Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5fd615d7 by Salvatore Bonaccorso at 2022-09-05T22:33:30+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21024,7 +21024,7 @@ CVE-2022-31816
CVE-2022-31815
RESERVED
CVE-2022-31814 (pfSense pfBlockerNG through 2.1.4_26 allows remote attackers
to execut ...)
- TODO: check
+ NOT-FOR-US: pfSense
CVE-2022-1948 (An issue has been discovered in GitLab affecting all versions
starting ...)
- gitlab <not-affected> (Vulnerable code introduced later)
NOTE:
https://about.gitlab.com/releases/2022/06/01/critical-security-release-gitlab-15-0-1-released/
@@ -53244,25 +53244,25 @@ CVE-2022-22108 (In Daybyday CRM, versions 2.0.0
through 2.2.0 are vulnerable to
CVE-2022-22107 (In Daybyday CRM, versions 2.0.0 through 2.2.0 are vulnerable
to Missin ...)
NOT-FOR-US: DayByDay CRM
CVE-2022-22106 (Memory corruption in multimedia due to improper length check
while cop ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-22105
RESERVED
CVE-2022-22104 (Memory corruption in multimedia due to improper check on the
messages ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-22103 (Memory corruption in multimedia driver due to double free
while proces ...)
NOT-FOR-US: Snapdragon
CVE-2022-22102 (Memory corruption in multimedia due to incorrect type
conversion while ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-22101 (Denial of service in multimedia due to uncontrolled resource
consumpti ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-22100 (Memory corruption in multimedia due to improper check on
received expo ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-22099 (Memory corruption in multimedia due to improper validation of
array in ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-22098 (Memory corruption in multimedia driver due to untrusted
pointer derefe ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-22097 (Memory corruption in graphic driver due to use after free
while callin ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-22096 (Memory corruption in Bluetooth HOST due to stack-based buffer
overflow ...)
NOT-FOR-US: Qualcomm
CVE-2022-22095
@@ -53296,7 +53296,7 @@ CVE-2022-22082 (Memory corruption due to possible
buffer overflow while parsing
CVE-2022-22081
RESERVED
CVE-2022-22080 (Improper validation of backend id in PCM routing process can
lead to m ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-22079
RESERVED
CVE-2022-22078
@@ -53316,13 +53316,13 @@ CVE-2022-22072 (Buffer overflow can occur due to
improper validation of NDP appl
CVE-2022-22071 (Possible use after free when process shell memory is freed
using IOCTL ...)
NOT-FOR-US: Snapdragon
CVE-2022-22070 (Memory corruption in audio due to lack of check of invalid
routing add ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-22069 (Devices with keyprotect off may store unencrypted keybox in
RPMB and c ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-22068 (kernel event may contain unexpected content which is not
generated by ...)
NOT-FOR-US: Snapdragon
CVE-2022-22067 (Potential memory leak in modem during the processing of NSA
RRC Reconf ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-22066
RESERVED
CVE-2022-22065 (Out of bound read in WLAN HOST due to improper length check
can lead t ...)
@@ -53332,13 +53332,13 @@ CVE-2022-22064 (Possible buffer over read due to lack
of size validation while u
CVE-2022-22063
RESERVED
CVE-2022-22062 (An out-of-bounds read can occur while parsing a server
certificate due ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-22061 (Out of bounds writing is possible while verifying device IDs
due to im ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-22060
RESERVED
CVE-2022-22059 (Memory corruption due to out of bound read while parsing a
video file ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2022-22058
RESERVED
NOT-FOR-US: Qualcomm
@@ -84421,7 +84421,7 @@ CVE-2021-35137
CVE-2021-35136
RESERVED
CVE-2021-35135 (A null pointer dereference may potentially occur during RSA
key import ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-35134 (Due to insufficient validation of ELF headers, an Incorrect
Calculatio ...)
TODO: check
CVE-2021-35133 (Use after free in the synx driver issue while performing other
functio ...)
@@ -103663,7 +103663,7 @@ CVE-2021-27695 (Multiple stored cross-site scripting
(XSS) vulnerabilities in op
CVE-2021-27694
RESERVED
CVE-2021-27693 (Server-side Request Forgery (SSRF) vulnerability in PublicCMS
before 4 ...)
- TODO: check
+ NOT-FOR-US: PublicCMS
CVE-2021-27692 (Command Injection in Tenda G1 and G3 routers with firmware
versions v1 ...)
NOT-FOR-US: Tenda
CVE-2021-27691 (Command Injection in Tenda G0 routers with firmware versions
v15.11.0. ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fd615d75abc6a7fe7fb92468e91698a395a666c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fd615d75abc6a7fe7fb92468e91698a395a666c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
