[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Mon, 12 Sep 2022 13:10:42 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
065e552d by security tracker role at 2022-09-12T20:10:19+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,229 @@
+CVE-2022-40606
+       RESERVED
+CVE-2022-40605
+       RESERVED
+CVE-2022-40604
+       RESERVED
+CVE-2022-40603
+       RESERVED
+CVE-2022-40602
+       RESERVED
+CVE-2022-40601
+       RESERVED
+CVE-2022-40600
+       RESERVED
+CVE-2022-40599
+       RESERVED
+CVE-2022-40598
+       RESERVED
+CVE-2022-40597
+       RESERVED
+CVE-2022-40596
+       RESERVED
+CVE-2022-40595
+       RESERVED
+CVE-2022-40594
+       RESERVED
+CVE-2022-40593
+       RESERVED
+CVE-2022-40592
+       RESERVED
+CVE-2022-40591
+       RESERVED
+CVE-2022-40590
+       RESERVED
+CVE-2022-40589
+       RESERVED
+CVE-2022-40588
+       RESERVED
+CVE-2022-40587
+       RESERVED
+CVE-2022-40586
+       RESERVED
+CVE-2022-40585
+       RESERVED
+CVE-2022-40584
+       RESERVED
+CVE-2022-40583
+       RESERVED
+CVE-2022-40582
+       RESERVED
+CVE-2022-40581
+       RESERVED
+CVE-2022-40580
+       RESERVED
+CVE-2022-40579
+       RESERVED
+CVE-2022-40578
+       RESERVED
+CVE-2022-40577
+       RESERVED
+CVE-2022-40576
+       RESERVED
+CVE-2022-40575
+       RESERVED
+CVE-2022-40574
+       RESERVED
+CVE-2022-40573
+       RESERVED
+CVE-2022-40572
+       RESERVED
+CVE-2022-40571
+       RESERVED
+CVE-2022-40570
+       RESERVED
+CVE-2022-40569
+       RESERVED
+CVE-2022-40568
+       RESERVED
+CVE-2022-40567
+       RESERVED
+CVE-2022-40566
+       RESERVED
+CVE-2022-40565
+       RESERVED
+CVE-2022-40564
+       RESERVED
+CVE-2022-40563
+       RESERVED
+CVE-2022-40562
+       RESERVED
+CVE-2022-40561
+       RESERVED
+CVE-2022-40560
+       RESERVED
+CVE-2022-40559
+       RESERVED
+CVE-2022-40558
+       RESERVED
+CVE-2022-40557
+       RESERVED
+CVE-2022-40556
+       RESERVED
+CVE-2022-40555
+       RESERVED
+CVE-2022-40554
+       RESERVED
+CVE-2022-40553
+       RESERVED
+CVE-2022-40552
+       RESERVED
+CVE-2022-40551
+       RESERVED
+CVE-2022-40550
+       RESERVED
+CVE-2022-40549
+       RESERVED
+CVE-2022-40548
+       RESERVED
+CVE-2022-40547
+       RESERVED
+CVE-2022-40546
+       RESERVED
+CVE-2022-40545
+       RESERVED
+CVE-2022-40544
+       RESERVED
+CVE-2022-40543
+       RESERVED
+CVE-2022-40542
+       RESERVED
+CVE-2022-40541
+       RESERVED
+CVE-2022-40540
+       RESERVED
+CVE-2022-40539
+       RESERVED
+CVE-2022-40538
+       RESERVED
+CVE-2022-40537
+       RESERVED
+CVE-2022-40536
+       RESERVED
+CVE-2022-40535
+       RESERVED
+CVE-2022-40534
+       RESERVED
+CVE-2022-40533
+       RESERVED
+CVE-2022-40532
+       RESERVED
+CVE-2022-40531
+       RESERVED
+CVE-2022-40530
+       RESERVED
+CVE-2022-40529
+       RESERVED
+CVE-2022-40528
+       RESERVED
+CVE-2022-40527
+       RESERVED
+CVE-2022-40526
+       RESERVED
+CVE-2022-40525
+       RESERVED
+CVE-2022-40524
+       RESERVED
+CVE-2022-40523
+       RESERVED
+CVE-2022-40522
+       RESERVED
+CVE-2022-40521
+       RESERVED
+CVE-2022-40520
+       RESERVED
+CVE-2022-40519
+       RESERVED
+CVE-2022-40518
+       RESERVED
+CVE-2022-40517
+       RESERVED
+CVE-2022-40516
+       RESERVED
+CVE-2022-40515
+       RESERVED
+CVE-2022-40514
+       RESERVED
+CVE-2022-40513
+       RESERVED
+CVE-2022-40512
+       RESERVED
+CVE-2022-40511
+       RESERVED
+CVE-2022-40510
+       RESERVED
+CVE-2022-40509
+       RESERVED
+CVE-2022-40508
+       RESERVED
+CVE-2022-40507
+       RESERVED
+CVE-2022-40506
+       RESERVED
+CVE-2022-40505
+       RESERVED
+CVE-2022-40504
+       RESERVED
+CVE-2022-40503
+       RESERVED
+CVE-2022-40502
+       RESERVED
+CVE-2022-3181
+       RESERVED
+CVE-2022-3180
+       RESERVED
+CVE-2022-3179
+       RESERVED
+CVE-2022-3178 (Buffer Over-read in GitHub repository gpac/gpac prior to 
2.1.0-DEV. ...)
+       TODO: check
+CVE-2022-3177
+       RESERVED
+CVE-2022-3176
+       RESERVED
+CVE-2022-3175
+       RESERVED
+CVE-2022-3174
+       RESERVED
 CVE-2022-40501
        RESERVED
 CVE-2022-40500
@@ -6702,8 +6928,8 @@ CVE-2022-37862
        RESERVED
 CVE-2022-37861
        RESERVED
-CVE-2022-37860
-       RESERVED
+CVE-2022-37860 (The web configuration interface of the TP-Link M7350 V3 with 
firmware  ...)
+       TODO: check
 CVE-2022-37859
        RESERVED
 CVE-2022-37858
@@ -6752,8 +6978,8 @@ CVE-2022-37837
        RESERVED
 CVE-2022-37836
        RESERVED
-CVE-2022-37835
-       RESERVED
+CVE-2022-37835 (Torguard VPN 4.8, has a vulnerability that allows an attacker 
to dump  ...)
+       TODO: check
 CVE-2022-37834
        RESERVED
 CVE-2022-37833
@@ -6828,8 +7054,8 @@ CVE-2022-37799 (Tenda AC1206 V15.03.06.23 was discovered 
to contain a stack over
        NOT-FOR-US: Tenda
 CVE-2022-37798 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack 
overflow v ...)
        NOT-FOR-US: Tenda
-CVE-2022-37797
-       RESERVED
+CVE-2022-37797 (In lighttpd 1.4.65, mod_wstunnel does not initialize a handler 
functio ...)
+       TODO: check
 CVE-2022-37796 (In Simple Online Book Store System 1.0 in /admin_book.php the 
Title, A ...)
        NOT-FOR-US: Simple Online Book Store System
 CVE-2022-37795
@@ -6900,8 +7126,8 @@ CVE-2022-37768 (libjpeg commit 281daa9 was discovered to 
contain an infinite loo
        NOTE: https://github.com/thorfdbg/libjpeg/issues/77
        NOTE: 
https://github.com/thorfdbg/libjpeg/commit/281daa9ccee18742b83a77cd29bd2726b69b7977
        NOTE: Hang in CLI tool, no security impact
-CVE-2022-37767
-       RESERVED
+CVE-2022-37767 (Pebble Templates 3.1.5 allows attackers to bypass a protection 
mechani ...)
+       TODO: check
 CVE-2022-37766
        RESERVED
 CVE-2022-37765
@@ -6966,8 +7192,8 @@ CVE-2022-37736
        RESERVED
 CVE-2022-37735
        RESERVED
-CVE-2022-37734
-       RESERVED
+CVE-2022-37734 (graphql-java before19.0 is vulnerable to Denial of Service. An 
attacke ...)
+       TODO: check
 CVE-2022-37733
        RESERVED
 CVE-2022-37732
@@ -7662,7 +7888,7 @@ CVE-2022-2669
 CVE-2022-2668 (An issue was discovered in Keycloak that allows arbitrary 
Javascript t ...)
        NOT-FOR-US: Keycloak
 CVE-2022-37434 (zlib through 1.2.12 has a heap-based buffer over-read or 
buffer overfl ...)
-       {DSA-5218-1}
+       {DSA-5218-1 DLA-3103-1}
        - zlib 1:1.2.11.dfsg-4.1 (bug #1016710)
        - libz-mingw-w64 1.2.12+dfsg-2
        [bullseye] - libz-mingw-w64 <no-dsa> (Minor issue)
@@ -8159,8 +8385,8 @@ CVE-2022-37302
        RESERVED
 CVE-2022-37301
        RESERVED
-CVE-2022-37300
-       RESERVED
+CVE-2022-37300 (A CWE-640: Weak Password Recovery Mechanism for Forgotten 
Password vul ...)
+       TODO: check
 CVE-2022-2601
        RESERVED
 CVE-2022-2600 (The Auto-hyperlink URLs WordPress plugin through 5.4.1 does not 
set re ...)
@@ -24224,20 +24450,20 @@ CVE-2022-31228
        RESERVED
 CVE-2022-31227
        RESERVED
-CVE-2022-31226
-       RESERVED
-CVE-2022-31225
-       RESERVED
-CVE-2022-31224
-       RESERVED
-CVE-2022-31223
-       RESERVED
-CVE-2022-31222
-       RESERVED
-CVE-2022-31221
-       RESERVED
-CVE-2022-31220
-       RESERVED
+CVE-2022-31226 (Dell BIOS versions contain a Stack-based Buffer Overflow 
vulnerability ...)
+       TODO: check
+CVE-2022-31225 (Dell BIOS versions contain an Unchecked Return Value 
vulnerability. A  ...)
+       TODO: check
+CVE-2022-31224 (Dell BIOS versions contain an Improper Protection Against 
Voltage and  ...)
+       TODO: check
+CVE-2022-31223 (Dell BIOS versions contain an Improper Neutralization of Null 
Byte vul ...)
+       TODO: check
+CVE-2022-31222 (Dell BIOS versions contain a Missing Release of Resource after 
Effecti ...)
+       TODO: check
+CVE-2022-31221 (Dell BIOS versions contain an Information Exposure 
vulnerability. A lo ...)
+       TODO: check
+CVE-2022-31220 (Dell BIOS versions contain an Unchecked Return Value 
vulnerability. A  ...)
+       TODO: check
 CVE-2022-31219 (Vulnerabilities in the Drive Composer allow a low privileged 
attacker  ...)
        NOT-FOR-US: Drive Composer
 CVE-2022-31218 (Vulnerabilities in the Drive Composer allow a low privileged 
attacker  ...)
@@ -26026,8 +26252,8 @@ CVE-2022-1702 (SonicWall SMA1000 series firmware 
12.4.0, 12.4.1-02965 and earlie
        NOT-FOR-US: SonicWall
 CVE-2022-1701 (SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and 
earlier ver ...)
        NOT-FOR-US: SonicWall
-CVE-2022-1700
-       RESERVED
+CVE-2022-1700 (Improper Restriction of XML External Entity Reference ('XXE') 
vulnerab ...)
+       TODO: check
 CVE-2022-30616 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 
could allow  ...)
        NOT-FOR-US: IBM
 CVE-2022-30615
@@ -44669,7 +44895,7 @@ CVE-2022-24303 (Pillow before 9.0.1 allows attackers to 
delete files because spa
        NOTE: 
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html#security
        NOTE: 
https://github.com/python-pillow/Pillow/commit/427221ef5f19157001bf8b1ad7cfe0b905ca8c26
 (9.0.1)
 CVE-2022-24302 (In Paramiko before 2.10.1, a race condition (between creation 
and chmo ...)
-       {DLA-2959-1}
+       {DLA-3104-1 DLA-2959-1}
        - paramiko 2.10.3-1 (bug #1008012)
        [bullseye] - paramiko <no-dsa> (Minor issue)
        NOTE: 
https://github.com/paramiko/paramiko/commit/4c491e299c9b800358b16fa4886d8d94f45abe2e
 (2.10.1)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/065e552d598e13dc37007c8f77db9569a26ecf48

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/065e552d598e13dc37007c8f77db9569a26ecf48
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to