Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4b2518e4 by security tracker role at 2022-10-08T08:10:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,411 @@
+CVE-2022-42697
+ RESERVED
+CVE-2022-42696
+ RESERVED
+CVE-2022-42695
+ RESERVED
+CVE-2022-42694
+ RESERVED
+CVE-2022-42693
+ RESERVED
+CVE-2022-42692
+ RESERVED
+CVE-2022-42691
+ RESERVED
+CVE-2022-42690
+ RESERVED
+CVE-2022-42689
+ RESERVED
+CVE-2022-42688
+ RESERVED
+CVE-2022-42687
+ RESERVED
+CVE-2022-42686
+ RESERVED
+CVE-2022-42685
+ RESERVED
+CVE-2022-42684
+ RESERVED
+CVE-2022-42683
+ RESERVED
+CVE-2022-42682
+ RESERVED
+CVE-2022-42681
+ RESERVED
+CVE-2022-42680
+ RESERVED
+CVE-2022-42679
+ RESERVED
+CVE-2022-42678
+ RESERVED
+CVE-2022-42677
+ RESERVED
+CVE-2022-42676
+ RESERVED
+CVE-2022-42675
+ RESERVED
+CVE-2022-42674
+ RESERVED
+CVE-2022-42673
+ RESERVED
+CVE-2022-42672
+ RESERVED
+CVE-2022-42671
+ RESERVED
+CVE-2022-42670
+ RESERVED
+CVE-2022-42669
+ RESERVED
+CVE-2022-42668
+ RESERVED
+CVE-2022-42667
+ RESERVED
+CVE-2022-42666
+ RESERVED
+CVE-2022-42665
+ RESERVED
+CVE-2022-42664
+ RESERVED
+CVE-2022-42663
+ RESERVED
+CVE-2022-42662
+ RESERVED
+CVE-2022-42661
+ RESERVED
+CVE-2022-42660
+ RESERVED
+CVE-2022-42659
+ RESERVED
+CVE-2022-42658
+ RESERVED
+CVE-2022-42657
+ RESERVED
+CVE-2022-42656
+ RESERVED
+CVE-2022-42655
+ RESERVED
+CVE-2022-42654
+ RESERVED
+CVE-2022-42653
+ RESERVED
+CVE-2022-42652
+ RESERVED
+CVE-2022-42651
+ RESERVED
+CVE-2022-42650
+ RESERVED
+CVE-2022-42649
+ RESERVED
+CVE-2022-42648
+ RESERVED
+CVE-2022-42647
+ RESERVED
+CVE-2022-42646
+ RESERVED
+CVE-2022-42645
+ RESERVED
+CVE-2022-42644
+ RESERVED
+CVE-2022-42643
+ RESERVED
+CVE-2022-42642
+ RESERVED
+CVE-2022-42641
+ RESERVED
+CVE-2022-42640
+ RESERVED
+CVE-2022-42639
+ RESERVED
+CVE-2022-42638
+ RESERVED
+CVE-2022-42637
+ RESERVED
+CVE-2022-42636
+ RESERVED
+CVE-2022-42635
+ RESERVED
+CVE-2022-42634
+ RESERVED
+CVE-2022-42633
+ RESERVED
+CVE-2022-42632
+ RESERVED
+CVE-2022-42631
+ RESERVED
+CVE-2022-42630
+ RESERVED
+CVE-2022-42629
+ RESERVED
+CVE-2022-42628
+ RESERVED
+CVE-2022-42627
+ RESERVED
+CVE-2022-42626
+ RESERVED
+CVE-2022-42625
+ RESERVED
+CVE-2022-42624
+ RESERVED
+CVE-2022-42623
+ RESERVED
+CVE-2022-42622
+ RESERVED
+CVE-2022-42621
+ RESERVED
+CVE-2022-42620
+ RESERVED
+CVE-2022-42619
+ RESERVED
+CVE-2022-42618
+ RESERVED
+CVE-2022-42617
+ RESERVED
+CVE-2022-42616
+ RESERVED
+CVE-2022-42615
+ RESERVED
+CVE-2022-42614
+ RESERVED
+CVE-2022-42613
+ RESERVED
+CVE-2022-42612
+ RESERVED
+CVE-2022-42611
+ RESERVED
+CVE-2022-42610
+ RESERVED
+CVE-2022-42609
+ RESERVED
+CVE-2022-42608
+ RESERVED
+CVE-2022-42607
+ RESERVED
+CVE-2022-42606
+ RESERVED
+CVE-2022-42605
+ RESERVED
+CVE-2022-42604
+ RESERVED
+CVE-2022-42603
+ RESERVED
+CVE-2022-42602
+ RESERVED
+CVE-2022-42601
+ RESERVED
+CVE-2022-42600
+ RESERVED
+CVE-2022-42599
+ RESERVED
+CVE-2022-42598
+ RESERVED
+CVE-2022-42597
+ RESERVED
+CVE-2022-42596
+ RESERVED
+CVE-2022-42595
+ RESERVED
+CVE-2022-42594
+ RESERVED
+CVE-2022-42593
+ RESERVED
+CVE-2022-42592
+ RESERVED
+CVE-2022-42591
+ RESERVED
+CVE-2022-42590
+ RESERVED
+CVE-2022-42589
+ RESERVED
+CVE-2022-42588
+ RESERVED
+CVE-2022-42587
+ RESERVED
+CVE-2022-42586
+ RESERVED
+CVE-2022-42585
+ RESERVED
+CVE-2022-42584
+ RESERVED
+CVE-2022-42583
+ RESERVED
+CVE-2022-42582
+ RESERVED
+CVE-2022-42581
+ RESERVED
+CVE-2022-42580
+ RESERVED
+CVE-2022-42579
+ RESERVED
+CVE-2022-42578
+ RESERVED
+CVE-2022-42577
+ RESERVED
+CVE-2022-42576
+ RESERVED
+CVE-2022-42575
+ RESERVED
+CVE-2022-42574
+ RESERVED
+CVE-2022-42573
+ RESERVED
+CVE-2022-42572
+ RESERVED
+CVE-2022-42571
+ RESERVED
+CVE-2022-42570
+ RESERVED
+CVE-2022-42569
+ RESERVED
+CVE-2022-42568
+ RESERVED
+CVE-2022-42567
+ RESERVED
+CVE-2022-42566
+ RESERVED
+CVE-2022-42565
+ RESERVED
+CVE-2022-42564
+ RESERVED
+CVE-2022-42563
+ RESERVED
+CVE-2022-42562
+ RESERVED
+CVE-2022-42561
+ RESERVED
+CVE-2022-42560
+ RESERVED
+CVE-2022-42559
+ RESERVED
+CVE-2022-42558
+ RESERVED
+CVE-2022-42557
+ RESERVED
+CVE-2022-42556
+ RESERVED
+CVE-2022-42555
+ RESERVED
+CVE-2022-42554
+ RESERVED
+CVE-2022-42553
+ RESERVED
+CVE-2022-42552
+ RESERVED
+CVE-2022-42551
+ RESERVED
+CVE-2022-42550
+ RESERVED
+CVE-2022-42549
+ RESERVED
+CVE-2022-42548
+ RESERVED
+CVE-2022-42547
+ RESERVED
+CVE-2022-42546
+ RESERVED
+CVE-2022-42545
+ RESERVED
+CVE-2022-42544
+ RESERVED
+CVE-2022-42543
+ RESERVED
+CVE-2022-42542
+ RESERVED
+CVE-2022-42541
+ RESERVED
+CVE-2022-42540
+ RESERVED
+CVE-2022-42539
+ RESERVED
+CVE-2022-42538
+ RESERVED
+CVE-2022-42537
+ RESERVED
+CVE-2022-42536
+ RESERVED
+CVE-2022-42535
+ RESERVED
+CVE-2022-42534
+ RESERVED
+CVE-2022-42533
+ RESERVED
+CVE-2022-42532
+ RESERVED
+CVE-2022-42531
+ RESERVED
+CVE-2022-42530
+ RESERVED
+CVE-2022-42529
+ RESERVED
+CVE-2022-42528
+ RESERVED
+CVE-2022-42527
+ RESERVED
+CVE-2022-42526
+ RESERVED
+CVE-2022-42525
+ RESERVED
+CVE-2022-42524
+ RESERVED
+CVE-2022-42523
+ RESERVED
+CVE-2022-42522
+ RESERVED
+CVE-2022-42521
+ RESERVED
+CVE-2022-42520
+ RESERVED
+CVE-2022-42519
+ RESERVED
+CVE-2022-42518
+ RESERVED
+CVE-2022-42517
+ RESERVED
+CVE-2022-42516
+ RESERVED
+CVE-2022-42515
+ RESERVED
+CVE-2022-42514
+ RESERVED
+CVE-2022-42513
+ RESERVED
+CVE-2022-42512
+ RESERVED
+CVE-2022-42511
+ RESERVED
+CVE-2022-42510
+ RESERVED
+CVE-2022-42509
+ RESERVED
+CVE-2022-42508
+ RESERVED
+CVE-2022-42507
+ RESERVED
+CVE-2022-42506
+ RESERVED
+CVE-2022-42505
+ RESERVED
+CVE-2022-42504
+ RESERVED
+CVE-2022-42503
+ RESERVED
+CVE-2022-42502
+ RESERVED
+CVE-2022-42501
+ RESERVED
+CVE-2022-42500
+ RESERVED
+CVE-2022-42499
+ RESERVED
+CVE-2022-42498
+ RESERVED
+CVE-2022-3433
+ RESERVED
+CVE-2022-3432
+ RESERVED
+CVE-2022-3431
+ RESERVED
+CVE-2022-3430
+ RESERVED
CVE-2022-42493
RESERVED
CVE-2022-42492
@@ -1976,8 +2384,8 @@ CVE-2022-41576
RESERVED
CVE-2022-41575
RESERVED
-CVE-2022-41574
- RESERVED
+CVE-2022-41574 (An access-control vulnerability in Gradle Enterprise 2022.4
through 20 ...)
+ TODO: check
CVE-2022-41573
RESERVED
CVE-2022-41572
@@ -2485,8 +2893,8 @@ CVE-2022-41444
RESERVED
CVE-2022-41443 (phpipam v1.5.0 was discovered to contain a header injection
vulnerabil ...)
- phpipam <itp> (bug #731713)
-CVE-2022-41442
- RESERVED
+CVE-2022-41442 (PicUploader v2.6.3 was discovered to contain cross-site
scripting (XSS ...)
+ TODO: check
CVE-2022-41441
RESERVED
CVE-2022-41440 (Billing System Project v1.0 was discovered to contain a SQL
injection ...)
@@ -2812,12 +3220,11 @@ CVE-2020-36604 (hoek before 8.5.1 and 9.x before 9.0.3
allows prototype poisonin
[buster] - node-hoek <not-affected> (Vulnerable code not present)
NOTE: https://github.com/hapijs/hoek/issues/352
NOTE: Fixed by:
https://github.com/hapijs/hoek/commit/948baf98634a5c206875b67d11368f133034fa90
(v9.0.3)
-CVE-2022-3276
- RESERVED
+CVE-2022-3276 (Command injection is possible in the puppetlabs-mysql module
prior to ...)
- puppet-module-puppetlabs-mysql <unfixed>
NOTE: https://puppet.com/security/cve/CVE-2022-3276
-CVE-2022-3275
- RESERVED
+CVE-2022-3275 (Command injection is possible in the puppetlabs-apt module
prior to ve ...)
+ TODO: check
CVE-2022-3274 (Cross-Site Request Forgery (CSRF) in GitHub repository
ikus060/rdiffwe ...)
- rdiffweb <itp> (bug #969974)
CVE-2022-3273 (Allocation of Resources Without Limits or Throttling in GitHub
reposit ...)
@@ -6020,8 +6427,8 @@ CVE-2022-3134 (Use After Free in GitHub repository
vim/vim prior to 9.0.0389. ..
[bullseye] - vim <no-dsa> (Minor issue)
NOTE: https://huntr.dev/bounties/6ec79e49-c7ab-4cd6-a517-e7934c2eb9dc
NOTE:
https://github.com/vim/vim/commit/ccfde4d028e891a41e3548323c3d47b06fb0b83e
(v9.0.0389)
-CVE-2022-39959
- RESERVED
+CVE-2022-39959 (Panini Everest Engine 2.0.4 allows unprivileged users to
create a file ...)
+ TODO: check
CVE-2022-39958 (The OWASP ModSecurity Core Rule Set (CRS) is affected by a
response bo ...)
- modsecurity-crs 3.3.4-1 (bug #1021137)
[bullseye] - modsecurity-crs <no-dsa> (Minor issues; will be fixed in
point release)
@@ -7463,28 +7870,28 @@ CVE-2022-39293
RESERVED
CVE-2022-39292
RESERVED
-CVE-2022-39291
- RESERVED
-CVE-2022-39290
- RESERVED
-CVE-2022-39289
- RESERVED
+CVE-2022-39291 (ZoneMinder is a free, open source Closed-circuit television
software a ...)
+ TODO: check
+CVE-2022-39290 (ZoneMinder is a free, open source Closed-circuit television
software a ...)
+ TODO: check
+CVE-2022-39289 (ZoneMinder is a free, open source Closed-circuit television
software a ...)
+ TODO: check
CVE-2022-39288
RESERVED
-CVE-2022-39287
- RESERVED
+CVE-2022-39287 (tiny-csrf is a Node.js cross site request forgery (CSRF)
protection mi ...)
+ TODO: check
CVE-2022-39286
RESERVED
-CVE-2022-39285
- RESERVED
+CVE-2022-39285 (ZoneMinder is a free, open source Closed-circuit television
software a ...)
+ TODO: check
CVE-2022-39284 (CodeIgniter is a PHP full-stack web framework. In versions
prior to 4. ...)
- codeigniter <itp> (bug #471583)
CVE-2022-39283
RESERVED
CVE-2022-39282
RESERVED
-CVE-2022-39281
- RESERVED
+CVE-2022-39281 (fat_free_crm is a an open source, Ruby on Rails customer
relationship ...)
+ TODO: check
CVE-2022-39280 (dparse is a parser for Python dependency files. dparse in
versions bef ...)
NOT-FOR-US: dparse (parser for Python dependency files)
CVE-2022-39279 (discourse-chat is a plugin for the Discourse message board
which adds ...)
@@ -14765,10 +15172,10 @@ CVE-2022-36637 (Garage Management System v1.0 was
discovered to contain a persis
NOT-FOR-US: Garage Management System
CVE-2022-36636 (Garage Management System v1.0 was discovered to contain a SQL
injectio ...)
NOT-FOR-US: Garage Management System
-CVE-2022-36635
- RESERVED
-CVE-2022-36634
- RESERVED
+CVE-2022-36635 (ZKteco ZKBioSecurity V5000 4.1.3 was discovered to contain a
SQL injec ...)
+ TODO: check
+CVE-2022-36634 (An access control issue in ZKTeco ZKBioSecurity V5000 3.0.5_r
allows a ...)
+ TODO: check
CVE-2022-36633 (Teleport 9.3.6 is vulnerable to Command injection leading to
Remote Co ...)
NOT-FOR-US: Teleport
CVE-2022-36632
@@ -28059,10 +28466,10 @@ CVE-2022-31683
RESERVED
CVE-2022-31682
RESERVED
-CVE-2022-31681
- RESERVED
-CVE-2022-31680
- RESERVED
+CVE-2022-31681 (VMware ESXi contains a null-pointer deference vulnerability. A
malicio ...)
+ TODO: check
+CVE-2022-31680 (The vCenter Server contains an unsafe deserialisation
vulnerability in ...)
+ TODO: check
CVE-2022-31679 (Applications that allow HTTP PATCH access to resources exposed
by Spri ...)
TODO: check
CVE-2022-31678
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b2518e48bec2cd08b215b133ed913070ac2a791
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b2518e48bec2cd08b215b133ed913070ac2a791
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
