Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
eadd4a9c by security tracker role at 2022-06-23T08:10:25+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,49 @@
+CVE-2022-34343
+ RESERVED
+CVE-2022-34342
+ RESERVED
+CVE-2022-34341
+ RESERVED
+CVE-2022-34340
+ RESERVED
+CVE-2022-34339
+ RESERVED
+CVE-2022-34338
+ RESERVED
+CVE-2022-34337
+ RESERVED
+CVE-2022-34336
+ RESERVED
+CVE-2022-34335
+ RESERVED
+CVE-2022-34334
+ RESERVED
+CVE-2022-34333
+ RESERVED
+CVE-2022-34332
+ RESERVED
+CVE-2022-34331
+ RESERVED
+CVE-2022-34330
+ RESERVED
+CVE-2022-34329
+ RESERVED
+CVE-2022-34328 (PMB 7.3.10 allows reflected XSS via the id parameter in an
lvl=author_ ...)
+ TODO: check
+CVE-2022-32284
+ RESERVED
+CVE-2022-2185
+ RESERVED
+CVE-2022-2184
+ RESERVED
+CVE-2022-2183
+ RESERVED
+CVE-2022-2182
+ RESERVED
+CVE-2022-2181
+ RESERVED
+CVE-2021-46824
+ RESERVED
CVE-2022-34327
RESERVED
CVE-2022-34326
@@ -806,20 +852,20 @@ CVE-2022-33995 (A path traversal issue in entry
attachments in Devolutions Remot
NOT-FOR-US: Devolutions
CVE-2022-33994
RESERVED
-CVE-2017-20091
- RESERVED
-CVE-2017-20090
- RESERVED
-CVE-2017-20089
- RESERVED
-CVE-2017-20088
- RESERVED
-CVE-2017-20087
- RESERVED
-CVE-2017-20086
- RESERVED
-CVE-2017-20085
- RESERVED
+CVE-2017-20091 (A vulnerability was found in File Manager Plugin 3.0.1. It has
been cl ...)
+ TODO: check
+CVE-2017-20090 (A vulnerability was found in Global Content Blocks Plugin
2.1.5. It ha ...)
+ TODO: check
+CVE-2017-20089 (A vulnerability was found in Gwolle Guestbook Plugin 1.7.4. It
has bee ...)
+ TODO: check
+CVE-2017-20088 (A vulnerability classified as problematic has been found in
Atahualpa ...)
+ TODO: check
+CVE-2017-20087 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2017-20086 (A vulnerability, which was classified as critical, was found
in VaultP ...)
+ TODO: check
+CVE-2017-20085 (A vulnerability has been found in Atahualpa Theme and
classified as pr ...)
+ TODO: check
CVE-2017-20084 (A vulnerability has been found in JUNG Smart Visu Server
1.0.804/1.0.8 ...)
NOT-FOR-US: JUNG Smart Visu Server
CVE-2017-20083 (A vulnerability, which was classified as critical, was found
in JUNG S ...)
@@ -2846,14 +2892,14 @@ CVE-2022-33129
RESERVED
CVE-2022-33128
RESERVED
-CVE-2022-33127
- RESERVED
+CVE-2022-33127 (The function that calls the diff tool in Diffy 3.4.1 does not
properly ...)
+ TODO: check
CVE-2022-33126
RESERVED
CVE-2022-33125
RESERVED
-CVE-2022-33124
- RESERVED
+CVE-2022-33124 (aiohttp v3.8.1 was discovered to contain an invalid IPv6 URL
which can ...)
+ TODO: check
CVE-2022-33123
RESERVED
CVE-2022-33122
@@ -2910,18 +2956,18 @@ CVE-2022-33099
RESERVED
CVE-2022-33098
RESERVED
-CVE-2022-33097
- RESERVED
-CVE-2022-33096
- RESERVED
-CVE-2022-33095
- RESERVED
-CVE-2022-33094
- RESERVED
-CVE-2022-33093
- RESERVED
-CVE-2022-33092
- RESERVED
+CVE-2022-33097 (74cmsSE v3.5.1 was discovered to contain a SQL injection
vulnerability ...)
+ TODO: check
+CVE-2022-33096 (74cmsSE v3.5.1 was discovered to contain a SQL injection
vulnerability ...)
+ TODO: check
+CVE-2022-33095 (74cmsSE v3.5.1 was discovered to contain a SQL injection
vulnerability ...)
+ TODO: check
+CVE-2022-33094 (74cmsSE v3.5.1 was discovered to contain a SQL injection
vulnerability ...)
+ TODO: check
+CVE-2022-33093 (74cmsSE v3.5.1 was discovered to contain a SQL injection
vulnerability ...)
+ TODO: check
+CVE-2022-33092 (74cmsSE v3.5.1 was discovered to contain a SQL injection
vulnerability ...)
+ TODO: check
CVE-2022-33091
RESERVED
CVE-2022-33090
@@ -5429,22 +5475,22 @@ CVE-2022-32133
RESERVED
CVE-2022-32132
RESERVED
-CVE-2022-32131
- RESERVED
-CVE-2022-32130
- RESERVED
-CVE-2022-32129
- RESERVED
-CVE-2022-32128
- RESERVED
-CVE-2022-32127
- RESERVED
-CVE-2022-32126
- RESERVED
-CVE-2022-32125
- RESERVED
-CVE-2022-32124
- RESERVED
+CVE-2022-32131 (74cmsSE v3.5.1 was discovered to contain a reflective
cross-site scrip ...)
+ TODO: check
+CVE-2022-32130 (74cmsSE v3.5.1 was discovered to contain a reflective
cross-site scrip ...)
+ TODO: check
+CVE-2022-32129 (74cmsSE v3.5.1 was discovered to contain a reflective
cross-site scrip ...)
+ TODO: check
+CVE-2022-32128 (74cmsSE v3.5.1 was discovered to contain a reflective
cross-site scrip ...)
+ TODO: check
+CVE-2022-32127 (74cmsSE v3.5.1 was discovered to contain a reflective
cross-site scrip ...)
+ TODO: check
+CVE-2022-32126 (74cmsSE v3.5.1 was discovered to contain a reflective
cross-site scrip ...)
+ TODO: check
+CVE-2022-32125 (74cmsSE v3.5.1 was discovered to contain a reflective
cross-site scrip ...)
+ TODO: check
+CVE-2022-32124 (74cmsSE v3.5.1 was discovered to contain a reflective
cross-site scrip ...)
+ TODO: check
CVE-2022-32123
RESERVED
CVE-2022-32122
@@ -8389,8 +8435,8 @@ CVE-2022-31011 (TiDB is an open-source NewSQL database
that supports Hybrid Tran
NOT-FOR-US: TiDB
CVE-2022-31010
RESERVED
-CVE-2022-31009
- RESERVED
+CVE-2022-31009 (wire-ios is an iOS client for the Wire secure messaging
application. I ...)
+ TODO: check
CVE-2022-31008
RESERVED
CVE-2022-31007 (eLabFTW is an electronic lab notebook manager for research
teams. Prio ...)
@@ -11470,7 +11516,7 @@ CVE-2022-29968 (An issue was discovered in the Linux
kernel through 5.17.5. io_r
CVE-2022-1545 (It was possible to disclose details of confidential notes
created via ...)
- gitlab <unfixed>
CVE-2021-46790 (ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer
overflow i ...)
- {DSA-5160-1}
+ {DSA-5160-1 DLA-3055-1}
- ntfs-3g 1:2022.5.17-1 (bug #1011770)
NOTE: https://github.com/tuxera/ntfs-3g/issues/16
NOTE: https://www.openwall.com/lists/oss-security/2022/05/26/1
@@ -13504,11 +13550,11 @@ CVE-2022-29303 (SolarView Compact ver.6.00 was
discovered to contain a command i
CVE-2022-29302 (SolarView Compact ver.6.00 was discovered to contain a local
file disc ...)
NOT-FOR-US: SolarView Compact
CVE-2022-29301
- RESERVED
+ REJECTED
CVE-2022-29300
RESERVED
CVE-2022-29299
- RESERVED
+ REJECTED
CVE-2022-29298 (SolarView Compact ver.6.00 allows attackers to access
sensitive files ...)
NOT-FOR-US: SolarView Compact
CVE-2022-29297
@@ -53099,8 +53145,8 @@ CVE-2021-41434
RESERVED
CVE-2021-41433
RESERVED
-CVE-2021-41432
- RESERVED
+CVE-2021-41432 (A stored cross-site scripting (XSS) vulnerability exists in
FlatPress ...)
+ TODO: check
CVE-2021-41431
RESERVED
CVE-2021-41430
@@ -60222,6 +60268,7 @@ CVE-2021-3700 (A use-after-free vulnerability was found
in usbredir in versions
[buster] - usbredir <no-dsa> (Minor issue)
NOTE:
https://gitlab.freedesktop.org/spice/usbredir/-/commit/03c519ff5831ba75120e00ebebbf1d5a1f7220ab
(usbredir-0.11.0)
CVE-2021-38562 (Best Practical Request Tracker (RT) 4.2 before 4.2.17, 4.4
before 4.4. ...)
+ {DLA-3057-1}
- request-tracker5 <unfixed> (bug #995167)
- request-tracker4 4.4.4+dfsg-3 (bug #995175)
[bullseye] - request-tracker4 4.4.4+dfsg-2+deb11u1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eadd4a9c64c1f49297e6fd3afb4d932056f4b8de
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eadd4a9c64c1f49297e6fd3afb4d932056f4b8de
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
