Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: f2fa0826 by Salvatore Bonaccorso at 2022-07-11T22:17:49+02:00 Process some more NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -37,7 +37,7 @@ CVE-2022-2370 CVE-2022-2369 RESERVED CVE-2022-2368 (Business Logic Errors in GitHub repository microweber/microweber prior ...) - TODO: check + NOT-FOR-US: microweber CVE-2022-2367 RESERVED CVE-2022-35626 @@ -1606,7 +1606,7 @@ CVE-2022-2304 (Stack-based Buffer Overflow in GitHub repository vim/vim prior to CVE-2022-2303 RESERVED CVE-2022-2302 (Multiple Lenze products of the cabinet series skip the password verifi ...) - TODO: check + NOT-FOR-US: Lenze CVE-2022-2301 (Buffer Over-read in GitHub repository hpjansson/chafa prior to 1.10.3. ...) - chafa 1.10.3-1 (unimportant) NOTE: https://huntr.dev/bounties/f6b9114b-671d-4948-b946-ffe5c9aeb816/ @@ -2150,23 +2150,23 @@ CVE-2022-34747 CVE-2022-34746 RESERVED CVE-2022-34743 (The AT commands of the USB port have an out-of-bounds read vulnerabili ...) - TODO: check + NOT-FOR-US: Huawei CVE-2022-34742 (The system module has a read/write vulnerability. Successful exploitat ...) - TODO: check + NOT-FOR-US: Huawei CVE-2022-34741 (The NFC module has a buffer overflow vulnerability. Successful exploit ...) - TODO: check + NOT-FOR-US: Huawei CVE-2022-34740 (The NFC module has a buffer overflow vulnerability. Successful exploit ...) - TODO: check + NOT-FOR-US: Huawei CVE-2022-34739 (The fingerprint module has a vulnerability of overflow in arithmetic a ...) - TODO: check + NOT-FOR-US: Huawei CVE-2022-34738 (The SystemUI module has a vulnerability in permission control. If this ...) - TODO: check + NOT-FOR-US: Huawei CVE-2022-34737 (The application security module has a vulnerability in permission assi ...) - TODO: check + NOT-FOR-US: Huawei CVE-2022-34736 (The frame scheduling module has a null pointer dereference vulnerabili ...) - TODO: check + NOT-FOR-US: Huawei CVE-2022-34735 (The frame scheduling module has a null pointer dereference vulnerabili ...) - TODO: check + NOT-FOR-US: Huawei CVE-2022-2245 RESERVED CVE-2022-2244 (An improper authorization vulnerability in GitLab EE/CE affecting all ...) @@ -4564,7 +4564,7 @@ CVE-2022-33913 (In Mahara 21.04 before 21.04.6, 21.10 before 21.10.4, and 22.04. CVE-2022-33912 (A permission issue affects users that deployed the shipped version of ...) NOT-FOR-US: Check MK as packaged by upstream CVE-2022-33911 (An issue was discovered in Couchbase Server 7.x before 7.0.4. Field na ...) - TODO: check + NOT-FOR-US: Couchbase Server CVE-2022-33910 (An XSS vulnerability in MantisBT before 2.25.5 allows remote attackers ...) - mantis <removed> CVE-2022-33909 @@ -5046,63 +5046,63 @@ CVE-2022-33715 CVE-2022-33714 RESERVED CVE-2022-33713 (Implicit Intent hijacking vulnerability in Samsung Cloud prior to vers ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33712 (Intent redirection vulnerability using implict intent in Camera prior ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33711 (Improper validation of integrity check vulnerability in Samsung USB Dr ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33710 (Improper input validation vulnerability in BillingPackageInsraller in ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33709 (Improper input validation vulnerability in ApexPackageInstaller in Gal ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33708 (Improper input validation vulnerability in AppsPackageInstaller in Gal ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33707 (Improper identifier creation logic in Find My Mobile prior to version ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33706 (Improper access control vulnerability in Samsung Gallery prior to vers ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33705 (Information exposure in Calendar prior to version 12.3.05.10000 allows ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33704 (Improper validation vulnerability in ucmRetParcelable of KnoxSDK prior ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33703 (Improper validation vulnerability in CACertificateInfo prior to SMR Ju ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33702 (Improper authorization vulnerability in Knoxguard prior to SMR Jul-202 ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33701 (Improper access control vulnerability in KnoxCustomManagerService prio ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33700 (Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prio ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33699 (Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prio ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33698 (Exposure of Sensitive Information in Telecom application prior to SMR ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33697 (Sensitive information exposure vulnerability in ImsServiceSwitchBase i ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33696 (Exposure of Sensitive Information in Telephony service prior to SMR Ju ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33695 (Use of improper permission in InputManagerService prior to SMR Jul-202 ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33694 (Exposure of Sensitive Information in CSC application prior to SMR Jul- ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33693 (Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33692 (Exposure of Sensitive Information in Messaging application prior to SM ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33691 (A possible race condition vulnerability in score driver prior to SMR J ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33690 (Improper input validation in Contacts Storage prior to SMR Jul-2022 Re ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33689 (Improper access control vulnerability in TelephonyUI prior to SMR Jul- ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33688 (Sensitive information exposure vulnerability in EventType in SecTeleph ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33687 (Exposure of Sensitive Information in telephony-common.jar prior to SMR ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33686 (Exposure of Sensitive Information in GsmAlarmManager prior to SMR Jul- ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33685 (Unprotected dynamic receiver in Wearable Manager Service prior to SMR ...) - TODO: check + NOT-FOR-US: Samsung CVE-2022-33684 RESERVED CVE-2022-33683 @@ -6162,7 +6162,7 @@ CVE-2022-33175 (Power Distribution Units running on Powertek firmware (multiple CVE-2022-33174 (Power Distribution Units running on Powertek firmware (multiple brands ...) NOT-FOR-US: Powertek CVE-2022-33173 (An algorithm-downgrade issue was discovered in Couchbase Server before ...) - TODO: check + NOT-FOR-US: Couchbase Server CVE-2022-33172 RESERVED CVE-2022-33171 (** DISPUTED ** The findOne function in TypeORM before 0.3.0 can either ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f2fa082645fad35c61bb28e0df6441e9a719981f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f2fa082645fad35c61bb28e0df6441e9a719981f You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits