Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0e79cd58 by security tracker role at 2022-06-30T08:10:16+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,41 @@
+CVE-2022-34835 (In Das U-Boot through 2022.07-rc5, an integer signedness error
and res ...)
+ TODO: check
+CVE-2022-34834
+ RESERVED
+CVE-2022-34833
+ RESERVED
+CVE-2022-34832
+ RESERVED
+CVE-2022-34831
+ RESERVED
+CVE-2022-34830
+ RESERVED
+CVE-2022-34829
+ RESERVED
+CVE-2022-34828
+ RESERVED
+CVE-2022-34827
+ RESERVED
+CVE-2022-34826
+ RESERVED
+CVE-2022-34825
+ RESERVED
+CVE-2022-34824
+ RESERVED
+CVE-2022-34823
+ RESERVED
+CVE-2022-34822
+ RESERVED
+CVE-2022-2259
+ RESERVED
+CVE-2022-2258
+ RESERVED
+CVE-2022-2257
+ RESERVED
+CVE-2022-2256
+ RESERVED
+CVE-2022-2255
+ RESERVED
CVE-2022-34821
RESERVED
CVE-2022-34820
@@ -267,14 +305,14 @@ CVE-2022-2226
RESERVED
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-26/#CVE-2022-2226
-CVE-2017-20125
- RESERVED
-CVE-2017-20124
- RESERVED
-CVE-2017-20123
- RESERVED
-CVE-2017-20122
- RESERVED
+CVE-2017-20125 (A vulnerability classified as critical was found in Online
Hotel Booki ...)
+ TODO: check
+CVE-2017-20124 (A vulnerability classified as critical has been found in
Online Hotel ...)
+ TODO: check
+CVE-2017-20123 (A vulnerability was found in Viscosity 1.6.7. It has been
classified a ...)
+ TODO: check
+CVE-2017-20122 (A vulnerability classified as problematic was found in Bitrix
Site Man ...)
+ TODO: check
CVE-2022-34734
RESERVED
CVE-2022-34733
@@ -456,8 +494,8 @@ CVE-2020-36551
RESERVED
CVE-2020-36550
RESERVED
-CVE-2017-20121
- RESERVED
+CVE-2017-20121 (A vulnerability was found in Teradici Management Console
2.2.0. It has ...)
+ TODO: check
CVE-2017-20120 (A vulnerability classified as problematic was found in
TrueConf Server ...)
TODO: check
CVE-2017-20119 (A vulnerability classified as problematic has been found in
TrueConf S ...)
@@ -4117,8 +4155,8 @@ CVE-2022-2075
RESERVED
CVE-2022-2074
RESERVED
-CVE-2022-2073
- RESERVED
+CVE-2022-2073 (Code Injection in GitHub repository getgrav/grav prior to
1.7.34. ...)
+ TODO: check
CVE-2021-46821
RESERVED
CVE-2022-33187
@@ -11590,8 +11628,8 @@ CVE-2022-30469 (In Afian Filerun 20220202, lack of
sanitization of the POST para
NOT-FOR-US: Afian Filerun
CVE-2022-30468
RESERVED
-CVE-2022-30467
- RESERVED
+CVE-2022-30467 (Joy ebike Wolf Manufacturing year 2022 is vulnerable to Denial
of serv ...)
+ TODO: check
CVE-2022-30466 (joyebike Joy ebike Wolf Manufacturing year 2022 is vulnerable
to Authe ...)
NOT-FOR-US: joyebike Joy ebike Wolf Manufacturing
CVE-2022-30465
@@ -24252,8 +24290,8 @@ CVE-2022-26137
RESERVED
CVE-2022-26136
RESERVED
-CVE-2022-26135
- RESERVED
+CVE-2022-26135 (A vulnerability in Mobile Plugin for Jira Data Center and
Server allow ...)
+ TODO: check
CVE-2022-26134 (In affected versions of Confluence Server and Data Center, an
OGNL inj ...)
NOT-FOR-US: Atlassian Confluence Server and Data Center
CVE-2022-26133 (SharedSecretClusterAuthenticator in Atlassian Bitbucket Data
Center ve ...)
@@ -56678,8 +56716,8 @@ CVE-2021-40599
RESERVED
CVE-2021-40598
RESERVED
-CVE-2021-40597
- RESERVED
+CVE-2021-40597 (The firmware of EDIMAX IC-3140W Version 3.11 is hardcoded with
Adminis ...)
+ TODO: check
CVE-2021-40596 (SQL injection vulnerability in Login.php in sourcecodester
Online Lear ...)
NOT-FOR-US: Sourcecodester
CVE-2021-40595 (SQL injection vulnerability in Sourcecodester Online Leave
Management ...)
@@ -66383,6 +66421,7 @@ CVE-2020-36421 (An issue was discovered in Arm Mbed TLS
before 2.23.0. Because o
CVE-2021-36774 (Apache Kylin allows users to read data from other database
systems usi ...)
NOT-FOR-US: Apache Kylin (different from Kylin desktop environment)
CVE-2021-36773 (uBlock Origin before 1.36.2 and nMatrix before 4.4.9 support
an arbitr ...)
+ {DLA-3062-1}
- ublock-origin 1.37.0+dfsg-1 (bug #991386)
[bullseye] - ublock-origin 1.37.0+dfsg-1~deb11u1
[buster] - ublock-origin 1.37.0+dfsg-1~deb10u1
@@ -443340,7 +443379,7 @@ CVE-2013-4127 (Use-after-free vulnerability in the
vhost_net_set_backend functio
[wheezy] - linux <not-affected> (Introduced in 3.8)
- linux-2.6 <not-affected> (Introduced in 3.8)
CVE-2013-4126
- RESERVED
+ REJECTED
CVE-2013-4125 (The fib6_add_rt2node function in net/ipv6/ip6_fib.c in the IPv6
stack ...)
- linux 3.10.5-1
[wheezy] - linux <not-affected> (Introduced in 3.7)
@@ -447970,7 +448009,7 @@ CVE-2013-2254 (The deepGetOrCreateNode function in
impl/operations/AbstractCreat
CVE-2013-2253
RESERVED
CVE-2013-2252
- RESERVED
+ REJECTED
CVE-2013-2251 (Apache Struts 2.0.0 through 2.3.15 allows remote attackers to
execute ...)
- libstruts1.2-java <not-affected> (Only affect 2.x)
CVE-2013-2250 (Apache Open For Business Project (aka OFBiz) 10.04.01 through
10.04.05 ...)
@@ -448022,7 +448061,7 @@ CVE-2013-2236 (Stack-based buffer overflow in the
new_msg_lsa_change_notify func
- quagga 0.99.22.4-1 (bug #726724)
NOTE: http://lists.quagga.net/pipermail/quagga-dev/2013-July/010621.html
CVE-2013-2235
- RESERVED
+ REJECTED
CVE-2013-2234 (The (1) key_notify_sa_flush and (2) key_notify_policy_flush
functions ...)
{DSA-2766-1 DSA-2745-1}
- linux-2.6 <removed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e79cd5872901913834c2aa18ead82688daa64cb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e79cd5872901913834c2aa18ead82688daa64cb
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
