Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3671b60c by security tracker role at 2022-03-29T08:10:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,67 @@
+CVE-2022-28132
+ RESERVED
+CVE-2022-28131
+ RESERVED
+CVE-2022-28130
+ RESERVED
+CVE-2022-28129
+ RESERVED
+CVE-2022-1148
+ RESERVED
+CVE-2022-1147
+ RESERVED
+CVE-2022-1146
+ RESERVED
+CVE-2022-1145
+ RESERVED
+CVE-2022-1144
+ RESERVED
+CVE-2022-1143
+ RESERVED
+CVE-2022-1142
+ RESERVED
+CVE-2022-1141
+ RESERVED
+CVE-2022-1140
+ RESERVED
+CVE-2022-1139
+ RESERVED
+CVE-2022-1138
+ RESERVED
+CVE-2022-1137
+ RESERVED
+CVE-2022-1136
+ RESERVED
+CVE-2022-1135
+ RESERVED
+CVE-2022-1134
+ RESERVED
+CVE-2022-1133
+ RESERVED
+CVE-2022-1132
+ RESERVED
+CVE-2022-1131
+ RESERVED
+CVE-2022-1130
+ RESERVED
+CVE-2022-1129
+ RESERVED
+CVE-2022-1128
+ RESERVED
+CVE-2022-1127
+ RESERVED
+CVE-2022-1126
+ RESERVED
+CVE-2022-1125
+ RESERVED
+CVE-2022-1124
+ RESERVED
+CVE-2022-1123
+ RESERVED
+CVE-2021-46743 (In Firebase PHP-JWT before 6.0.0, an algorithm-confusion issue
(e.g., ...)
+ TODO: check
+CVE-2020-36521
+ RESERVED
CVE-2022-28128
RESERVED
CVE-2022-27496
@@ -392,7 +456,7 @@ CVE-2022-27950 (In drivers/hid/hid-elo.c in the Linux
kernel before 5.16.11, a m
NOTE: https://www.openwall.com/lists/oss-security/2022/03/13/1
CVE-2022-27949
RESERVED
-CVE-2022-27948 (Certain Tesla vehicles through 2022-03-26 allow attackers to
open the ...)
+CVE-2022-27948 (** DISPUTED ** Certain Tesla vehicles through 2022-03-26 allow
attacke ...)
NOT-FOR-US: Tesla
CVE-2022-1110
RESERVED
@@ -630,38 +694,38 @@ CVE-2022-1089
RESERVED
CVE-2022-1088
RESERVED
-CVE-2022-1087
- RESERVED
-CVE-2022-1086
- RESERVED
-CVE-2022-1085
- RESERVED
-CVE-2022-1084
- RESERVED
-CVE-2022-1083
- RESERVED
-CVE-2022-1082
- RESERVED
-CVE-2022-1081
- RESERVED
-CVE-2022-1080
- RESERVED
-CVE-2022-1079
- RESERVED
-CVE-2022-1078
- RESERVED
-CVE-2022-1077
- RESERVED
-CVE-2022-1076
- RESERVED
-CVE-2022-1075
- RESERVED
-CVE-2022-1074
- RESERVED
-CVE-2022-1073
- RESERVED
+CVE-2022-1087 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2022-1086 (A vulnerability was found in DolphinPHP up to 1.5.0 and
classified as ...)
+ TODO: check
+CVE-2022-1085 (A vulnerability was found in CLTPHP up to 6.0. It has been
declared as ...)
+ TODO: check
+CVE-2022-1084 (A vulnerability classified as critical was found in
SourceCodester One ...)
+ TODO: check
+CVE-2022-1083 (A vulnerability classified as critical has been found in
Microfinance ...)
+ TODO: check
+CVE-2022-1082 (A vulnerability was found in SourceCodester Microfinance
Management Sy ...)
+ TODO: check
+CVE-2022-1081 (A vulnerability was found in SourceCodester Microfinance
Management Sy ...)
+ TODO: check
+CVE-2022-1080 (A vulnerability was found in SourceCodester One Church
Management Syst ...)
+ TODO: check
+CVE-2022-1079 (A vulnerability classified as problematic has been found in
SourceCode ...)
+ TODO: check
+CVE-2022-1078 (A vulnerability was found in SourceCodester College Website
Management ...)
+ TODO: check
+CVE-2022-1077 (A vulnerability was found in TEM FLEX-1080 and FLEX-1085 1.6.0.
It has ...)
+ TODO: check
+CVE-2022-1076 (A vulnerability was found in Automatic Question Paper Generator
System ...)
+ TODO: check
+CVE-2022-1075 (A vulnerability was found in College Website Management System
1.0 and ...)
+ TODO: check
+CVE-2022-1074 (A vulnerability has been found in TEM FLEX-1085 1.6.0 and
classified a ...)
+ TODO: check
+CVE-2022-1073 (A vulnerability was found in Automatic Question Paper Generator
1.0. I ...)
+ TODO: check
CVE-2022-1072
- RESERVED
+ REJECTED
CVE-2022-27494
RESERVED
CVE-2022-26423
@@ -3763,14 +3827,14 @@ CVE-2022-26644
RESERVED
CVE-2022-26643
RESERVED
-CVE-2022-26642
- RESERVED
-CVE-2022-26641
- RESERVED
-CVE-2022-26640
- RESERVED
-CVE-2022-26639
- RESERVED
+CVE-2022-26642 (TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer
overflo ...)
+ TODO: check
+CVE-2022-26641 (TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer
overflo ...)
+ TODO: check
+CVE-2022-26640 (TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer
overflo ...)
+ TODO: check
+CVE-2022-26639 (TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer
overflo ...)
+ TODO: check
CVE-2022-26638
RESERVED
CVE-2022-26637
@@ -4691,8 +4755,8 @@ CVE-2022-26298
RESERVED
CVE-2022-26297
RESERVED
-CVE-2022-26296
- RESERVED
+CVE-2022-26296 (BOOM: The Berkeley Out-of-Order RISC-V Processor commit
d77c2c3 was di ...)
+ TODO: check
CVE-2022-26295 (A stored cross-site scripting (XSS) vulnerability in
/ptms/?page=user ...)
NOT-FOR-US: Online Project Time Management System
CVE-2022-26294
@@ -4701,8 +4765,8 @@ CVE-2022-26293 (Online Project Time Management System
v1.0 was discovered to con
NOT-FOR-US: Online Project Time Management System
CVE-2022-26292
RESERVED
-CVE-2022-26291
- RESERVED
+CVE-2022-26291 (lrzip v0.641 was discovered to contain a multiple concurrency
use-afte ...)
+ TODO: check
CVE-2022-26290 (Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a
command inje ...)
NOT-FOR-US: Tenda
CVE-2022-26289 (Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a
command inje ...)
@@ -4723,12 +4787,12 @@ CVE-2022-26282
RESERVED
CVE-2022-26281
RESERVED
-CVE-2022-26280
- RESERVED
+CVE-2022-26280 (Libarchive v3.6.0 was discovered to contain an out-of-bounds
read via ...)
+ TODO: check
CVE-2022-26279 (EyouCMS v1.5.5 was discovered to have no access control in the
compone ...)
NOT-FOR-US: EyouCMS
-CVE-2022-26278
- RESERVED
+CVE-2022-26278 (Tenda AC9 v15.03.2.21_cn was discovered to contain a stack
overflow vi ...)
+ TODO: check
CVE-2022-26277
RESERVED
CVE-2022-26276 (An issue in index.php of OneNav v0.9.14 allows attackers to
perform di ...)
@@ -4745,8 +4809,8 @@ CVE-2022-26271 (74cmsSE v3.4.1 was discovered to contain
an arbitrary file read
NOT-FOR-US: 74cmsSE
CVE-2022-26270
RESERVED
-CVE-2022-26269
- RESERVED
+CVE-2022-26269 (Suzuki Connect v1.0.15 allows attackers to tamper with
displayed messa ...)
+ TODO: check
CVE-2022-26268 (Xiaohuanxiong v1.0 was discovered to contain a SQL injection
vulnerabi ...)
NOT-FOR-US: Xiaohuanxiong
CVE-2022-26267 (Piwigo v12.2.0 was discovered to contain an information leak
via the a ...)
@@ -6697,8 +6761,8 @@ CVE-2022-25523 (TypesetterCMS v5.1 was discovered to
contain a Cross-Site Reques
NOT-FOR-US: TypesetterCMS
CVE-2022-25522
RESERVED
-CVE-2022-25521
- RESERVED
+CVE-2022-25521 (UNNO v03.11.00 was discovered to contain access control issue.
...)
+ TODO: check
CVE-2022-25520
RESERVED
CVE-2022-25519
@@ -6913,8 +6977,8 @@ CVE-2022-25422
RESERVED
CVE-2022-25421
RESERVED
-CVE-2022-25420
- RESERVED
+CVE-2022-25420 (NTT Resonant Incorporated goo blog App Web Application 1.0 is
vulnerab ...)
+ TODO: check
CVE-2022-25419
RESERVED
CVE-2022-25418 (Tenda AC9 V15.03.2.21_cn was discovered to contain a stack
overflow vi ...)
@@ -8414,10 +8478,10 @@ CVE-2022-24958 (drivers/usb/gadget/legacy/inode.c in
the Linux kernel through 5.
[buster] - linux 4.19.235-1
NOTE: Fixed by:
https://git.kernel.org/linus/89f3594d0de58e8a57d92d497dea9fee3d4b9cda (5.17-rc1)
NOTE: Fixed by:
https://git.kernel.org/linus/501e38a5531efbd77d5c73c0ba838a889bfc1d74 (5.17-rc1)
-CVE-2022-24957
- RESERVED
-CVE-2022-24956
- RESERVED
+CVE-2022-24957 (DHC Vision eQMS through 5.4.8.322 has Persistent XSS due to
insufficie ...)
+ TODO: check
+CVE-2022-24956 (An issue was discovered in Shopware B2B-Suite through 4.4.1.
The sort- ...)
+ TODO: check
CVE-2022-24955 (Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before
11.2.1 have ...)
NOT-FOR-US: Foxit
CVE-2022-24954 (Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before
11.2.1 have ...)
@@ -8759,8 +8823,8 @@ CVE-2022-24791
RESERVED
CVE-2022-24790
RESERVED
-CVE-2022-24789
- RESERVED
+CVE-2022-24789 (C1 CMS is an open-source, .NET based Content Management System
(CMS). ...)
+ TODO: check
CVE-2022-24788
RESERVED
CVE-2022-24787
@@ -10974,32 +11038,32 @@ CVE-2022-0397 (The WPC Smart Wishlist for WooCommerce
WordPress plugin before 2.
NOT-FOR-US: WordPress plugin
CVE-2018-25030 (A vulnerability classified as problematic has been found in
Mirmay Sec ...)
NOT-FOR-US: Mirmay Secure Private Browser and File Manager
-CVE-2017-20016
- RESERVED
-CVE-2017-20015
- RESERVED
-CVE-2017-20014
- RESERVED
-CVE-2017-20013
- RESERVED
-CVE-2017-20012
- RESERVED
-CVE-2017-20011
- RESERVED
+CVE-2017-20016 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found
in WEKA ...)
+ TODO: check
+CVE-2017-20015 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was
classified ...)
+ TODO: check
+CVE-2017-20014 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was
classified ...)
+ TODO: check
+CVE-2017-20013 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as
problema ...)
+ TODO: check
+CVE-2017-20012 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as
problema ...)
+ TODO: check
+CVE-2017-20011 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in
WEKA INTE ...)
+ TODO: check
CVE-2015-10002 (A vulnerability classified as problematic has been found in
Kiddoware ...)
NOT-FOR-US: Kiddoware Kids Place
-CVE-2010-10001
- RESERVED
-CVE-2008-10001
- RESERVED
-CVE-2005-10001
- RESERVED
-CVE-2003-5003
- RESERVED
-CVE-2003-5002
- RESERVED
-CVE-2003-5001
- RESERVED
+CVE-2010-10001 (A vulnerability, which was classified as problematic, was
found in She ...)
+ TODO: check
+CVE-2008-10001 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was
classified ...)
+ TODO: check
+CVE-2005-10001 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in
Netegrity ...)
+ TODO: check
+CVE-2003-5003 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in
ISS Black ...)
+ TODO: check
+CVE-2003-5002 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in
ISS Black ...)
+ TODO: check
+CVE-2003-5001 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in
ISS Black ...)
+ TODO: check
CVE-2022-24111 (In Mahara 21.04 before 21.04.3 and 21.10 before 21.10.1,
portfolios cr ...)
- mahara <removed>
CVE-2022-24110 (Kiteworks MFT 7.5 may allow an unauthorized user to reset
other users' ...)
@@ -11763,8 +11827,8 @@ CVE-2022-23939
RESERVED
CVE-2022-23938
RESERVED
-CVE-2022-23937
- RESERVED
+CVE-2022-23937 (In Wind River VxWorks 6.9 and 7, a specific crafted packet may
lead to ...)
+ TODO: check
CVE-2022-23936
RESERVED
CVE-2022-23935 (lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a
$file =~ / ...)
@@ -12454,8 +12518,8 @@ CVE-2022-0333 (A flaw was found in Moodle in versions
3.11 to 3.11.4, 3.10 to 3.
- moodle <removed>
CVE-2022-0332 (A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL
injectio ...)
- moodle <removed>
-CVE-2022-0331
- RESERVED
+CVE-2022-0331 (An information disclosure vulnerability in Webadmin allows an
unauthen ...)
+ TODO: check
CVE-2022-0330 (A random memory access flaw was found in the Linux kernel's GPU
i915 k ...)
{DSA-5096-1 DSA-5092-1 DLA-2941-1 DLA-2940-1}
- linux 5.15.15-2
@@ -18514,10 +18578,10 @@ CVE-2021-45868 (In the Linux kernel before 5.15.3,
fs/quota/quota_tree.c does no
NOTE: https://www.openwall.com/lists/oss-security/2022/03/17/1
CVE-2021-45867
RESERVED
-CVE-2021-45866
- RESERVED
-CVE-2021-45865
- RESERVED
+CVE-2021-45866 (A Stored Cross Site Scripting (XSS) vulnerability exists in
Sourcecode ...)
+ TODO: check
+CVE-2021-45865 (A File Upload vulnerability exists in Sourcecodester Student
Attendanc ...)
+ TODO: check
CVE-2021-45864 (tsMuxer git-c6a0277 was discovered to contain a segmentation
fault via ...)
NOT-FOR-US: tsMuxer
CVE-2021-45863 (tsMuxer git-2678966 was discovered to contain a heap-based
buffer over ...)
@@ -22936,8 +23000,8 @@ CVE-2021-44583
RESERVED
CVE-2021-44582
RESERVED
-CVE-2021-44581
- RESERVED
+CVE-2021-44581 (An SQL Injection vulnerabilty exists in Kreado Kreasfero 1.5
via the i ...)
+ TODO: check
CVE-2021-44580
RESERVED
CVE-2021-44579
@@ -29327,24 +29391,24 @@ CVE-2021-43107
RESERVED
CVE-2021-43106 (A Header Injection vulnerability exists in Compass Plus
TranzWare Onli ...)
NOT-FOR-US: Compass Plus TranzWare
-CVE-2021-43105
- RESERVED
+CVE-2021-43105 (A vulnerability in the bailiwick checking function in
Technitium DNS S ...)
+ TODO: check
CVE-2021-43104
RESERVED
-CVE-2021-43103
- RESERVED
-CVE-2021-43102
- RESERVED
-CVE-2021-43101
- RESERVED
-CVE-2021-43100
- RESERVED
-CVE-2021-43099
- RESERVED
-CVE-2021-43098
- RESERVED
-CVE-2021-43097
- RESERVED
+CVE-2021-43103 (A File Upload vulnerability exists in bbs 5.3 is via
ForumManageAction ...)
+ TODO: check
+CVE-2021-43102 (A File Upload vulnerability exists in bbs 5.3 is via
HelpManageAction. ...)
+ TODO: check
+CVE-2021-43101 (A File Upload vulnerability exists in bbs 5.3 is via
MembershipCardMan ...)
+ TODO: check
+CVE-2021-43100 (A File Upload vulnerability exists in bbs 5.3 is via
TopicManageAction ...)
+ TODO: check
+CVE-2021-43099 (An Archive Extraction (AKA "Zip Slip) vulnerability exists in
bbs 5.3 ...)
+ TODO: check
+CVE-2021-43098 (A File Upload vulnerability exists in bbs v5.3 via
QuestionManageActio ...)
+ TODO: check
+CVE-2021-43097 (A Server-side Template Injection (SSTI) vulnerability exists
in bbs 5. ...)
+ TODO: check
CVE-2021-43096
RESERVED
CVE-2021-43095
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3671b60c868d55683dfc95ad5ae4ed4e134466ab
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3671b60c868d55683dfc95ad5ae4ed4e134466ab
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
