Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0275d7b2 by security tracker role at 2022-10-06T20:10:23+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,49 @@
+CVE-2022-42457 (Generex CS141 before 2.08 allows remote command execution by
administr ...)
+ TODO: check
+CVE-2022-42456
+ RESERVED
+CVE-2022-42455
+ RESERVED
+CVE-2022-42454
+ RESERVED
+CVE-2022-42453
+ RESERVED
+CVE-2022-42452
+ RESERVED
+CVE-2022-42451
+ RESERVED
+CVE-2022-42450
+ RESERVED
+CVE-2022-42449
+ RESERVED
+CVE-2022-42448
+ RESERVED
+CVE-2022-42447
+ RESERVED
+CVE-2022-42446
+ RESERVED
+CVE-2022-42445
+ RESERVED
+CVE-2022-42444
+ RESERVED
+CVE-2022-42443
+ RESERVED
+CVE-2022-42442
+ RESERVED
+CVE-2022-42441
+ RESERVED
+CVE-2022-42440
+ RESERVED
+CVE-2022-42439
+ RESERVED
+CVE-2022-42438
+ RESERVED
+CVE-2022-42437
+ RESERVED
+CVE-2022-42436
+ RESERVED
+CVE-2022-42435
+ RESERVED
CVE-2022-42433
RESERVED
CVE-2022-42432
@@ -378,12 +424,12 @@ CVE-2022-3400
RESERVED
CVE-2022-3399
RESERVED
-CVE-2022-3398
- RESERVED
-CVE-2022-3397
- RESERVED
-CVE-2022-3396
- RESERVED
+CVE-2022-3398 (OMRON CX-Programmer 9.78 and prior is vulnerable to an
Out-of-Bounds W ...)
+ TODO: check
+CVE-2022-3397 (OMRON CX-Programmer 9.78 and prior is vulnerable to an
Out-of-Bounds W ...)
+ TODO: check
+CVE-2022-3396 (OMRON CX-Programmer 9.78 and prior is vulnerable to an
Out-of-Bounds W ...)
+ TODO: check
CVE-2022-3395
RESERVED
CVE-2022-3394
@@ -396,10 +442,10 @@ CVE-2022-3391
RESERVED
CVE-2022-42251
RESERVED
-CVE-2022-42250
- RESERVED
-CVE-2022-42249
- RESERVED
+CVE-2022-42250 (Simple Cold Storage Management System v1.0 is vulnerable to
SQL inject ...)
+ TODO: check
+CVE-2022-42249 (Simple Cold Storage Management System v1.0 is vulnerable to
SQL inject ...)
+ TODO: check
CVE-2022-42248
RESERVED
CVE-2022-42247 (pfSense v2.5.2 was discovered to contain a cross-site
scripting (XSS) ...)
@@ -410,12 +456,12 @@ CVE-2022-42245
RESERVED
CVE-2022-42244
RESERVED
-CVE-2022-42243
- RESERVED
-CVE-2022-42242
- RESERVED
-CVE-2022-42241
- RESERVED
+CVE-2022-42243 (Simple Cold Storage Management System v1.0 is vulnerable to
SQL inject ...)
+ TODO: check
+CVE-2022-42242 (Simple Cold Storage Management System v1.0 is vulnerable to
SQL inject ...)
+ TODO: check
+CVE-2022-42241 (Simple Cold Storage Management System v1.0 is vulnerable to
SQL inject ...)
+ TODO: check
CVE-2022-42240
RESERVED
CVE-2022-42239
@@ -874,16 +920,19 @@ CVE-2022-42013
RESERVED
CVE-2022-42012
RESERVED
+ {DSA-5250-1}
- dbus 1.14.4-1
NOTE: https://www.openwall.com/lists/oss-security/2022/10/06/1
NOTE: Fixed by:
https://gitlab.freedesktop.org/dbus/dbus/-/commit/236f16e444e88a984cf12b09225e0f8efa6c5b44
CVE-2022-42011
RESERVED
+ {DSA-5250-1}
- dbus 1.14.4-1
NOTE: https://www.openwall.com/lists/oss-security/2022/10/06/1
NOTE: Fixed by:
https://gitlab.freedesktop.org/dbus/dbus/-/commit/079bbf16186e87fb0157adf8951f19864bc2ed69
CVE-2022-42010
RESERVED
+ {DSA-5250-1}
- dbus 1.14.4-1
NOTE: https://www.openwall.com/lists/oss-security/2022/10/06/1
NOTE: Fixed by:
https://gitlab.freedesktop.org/dbus/dbus/-/commit/9d07424e9011e3bbe535e83043d335f3093d2916
@@ -891,8 +940,8 @@ CVE-2022-3390
RESERVED
CVE-2022-42009
RESERVED
-CVE-2022-3389
- RESERVED
+CVE-2022-3389 (Path Traversal in GitHub repository ikus060/rdiffweb prior to
2.4.10. ...)
+ TODO: check
CVE-2022-42008
RESERVED
CVE-2022-42007
@@ -1191,10 +1240,10 @@ CVE-2022-41855
RESERVED
CVE-2022-41854
RESERVED
-CVE-2022-41853
- RESERVED
-CVE-2022-41852
- RESERVED
+CVE-2022-41853 (Those using java.sql.Statement or java.sql.PreparedStatement
in hsqldb ...)
+ TODO: check
+CVE-2022-41852 (Those using JXPath to interpret untrusted XPath expressions
may be vul ...)
+ TODO: check
CVE-2022-41851
RESERVED
CVE-2022-41836
@@ -1239,8 +1288,8 @@ CVE-2022-3378
RESERVED
CVE-2022-3377
RESERVED
-CVE-2022-3376
- RESERVED
+CVE-2022-3376 (Weak Password Requirements in GitHub repository
ikus060/rdiffweb prior ...)
+ TODO: check
CVE-2022-3375
RESERVED
CVE-2022-3374
@@ -1986,8 +2035,7 @@ CVE-2022-3323 (An SQL injection vulnerability in
Advantech iView 5.7.04.6469. Th
NOT-FOR-US: Advantech iView
CVE-2022-41557
RESERVED
-CVE-2022-41556 [handle RDHUP when collecting chunked body]
- RESERVED
+CVE-2022-41556 (A resource leak in gw_backend.c in lighttpd 1.4.56 through
1.4.66 coul ...)
{DSA-5243-1}
- lighttpd 1.4.67-1
[buster] - lighttpd <not-affected> (vulnerable code inserted in
lighttpd-1.4.55-211-gbcddbe18)
@@ -2138,30 +2186,30 @@ CVE-2022-41530
RESERVED
CVE-2022-41529
RESERVED
-CVE-2022-41528
- RESERVED
-CVE-2022-41527
- RESERVED
-CVE-2022-41526
- RESERVED
-CVE-2022-41525
- RESERVED
-CVE-2022-41524
- RESERVED
-CVE-2022-41523
- RESERVED
-CVE-2022-41522
- RESERVED
-CVE-2022-41521
- RESERVED
-CVE-2022-41520
- RESERVED
+CVE-2022-41528 (TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to
contain an a ...)
+ TODO: check
+CVE-2022-41527 (TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to
contain an a ...)
+ TODO: check
+CVE-2022-41526 (TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to
contain an a ...)
+ TODO: check
+CVE-2022-41525 (TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to
contain a co ...)
+ TODO: check
+CVE-2022-41524 (TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to
contain an a ...)
+ TODO: check
+CVE-2022-41523 (TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to
contain an a ...)
+ TODO: check
+CVE-2022-41522 (TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to
contain an u ...)
+ TODO: check
+CVE-2022-41521 (TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to
contain an a ...)
+ TODO: check
+CVE-2022-41520 (TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to
contain an a ...)
+ TODO: check
CVE-2022-41519
RESERVED
-CVE-2022-41518
- RESERVED
-CVE-2022-41517
- RESERVED
+CVE-2022-41518 (TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to
contain a co ...)
+ TODO: check
+CVE-2022-41517 (TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to
contain a st ...)
+ TODO: check
CVE-2022-41516
RESERVED
CVE-2022-41515
@@ -2486,8 +2534,8 @@ CVE-2022-41357
RESERVED
CVE-2022-41356
RESERVED
-CVE-2022-41355
- RESERVED
+CVE-2022-41355 (Online Leave Management System v1.0 was discovered to contain
a SQL in ...)
+ TODO: check
CVE-2022-41354
RESERVED
CVE-2022-41353
@@ -2643,8 +2691,8 @@ CVE-2022-3275
RESERVED
CVE-2022-3274 (Cross-Site Request Forgery (CSRF) in GitHub repository
ikus060/rdiffwe ...)
- rdiffweb <itp> (bug #969974)
-CVE-2022-3273
- RESERVED
+CVE-2022-3273 (Allocation of Resources Without Limits or Throttling in GitHub
reposit ...)
+ TODO: check
CVE-2022-3272 (Improper Handling of Length Parameter Inconsistency in GitHub
reposito ...)
- rdiffweb <itp> (bug #969974)
CVE-2022-3271
@@ -2724,8 +2772,8 @@ CVE-2022-41296
RESERVED
CVE-2022-41295
RESERVED
-CVE-2022-41294
- RESERVED
+CVE-2022-41294 (IBM Robotic Process Automation 21.0.0, 21.0.1, 21.0.2, 21.0.3,
and 21. ...)
+ TODO: check
CVE-2022-41293
RESERVED
CVE-2022-41292
@@ -3621,8 +3669,8 @@ CVE-2022-40897
RESERVED
CVE-2022-40896
RESERVED
-CVE-2022-40895
- RESERVED
+CVE-2022-40895 (In certain Nedi products, a vulnerability in the web UI of
NeDi login ...)
+ TODO: check
CVE-2022-40894
RESERVED
CVE-2022-40893
@@ -4340,6 +4388,7 @@ CVE-2022-40618
RESERVED
CVE-2022-40617
RESERVED
+ {DSA-5249-1}
- strongswan 5.9.8-1 (bug #1021271)
NOTE:
https://www.strongswan.org/blog/2022/10/03/strongswan-vulnerability-(cve-2022-40617).html
NOTE: Patch: https://download.strongswan.org/security/CVE-2022-40617/
@@ -5366,16 +5415,16 @@ CVE-2022-40163
RESERVED
CVE-2022-40162
RESERVED
-CVE-2022-40161
- RESERVED
-CVE-2022-40160
- RESERVED
-CVE-2022-40159
- RESERVED
-CVE-2022-40158
- RESERVED
-CVE-2022-40157
- RESERVED
+CVE-2022-40161 (Those using JXPath to interpret XPath may be vulnerable to
Denial of S ...)
+ TODO: check
+CVE-2022-40160 (Those using JXPath to interpret XPath may be vulnerable to
Denial of S ...)
+ TODO: check
+CVE-2022-40159 (Those using JXPath to interpret XPath may be vulnerable to
Denial of S ...)
+ TODO: check
+CVE-2022-40158 (Those using JXPath to interpret XPath may be vulnerable to
Denial of S ...)
+ TODO: check
+CVE-2022-40157 (Those using JXPath to interpret XPath may be vulnerable to
Denial of S ...)
+ TODO: check
CVE-2022-40156 (Those using Xstream to seralize XML data may be vulnerable to
Denial o ...)
TODO: check
CVE-2022-40155 (Those using Xstream to serialise XML data may be vulnerable to
Denial ...)
@@ -5776,8 +5825,8 @@ CVE-2022-39990
RESERVED
CVE-2022-39989
RESERVED
-CVE-2022-39988
- RESERVED
+CVE-2022-39988 (A cross-site scripting (XSS) vulnerability in Centreon 22.04.0
allows ...)
+ TODO: check
CVE-2022-39987
RESERVED
CVE-2022-39986
@@ -7306,8 +7355,8 @@ CVE-2022-39282
RESERVED
CVE-2022-39281
RESERVED
-CVE-2022-39280
- RESERVED
+CVE-2022-39280 (dparse is a parser for Python dependency files. dparse in
versions bef ...)
+ TODO: check
CVE-2022-39279
RESERVED
CVE-2022-39278
@@ -7316,28 +7365,28 @@ CVE-2022-39277
RESERVED
CVE-2022-39276
RESERVED
-CVE-2022-39275
- RESERVED
-CVE-2022-39274
- RESERVED
-CVE-2022-39273
- RESERVED
+CVE-2022-39275 (Saleor is a headless, GraphQL commerce platform. In affected
versions ...)
+ TODO: check
+CVE-2022-39274 (LoRaMac-node is a reference implementation and documentation
of a LoRa ...)
+ TODO: check
+CVE-2022-39273 (FlyteAdmin is the control plane for the data processing
platform Flyte ...)
+ TODO: check
CVE-2022-39272
RESERVED
CVE-2022-39271
RESERVED
-CVE-2022-39270
- RESERVED
-CVE-2022-39269
- RESERVED
+CVE-2022-39270 (DiscoTOC is a Discourse theme component that generates a table
of cont ...)
+ TODO: check
+CVE-2022-39269 (PJSIP is a free and open source multimedia communication
library writt ...)
+ TODO: check
CVE-2022-39268 (### Impact In a CSRF attack, an innocent end user is tricked
by an att ...)
TODO: check
CVE-2022-39267
RESERVED
CVE-2022-39266 (isolated-vm is a library for nodejs which gives the user
access to v8' ...)
NOT-FOR-US: isolated-vm
-CVE-2022-39265
- RESERVED
+CVE-2022-39265 (MyBB is a free and open source forum software. The _Mail
Settings_  ...)
+ TODO: check
CVE-2022-39264 (nheko is a desktop client for the Matrix communication
application. Al ...)
- nheko 0.10.2-1
NOTE:
https://github.com/Nheko-Reborn/nheko/security/advisories/GHSA-8jcp-8jq4-5mm7
@@ -7396,8 +7445,8 @@ CVE-2022-39246 (matrix-android-sdk2 is the Matrix SDK for
Android. Prior to vers
NOT-FOR-US: Matrix SDK for Android
CVE-2022-39245 (Mist is the command-line interface for the makedeb Package
Repository. ...)
TODO: check
-CVE-2022-39244
- RESERVED
+CVE-2022-39244 (PJSIP is a free and open source multimedia communication
library writt ...)
+ TODO: check
CVE-2022-39243 (NuProcess is an external process execution implementation for
Java. In ...)
TODO: check
CVE-2022-39242 (Frontier is an Ethereum compatibility layer for Substrate.
Prior to co ...)
@@ -7410,8 +7459,8 @@ CVE-2022-39239 (netlify-ipx is an on-Demand image
optimization for Netlify using
TODO: check
CVE-2022-39238 (Arvados is an open source platform for managing and analyzing
biomedic ...)
TODO: check
-CVE-2022-39237
- RESERVED
+CVE-2022-39237 (syslabs/sif is the Singularity Image Format (SIF) reference
implementa ...)
+ TODO: check
CVE-2022-39236 (Matrix Javascript SDK is the Matrix Client-Server SDK for
JavaScript. ...)
- node-matrix-js-sdk <unfixed> (bug #1021136)
NOTE:
https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-hvv8-5v86-r45x
@@ -7443,8 +7492,8 @@ CVE-2022-39224 (Arr-pm is an RPM reader/writer library
written in Ruby. Versions
NOT-FOR-US: arr-pm
CVE-2022-39223
RESERVED
-CVE-2022-39222
- RESERVED
+CVE-2022-39222 (Dex is an identity service that uses OpenID Connect to drive
authentic ...)
+ TODO: check
CVE-2022-39221 (McWebserver mod runs a simple HTTP server alongside the
Minecraft serv ...)
NOT-FOR-US: McWebserver
CVE-2022-39220 (SFTPGo is an SFTP server written in Go. Versions prior to
2.3.5 are su ...)
@@ -8729,8 +8778,8 @@ CVE-2022-3004 (Cross-site Scripting (XSS) - Stored in
GitHub repository yetiforc
NOT-FOR-US: yetiforcecrm
CVE-2022-3003
RESERVED
-CVE-2022-3002
- RESERVED
+CVE-2022-3002 (Cross-site Scripting (XSS) - Stored in GitHub repository
yetiforcecomp ...)
+ TODO: check
CVE-2022-3001 (This vulnerability exists in Milesight Video Management Systems
(VMS), ...)
NOT-FOR-US: Milesight Video Management Systems (VMS)
CVE-2022-3000 (Cross-site Scripting (XSS) - Stored in GitHub repository
yetiforcecomp ...)
@@ -8855,8 +8904,7 @@ CVE-2022-2988
RESERVED
CVE-2022-2987 (The Ldap WP Login / Active Directory Integration WordPress
plugin befo ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-2986
- RESERVED
+CVE-2022-2986 (Enabling and disabling installed H5P libraries did not include
the nec ...)
- moodle <removed>
CVE-2021-46835 (There is a traffic hijacking vulnerability in WS7200-10
11.0.2.13. Suc ...)
NOT-FOR-US: Huawei
@@ -8947,8 +8995,8 @@ CVE-2022-2977 (A flaw was found in the Linux kernel
implementation of proxied vi
NOTE:
https://git.kernel.org/linus/7e0438f83dc769465ee663bb5dcf8cc154940712 (5.18-rc1)
CVE-2022-2976
RESERVED
-CVE-2022-2975
- RESERVED
+CVE-2022-2975 (A vulnerability related to weak permissions was detected in
Avaya Aura ...)
+ TODO: check
CVE-2022-2974
RESERVED
CVE-2020-36601 (Out-of-bounds write vulnerability in the kernel modules.
Successful ex ...)
@@ -8965,8 +9013,8 @@ CVE-2022-38711
RESERVED
CVE-2022-38710
RESERVED
-CVE-2022-38709
- RESERVED
+CVE-2022-38709 (IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 for
Cloud Pa ...)
+ TODO: check
CVE-2022-38708
RESERVED
CVE-2022-38707
@@ -9214,6 +9262,7 @@ CVE-2022-2930 (Unverified Password Change in GitHub
repository octoprint/octopri
- octoprint <itp> (bug #718591)
CVE-2022-2929 [DHCP memory leak]
RESERVED
+ {DSA-5251-1}
- isc-dhcp <unfixed> (bug #1021320)
NOTE: https://www.openwall.com/lists/oss-security/2022/10/05/1
NOTE: https://downloads.isc.org/isc/dhcp/4.4.3-P1/patches/
@@ -9221,6 +9270,7 @@ CVE-2022-2929 [DHCP memory leak]
NOTE: https://kb.isc.org/docs/cve-2022-2929
CVE-2022-2928 [An option refcount overflow exists in dhcpd]
RESERVED
+ {DSA-5251-1}
- isc-dhcp <unfixed> (bug #1021320)
NOTE: https://www.openwall.com/lists/oss-security/2022/10/05/1
NOTE: https://downloads.isc.org/isc/dhcp/4.4.3-P1/patches/
@@ -10720,12 +10770,12 @@ CVE-2022-2785 (There exists an arbitrary memory read
within the Linux Kernel BPF
NOTE:
https://git.kernel.org/linus/86f44fcec22ce2979507742bc53db8400e454f46 (6.0-rc1)
CVE-2022-2784
RESERVED
-CVE-2022-2783
- RESERVED
+CVE-2022-2783 (In affected versions of Octopus Server it was identified that a
sessio ...)
+ TODO: check
CVE-2022-2782
RESERVED
-CVE-2022-2781
- RESERVED
+CVE-2022-2781 (In affected versions of Octopus Server it was identified that
the same ...)
+ TODO: check
CVE-2022-2780
RESERVED
CVE-2022-2779 (A vulnerability classified as critical was found in
SourceCodester Gas ...)
@@ -11423,8 +11473,8 @@ CVE-2022-37890
RESERVED
CVE-2022-37889
RESERVED
-CVE-2022-37888
- RESERVED
+CVE-2022-37888 (There are buffer overflow vulnerabilities in multiple
underlying servi ...)
+ TODO: check
CVE-2022-37887
RESERVED
CVE-2022-37886
@@ -12697,8 +12747,8 @@ CVE-2022-2639 (An integer coercion error was found in
the openvswitch kernel mod
NOTE:
https://git.kernel.org/linus/cefa91b2332d7009bc0be5d951d6cbbf349f90f8 (5.18-rc4)
CVE-2022-2638 (The Export All URLs WordPress plugin before 4.4 does not
validate the ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-2637
- RESERVED
+CVE-2022-2637 (Incorrect Privilege Assignment vulnerability in Hitachi Storage
Plug-i ...)
+ TODO: check
CVE-2022-2636 (Improper Input Validation in GitHub repository
hestiacp/hestiacp prior ...)
NOT-FOR-US: Hestia Control Panel
CVE-2022-2635 (The Autoptimize WordPress plugin before 3.1.1 does not sanitise
and es ...)
@@ -14278,8 +14328,8 @@ CVE-2022-36776
RESERVED
CVE-2022-36775
RESERVED
-CVE-2022-36774
- RESERVED
+CVE-2022-36774 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is
vulnerabl ...)
+ TODO: check
CVE-2022-36773 (IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable
to an XM ...)
NOT-FOR-US: IBM
CVE-2022-36772
@@ -26473,10 +26523,10 @@ CVE-2022-32174
RESERVED
CVE-2022-32173 (In OrchardCore rc1-11259 to v1.2.2 vulnerable to HTML
injection, allow ...)
TODO: check
-CVE-2022-32172
- RESERVED
-CVE-2022-32171
- RESERVED
+CVE-2022-32172 (In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to
Stored Cross ...)
+ TODO: check
+CVE-2022-32171 (In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to
Stored Cross ...)
+ TODO: check
CVE-2022-32170 (The “Bytebase” application does not restrict low
privilege ...)
TODO: check
CVE-2022-32169 (The “Bytebase” application does not restrict low
privilege ...)
@@ -29162,8 +29212,8 @@ CVE-2022-31254
RESERVED
CVE-2022-31253
RESERVED
-CVE-2022-31252
- RESERVED
+CVE-2022-31252 (A Incorrect Authorization vulnerability in chkstat of SUSE
Linux Enter ...)
+ TODO: check
CVE-2022-31251 (A Incorrect Default Permissions vulnerability in the packaging
of the ...)
- slurm-wlm <not-affected> (SUSE specific packaging issue)
CVE-2022-31250 (A UNIX Symbolic Link (Symlink) Following vulnerability in
keylime of o ...)
@@ -29805,8 +29855,8 @@ CVE-2022-31010
RESERVED
CVE-2022-31009 (wire-ios is an iOS client for the Wire secure messaging
application. I ...)
NOT-FOR-US: wire-ios
-CVE-2022-31008
- RESERVED
+CVE-2022-31008 (RabbitMQ is a multi-protocol messaging and streaming broker.
In affect ...)
+ TODO: check
CVE-2022-31007 (eLabFTW is an electronic lab notebook manager for research
teams. Prio ...)
NOT-FOR-US: eLabFTW
CVE-2022-31006 (indy-node is the server portion of Hyperledger Indy, a
distributed led ...)
@@ -43979,18 +44029,18 @@ CVE-2022-26242
RESERVED
CVE-2022-26241
RESERVED
-CVE-2022-26240
- RESERVED
-CVE-2022-26239
- RESERVED
+CVE-2022-26240 (The default privileges for the running service Normand Message
Buffer ...)
+ TODO: check
+CVE-2022-26239 (The default privileges for the running service Normand License
Manager ...)
+ TODO: check
CVE-2022-26238
RESERVED
-CVE-2022-26237
- RESERVED
+CVE-2022-26237 (The default privileges for the running service Normand Viewer
Service ...)
+ TODO: check
CVE-2022-26236
RESERVED
-CVE-2022-26235
- RESERVED
+CVE-2022-26235 (A vulnerability was discovered in the Remisol Advance
v2.0.12.1 and be ...)
+ TODO: check
CVE-2022-26234
RESERVED
CVE-2022-26233 (Barco Control Room Management through Suite 2.9 Build 0275 was
discove ...)
@@ -56771,8 +56821,8 @@ CVE-2022-22505 (IBM Robotic Process Automation 21.0.0,
21.0.1, and 21.0.2 contai
NOT-FOR-US: IBM
CVE-2022-22504
RESERVED
-CVE-2022-22503
- RESERVED
+CVE-2022-22503 (IBM Robotic Process Automation 21.0.0 could allow a remote
attacker to ...)
+ TODO: check
CVE-2022-22502 (IBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable
to cros ...)
NOT-FOR-US: IBM
CVE-2022-22501
@@ -77309,8 +77359,8 @@ CVE-2021-40558
RESERVED
CVE-2021-40557
RESERVED
-CVE-2021-40556
- RESERVED
+CVE-2021-40556 (A stack overflow vulnerability exists in the httpd service in
ASUS RT- ...)
+ TODO: check
CVE-2021-40555
RESERVED
CVE-2021-40554
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0275d7b22983483569b602b2e41e62c16cd16b21
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0275d7b22983483569b602b2e41e62c16cd16b21
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
