Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a3f3b49f by security tracker role at 2022-06-18T08:10:10+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,143 @@
+CVE-2022-33959
+ RESERVED
+CVE-2022-33958
+ RESERVED
+CVE-2022-33957
+ RESERVED
+CVE-2022-33956
+ RESERVED
+CVE-2022-33955
+ RESERVED
+CVE-2022-33954
+ RESERVED
+CVE-2022-33953
+ RESERVED
+CVE-2022-33952
+ RESERVED
+CVE-2022-33951
+ RESERVED
+CVE-2022-33950
+ RESERVED
+CVE-2022-33945
+ RESERVED
+CVE-2022-33942
+ RESERVED
+CVE-2022-33902
+ RESERVED
+CVE-2022-33899
+ RESERVED
+CVE-2022-33895
+ RESERVED
+CVE-2022-33894
+ RESERVED
+CVE-2022-33892
+ RESERVED
+CVE-2022-33209
+ RESERVED
+CVE-2022-33200
+ RESERVED
+CVE-2022-33188
+ RESERVED
+CVE-2022-33176
+ RESERVED
+CVE-2022-33143
+ RESERVED
+CVE-2022-33141
+ RESERVED
+CVE-2022-32762
+ RESERVED
+CVE-2022-32584
+ RESERVED
+CVE-2022-32580
+ RESERVED
+CVE-2022-32578
+ RESERVED
+CVE-2022-32571
+ RESERVED
+CVE-2022-32288
+ RESERVED
+CVE-2022-32233
+ RESERVED
+CVE-2022-32231
+ RESERVED
+CVE-2022-31477
+ RESERVED
+CVE-2022-30704
+ RESERVED
+CVE-2022-30691
+ RESERVED
+CVE-2022-30606
+ RESERVED
+CVE-2022-30537
+ RESERVED
+CVE-2022-30297
+ RESERVED
+CVE-2022-29924
+ RESERVED
+CVE-2022-29921
+ RESERVED
+CVE-2022-26084
+ RESERVED
+CVE-2022-2123
+ RESERVED
+CVE-2022-2122
+ RESERVED
+CVE-2022-2121
+ RESERVED
+CVE-2022-2120
+ RESERVED
+CVE-2022-2119
+ RESERVED
+CVE-2022-2118
+ RESERVED
+CVE-2014-125025
+ RESERVED
+CVE-2014-125024
+ RESERVED
+CVE-2014-125023
+ RESERVED
+CVE-2014-125022
+ RESERVED
+CVE-2014-125021
+ RESERVED
+CVE-2014-125020
+ RESERVED
+CVE-2014-125019
+ RESERVED
+CVE-2014-125018
+ RESERVED
+CVE-2014-125017 (A vulnerability classified as critical was found in FFmpeg
2.0. This v ...)
+ TODO: check
+CVE-2014-125016 (A vulnerability was found in FFmpeg 2.0. It has been rated as
problema ...)
+ TODO: check
+CVE-2014-125015 (A vulnerability classified as critical has been found in
FFmpeg 2.0. A ...)
+ TODO: check
+CVE-2014-125014 (A vulnerability classified as problematic was found in FFmpeg
2.0. Aff ...)
+ TODO: check
+CVE-2014-125013 (A vulnerability was found in FFmpeg 2.0 and classified as
problematic. ...)
+ TODO: check
+CVE-2014-125012 (A vulnerability was found in FFmpeg 2.0. It has been
classified as pro ...)
+ TODO: check
+CVE-2014-125011 (A vulnerability was found in FFmpeg 2.0. It has been declared
as probl ...)
+ TODO: check
+CVE-2014-125010 (A vulnerability was found in FFmpeg 2.0. It has been rated as
critical ...)
+ TODO: check
+CVE-2014-125009 (A vulnerability classified as problematic has been found in
FFmpeg 2.0 ...)
+ TODO: check
+CVE-2014-125008 (A vulnerability classified as problematic has been found in
FFmpeg 2.0 ...)
+ TODO: check
+CVE-2014-125007 (A vulnerability classified as problematic was found in FFmpeg
2.0. Aff ...)
+ TODO: check
+CVE-2014-125006 (A vulnerability, which was classified as problematic, has
been found i ...)
+ TODO: check
+CVE-2014-125005 (A vulnerability, which was classified as problematic, was
found in FFm ...)
+ TODO: check
+CVE-2014-125004 (A vulnerability has been found in FFmpeg 2.0 and classified
as problem ...)
+ TODO: check
+CVE-2014-125003 (A vulnerability was found in FFmpeg 2.0 and classified as
problematic. ...)
+ TODO: check
+CVE-2014-125002 (A vulnerability was found in FFmpeg 2.0. It has been
classified as pro ...)
+ TODO: check
CVE-2022-33937
RESERVED
CVE-2022-33936
@@ -4648,8 +4788,8 @@ CVE-2022-31943
RESERVED
CVE-2022-31942
RESERVED
-CVE-2022-31941
- RESERVED
+CVE-2022-31941 (Rescue Dispatch Management System v1.0 is vulnerable to SQL
Injection ...)
+ TODO: check
CVE-2022-31940
RESERVED
CVE-2022-31939
@@ -4778,14 +4918,14 @@ CVE-2022-31878
RESERVED
CVE-2022-31877
RESERVED
-CVE-2022-31876
- RESERVED
-CVE-2022-31875
- RESERVED
-CVE-2022-31874
- RESERVED
-CVE-2022-31873
- RESERVED
+CVE-2022-31876 (netgear wnap320 router WNAP320_V2.0.3_firmware is vulnerable
to Incorr ...)
+ TODO: check
+CVE-2022-31875 (Trendnet IP-110wn camera fw_tv-ip110wn_v2(1.2.2.68) has an xss
vulnera ...)
+ TODO: check
+CVE-2022-31874 (ASUS RT-N53 3.0.0.4.376.3754 has a command injection
vulnerability in ...)
+ TODO: check
+CVE-2022-31873 (Trendnet IP-110wn camera fw_tv-ip110wn_v2(1.2.2.68) has an XSS
vulnera ...)
+ TODO: check
CVE-2022-31872
RESERVED
CVE-2022-31871
@@ -7051,8 +7191,8 @@ CVE-2022-31085
RESERVED
CVE-2022-31084
RESERVED
-CVE-2022-31083
- RESERVED
+CVE-2022-31083 (Parse Server is an open source backend that can be deployed to
any inf ...)
+ TODO: check
CVE-2022-31082
RESERVED
CVE-2022-31081
@@ -7288,8 +7428,8 @@ CVE-2022-30978
RESERVED
CVE-2022-30977
RESERVED
-CVE-2022-29496
- RESERVED
+CVE-2022-29496 (A stack-based buffer overflow vulnerability exists in the
BlynkConsole ...)
+ TODO: check
CVE-2022-1796 (Use After Free in GitHub repository vim/vim prior to 8.2.4979.
...)
- vim <unfixed> (unimportant)
NOTE: https://huntr.dev/bounties/f6739b58-49f9-4056-a843-bf76bbc1253e
@@ -21959,10 +22099,10 @@ CVE-2022-25874
RESERVED
CVE-2022-25873
RESERVED
-CVE-2022-25872
- RESERVED
-CVE-2022-25871
- RESERVED
+CVE-2022-25872 (All versions of package fast-string-search are vulnerable to
Out-of-bo ...)
+ TODO: check
+CVE-2022-25871 (All versions of package querymen are vulnerable to Prototype
Pollution ...)
+ TODO: check
CVE-2022-25869
RESERVED
CVE-2022-25867
@@ -21985,16 +22125,16 @@ CVE-2022-25858
RESERVED
CVE-2022-25857
RESERVED
-CVE-2022-25856
- RESERVED
+CVE-2022-25856 (The package github.com/argoproj/argo-events/sensors/artifacts
before 1 ...)
+ TODO: check
CVE-2022-25855
RESERVED
CVE-2022-25854 (This affects the package @yaireo/tagify before 4.9.8. The
package is u ...)
NOT-FOR-US: Tagify
CVE-2022-25853
RESERVED
-CVE-2022-25852
- RESERVED
+CVE-2022-25852 (All versions of package pg-native; all versions of package
libpq are v ...)
+ TODO: check
CVE-2022-25851 (The package jpeg-js before 0.4.4 are vulnerable to Denial of
Service ( ...)
TODO: check
CVE-2022-25850 (The package github.com/hoppscotch/proxyscotch before 1.0.0 are
vulnera ...)
@@ -22073,8 +22213,8 @@ CVE-2022-25349 (All versions of package materialize-css
are vulnerable to Cross-
TODO: check if affected, CVE reported against the upstream fork
CVE-2022-25346
RESERVED
-CVE-2022-25345
- RESERVED
+CVE-2022-25345 (All versions of package @discordjs/opus are vulnerable to
Denial of Se ...)
+ TODO: check
CVE-2022-25324 (All versions of package bignum are vulnerable to Denial of
Service (Do ...)
NOT-FOR-US: justmoon/node-bignum
CVE-2022-25304
@@ -22161,8 +22301,8 @@ CVE-2022-22984
RESERVED
CVE-2022-22143 (The package convict before 6.2.2 are vulnerable to Prototype
Pollution ...)
NOT-FOR-US: Node convict
-CVE-2022-22138
- RESERVED
+CVE-2022-22138 (All versions of package fast-string-search are vulnerable to
Denial of ...)
+ TODO: check
CVE-2022-21811
RESERVED
CVE-2022-21810
@@ -22195,8 +22335,8 @@ CVE-2022-21222
RESERVED
CVE-2022-21221 (The package github.com/valyala/fasthttp before 1.34.0 are
vulnerable t ...)
NOT-FOR-US: github.com/valyala/fasthttp
-CVE-2022-21213
- RESERVED
+CVE-2022-21213 (This affects all versions of package mout. The deepFillIn
function can ...)
+ TODO: check
CVE-2022-21211 (This affects all versions of package posix. When invoking the
toString ...)
TODO: check
CVE-2022-21208
@@ -28294,8 +28434,8 @@ CVE-2022-23943 (Out-of-bounds Write vulnerability in
mod_sed of Apache HTTP Serv
NOTE: Fixed by: https://svn.apache.org/r1898772
CVE-2022-23942 (Apache Doris, prior to 1.0.0, used a hardcoded key and IV to
initializ ...)
NOT-FOR-US: Apache Doris (different from src:doris)
-CVE-2022-21184
- RESERVED
+CVE-2022-21184 (An information disclosure vulnerability exists in the License
registra ...)
+ TODO: check
CVE-2022-0368 (Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
...)
{DLA-2947-1}
- vim 2:8.2.4659-1
@@ -33050,8 +33190,8 @@ CVE-2022-22710 (Windows Common Log File System Driver
Denial of Service Vulnerab
NOT-FOR-US: Microsoft
CVE-2022-22709 (VP9 Video Extensions Remote Code Execution Vulnerability. ...)
NOT-FOR-US: Microsoft
-CVE-2022-21806
- RESERVED
+CVE-2022-21806 (A use-after-free vulnerability exists in the mips_collector
appsrv_ser ...)
+ TODO: check
CVE-2022-0139 (Use After Free in GitHub repository radareorg/radare2 prior to
5.6.0. ...)
- radare2 <unfixed>
NOTE: https://huntr.dev/bounties/3dcb6f40-45cd-403b-929f-db123fde32c0/
@@ -42846,8 +42986,8 @@ CVE-2022-21505
RESERVED
CVE-2022-21504 (The code in UEK6 U3 was missing an appropiate file descriptor
count to ...)
TODO: check
-CVE-2022-21503
- RESERVED
+CVE-2022-21503 (Vulnerability in the Oracle Cloud Infrastructure product of
Oracle Clo ...)
+ TODO: check
CVE-2022-21502
RESERVED
CVE-2022-21501
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3f3b49ff19dd122772726e9e097b4fa677a89b5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3f3b49ff19dd122772726e9e097b4fa677a89b5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
