+CVE-2022-24042
+       RESERVED
+CVE-2022-24041
+       RESERVED
+CVE-2022-24040
+       RESERVED
+CVE-2022-24039
+       RESERVED
+CVE-2022-24038
+       RESERVED
+CVE-2022-24037
+       RESERVED
+CVE-2022-24036
+       RESERVED
+CVE-2022-23921
+       RESERVED
+CVE-2022-22987
+       RESERVED
+CVE-2022-21798
+       RESERVED
+CVE-2022-21154
+       RESERVED
+CVE-2022-0392
+       RESERVED
+CVE-2022-0391
+       RESERVED
+CVE-2022-0390
+       RESERVED
+CVE-2022-0389
+       RESERVED
+CVE-2022-0388
+       RESERVED
+CVE-2021-4217
+       RESERVED
+CVE-2021-4216
+       RESERVED
 CVE-2022-24035
        RESERVED
 CVE-2022-24034
@@ -341,8 +423,8 @@ CVE-2022-0374 (Cross-site Scripting (XSS) - Stored in 
Packagist remdex/livehelpe
        NOT-FOR-US: livehelperchat
 CVE-2022-0373
        RESERVED
-CVE-2022-0372
-       RESERVED
+CVE-2022-0372 (Cross-site Scripting (XSS) - Stored in Packagist 
bytefury/crater prior ...)
+       TODO: check
 CVE-2021-46561 (controller/org.controller/org.controller.js in the CVE 
Services API 1. ...)
        NOT-FOR-US: controller/org.controller/org.controller.js in the CVE 
Services API
 CVE-2018-25029
@@ -655,8 +737,8 @@ CVE-2022-0350
        RESERVED
 CVE-2022-0349
        RESERVED
-CVE-2022-0348
-       RESERVED
+CVE-2022-0348 (Cross-site Scripting (XSS) - Stored in Packagist 
pimcore/pimcore prior ...)
+       TODO: check
 CVE-2022-0347
        RESERVED
 CVE-2022-0346
@@ -929,10 +1011,10 @@ CVE-2021-46430
        RESERVED
 CVE-2021-46429
        RESERVED
-CVE-2021-46428
-       RESERVED
-CVE-2021-46427
-       RESERVED
+CVE-2021-46428 (A Remote Code Execution (RCE) vulnerability exists in 
Sourcecodester S ...)
+       TODO: check
+CVE-2021-46427 (An SQL Injection vulnerability exists in Sourcecodester Simple 
Chatbot ...)
+       TODO: check
 CVE-2021-46426
        RESERVED
 CVE-2021-46425
@@ -2423,8 +2505,8 @@ CVE-2021-46379
        RESERVED
 CVE-2021-46378
        RESERVED
-CVE-2021-46377
-       RESERVED
+CVE-2021-46377 (There is a front-end sql injection vulnerability in cszcms 
1.2.9 via c ...)
+       TODO: check
 CVE-2021-46376
        RESERVED
 CVE-2021-46375
@@ -3090,8 +3172,8 @@ CVE-2022-23185
        RESERVED
 CVE-2022-23184
        RESERVED
-CVE-2022-23181
-       RESERVED
+CVE-2022-23181 (The fix for bug CVE-2020-9484 introduced a time of check, time 
of use  ...)
+       TODO: check
 CVE-2022-23180
        RESERVED
 CVE-2022-23179
@@ -5882,8 +5964,8 @@ CVE-2021-46104 (An issue was discovered in webp_server_go 
0.4.0. There is a dire
        NOT-FOR-US: webp_server_go
 CVE-2021-46103
        RESERVED
-CVE-2021-46102
-       RESERVED
+CVE-2021-46102 (From version 0.2.14 to 0.2.16 for Solana rBPF, function 
"relocate" in  ...)
+       TODO: check
 CVE-2021-46101
        RESERVED
 CVE-2021-46100
@@ -5892,8 +5974,8 @@ CVE-2021-46099
        RESERVED
 CVE-2021-46098
        RESERVED
-CVE-2021-46097
-       RESERVED
+CVE-2021-46097 (Dolphinphp v1.5.0 contains a remote code execution 
vulnerability in /a ...)
+       TODO: check
 CVE-2021-46096
        RESERVED
 CVE-2021-46095
@@ -5910,8 +5992,8 @@ CVE-2021-46090
        RESERVED
 CVE-2021-46089 (In JeecgBoot 3.0, there is a SQL injection vulnerability that 
can oper ...)
        NOT-FOR-US: JeecgBoot
-CVE-2021-46088
-       RESERVED
+CVE-2021-46088 (Zabbix 4.0 LTS, 4.2, 4.4, and 5.0 LTS is vulnerable to Remote 
Code Exe ...)
+       TODO: check
 CVE-2021-46087 (In jfinal_cms >= 5.1 0, there is a storage XSS 
vulnerability in the ...)
        NOT-FOR-US: jfinal_cms
 CVE-2021-46086 (xzs-mysql >= t3.4.0 is vulnerable to Insecure Permissions. 
The fron ...)
@@ -5956,8 +6038,8 @@ CVE-2021-46067 (In Vehicle Service Management System 1.0 
an attacker can steal t
        NOT-FOR-US: Sourcecodester Vehicle Service Management System
 CVE-2021-46066
        RESERVED
-CVE-2021-46065
-       RESERVED
+CVE-2021-46065 (A Cross-site scripting (XSS) vulnerability in Secondary Email 
Field in ...)
+       TODO: check
 CVE-2021-46064
        RESERVED
 CVE-2021-46063
@@ -10493,14 +10575,14 @@ CVE-2022-21814
        RESERVED
 CVE-2022-21813
        RESERVED
-CVE-2021-44795
-       RESERVED
-CVE-2021-44794
-       RESERVED
-CVE-2021-44793
-       RESERVED
-CVE-2021-44792
-       RESERVED
+CVE-2021-44795 (Single Connect does not perform an authorization check when 
using the  ...)
+       TODO: check
+CVE-2021-44794 (Single Connect does not perform an authorization check when 
using the  ...)
+       TODO: check
+CVE-2021-44793 (Single Connect does not perform an authorization check when 
using the  ...)
+       TODO: check
+CVE-2021-44792 (Single Connect does not perform an authorization check when 
using the  ...)
+       TODO: check
 CVE-2021-44791
        RESERVED
 CVE-2021-44790 (A carefully crafted request body can cause a buffer overflow 
in the mo ...)
@@ -12514,7 +12596,7 @@ CVE-2021-44123 (SPIP 4.0.0 is affected by a remote 
command execution vulnerabili
 CVE-2021-44122 (SPIP 4.0.0 is affected by a Cross Site Request Forgery (CSRF) 
vulnerab ...)
        TODO: check
 CVE-2021-44121
-       RESERVED
+       REJECTED
 CVE-2021-44120 (SPIP 4.0.0 is affected by a Cross Site Scripting (XSS) 
vulnerability i ...)
        TODO: check
 CVE-2021-44119
@@ -56125,8 +56207,8 @@ CVE-2021-28098 (An issue was discovered in Forescout 
CounterACT before 8.1.4. A
        NOT-FOR-US: Forescout CounterACT
 CVE-2021-28097
        RESERVED
-CVE-2021-28096
-       RESERVED
+CVE-2021-28096 (An issue was discovered in Stormshield SNS before 4.2.3 (when 
the prox ...)
+       TODO: check
 CVE-2021-28095 (OX Documents before 7.10.5-rev5 has Incorrect Access Control 
for docum ...)
        NOT-FOR-US: OX Documents
 CVE-2021-28094 (OX Documents before 7.10.5-rev7 has Incorrect Access Control 
for conve ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59433d6552a7ce74910c1360865736b51aeb1a00

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59433d6552a7ce74910c1360865736b51aeb1a00
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits