[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Tue, 30 Aug 2022 13:34:20 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b64286c2 by security tracker role at 2022-08-30T20:10:22+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,14 @@
+CVE-2022-3065
+       RESERVED
+CVE-2022-3064
+       RESERVED
+CVE-2022-3063
+       REJECTED
+       TODO: check
+CVE-2022-3062
+       RESERVED
+CVE-2022-3061
+       RESERVED
 CVE-2022-39043
        RESERVED
 CVE-2022-39042
@@ -573,7 +584,7 @@ CVE-2022-3024
 CVE-2022-3023
        RESERVED
 CVE-2022-3022
-       RESERVED
+       REJECTED
 CVE-2022-3021
        RESERVED
 CVE-2022-3020
@@ -4930,8 +4941,8 @@ CVE-2022-37239 (MDaemon Technologies SecurityGateway for 
Email Servers 8.5.2 is
        NOT-FOR-US: MDaemon
 CVE-2022-37238 (MDaemon Technologies SecurityGateway for Email Servers 8.5.2 
is vulner ...)
        NOT-FOR-US: MDaemon
-CVE-2022-37237
-       RESERVED
+CVE-2022-37237 (An attacker can send malicious RTMP requests to make the 
ZLMediaKit se ...)
+       TODO: check
 CVE-2022-37236
        RESERVED
 CVE-2022-37235
@@ -5052,8 +5063,8 @@ CVE-2022-37178 (An issue was discovered in 72crm 9.0. 
There is a SQL Injection v
        NOT-FOR-US: 72crm
 CVE-2022-37177 (HireVue Hiring Platform V1.0 suffers from Use of a Broken or 
Risky Cry ...)
        NOT-FOR-US: HireVue Hiring Platform
-CVE-2022-37176
-       RESERVED
+CVE-2022-37176 (Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below 
contains a vul ...)
+       TODO: check
 CVE-2022-37175 (Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer 
overflo ...)
        NOT-FOR-US: Tenda
 CVE-2022-37174
@@ -5106,8 +5117,8 @@ CVE-2022-37151 (There is an unauthorized access 
vulnerability in Online Diagnost
        NOT-FOR-US: Online Diagnostic Lab Management System
 CVE-2022-37150 (An issue was discovered in Online Diagnostic Lab Management 
System 1.0 ...)
        NOT-FOR-US: Online Diagnostic Lab Management System
-CVE-2022-37149
-       RESERVED
+CVE-2022-37149 (WAVLINK WL-WN575A3 RPT75A3.V4300.201217 was discovered to 
contain a co ...)
+       TODO: check
 CVE-2022-37148
        RESERVED
 CVE-2022-37147
@@ -6519,8 +6530,8 @@ CVE-2022-36554 (A command injection vulnerability in the 
CLI (Command Line Inter
        NOT-FOR-US: Hytec Inter HWL-2511-SS
 CVE-2022-36553 (Hytec Inter HWL-2511-SS v1.05 and below was discovered to 
contain a co ...)
        NOT-FOR-US: Hytec Inter HWL-2511-SS
-CVE-2022-36552
-       RESERVED
+CVE-2022-36552 (Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below 
contains an is ...)
+       TODO: check
 CVE-2022-36551
        RESERVED
 CVE-2022-36550
@@ -9915,8 +9926,8 @@ CVE-2022-32765
        RESERVED
 CVE-2022-2331
        RESERVED
-CVE-2022-2330
-       RESERVED
+CVE-2022-2330 (Improper Restriction of XML External Entity Reference 
vulnerability in ...)
+       TODO: check
 CVE-2022-2329
        RESERVED
 CVE-2022-2328 (The Flexi Quote Rotator WordPress plugin through 0.9.4 does not 
saniti ...)
@@ -12965,6 +12976,7 @@ CVE-2022-2133 (The OAuth Single Sign On WordPress 
plugin before 6.22.6 doesn't v
        NOT-FOR-US: WordPress plugin
 CVE-2022-2132
        RESERVED
+       {DSA-5222-1}
        - dpdk <unfixed>
        NOTE: https://bugs.dpdk.org/show_bug.cgi?id=1031
        NOTE: 
https://git.dpdk.org/dpdk/commit/?id=71bd0cc536ad6d84188d947d6f24c17400d8f623 
(main)
@@ -29769,6 +29781,7 @@ CVE-2022-28200 (NVIDIA DGX A100 contains a 
vulnerability in SBIOS in the BiosCfg
        NOT-FOR-US: NVIDIA
 CVE-2022-28199
        RESERVED
+       {DSA-5222-1}
        - dpdk <unfixed>
        [buster] - dpdk <not-affected> (Vulnerable code introduced later)
        NOTE: 
https://git.dpdk.org/dpdk/commit/?id=60b254e3923d007bcadbb8d410f95ad89a2f13fa 
(main)
@@ -67683,7 +67696,7 @@ CVE-2021-40907 (SQL injection vulnerability in 
Sourcecodester Storage Unit Renta
        NOT-FOR-US: Sourcecodester
 CVE-2021-40906 (CheckMK Raw Edition software (versions 1.5.0 to 1.6.0) does 
not saniti ...)
        - check-mk <removed>
-CVE-2021-40905 (The web management console of CheckMK Enterprise Edition 
(versions 1.5 ...)
+CVE-2021-40905 (** DISPUTED ** The web management console of CheckMK 
Enterprise Editio ...)
        NOT-FOR-US: CheckMK Enterprise Edition
 CVE-2021-40904 (The web management console of CheckMK Raw Edition (versions 
1.5.0 to 1 ...)
        - check-mk <removed>



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b64286c20532038322424f949ee101adebc14566

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b64286c20532038322424f949ee101adebc14566
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to