Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1feabe05 by security tracker role at 2022-07-19T08:10:14+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,57 @@
+CVE-2022-35735
+ RESERVED
+CVE-2022-35728
+ RESERVED
+CVE-2022-35272
+ RESERVED
+CVE-2022-35245
+ RESERVED
+CVE-2022-35243
+ RESERVED
+CVE-2022-35241
+ RESERVED
+CVE-2022-35240
+ RESERVED
+CVE-2022-35236
+ RESERVED
+CVE-2022-34865
+ RESERVED
+CVE-2022-34862
+ RESERVED
+CVE-2022-34851
+ RESERVED
+CVE-2022-34844
+ RESERVED
+CVE-2022-34655
+ RESERVED
+CVE-2022-34651
+ RESERVED
+CVE-2022-33968
+ RESERVED
+CVE-2022-33962
+ RESERVED
+CVE-2022-33947
+ RESERVED
+CVE-2022-33203
+ RESERVED
+CVE-2022-32455
+ RESERVED
+CVE-2022-31473
+ RESERVED
+CVE-2022-30535
+ RESERVED
+CVE-2022-2466
+ RESERVED
+CVE-2022-2465
+ RESERVED
+CVE-2022-2464
+ RESERVED
+CVE-2022-2463
+ RESERVED
+CVE-2022-2462
+ RESERVED
+CVE-2022-2461
+ RESERVED
CVE-2022-36277
RESERVED
CVE-2022-36276
@@ -3310,12 +3364,12 @@ CVE-2022-34903 (GnuPG through 2.3.6, in unusual
situations where an attacker pos
NOTE: https://dev.gnupg.org/T6027
NOTE: https://www.openwall.com/lists/oss-security/2022/06/30/1
NOTE:
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=34c649b3601383cd11dbc76221747ec16fd68e1b
-CVE-2022-34875
- RESERVED
-CVE-2022-34874
- RESERVED
-CVE-2022-34873
- RESERVED
+CVE-2022-34875 (This vulnerability allows remote attackers to disclose
sensitive infor ...)
+ TODO: check
+CVE-2022-34874 (This vulnerability allows remote attackers to disclose
sensitive infor ...)
+ TODO: check
+CVE-2022-34873 (This vulnerability allows remote attackers to disclose
sensitive infor ...)
+ TODO: check
CVE-2022-34872
RESERVED
CVE-2022-34871
@@ -3999,30 +4053,30 @@ CVE-2022-34645
RESERVED
CVE-2022-34644
RESERVED
-CVE-2022-34643
- RESERVED
-CVE-2022-34642
- RESERVED
-CVE-2022-34641
- RESERVED
-CVE-2022-34640
- RESERVED
-CVE-2022-34639
- RESERVED
+CVE-2022-34643 (RISCV ISA Sim commit ac466a21df442c59962589ba296c702631e041b5
implemen ...)
+ TODO: check
+CVE-2022-34642 (The component mcontrol.action in RISCV ISA Sim commit
ac466a21df442c59 ...)
+ TODO: check
+CVE-2022-34641 (CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a and
RISCV-Boom co ...)
+ TODO: check
+CVE-2022-34640 (The *tval of ecall/ebreak in CVA6 commit
d315ddd0f1be27c1b3f27eb0b8daf ...)
+ TODO: check
+CVE-2022-34639 (CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a treats
non-standa ...)
+ TODO: check
CVE-2022-34638
RESERVED
-CVE-2022-34637
- RESERVED
-CVE-2022-34636
- RESERVED
-CVE-2022-34635
- RESERVED
-CVE-2022-34634
- RESERVED
-CVE-2022-34633
- RESERVED
-CVE-2022-34632
- RESERVED
+CVE-2022-34637 (CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a
implements an inc ...)
+ TODO: check
+CVE-2022-34636 (CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a and
RISCV-Boom co ...)
+ TODO: check
+CVE-2022-34635 (The mstatus.sd field in CVA6 commit
d315ddd0f1be27c1b3f27eb0b8daf471a9 ...)
+ TODO: check
+CVE-2022-34634 (CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a executes
crafted ...)
+ TODO: check
+CVE-2022-34633 (CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a executes
crafted ...)
+ TODO: check
+CVE-2022-34632 (Rocket-Chip commit 4f8114374d8824dfdec03f576a8cd68bebce4e56
was discov ...)
+ TODO: check
CVE-2022-34631
RESERVED
CVE-2022-34630
@@ -5575,24 +5629,24 @@ CVE-2022-34037
RESERVED
CVE-2022-34036
RESERVED
-CVE-2022-34035
- RESERVED
+CVE-2022-34035 (HTMLDoc v1.9.12 and below was discovered to contain a heap
overflow vi ...)
+ TODO: check
CVE-2022-34034
RESERVED
-CVE-2022-34033
- RESERVED
-CVE-2022-34032
- RESERVED
-CVE-2022-34031
- RESERVED
-CVE-2022-34030
- RESERVED
-CVE-2022-34029
- RESERVED
-CVE-2022-34028
- RESERVED
-CVE-2022-34027
- RESERVED
+CVE-2022-34033 (HTMLDoc v1.9.15 was discovered to contain a heap overflow via
(write_h ...)
+ TODO: check
+CVE-2022-34032 (Nginx NJS v0.7.5 was discovered to contain a segmentation
violation in ...)
+ TODO: check
+CVE-2022-34031 (Nginx NJS v0.7.5 was discovered to contain a segmentation
violation vi ...)
+ TODO: check
+CVE-2022-34030 (Nginx NJS v0.7.5 was discovered to contain a segmentation
violation vi ...)
+ TODO: check
+CVE-2022-34029 (Nginx NJS v0.7.4 was discovered to contain an out-of-bounds
read via n ...)
+ TODO: check
+CVE-2022-34028 (Nginx NJS v0.7.5 was discovered to contain a segmentation
violation vi ...)
+ TODO: check
+CVE-2022-34027 (Nginx NJS v0.7.4 was discovered to contain a segmentation
violation vi ...)
+ TODO: check
CVE-2022-34026
RESERVED
CVE-2022-34025
@@ -9112,8 +9166,8 @@ CVE-2022-2032
RESERVED
CVE-2022-2031
RESERVED
-CVE-2022-2030
- RESERVED
+CVE-2022-2030 (A directory traversal vulnerability caused by specific
character seque ...)
+ TODO: check
CVE-2022-2029 (Cross-site Scripting (XSS) - DOM in GitHub repository
kromitgmbh/titra ...)
NOT-FOR-US: kromitgmbh/titra
CVE-2022-2028 (Cross-site Scripting (XSS) - Generic in GitHub repository
kromitgmbh/t ...)
@@ -12181,8 +12235,8 @@ CVE-2022-31571 (The
akashtalole/python-flask-restful-api repository through 2019
TODO: check
CVE-2022-31570 (The adriankoczuruek/ceneo-web-scrapper repository through
2021-03-15 o ...)
TODO: check
-CVE-2022-31569 (The RipudamanKaushikDal/projects repository through 2022-04-03
on GitH ...)
- TODO: check
+CVE-2022-31569
+ REJECTED
CVE-2022-31568 (The Rexians/rex-web repository through 2022-06-05 on GitHub
allows abs ...)
TODO: check
CVE-2022-31567 (The DSABenchmark/DSAB repository through 2.1 on GitHub allows
absolute ...)
@@ -15107,8 +15161,8 @@ CVE-2022-1648
RESERVED
CVE-2022-1647 (The FormCraft WordPress plugin before 1.2.6 does not sanitise
and esca ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-30526
- RESERVED
+CVE-2022-30526 (A privilege escalation vulnerability was identified in the CLI
command ...)
+ TODO: check
CVE-2022-30525 (A OS command injection vulnerability in the CGI program of
Zyxel USG F ...)
NOT-FOR-US: Zyxel
CVE-2022-1646 (The Simple Real Estate Pack WordPress plugin through 1.4.8 does
not sa ...)
@@ -20372,36 +20426,36 @@ CVE-2022-28685
RESERVED
CVE-2022-28684
RESERVED
-CVE-2022-28683
- RESERVED
-CVE-2022-28682
- RESERVED
-CVE-2022-28681
- RESERVED
-CVE-2022-28680
- RESERVED
-CVE-2022-28679
- RESERVED
-CVE-2022-28678
- RESERVED
-CVE-2022-28677
- RESERVED
-CVE-2022-28676
- RESERVED
-CVE-2022-28675
- RESERVED
-CVE-2022-28674
- RESERVED
-CVE-2022-28673
- RESERVED
-CVE-2022-28672
- RESERVED
-CVE-2022-28671
- RESERVED
-CVE-2022-28670
- RESERVED
-CVE-2022-28669
- RESERVED
+CVE-2022-28683 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
+ TODO: check
+CVE-2022-28682 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
+ TODO: check
+CVE-2022-28681 (This vulnerability allows remote attackers to disclose
sensitive infor ...)
+ TODO: check
+CVE-2022-28680 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
+ TODO: check
+CVE-2022-28679 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
+ TODO: check
+CVE-2022-28678 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
+ TODO: check
+CVE-2022-28677 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
+ TODO: check
+CVE-2022-28676 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
+ TODO: check
+CVE-2022-28675 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
+ TODO: check
+CVE-2022-28674 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
+ TODO: check
+CVE-2022-28673 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
+ TODO: check
+CVE-2022-28672 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
+ TODO: check
+CVE-2022-28671 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
+ TODO: check
+CVE-2022-28670 (This vulnerability allows remote attackers to disclose
sensitive infor ...)
+ TODO: check
+CVE-2022-28669 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
+ TODO: check
CVE-2022-28668
RESERVED
CVE-2022-28667
@@ -390146,8 +390200,8 @@ CVE-2015-7984 (Multiple cross-site request forgery
(CSRF) vulnerabilities in Hor
NOTE: https://www.htbridge.com/advisory/HTB23272
NOTE:
https://github.com/horde/horde/commit/a199d74932c902844514b2a83d21e7e221257dae
NOTE:
http://lists.horde.org/archives/dev/Week-of-Mon-20141201/028821.html
-CVE-2015-8031
- RESERVED
+CVE-2015-8031 (Hudson (aka org.jvnet.hudson.main:hudson-core) before 3.3.2
allows XXE ...)
+ TODO: check
CVE-2015-8030 (SAP 3D Visual Enterprise Viewer (VEV) allows remote attackers
to execu ...)
NOT-FOR-US: SAP
CVE-2015-8029 (SAP 3D Visual Enterprise Viewer (VEV) allows remote attackers
to execu ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1feabe05c4240dfb9097172c0fb2e769c04ec60e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1feabe05c4240dfb9097172c0fb2e769c04ec60e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
