Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
23ee41d0 by Salvatore Bonaccorso at 2022-08-13T14:14:55+02:00
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2016,7 +2016,7 @@ CVE-2022-2648 (A vulnerability was found in
SourceCodester Multi Language Hotel
CVE-2022-2647 (A vulnerability was found in jeecg-boot. It has been declared
as criti ...)
NOT-FOR-US: Jeecg-boot
CVE-2022-37397 (An issue was discovered in the YugabyteDB 2.6.1 when using
LDAP-based ...)
- TODO: check
+ NOT-FOR-US: YugabyteDB
CVE-2022-37345
RESERVED
CVE-2022-37334
@@ -5610,7 +5610,7 @@ CVE-2022-35955
CVE-2022-35954
RESERVED
CVE-2022-35953 (BookWyrm is a social network for tracking your reading,
talking about ...)
- TODO: check
+ NOT-FOR-US: BookWyrm
CVE-2022-35952
RESERVED
CVE-2022-35951
@@ -59023,9 +59023,9 @@ CVE-2021-42753 (An improper limitation of a pathname to
a restricted directory (
CVE-2021-42752 (A improper neutralization of input during web page generation
('cross- ...)
NOT-FOR-US: FortiGuard
CVE-2021-42751 (A cross-site scripting (XSS) vulnerability in Rule Engine in
ThingsBoa ...)
- TODO: check
+ NOT-FOR-US: ThingsBoard
CVE-2021-42750 (A cross-site scripting (XSS) vulnerability in Rule Engine in
ThingsBoa ...)
- TODO: check
+ NOT-FOR-US: ThingsBoard
CVE-2021-42749 (In Beaver Themer, attackers can bypass conditional logic
controls (for ...)
NOT-FOR-US: Beaver
CVE-2021-42748 (In Beaver Builder through 2.5.0.3, attackers can bypass the
visibility ...)
@@ -60053,23 +60053,23 @@ CVE-2022-20410
CVE-2022-20409
RESERVED
CVE-2022-20408 (Product: AndroidVersions: Android kernelAndroid ID:
A-204782372Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20407 (Product: AndroidVersions: Android kernelAndroid ID:
A-210916981Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20406 (Product: AndroidVersions: Android kernelAndroid ID:
A-184676385Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20405 (Product: AndroidVersions: Android kernelAndroid ID:
A-216363416Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20404 (Product: AndroidVersions: Android kernelAndroid ID:
A-205714161Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20403 (Product: AndroidVersions: Android kernelAndroid ID:
A-207975764Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20402 (Product: AndroidVersions: Android kernelAndroid ID:
A-218701042Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20401 (In SAEMM_RetrievEPLMNList of SAEMM_ContextManagement.c, there
is a pos ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20400 (In cd_CodeMsg of cd_codec.c, there is a possible out of bounds
write d ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20399
RESERVED
CVE-2022-20398
@@ -60101,35 +60101,35 @@ CVE-2022-20386
CVE-2022-20385
RESERVED
CVE-2022-20384 (Product: AndroidVersions: Android kernelAndroid ID:
A-211727306Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20383 (In AllocateInternalBuffers of g3aa_buffer_allocator.cc, there
is a pos ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20382 (In (TBD) of (TBD), there is a possible out of bounds write due
to kern ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20381 (Product: AndroidVersions: Android kernelAndroid ID:
A-188935887Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20380 (Product: AndroidVersions: Android kernelAndroid ID:
A-212625740Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20379 (In lwis_buffer_alloc of lwis_buffer.c, there is a possible
arbitrary c ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20378 (Product: AndroidVersions: Android kernelAndroid ID:
A-234657153Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20377 (In TBD of keymaster_ipc.cpp, there is a possible to force
gatekeeper, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20376 (In trusty_log_seq_start of trusty-log.c, there is a possible
use after ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20375 (In LteRrcNrProAsnDecode of LteRrcNr_Codec.c, there is a
possible out o ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20374 (On specific devices, there is a possible bypass of
configuration integ ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20373 (In st21nfc_loc_set_polaritymode of fc/st21nfc.c, there is a
possible u ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20372 (In exynos5_i2c_irq of (TBD), there is a possible out of bounds
write d ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20371 (In dm_bow_dtr and related functions of dm-bow.c, there is a
possible u ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20370 (Product: AndroidVersions: Android kernelAndroid ID:
A-215730643Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20369 (In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible
out of bou ...)
- linux 5.17.3-1
[bullseye] - linux 5.10.113-1
@@ -60140,17 +60140,17 @@ CVE-2022-20368 (Product: AndroidVersions: Android
kernelAndroid ID: A-224546354R
[buster] - linux 4.19.249-1
NOTE:
https://git.kernel.org/linus/c700525fcc06b05adfea78039de02628af79e07a (5.17)
CVE-2022-20367 (In construct_transaction of lwis_ioctl.c, there is a possible
out of b ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20366 (In ioctl_dpm_clk_update of lwis_ioctl.c, there is a possible
out of bo ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20365 (Product: AndroidVersions: Android kernelAndroid ID:
A-229632566Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20364
RESERVED
CVE-2022-20363
RESERVED
CVE-2022-20362 (In Bluetooth, there is a possible out of bounds write due to
an intege ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20361 (In btif_dm_auth_cmpl_evt of btif_dm.cc, there is a possible
vulnerabil ...)
NOT-FOR-US: Android
CVE-2022-20360 (In setChecked of SecureNfcPreferenceController.java, there is
a missin ...)
@@ -60190,209 +60190,209 @@ CVE-2022-20344 (In stealReceiveChannel of
EventThread.cpp, there is a possible w
CVE-2022-20343
RESERVED
CVE-2022-20342 (In WiFi, there is a possible disclosure of WiFi password to
the end us ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20341 (In ConnectivityService, there is a possible bypass of network
permissi ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20340 (In SELinux policy, there is a possible way of inferring which
websites ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20339 (In Android, there is a possible access of network neighbor
table infor ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20338 (In Core Utilities, there is a possible way to craft a
malformed Uri ob ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20337
RESERVED
CVE-2022-20336 (In Settings, there is a possible installed application
disclosure due ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20335 (In Wifi Slice, there is a possible way to adjust Wi-Fi
settings even w ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20334 (In Bluetooth, there are possible process crashes due to
dereferencing ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20333 (In Bluetooth, there is a possible crash due to a missing null
check. T ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20332 (In PackageManager, there is a possible way to determine
whether an app ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20331 (In the Framework, there is a possible way to enable a work
profile wit ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20330 (In Bluetooth, there is a possible way to connect or disconnect
bluetoo ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20329 (In Wifi, there is a possible way to enable Wifi without
permissions du ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20328 (In PackageManager, there is a possible way to determine
whether an app ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20327 (In Wi-Fi, there is a possible way to retrieve the WiFi SSID
without lo ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20326 (In Telephony, there is a possible disclosure of SIM
identifiers due to ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20325 (In Media, there is a possible code execution due to a use
after free. ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20324 (In Framework, there is a possible way to determine whether an
app is i ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20323 (In PackageManager, there is a possible package installation
disclosure ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20322 (In PackageManager, there is a possible installed package
disclosure du ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20321 (In Settings, there is a possible way for an application
without permis ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20320 (In ActivityManager, there is a possible way to determine
whether an ap ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20319 (In DreamServices, there is a possible way to launch arbitrary
protecte ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20318 (In PackageInstaller, there is a possible way to determine
whether an a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20317 (In SystemUI, there is a possible way to unexpectedly enable
the extern ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20316 (In ContentResolver, there is a possible way to determine
whether an ap ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20315 (In ActivityManager, there is a possible disclosure of
installed packag ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20314 (In KeyChain, there is a possible spoof keychain chooser
activity reque ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20313 (In Bluetooth, there is a possible out of bounds write due to a
missing ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20312 (In WifiP2pManager, there is a possible toobtain WiFi P2P MAC
address w ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20311 (In Telecomm, there is a possible disclosure of registered self
managed ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20310 (In Telecomm, there is a possible disclosure of registered self
managed ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20309 (In PackageInstaller, there is a possible way to determine
whether an a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20308 (In hostapd, there is a possible insecure configuration due to
an insec ...)
- TODO: check
+ NOT-FOR-US: Android (treating this android specific even hostapd
mentioned, insecure configuration on Android)
CVE-2022-20307 (In AlarmManagerService, there is a possible way to determine
whether a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20306 (In Camera Provider HAL, there is a possible memory corruption
due to a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20305 (In ContentService, there is a possible disclosure of available
account ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20304 (In Content, there is a possible way to determinate the user's
account ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20303 (In ContentService, there is a possible way to determine if an
account ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20302 (In Settings, there is a possible way to bypass factory reset
protectio ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20301 (In Content, there is a possible way to check if an account
exists on t ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20300 (In Content, there is a possible way to check if the given
account exis ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20299 (In ContentService, there is a possible way to check if the
given accou ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20298 (In ContentService, there is a possible way to check if an
account exis ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20297 (In Settings, there is a possible way to bypass factory reset
protectio ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20296 (In ContentService, there is a possible way to check if an
account exis ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20295 (In ContentService, there is a possible way to check if an
account exis ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20294 (In Content, there is a possible way to learn about an account
present ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20293 (In LauncherApps, there is a possible way to determine whether
an app i ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20292 (In Settings, there is a possible way to bypass factory reset
protectio ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20291 (In AppOpsService, there is a possible way to determine whether
an app ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20290 (In Midi, there is a possible way to learn about private midi
devices d ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20289 (In PackageInstaller, there is a possible way to determine
whether an a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20288 (In AppSearchManagerService, there is a possible way to
determine wheth ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20287 (In AppSearchManagerService, there is a possible way to
determine wheth ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20286 (In Connectivity, there is a possible bypass the restriction of
startin ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20285 (In PackageManager, there is a possible way to determine
whether an app ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20284 (In Telephony, there is a possible information disclosure due
to a miss ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20283 (In Bluetooth, there is a possible out of bounds write due to
an intege ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20282 (In AppWidget, there is a possible way to start an activity
from the ba ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20281 (In Core, there is a possible way to start an activity from the
backgro ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20280 (In MMSProvider, there is a possible read of protected data due
to impr ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20279 (In DevicePolicyManager, there is a possible way to determine
whether a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20278 (In Accounts, there is a possible way to write sensitive
information to ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20277 (In DevicePolicyManager, there is a possible way to determine
whether a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20276 (In DevicePolicyManager, there is a possible way to determine
whether a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20275 (In DevicePolicyManager, there is a possible way to determine
whether a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20274 (In Keyguard, there is a missing permission check. This could
lead to l ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20273 (In Bluetooth, there is a possible out of bounds read due to a
heap buf ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20272 (In PermissionController, there is a possible misunderstanding
about th ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20271 (In PermissionController, there is a possible way to grant some
permiss ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20270 (In Content, there is a possible way to learn gmail account
name on the ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20269 (In Bluetooth, there is a possible out of bounds write due to
an incorr ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20268 (In RestrictionsManager, there is a possible way to send a
broadcast th ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20267 (In bluetooth, there is a possible way to enable or disable
bluetooth c ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20266 (In Companion, there is a possible way to keep a service
running with e ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20265 (In Settings, there is a possible way to bypass factory reset
permissio ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20264
RESERVED
CVE-2022-20263 (In ActivityManager, there is a way to read process state for
other use ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20262 (In ActivityManager, there is a possible way to check another
process's ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20261 (In LocationManager, there is a possible way to get location
informatio ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20260 (In the Phone app, there is a possible crash loop due to
resource exhau ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20259 (In Telephony, there is a possible leak of ICCID and EID due to
a missi ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20258 (In Bluetooth, there is a possible way to bypass compiler
exploit mitig ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20257 (In Bluetooth, there is a possible way to pair a display only
device wi ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20256 (In the Audio HAL, there is a possible out of bounds write due
to a rac ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20255 (In SettingsProvider, there is a possible way to read or change
the def ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20254 (In Wi-Fi, there is a permissions bypass. This could lead to
local esca ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20253 (In Bluetooth, there is a possible cleanup failure due to an
uncaught e ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20252 (In PackageManager, there is a possible way to determine
whether an app ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20251 (In LocaleManager, there is a possible way to determine whether
an app ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20250 (In Messaging, there is a possible way to attach files to a
message wit ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20249 (In LocaleManager, there is a possible way to determine whether
an app ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20248 (In Settings, there is a possible way to connect to an open
network byp ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20247 (In Media, there is a possible out of bounds read due to a heap
buffer ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20246 (In WindowManager, there is a possible bypass of the
restrictions for s ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20245 (In WindowManager, there is a possible method to create a
recording of ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20244 (In Bluetooth, there is a possible out of bounds write due to a
missing ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20243 (In Core Utilities, there is a possible log information
disclosure. Thi ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20242 (In Telephony, there is a possible way to determine whether an
app is i ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20241 (In Messaging, there is a possible way to attach a private file
to an S ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20240
RESERVED
CVE-2022-20239 ('remap_pfn_range' here may map out of size kernel memory (for
example, ...)
@@ -60400,7 +60400,7 @@ CVE-2022-20239 ('remap_pfn_range' here may map out of
size kernel memory (for ex
CVE-2022-20238 ('remap_pfn_range' here may map out of size kernel memory (for
example, ...)
NOT-FOR-US: Unisoc
CVE-2022-20237 (In BuildDevIDResponse of miscdatabuilder.cpp, there is a
possible out ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20236 (A drm driver have oob problem, could cause the system crash or
EOPProd ...)
NOT-FOR-US: Unisoc
CVE-2022-20235
@@ -60515,7 +60515,7 @@ CVE-2022-20182 (In handle_ramdump of pixel_loader.c,
there is a possible way to
CVE-2022-20181 (Product: AndroidVersions: Android kernelAndroid ID:
A-210936609Referen ...)
NOT-FOR-US: Google Pixel
CVE-2022-20180 (In several functions of mali_gralloc_reference.cpp, there is a
possibl ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20179 (Product: AndroidVersions: Android kernelAndroid ID:
A-211683760Referen ...)
NOT-FOR-US: Google Pixel
CVE-2022-20178 (In ioctl_dpm_qos_update and ioctl_event_control_set of (TBD),
there is ...)
@@ -95128,9 +95128,9 @@ CVE-2021-29120
CVE-2021-29119
RESERVED
CVE-2021-29118 (An out-of-bounds read vulnerability exists when parsing a
specially cr ...)
- TODO: check
+ NOT-FOR-US: Esri ArcReader
CVE-2021-29117 (A use-after-free vulnerability when parsing a specially
crafted file i ...)
- TODO: check
+ NOT-FOR-US: Esri ArcReader
CVE-2021-29116 (A stored Cross Site Scripting (XSS) vulnerability in Esri
ArcGIS Serve ...)
NOT-FOR-US: Esri ArcGIS Server
CVE-2021-29115 (An information disclosure vulnerability in the ArcGIS Service
Director ...)
@@ -95140,7 +95140,7 @@ CVE-2021-29114 (A SQL injection vulnerability in
feature services provided by Es
CVE-2021-29113 (A remote file inclusion vulnerability in the ArcGIS Server
help docume ...)
NOT-FOR-US: ArcGIS Server
CVE-2021-29112 (An out-of-bounds read vulnerability exists when parsing a
specially cr ...)
- TODO: check
+ NOT-FOR-US: Esri ArcReader
CVE-2021-29111
RESERVED
CVE-2021-29110 (Stored cross-site scripting (XSS) issue in Esri Portal for
ArcGIS may ...)
@@ -111721,7 +111721,7 @@ CVE-2021-22291
CVE-2021-22290
RESERVED
CVE-2021-22289 (Improper Input Validation vulnerability in the project upload
mechanis ...)
- TODO: check
+ NOT-FOR-US: B&R Automation Studio
CVE-2021-22288 (Improper Input Validation vulnerability in the ABB SPIET800
and PNI800 ...)
NOT-FOR-US: ABB
CVE-2021-22287
@@ -126718,7 +126718,7 @@ CVE-2021-0977 (In phNxpNHal_DtaUpdate of
phNxpNciHal_dta.cc, there is a possible
CVE-2021-0976 (In toBARK of floor0.c, there is a possible out of bounds read
due to a ...)
NOT-FOR-US: Android
CVE-2021-0975 (In USB Manager, there is a possible way to determine whether an
app is ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-0974
RESERVED
CVE-2021-0973 (In isFileUri of UriUtil.java, there is a possible way to bypass
ignori ...)
@@ -127228,9 +127228,9 @@ CVE-2021-0737
CVE-2021-0736
RESERVED
CVE-2021-0735 (In PackageManager, there is a possible way to get information
about in ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-0734 (In Settings, there is a possible way to determine whether an
app is in ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-0733
RESERVED
CVE-2021-0732
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23ee41d00621d256720fb46ecd816281688a54c8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23ee41d00621d256720fb46ecd816281688a54c8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
