Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
965f4a0d by security tracker role at 2022-07-14T08:10:14+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,255 @@
+CVE-2022-35863
+ RESERVED
+CVE-2022-35862
+ RESERVED
+CVE-2022-35861
+ RESERVED
+CVE-2022-35860
+ RESERVED
+CVE-2022-35859
+ RESERVED
+CVE-2022-35858
+ RESERVED
+CVE-2022-35857 (kvf-admin through 2022-02-12 allows remote attackers to
execute arbitr ...)
+ TODO: check
+CVE-2022-35856
+ RESERVED
+CVE-2022-35855
+ RESERVED
+CVE-2022-35854
+ RESERVED
+CVE-2022-35853
+ RESERVED
+CVE-2022-35852
+ RESERVED
+CVE-2022-35851
+ RESERVED
+CVE-2022-35850
+ RESERVED
+CVE-2022-35849
+ RESERVED
+CVE-2022-35848
+ RESERVED
+CVE-2022-35847
+ RESERVED
+CVE-2022-35846
+ RESERVED
+CVE-2022-35845
+ RESERVED
+CVE-2022-35844
+ RESERVED
+CVE-2022-35843
+ RESERVED
+CVE-2022-35842
+ RESERVED
+CVE-2022-35841
+ RESERVED
+CVE-2022-35840
+ RESERVED
+CVE-2022-35839
+ RESERVED
+CVE-2022-35838
+ RESERVED
+CVE-2022-35837
+ RESERVED
+CVE-2022-35836
+ RESERVED
+CVE-2022-35835
+ RESERVED
+CVE-2022-35834
+ RESERVED
+CVE-2022-35833
+ RESERVED
+CVE-2022-35832
+ RESERVED
+CVE-2022-35831
+ RESERVED
+CVE-2022-35830
+ RESERVED
+CVE-2022-35829
+ RESERVED
+CVE-2022-35828
+ RESERVED
+CVE-2022-35827
+ RESERVED
+CVE-2022-35826
+ RESERVED
+CVE-2022-35825
+ RESERVED
+CVE-2022-35824
+ RESERVED
+CVE-2022-35823
+ RESERVED
+CVE-2022-35822
+ RESERVED
+CVE-2022-35821
+ RESERVED
+CVE-2022-35820
+ RESERVED
+CVE-2022-35819
+ RESERVED
+CVE-2022-35818
+ RESERVED
+CVE-2022-35817
+ RESERVED
+CVE-2022-35816
+ RESERVED
+CVE-2022-35815
+ RESERVED
+CVE-2022-35814
+ RESERVED
+CVE-2022-35813
+ RESERVED
+CVE-2022-35812
+ RESERVED
+CVE-2022-35811
+ RESERVED
+CVE-2022-35810
+ RESERVED
+CVE-2022-35809
+ RESERVED
+CVE-2022-35808
+ RESERVED
+CVE-2022-35807
+ RESERVED
+CVE-2022-35806
+ RESERVED
+CVE-2022-35805
+ RESERVED
+CVE-2022-35804
+ RESERVED
+CVE-2022-35803
+ RESERVED
+CVE-2022-35802
+ RESERVED
+CVE-2022-35801
+ RESERVED
+CVE-2022-35800
+ RESERVED
+CVE-2022-35799
+ RESERVED
+CVE-2022-35798
+ RESERVED
+CVE-2022-35797
+ RESERVED
+CVE-2022-35796
+ RESERVED
+CVE-2022-35795
+ RESERVED
+CVE-2022-35794
+ RESERVED
+CVE-2022-35793
+ RESERVED
+CVE-2022-35792
+ RESERVED
+CVE-2022-35791
+ RESERVED
+CVE-2022-35790
+ RESERVED
+CVE-2022-35789
+ RESERVED
+CVE-2022-35788
+ RESERVED
+CVE-2022-35787
+ RESERVED
+CVE-2022-35786
+ RESERVED
+CVE-2022-35785
+ RESERVED
+CVE-2022-35784
+ RESERVED
+CVE-2022-35783
+ RESERVED
+CVE-2022-35782
+ RESERVED
+CVE-2022-35781
+ RESERVED
+CVE-2022-35780
+ RESERVED
+CVE-2022-35779
+ RESERVED
+CVE-2022-35778
+ RESERVED
+CVE-2022-35777
+ RESERVED
+CVE-2022-35776
+ RESERVED
+CVE-2022-35775
+ RESERVED
+CVE-2022-35774
+ RESERVED
+CVE-2022-35773
+ RESERVED
+CVE-2022-35772
+ RESERVED
+CVE-2022-35771
+ RESERVED
+CVE-2022-35770
+ RESERVED
+CVE-2022-35769
+ RESERVED
+CVE-2022-35768
+ RESERVED
+CVE-2022-35767
+ RESERVED
+CVE-2022-35766
+ RESERVED
+CVE-2022-35765
+ RESERVED
+CVE-2022-35764
+ RESERVED
+CVE-2022-35763
+ RESERVED
+CVE-2022-35762
+ RESERVED
+CVE-2022-35761
+ RESERVED
+CVE-2022-35760
+ RESERVED
+CVE-2022-35759
+ RESERVED
+CVE-2022-35758
+ RESERVED
+CVE-2022-35757
+ RESERVED
+CVE-2022-35756
+ RESERVED
+CVE-2022-35755
+ RESERVED
+CVE-2022-35754
+ RESERVED
+CVE-2022-35753
+ RESERVED
+CVE-2022-35752
+ RESERVED
+CVE-2022-35751
+ RESERVED
+CVE-2022-35750
+ RESERVED
+CVE-2022-35749
+ RESERVED
+CVE-2022-35748
+ RESERVED
+CVE-2022-35747
+ RESERVED
+CVE-2022-35746
+ RESERVED
+CVE-2022-35745
+ RESERVED
+CVE-2022-35744
+ RESERVED
+CVE-2022-35743
+ RESERVED
+CVE-2022-35742
+ RESERVED
+CVE-2022-2402
+ RESERVED
+CVE-2022-2401
+ RESERVED
+CVE-2022-2400
+ RESERVED
+CVE-2022-2399
+ RESERVED
CVE-2022-35741
RESERVED
CVE-2022-2398
@@ -268,8 +520,7 @@ CVE-2022-2382
RESERVED
CVE-2022-2381
RESERVED
-CVE-2022-2380 [video: fbdev: sm712fb: Fix crash in smtcfb_read()]
- RESERVED
+CVE-2022-2380 (The Linux kernel was found vulnerable out of bounds memory
access in t ...)
- linux 5.17.3-1
[bullseye] - linux 5.10.113-1
[buster] - linux 4.19.249-1
@@ -2389,32 +2640,32 @@ CVE-2022-2247
RESERVED
CVE-2022-2246
REJECTED
-CVE-2022-34765
- RESERVED
-CVE-2022-34764
- RESERVED
-CVE-2022-34763
- RESERVED
-CVE-2022-34762
- RESERVED
-CVE-2022-34761
- RESERVED
-CVE-2022-34760
- RESERVED
-CVE-2022-34759
- RESERVED
-CVE-2022-34758
- RESERVED
-CVE-2022-34757
- RESERVED
-CVE-2022-34756
- RESERVED
+CVE-2022-34765 (A CWE-73: External Control of File Name or Path vulnerability
exists t ...)
+ TODO: check
+CVE-2022-34764 (A CWE-119: Improper Restriction of Operations within the
Bounds of a M ...)
+ TODO: check
+CVE-2022-34763 (A CWE-345: Insufficient Verification of Data Authenticity
vulnerabilit ...)
+ TODO: check
+CVE-2022-34762 (A CWE-22: Improper Limitation of a Pathname to a Restricted
Directory ...)
+ TODO: check
+CVE-2022-34761 (A CWE-476: NULL Pointer Dereference vulnerability exists that
could ca ...)
+ TODO: check
+CVE-2022-34760 (A CWE-835: Loop with Unreachable Exit Condition ('Infinite
Loop') vuln ...)
+ TODO: check
+CVE-2022-34759 (A CWE-787: Out-of-bounds Write vulnerability exists that could
cause a ...)
+ TODO: check
+CVE-2022-34758 (A CWE-20: Improper Input Validation vulnerability exists that
could ca ...)
+ TODO: check
+CVE-2022-34757 (A CWE-327: Use of a Broken or Risky Cryptographic Algorithm
vulnerabil ...)
+ TODO: check
+CVE-2022-34756 (A CWE-120: Buffer Copy without Checking Size of Input
vulnerability ex ...)
+ TODO: check
CVE-2022-34755
RESERVED
-CVE-2022-34754
- RESERVED
-CVE-2022-34753
- RESERVED
+CVE-2022-34754 (A CWE-269: Improper Privilege Management vulnerability exists
that cou ...)
+ TODO: check
+CVE-2022-34753 (A CWE-78: Improper Neutralization of Special Elements used in
an OS Co ...)
+ TODO: check
CVE-2022-34752
RESERVED
CVE-2022-34751
@@ -2488,8 +2739,8 @@ CVE-2017-20131
RESERVED
CVE-2017-20130
RESERVED
-CVE-2017-20129
- RESERVED
+CVE-2017-20129 (A vulnerability was found in LogoStore. It has been classified
as crit ...)
+ TODO: check
CVE-2017-20128 (A vulnerability has been found in KB Messages PHP Script 1.0
and class ...)
NOT-FOR-US: KB Messages PHP Script
CVE-2017-20127 (A vulnerability was found in KB Login Authentication Script
1.1 and cl ...)
@@ -8516,8 +8767,8 @@ CVE-2022-32310 (An access control issue in Ingredient
Stock Management System v1
NOT-FOR-US: Ingredient Stock Management System
CVE-2022-32309
RESERVED
-CVE-2022-32308
- RESERVED
+CVE-2022-32308 (Cross Site Scripting (XSS) vulnerability in uBlock Origin
extension be ...)
+ TODO: check
CVE-2022-32307
RESERVED
CVE-2022-32306
@@ -9225,14 +9476,14 @@ CVE-2022-32119
RESERVED
CVE-2022-32118
RESERVED
-CVE-2022-32117
- RESERVED
+CVE-2022-32117 (Jerryscript v2.4.0 was discovered to contain a stack buffer
overflow v ...)
+ TODO: check
CVE-2022-32116
RESERVED
CVE-2022-32115 (An issue in the isSVG() function of Known v1.2.2+2020061101
allows att ...)
TODO: check
-CVE-2022-32114
- RESERVED
+CVE-2022-32114 (An unrestricted file upload vulnerability in the Add New
Assets functi ...)
+ TODO: check
CVE-2022-32113
RESERVED
CVE-2022-32112
@@ -11906,8 +12157,8 @@ CVE-2022-31147
RESERVED
CVE-2022-31146
RESERVED
-CVE-2022-31145
- RESERVED
+CVE-2022-31145 (FlyteAdmin is the control plane for Flyte responsible for
managing ent ...)
+ TODO: check
CVE-2022-31144
RESERVED
CVE-2022-31143
@@ -37091,8 +37342,8 @@ CVE-2021-4204 [eBPF Improper Input Validation
Vulnerability]
NOTE: https://www.openwall.com/lists/oss-security/2022/01/11/4
CVE-2022-22983
RESERVED
-CVE-2022-22982
- RESERVED
+CVE-2022-22982 (The vCenter Server contains a server-side request forgery
(SSRF) vulne ...)
+ TODO: check
CVE-2022-22981
RESERVED
CVE-2022-22980 (A Spring Data MongoDB application is vulnerable to SpEL
Injection when ...)
@@ -53915,68 +54166,52 @@ CVE-2022-20240
RESERVED
CVE-2022-20239
RESERVED
-CVE-2022-20238
- RESERVED
+CVE-2022-20238 ('remap_pfn_range' here may map out of size kernel memory (for
example, ...)
NOT-FOR-US: Unisoc
CVE-2022-20237
RESERVED
-CVE-2022-20236
- RESERVED
+CVE-2022-20236 (A drm driver have oob problem, could cause the system crash or
EOPProd ...)
NOT-FOR-US: Unisoc
CVE-2022-20235
RESERVED
-CVE-2022-20234
- RESERVED
+CVE-2022-20234 (In Car Settings app, the
NotificationAccessConfirmationActivity is exp ...)
+ TODO: check
CVE-2022-20233 (In param_find_digests_internal and related functions of the
Titan-M so ...)
NOT-FOR-US: Google Pixel
CVE-2022-20232
RESERVED
CVE-2022-20231
RESERVED
-CVE-2022-20230
- RESERVED
+CVE-2022-20230 (In choosePrivateKeyAlias of KeyChain.java, there is a possible
access ...)
NOT-FOR-US: Android
-CVE-2022-20229
- RESERVED
+CVE-2022-20229 (In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc,
there i ...)
NOT-FOR-US: Android
-CVE-2022-20228
- RESERVED
+CVE-2022-20228 (In various functions of C2DmaBufAllocator.cpp, there is a
possible mem ...)
NOT-FOR-US: Android
-CVE-2022-20227
- RESERVED
+CVE-2022-20227 (In USB driver, there is a possible out of bounds read due to a
heap bu ...)
NOTE: https://source.android.com/security/bulletin/2022-07-01
NOTE: Possibly a duplicate of CVE-2021-39685 and CVE-2022-25375,
contacted Android Security Team
-CVE-2022-20226
- RESERVED
+CVE-2022-20226 (In finishDrawingWindow of WindowManagerService.java, there is
a possib ...)
NOT-FOR-US: Android
-CVE-2022-20225
- RESERVED
+CVE-2022-20225 (In getSubscriptionProperty of SubscriptionController.java,
there is a ...)
NOT-FOR-US: Android
-CVE-2022-20224
- RESERVED
+CVE-2022-20224 (In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible
out of bou ...)
NOT-FOR-US: Android
-CVE-2022-20223
- RESERVED
+CVE-2022-20223 (In assertSafeToStartCustomActivity of
AppRestrictionsFragment.java, th ...)
NOT-FOR-US: Android
-CVE-2022-20222
- RESERVED
+CVE-2022-20222 (In read_attr_value of gatt_db.cc, there is a possible out of
bounds wr ...)
NOT-FOR-US: Android
-CVE-2022-20221
- RESERVED
+CVE-2022-20221 (In avrc_ctrl_pars_vendor_cmd of avrc_pars_ct.cc, there is a
possible o ...)
NOT-FOR-US: Android
-CVE-2022-20220
- RESERVED
+CVE-2022-20220 (In openFile of CallLogProvider.java, there is a possible
permission by ...)
NOT-FOR-US: Android
-CVE-2022-20219
- RESERVED
+CVE-2022-20219 (In multiple functions of StorageManagerService.java and
UserManagerSer ...)
NOT-FOR-US: Android
-CVE-2022-20218
- RESERVED
-CVE-2022-20217
- RESERVED
+CVE-2022-20218 (In PermissionController, there is a possible way to get and
retain per ...)
+ TODO: check
+CVE-2022-20217 (There is a unauthorized broadcast in the SprdContactsProvider.
A third ...)
NOT-FOR-US: Unisoc
-CVE-2022-20216
- RESERVED
+CVE-2022-20216 (android exported is used to set third-party app access
permissions, an ...)
NOT-FOR-US: Unisoc
CVE-2022-20215
RESERVED
@@ -53984,8 +54219,8 @@ CVE-2022-20214
RESERVED
CVE-2022-20213
RESERVED
-CVE-2022-20212
- RESERVED
+CVE-2022-20212 (In wifi.RequestToggleWifiActivity of AndroidManifest.xml,
there is a p ...)
+ TODO: check
CVE-2022-20211
RESERVED
CVE-2022-20210 (The UE and the EMM communicate with each other using NAS
messages. Whe ...)
@@ -137257,8 +137492,8 @@ CVE-2020-21969
RESERVED
CVE-2020-21968
RESERVED
-CVE-2020-21967
- RESERVED
+CVE-2020-21967 (File upload vulnerability in the Catalog feature in Prestashop
1.7.6.7 ...)
+ TODO: check
CVE-2020-21966
RESERVED
CVE-2020-21965
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/965f4a0d1214fcc6cfbf63a0d32892b66376d1e6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/965f4a0d1214fcc6cfbf63a0d32892b66376d1e6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
