Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6a4c79b5 by security tracker role at 2022-02-08T20:10:24+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,59 @@
+CVE-2022-24671
+ RESERVED
+CVE-2022-24670
+ RESERVED
+CVE-2022-24669
+ RESERVED
+CVE-2022-0547
+ RESERVED
+CVE-2022-0546
+ RESERVED
+CVE-2022-0545
+ RESERVED
+CVE-2022-0544
+ RESERVED
+CVE-2022-0543
+ RESERVED
+CVE-2022-0542
+ RESERVED
+CVE-2022-0541
+ RESERVED
+CVE-2022-0540
+ RESERVED
+CVE-2022-0539
+ RESERVED
+CVE-2022-0538
+ RESERVED
+CVE-2022-0537
+ RESERVED
+CVE-2022-0536
+ RESERVED
+CVE-2022-0535
+ RESERVED
+CVE-2022-0534
+ RESERVED
+CVE-2022-0533
+ RESERVED
+CVE-2022-0532
+ RESERVED
+CVE-2022-0531
+ RESERVED
+CVE-2022-0530
+ RESERVED
+CVE-2022-0529
+ RESERVED
+CVE-2021-46681
+ RESERVED
+CVE-2021-46680
+ RESERVED
+CVE-2021-46679
+ RESERVED
+CVE-2021-46678
+ RESERVED
+CVE-2021-46677
+ RESERVED
+CVE-2021-46676
+ RESERVED
CVE-2022-24668
RESERVED
CVE-2022-24667
@@ -537,20 +593,20 @@ CVE-2022-0511
RESERVED
- firefox <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-04/#CVE-2022-0511
-CVE-2022-0510
- RESERVED
-CVE-2022-0509
- RESERVED
-CVE-2022-0508
- RESERVED
+CVE-2022-0510 (Cross-site Scripting (XSS) - Reflected in Packagist
pimcore/pimcore pr ...)
+ TODO: check
+CVE-2022-0509 (Cross-site Scripting (XSS) - Stored in Packagist
pimcore/pimcore prior ...)
+ TODO: check
+CVE-2022-0508 (Server-Side Request Forgery (SSRF) in NPM @peertube/embed-api
prior to ...)
+ TODO: check
CVE-2022-0507
RESERVED
-CVE-2022-0506
- RESERVED
-CVE-2022-0505
- RESERVED
-CVE-2022-0504
- RESERVED
+CVE-2022-0506 (Cross-site Scripting (XSS) - Stored in Packagist
microweber/microweber ...)
+ TODO: check
+CVE-2022-0505 (Cross-Site Request Forgery (CSRF) in Packagist
microweber/microweber p ...)
+ TODO: check
+CVE-2022-0504 (Generation of Error Message Containing Sensitive Information in
Packag ...)
+ TODO: check
CVE-2022-0503
RESERVED
CVE-2022-0502 (Cross-site Scripting (XSS) - Stored in Packagist
remdex/livehelperchat ...)
@@ -674,8 +730,8 @@ CVE-2022-24385
RESERVED
CVE-2022-24384
RESERVED
-CVE-2022-21241
- RESERVED
+CVE-2022-21241 (Cross-site scripting vulnerability in CSV+ prior to 0.8.1
allows a rem ...)
+ TODO: check
CVE-2022-0487 (A use-after-free vulnerability was found in
rtsx_usb_ms_drv_remove in ...)
- linux <unfixed>
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1194516
@@ -899,10 +955,10 @@ CVE-2022-24288
RESERVED
CVE-2022-24287
RESERVED
-CVE-2022-21799
- RESERVED
-CVE-2022-21173
- RESERVED
+CVE-2022-21799 (Cross-site scripting vulnerability in ELECOM LAN router
WRC-300FEBK-R ...)
+ TODO: check
+CVE-2022-21173 (Hidden functionality vulnerability in ELECOM LAN routers
(WRH-300BK3 f ...)
+ TODO: check
CVE-2022-0470
RESERVED
{DSA-5068-1}
@@ -2969,10 +3025,10 @@ CVE-2022-23814
RESERVED
CVE-2022-23813
RESERVED
-CVE-2022-22146
- RESERVED
-CVE-2022-21193
- RESERVED
+CVE-2022-22146 (Cross-site scripting vulnerability in TransmitMail 2.5.0 to
2.6.1 allo ...)
+ TODO: check
+CVE-2022-21193 (Directory traversal vulnerability in TransmitMail 2.5.0 to
2.6.1 allow ...)
+ TODO: check
CVE-2022-21176
RESERVED
CVE-2022-21143
@@ -4189,8 +4245,8 @@ CVE-2022-23342
RESERVED
CVE-2022-23341
RESERVED
-CVE-2022-23340
- RESERVED
+CVE-2022-23340 (Joplin 2.6.10 allows remote attackers to execute system
commands throu ...)
+ TODO: check
CVE-2022-23339
RESERVED
CVE-2022-23338
@@ -4207,8 +4263,8 @@ CVE-2022-23333
RESERVED
CVE-2022-23332
RESERVED
-CVE-2022-23331
- RESERVED
+CVE-2022-23331 (In DataEase v1.6.1, an authenticated user can gain
unauthorized access ...)
+ TODO: check
CVE-2022-23330 (A remote code execution (RCE) vulnerability in
HelloWorldAddonControll ...)
NOT-FOR-US: jpress
CVE-2022-23329 (A vulnerability in
${"freemarker.template.utility.Execute"?new() of UJ ...)
@@ -4605,10 +4661,10 @@ CVE-2022-23302 (JMSSink in all versions of Log4j 1.x is
vulnerable to deserializ
[bullseye] - apache-log4j1.2 <no-dsa> (Minor issue)
[buster] - apache-log4j1.2 <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2022/01/18/3
-CVE-2022-22142
- RESERVED
-CVE-2022-21805
- RESERVED
+CVE-2022-22142 (Reflected cross-site scripting vulnerability in the checkbox
of php_ma ...)
+ TODO: check
+CVE-2022-21805 (Reflected cross-site scripting vulnerability in the attached
file name ...)
+ TODO: check
CVE-2022-0242 (Unrestricted Upload of File with Dangerous Type in GitHub
repository c ...)
NOT-FOR-US: Crater
CVE-2022-0241
@@ -5150,6 +5206,7 @@ CVE-2022-23136
CVE-2022-23135
RESERVED
CVE-2022-23134 (After the initial setup process, some steps of setup.php file
are reac ...)
+ {DLA-2914-1}
- zabbix <unfixed>
NOTE: https://support.zabbix.com/browse/ZBX-20384
NOTE:
https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/aa0fecfbcc9794bc00206630a7424575dfc944df
(5.0.19rc2)
@@ -6733,8 +6790,8 @@ CVE-2022-22709
RESERVED
CVE-2022-21806
RESERVED
-CVE-2022-0139
- RESERVED
+CVE-2022-0139 (Use After Free in GitHub repository radareorg/radare2 prior to
5.6.0. ...)
+ TODO: check
CVE-2022-0138
RESERVED
CVE-2022-0137
@@ -10624,14 +10681,14 @@ CVE-2021-45330
RESERVED
CVE-2021-45329
RESERVED
-CVE-2021-45328
- RESERVED
-CVE-2021-45327
- RESERVED
-CVE-2021-45326
- RESERVED
-CVE-2021-45325
- RESERVED
+CVE-2021-45328 (Gitea before 1.4.3 is affected by URL Redirection to Untrusted
Site (' ...)
+ TODO: check
+CVE-2021-45327 (Gitea before 1.11.2 is affected by Trusting HTTP Permission
Methods on ...)
+ TODO: check
+CVE-2021-45326 (Cross Site Request Forgery (CSRF) vulnerability exists in
Gitea before ...)
+ TODO: check
+CVE-2021-45325 (Server Side Request Forgery (SSRF) vulneraility exists in
Gitea before ...)
+ TODO: check
CVE-2021-45324
RESERVED
CVE-2021-45323
@@ -12064,10 +12121,10 @@ CVE-2021-44959
RESERVED
CVE-2021-44958
RESERVED
-CVE-2021-44957
- RESERVED
-CVE-2021-44956
- RESERVED
+CVE-2021-44957 (Global buffer overflow vulnerability exist in ffjpeg through
01.01.202 ...)
+ TODO: check
+CVE-2021-44956 (Two Heap based buffer overflow vulnerabilities exist in ffjpeg
through ...)
+ TODO: check
CVE-2021-44955
RESERVED
CVE-2021-44954
@@ -12279,8 +12336,8 @@ CVE-2021-44866 (An issue was discovered in
Online-Movie-Ticket-Booking-System 1.
NOT-FOR-US: Online-Movie-Ticket-Booking-System
CVE-2021-44865
RESERVED
-CVE-2021-44864
- RESERVED
+CVE-2021-44864 (TP-Link WR886N 3.0 1.0.1 Build 150127 Rel.34123n is vulnerable
to Buff ...)
+ TODO: check
CVE-2021-44863
RESERVED
CVE-2021-44862
@@ -43810,7 +43867,7 @@ CVE-2021-33627 (A vulnerability exists in SMM (System
Management Mode) branch th
NOT-FOR-US: Insyde
CVE-2021-33626 (A vulnerability exists in SMM (System Management Mode) branch
that reg ...)
NOT-FOR-US: Insyde
-CVE-2021-33625 (An issue was discovered in Kernel 5.x (starting from 5.1) in
Insyde In ...)
+CVE-2021-33625 (An issue was discovered in Kernel 5.x in Insyde InsydeH2O,
affecting H ...)
NOT-FOR-US: Insyde
CVE-2021-33624 (In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a
branch ...)
{DLA-2785-1}
@@ -77413,8 +77470,8 @@ CVE-2021-20879
RESERVED
CVE-2021-20878
RESERVED
-CVE-2021-20877
- RESERVED
+CVE-2021-20877 (Cross-site scripting vulnerability in Canon laser printers and
small o ...)
+ TODO: check
CVE-2021-20876 (Path traversal vulnerability in GroupSession Free edition
ver5.1.1 and ...)
NOT-FOR-US: GroupSession
CVE-2021-20875 (Open redirect vulnerability in GroupSession Free edition
ver5.1.1 and ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a4c79b5efb82cf86c29202705538733d8be803d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a4c79b5efb82cf86c29202705538733d8be803d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
