Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
06f88580 by security tracker role at 2022-06-17T08:10:14+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,93 @@
+CVE-2022-33916
+ RESERVED
+CVE-2022-33915 (Versions of the Amazon AWS Apache Log4j hotpatch package
before log4j- ...)
+ TODO: check
+CVE-2022-33914
+ RESERVED
+CVE-2022-33913
+ RESERVED
+CVE-2022-33912 (A permission issue affects users that deployed the shipped
version of ...)
+ TODO: check
+CVE-2022-33911
+ RESERVED
+CVE-2022-33910
+ RESERVED
+CVE-2022-33909
+ RESERVED
+CVE-2022-33908
+ RESERVED
+CVE-2022-33907
+ RESERVED
+CVE-2022-33906
+ RESERVED
+CVE-2022-33905
+ RESERVED
+CVE-2022-33904
+ RESERVED
+CVE-2022-33903
+ RESERVED
+CVE-2022-33891
+ RESERVED
+CVE-2022-33890
+ RESERVED
+CVE-2022-33889
+ RESERVED
+CVE-2022-33888
+ RESERVED
+CVE-2022-33887
+ RESERVED
+CVE-2022-33886
+ RESERVED
+CVE-2022-33885
+ RESERVED
+CVE-2022-33884
+ RESERVED
+CVE-2022-33883
+ RESERVED
+CVE-2022-33882
+ RESERVED
+CVE-2022-33881
+ RESERVED
+CVE-2022-33311
+ RESERVED
+CVE-2022-33151
+ RESERVED
+CVE-2022-32583
+ RESERVED
+CVE-2022-32544
+ RESERVED
+CVE-2022-32453
+ RESERVED
+CVE-2022-32283
+ RESERVED
+CVE-2022-30693
+ RESERVED
+CVE-2022-30604
+ RESERVED
+CVE-2022-29891
+ RESERVED
+CVE-2022-29487
+ RESERVED
+CVE-2022-28715
+ RESERVED
+CVE-2022-25986
+ RESERVED
+CVE-2022-2108
+ RESERVED
+CVE-2022-2107
+ RESERVED
+CVE-2022-2106
+ RESERVED
+CVE-2022-2105
+ RESERVED
+CVE-2022-2104
+ RESERVED
+CVE-2022-2103
+ RESERVED
+CVE-2022-2102
+ RESERVED
+CVE-2022-2101
+ RESERVED
CVE-2022-33880
RESERVED
CVE-2022-33879
@@ -276,20 +366,20 @@ CVE-2022-33758
RESERVED
CVE-2022-33757
RESERVED
-CVE-2022-33756
- RESERVED
-CVE-2022-33755
- RESERVED
-CVE-2022-33754
- RESERVED
-CVE-2022-33753
- RESERVED
-CVE-2022-33752
- RESERVED
-CVE-2022-33751
- RESERVED
-CVE-2022-33750
- RESERVED
+CVE-2022-33756 (CA Automic Automation 12.2 and 12.3 contain an entropy
weakness vulner ...)
+ TODO: check
+CVE-2022-33755 (CA Automic Automation 12.2 and 12.3 contain an insecure input
handling ...)
+ TODO: check
+CVE-2022-33754 (CA Automic Automation 12.2 and 12.3 contain an insufficient
input vali ...)
+ TODO: check
+CVE-2022-33753 (CA Automic Automation 12.2 and 12.3 contain an insecure file
creation ...)
+ TODO: check
+CVE-2022-33752 (CA Automic Automation 12.2 and 12.3 contain an insufficient
input vali ...)
+ TODO: check
+CVE-2022-33751 (CA Automic Automation 12.2 and 12.3 contain an insecure memory
handlin ...)
+ TODO: check
+CVE-2022-33750 (CA Automic Automation 12.2 and 12.3 contain an authentication
error vu ...)
+ TODO: check
CVE-2022-33749
RESERVED
CVE-2022-33748
@@ -310,8 +400,8 @@ CVE-2022-33741
RESERVED
CVE-2022-33740
RESERVED
-CVE-2022-33739
- RESERVED
+CVE-2022-33739 (CA Clarity 15.8 and below and 15.9.0 contain an insecure XML
parsing v ...)
+ TODO: check
CVE-2022-33738
RESERVED
CVE-2022-33737
@@ -1892,8 +1982,8 @@ CVE-2022-2060 (Cross-site Scripting (XSS) - Stored in
GitHub repository dolibarr
- dolibarr <removed>
CVE-2022-2059
RESERVED
-CVE-2021-46820
- RESERVED
+CVE-2021-46820 (Arbitrary File Deletion vulnerability in XOS-Shop
xos_shop_system 1.0. ...)
+ TODO: check
CVE-2020-36546
RESERVED
CVE-2020-36545
@@ -3586,16 +3676,16 @@ CVE-2019-25066 (A vulnerability has been found in
ajenti 2.1.31 and classified a
- ajenti <itp> (bug #792019)
CVE-2019-25065 (A vulnerability was found in OpenNetAdmin 18.1.1. It has been
rated as ...)
NOT-FOR-US: OpenNetAdmin
-CVE-2018-25044
- RESERVED
-CVE-2018-25043
- RESERVED
-CVE-2018-25042
- RESERVED
-CVE-2018-25041
- RESERVED
-CVE-2018-25040
- RESERVED
+CVE-2018-25044 (A vulnerability, which was classified as critical, has been
found in u ...)
+ TODO: check
+CVE-2018-25043 (A vulnerability classified as critical was found in uTorrent.
This vul ...)
+ TODO: check
+CVE-2018-25042 (A vulnerability classified as critical has been found in
uTorrent. Thi ...)
+ TODO: check
+CVE-2018-25041 (A vulnerability was found in uTorrent. It has been rated as
critical. ...)
+ TODO: check
+CVE-2018-25040 (A vulnerability was found in uTorrent Web. It has been
declared as cri ...)
+ TODO: check
CVE-2018-25039 (A vulnerability was found in Thomson TCW710 ST5D.10.05. It has
been de ...)
NOT-FOR-US: Thomson TCW710
CVE-2018-25038 (A vulnerability was found in Thomson TCW710 ST5D.10.05. It has
been cl ...)
@@ -6011,8 +6101,8 @@ CVE-2022-31466 (Time of Check - Time of Use (TOCTOU)
vulnerability in Quick Heal
NOT-FOR-US: Quick Heal Total Security
CVE-2022-31465 (A vulnerability has been identified in Xpedition Designer (All
version ...)
NOT-FOR-US: Siemens
-CVE-2022-31464
- RESERVED
+CVE-2022-31464 (Insecure permissions configuration in Adaware Protect
v1.2.439.4251 al ...)
+ TODO: check
CVE-2022-31463 (Owl Labs Meeting Owl 5.2.0.15 does not require a password for
Bluetoot ...)
NOT-FOR-US: Owl Labs Meeting Owl
CVE-2022-31462 (Owl Labs Meeting Owl 5.2.0.15 allows attackers to control the
device v ...)
@@ -6341,16 +6431,16 @@ CVE-2022-31301 (Haraj v3.7 was discovered to contain a
stored cross-site scripti
TODO: check
CVE-2022-31300 (A cross-site scripting vulnerability in the DM Section
component of Ha ...)
TODO: check
-CVE-2022-31299
- RESERVED
+CVE-2022-31299 (Haraj v3.7 was discovered to contain a reflected cross-site
scripting ...)
+ TODO: check
CVE-2022-31298 (A cross-site scripting vulnerability in the ads comment
section of Har ...)
TODO: check
CVE-2022-31297
RESERVED
CVE-2022-31296
RESERVED
-CVE-2022-31295
- RESERVED
+CVE-2022-31295 (An issue in the delete_post() function of Online Discussion
Forum Site ...)
+ TODO: check
CVE-2022-31294 (An issue in the save_users() function of Online Discussion
Forum Site ...)
NOT-FOR-US: Online Discussion Forum Site
CVE-2022-31293
@@ -9125,16 +9215,16 @@ CVE-2022-30331
RESERVED
CVE-2022-30330 (In the KeepKey firmware before 7.3.2, the bootloader can be
exploited ...)
NOT-FOR-US: KeepKey firmware
-CVE-2022-30329
- RESERVED
-CVE-2022-30328
- RESERVED
-CVE-2022-30327
- RESERVED
-CVE-2022-30326
- RESERVED
-CVE-2022-30325
- RESERVED
+CVE-2022-30329 (An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356
devices. A ...)
+ TODO: check
+CVE-2022-30328 (An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356
devices. T ...)
+ TODO: check
+CVE-2022-30327 (An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356
devices. T ...)
+ TODO: check
+CVE-2022-30326 (An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356
devices. T ...)
+ TODO: check
+CVE-2022-30325 (An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356
devices. T ...)
+ TODO: check
CVE-2022-30324 (HashiCorp Nomad and Nomad Enterprise version 0.2.0 up to 1.3.0
were im ...)
TODO: check
CVE-2022-30323 (HashiCorp go-getter through 2.0.2 does not safely perform
downloads (i ...)
@@ -17335,10 +17425,10 @@ CVE-2022-27514
RESERVED
CVE-2022-27513
RESERVED
-CVE-2022-27512
- RESERVED
-CVE-2022-27511
- RESERVED
+CVE-2022-27512 (Temporary disruption of the ADM license service. The impact of
this in ...)
+ TODO: check
+CVE-2022-27511 (Corruption of the system by a remote, unauthenticated user.
The impact ...)
+ TODO: check
CVE-2022-27510
RESERVED
CVE-2022-27509
@@ -21139,8 +21229,8 @@ CVE-2022-26175
RESERVED
CVE-2022-26174 (A remote code execution (RCE) vulnerability in Beekeeper
Studio v3.2.0 ...)
NOT-FOR-US: Beekeeper Studio
-CVE-2022-26173
- RESERVED
+CVE-2022-26173 (JForum v2.8.0 was discovered to contain a Cross-Site Request
Forgery ( ...)
+ TODO: check
CVE-2022-26172
RESERVED
CVE-2022-26171 (Bank Management System v1.o was discovered to contain a SQL
injection ...)
@@ -25941,8 +26031,8 @@ CVE-2022-24564 (Checkmk <=2.0.0p19 contains a Cross
Site Scripting (XSS) vuln
- check-mk <removed>
CVE-2022-24563 (In Genixcms v1.1.11, a stored Cross-Site Scripting (XSS)
vulnerability ...)
NOT-FOR-US: Genixcms
-CVE-2022-24562
- RESERVED
+CVE-2022-24562 (In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker
can send G ...)
+ TODO: check
CVE-2022-24561
RESERVED
CVE-2022-24560
@@ -61028,8 +61118,8 @@ CVE-2021-37766
RESERVED
CVE-2021-37765
RESERVED
-CVE-2021-37764
- RESERVED
+CVE-2021-37764 (Arbitrary File Deletion vulnerability in XOS-Shop
xos_shop_system 1.0. ...)
+ TODO: check
CVE-2021-37763
RESERVED
CVE-2021-37762 (Zoho ManageEngine ADManager Plus version 7110 and prior allows
unrestr ...)
@@ -63826,10 +63916,10 @@ CVE-2021-36611
RESERVED
CVE-2021-36610
RESERVED
-CVE-2021-36609
- RESERVED
-CVE-2021-36608
- RESERVED
+CVE-2021-36609 (Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1
via the Na ...)
+ TODO: check
+CVE-2021-36608 (Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1
via the Na ...)
+ TODO: check
CVE-2021-36607
RESERVED
CVE-2021-36606
@@ -71765,8 +71855,8 @@ CVE-2021-33297
RESERVED
CVE-2021-33296
RESERVED
-CVE-2021-33295
- RESERVED
+CVE-2021-33295 (Cross Site Scripting (XSS) vulnerability in Joplin Desktop App
before ...)
+ TODO: check
CVE-2021-33294
RESERVED
CVE-2021-33293 (Panorama Tools libpano13 v2.9.20 was discovered to contain an
out-of-b ...)
@@ -104181,8 +104271,8 @@ CVE-2020-35599
RESERVED
CVE-2020-35598 (ACS Advanced Comment System 1.0 is affected by Directory
Traversal via ...)
NOT-FOR-US: ACS Advanced Comment System
-CVE-2020-35597
- RESERVED
+CVE-2020-35597 (Victor CMS 1.0 is vulnerable to SQL injection via c_id
parameter of ad ...)
+ TODO: check
CVE-2020-35596
RESERVED
CVE-2020-35595
@@ -111915,8 +112005,8 @@ CVE-2020-28867
RESERVED
CVE-2020-28866
RESERVED
-CVE-2020-28865
- RESERVED
+CVE-2020-28865 (An issue was discovered in PowerJob through 3.2.2, allows
attackers to ...)
+ TODO: check
CVE-2020-28864 (Buffer overflow in WinSCP 5.17.8 allows a malicious FTP server
to caus ...)
NOT-FOR-US: WinSCP
CVE-2020-28863
@@ -123942,8 +124032,8 @@ CVE-2020-25461 (Invalid Memory Access in the
fxProxyGetter function in moddable/
NOT-FOR-US: Moddable SDK
CVE-2020-25460
RESERVED
-CVE-2020-25459
- RESERVED
+CVE-2020-25459 (An issue was discovered in function sync_tree in
hetero_decision_tree_ ...)
+ TODO: check
CVE-2020-25458
RESERVED
CVE-2020-25457
@@ -246736,8 +246826,8 @@ CVE-2018-18909 (xhEditor 1.2.2 allows XSS via
JavaScript code in the SRC attribu
NOT-FOR-US: xhEditor
CVE-2018-18908 (The Sky Go Desktop application 1.0.19-1 through 1.0.23-1 for
Windows p ...)
NOT-FOR-US: Sky Go Desktop
-CVE-2018-18907
- RESERVED
+CVE-2018-18907 (An issue was discovered on D-Link DIR-850L 1.21WW devices. A
partially ...)
+ TODO: check
CVE-2018-18906
RESERVED
CVE-2018-18905
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06f88580d3906bef428fce3e12a93b70822f3cf1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06f88580d3906bef428fce3e12a93b70822f3cf1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
