Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 20f03539 by security tracker role at 2022-02-11T08:10:10+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,97 @@ +CVE-2022-24961 (In Portainer Agent before 2.11.1, an API server can continue running e ...) + TODO: check +CVE-2022-24960 + RESERVED +CVE-2022-24959 (An issue was discovered in the Linux kernel before 5.16.5. There is a ...) + TODO: check +CVE-2022-24958 (drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 m ...) + TODO: check +CVE-2022-24957 + RESERVED +CVE-2022-24956 + RESERVED +CVE-2022-24955 (Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have ...) + TODO: check +CVE-2022-24954 (Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have ...) + TODO: check +CVE-2022-24953 + RESERVED +CVE-2022-24952 + RESERVED +CVE-2022-24951 + RESERVED +CVE-2022-24950 + RESERVED +CVE-2022-24949 + RESERVED +CVE-2022-24948 + RESERVED +CVE-2022-24947 + RESERVED +CVE-2022-24946 + RESERVED +CVE-2022-24945 + RESERVED +CVE-2022-24944 + RESERVED +CVE-2022-24943 + RESERVED +CVE-2022-24942 + RESERVED +CVE-2022-24941 + RESERVED +CVE-2022-24940 + RESERVED +CVE-2022-24939 + RESERVED +CVE-2022-24938 + RESERVED +CVE-2022-24937 + RESERVED +CVE-2022-24936 + RESERVED +CVE-2022-24935 + RESERVED +CVE-2022-24934 + RESERVED +CVE-2022-24933 + RESERVED +CVE-2022-24932 + RESERVED +CVE-2022-24931 + RESERVED +CVE-2022-24930 + RESERVED +CVE-2022-24929 + RESERVED +CVE-2022-24928 + RESERVED +CVE-2022-24927 + RESERVED +CVE-2022-24926 + RESERVED +CVE-2022-24925 + RESERVED +CVE-2022-24924 + RESERVED +CVE-2022-24923 + RESERVED +CVE-2022-24922 + RESERVED +CVE-2022-24921 + RESERVED +CVE-2022-24920 + RESERVED +CVE-2022-24919 + RESERVED +CVE-2022-24918 + RESERVED +CVE-2022-24917 + RESERVED +CVE-2022-24911 + RESERVED +CVE-2022-0564 + RESERVED CVE-2022-24916 (Optimism before @eth-optimism/[email protected] allows economic griefing b ...) TODO: check CVE-2022-24908 @@ -440,8 +534,8 @@ CVE-2022-0556 RESERVED CVE-2022-0555 RESERVED -CVE-2022-0554 - RESERVED +CVE-2022-0554 (Use of Out-of-range Pointer Offset in Conda vim prior to 8.2. ...) + TODO: check CVE-2022-0553 RESERVED CVE-2022-0552 @@ -662,10 +756,10 @@ CVE-2022-24649 RESERVED CVE-2022-24648 RESERVED -CVE-2022-24647 - RESERVED -CVE-2022-24646 - RESERVED +CVE-2022-24647 (Cuppa CMS v1.0 was discovered to contain an arbitrary file deletion vu ...) + TODO: check +CVE-2022-24646 (Hospital Management System v4.0 was discovered to contain a SQL inject ...) + TODO: check CVE-2022-24645 RESERVED CVE-2022-24644 @@ -3668,8 +3762,8 @@ CVE-2022-23807 (An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 b NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/ca54f1db050859eb8555875c6aa5d7796fdf4b32 NOTE: https://salsa.debian.org/phpmyadmin-team/phpmyadmin/-/issues/3 (missing 2FA packages) NOTE: 2FA support is not packaged in Debian -CVE-2022-23806 - RESERVED +CVE-2022-23806 (Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x bef ...) + TODO: check CVE-2022-23805 (A security out-of-bounds read information disclosure vulnerability in ...) NOT-FOR-US: Trend Micro CVE-2022-23804 @@ -3776,10 +3870,10 @@ CVE-2022-23775 RESERVED CVE-2022-23774 (Docker Desktop before 4.4.4 on Windows allows attackers to move arbitr ...) NOT-FOR-US: Docker Desktop -CVE-2022-23773 - RESERVED -CVE-2022-23772 - RESERVED +CVE-2022-23773 (cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret ...) + TODO: check +CVE-2022-23772 (Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17. ...) + TODO: check CVE-2022-23771 RESERVED CVE-2022-23770 @@ -4062,8 +4156,8 @@ CVE-2022-23632 RESERVED CVE-2022-23631 (superjson is a program to allow JavaScript expressions to be serialize ...) TODO: check -CVE-2022-23630 - RESERVED +CVE-2022-23630 (Gradle is a build tool with a focus on build automation and support fo ...) + TODO: check CVE-2022-23629 RESERVED CVE-2022-23628 (OPA is an open source, general-purpose policy engine. Under certain co ...) @@ -12717,10 +12811,10 @@ CVE-2021-44972 RESERVED CVE-2021-44971 (Multiple Tenda devices are affected by authentication bypass, such as ...) NOT-FOR-US: Tenda -CVE-2021-44970 - RESERVED -CVE-2021-44969 - RESERVED +CVE-2021-44970 (MiniCMS v1.11 was discovered to contain a cross-site scripting (XSS) v ...) + TODO: check +CVE-2021-44969 (Taocms v3.0.2 was discovered to contain a cross-site scripting (XSS) v ...) + TODO: check CVE-2021-44968 RESERVED CVE-2021-44967 @@ -24067,8 +24161,8 @@ CVE-2021-42002 (Zoho ManageEngine ADManager Plus before 7115 is vulnerable to a NOT-FOR-US: Zoho ManageEngine CVE-2021-42001 RESERVED -CVE-2021-42000 - RESERVED +CVE-2021-42000 (When a password reset or password change flow with an authentication p ...) + TODO: check CVE-2021-41999 RESERVED CVE-2021-41998 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/20f03539cbebee13afe67684042c9575efaee8c6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/20f03539cbebee13afe67684042c9575efaee8c6 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
