Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b679747d by security tracker role at 2022-10-19T08:10:33+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,85 @@
+CVE-2022-43435
+ RESERVED
+CVE-2022-43434
+ RESERVED
+CVE-2022-43433
+ RESERVED
+CVE-2022-43432
+ RESERVED
+CVE-2022-43431
+ RESERVED
+CVE-2022-43430
+ RESERVED
+CVE-2022-43429
+ RESERVED
+CVE-2022-43428
+ RESERVED
+CVE-2022-43427
+ RESERVED
+CVE-2022-43426
+ RESERVED
+CVE-2022-43425
+ RESERVED
+CVE-2022-43424
+ RESERVED
+CVE-2022-43423
+ RESERVED
+CVE-2022-43422
+ RESERVED
+CVE-2022-43421
+ RESERVED
+CVE-2022-43420
+ RESERVED
+CVE-2022-43419
+ RESERVED
+CVE-2022-43418
+ RESERVED
+CVE-2022-43417
+ RESERVED
+CVE-2022-43416
+ RESERVED
+CVE-2022-43415
+ RESERVED
+CVE-2022-43414
+ RESERVED
+CVE-2022-43413
+ RESERVED
+CVE-2022-43412
+ RESERVED
+CVE-2022-43411
+ RESERVED
+CVE-2022-43410
+ RESERVED
+CVE-2022-43409
+ RESERVED
+CVE-2022-43408
+ RESERVED
+CVE-2022-43407
+ RESERVED
+CVE-2022-43406
+ RESERVED
+CVE-2022-43405
+ RESERVED
+CVE-2022-43404
+ RESERVED
+CVE-2022-43403
+ RESERVED
+CVE-2022-43402
+ RESERVED
+CVE-2022-43401
+ RESERVED
+CVE-2022-43400
+ RESERVED
+CVE-2022-3596
+ RESERVED
+CVE-2022-3595 (A vulnerability was found in Linux Kernel. It has been rated as
proble ...)
+ TODO: check
+CVE-2022-3594 (A vulnerability was found in Linux Kernel. It has been declared
as pro ...)
+ TODO: check
+CVE-2022-3593 (A vulnerability was found in Linux Kernel. It has been
classified as p ...)
+ TODO: check
+CVE-2022-3592
+ RESERVED
CVE-2022-43399
RESERVED
CVE-2022-43398
@@ -2910,8 +2992,8 @@ CVE-2022-42220
RESERVED
CVE-2022-42219
RESERVED
-CVE-2022-42218
- RESERVED
+CVE-2022-42218 (Open Source SACCO Management System v1.0 vulnerable to SQL
Injection v ...)
+ TODO: check
CVE-2022-42217
RESERVED
CVE-2022-42216
@@ -2970,8 +3052,8 @@ CVE-2022-42190
RESERVED
CVE-2022-42189
RESERVED
-CVE-2022-42188
- RESERVED
+CVE-2022-42188 (In Lavalite 9.0.0, the XSRF-TOKEN cookie is vulnerable to path
travers ...)
+ TODO: check
CVE-2022-42187
RESERVED
CVE-2022-42186
@@ -3112,18 +3194,18 @@ CVE-2022-42119
RESERVED
CVE-2022-42118
RESERVED
-CVE-2022-42117
- RESERVED
-CVE-2022-42116
- RESERVED
-CVE-2022-42115
- RESERVED
-CVE-2022-42114
- RESERVED
-CVE-2022-42113
- RESERVED
-CVE-2022-42112
- RESERVED
+CVE-2022-42117 (A Cross-site scripting (XSS) vulnerability in the Frontend
Taglib modu ...)
+ TODO: check
+CVE-2022-42116 (A Cross-site scripting (XSS) vulnerability in the Frontend
Editor modu ...)
+ TODO: check
+CVE-2022-42115 (Cross-site scripting (XSS) vulnerability in the Object
module's edit o ...)
+ TODO: check
+CVE-2022-42114 (A Cross-site scripting (XSS) vulnerability in the Role
module's edit r ...)
+ TODO: check
+CVE-2022-42113 (A Cross-site scripting (XSS) vulnerability in Document Library
module ...)
+ TODO: check
+CVE-2022-42112 (A Cross-site scripting (XSS) vulnerability in the Portal
Search module ...)
+ TODO: check
CVE-2022-42111
RESERVED
CVE-2022-42110
@@ -4660,8 +4742,8 @@ CVE-2022-41502
RESERVED
CVE-2022-41501
RESERVED
-CVE-2022-41500
- RESERVED
+CVE-2022-41500 (EyouCMS V1.5.9 was discovered to contain multiple Cross-Site
Request F ...)
+ TODO: check
CVE-2022-41499
RESERVED
CVE-2022-41498 (Billing System Project v1.0 was discovered to contain a SQL
injection ...)
@@ -7163,7 +7245,7 @@ CVE-2022-40471
RESERVED
CVE-2022-40470
RESERVED
-CVE-2022-40469 (iKuai8 v3.6.7 was discovered to contain an authenticated
remote code e ...)
+CVE-2022-40469 (iKuai OS v3.6.7 was discovered to contain an authenticated
remote code ...)
NOT-FOR-US: iKuai8
CVE-2022-40468 (Potential leak of left-over heap data if custom error page
templates c ...)
- tinyproxy 1.11.1-2 (bug #1021015)
@@ -9502,30 +9584,30 @@ CVE-2022-39430
RESERVED
CVE-2022-39429
RESERVED
-CVE-2022-39428
- RESERVED
-CVE-2022-39427
- RESERVED
-CVE-2022-39426
- RESERVED
-CVE-2022-39425
- RESERVED
-CVE-2022-39424
- RESERVED
-CVE-2022-39423
- RESERVED
-CVE-2022-39422
- RESERVED
-CVE-2022-39421
- RESERVED
-CVE-2022-39420
- RESERVED
-CVE-2022-39419
- RESERVED
+CVE-2022-39428 (Vulnerability in the Oracle Web Applications Desktop
Integrator produc ...)
+ TODO: check
+CVE-2022-39427 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2022-39426 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2022-39425 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2022-39424 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2022-39423 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2022-39422 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2022-39421 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2022-39420 (Vulnerability in the Oracle Transportation Management product
of Oracl ...)
+ TODO: check
+CVE-2022-39419 (Vulnerability in the Java VM component of Oracle Database
Server. Supp ...)
+ TODO: check
CVE-2022-39418
RESERVED
-CVE-2022-39417
- RESERVED
+CVE-2022-39417 (Vulnerability in the Oracle Solaris product of Oracle Systems
(compone ...)
+ TODO: check
CVE-2022-39416
RESERVED
CVE-2022-39415
@@ -9534,34 +9616,34 @@ CVE-2022-39414
RESERVED
CVE-2022-39413
RESERVED
-CVE-2022-39412
- RESERVED
-CVE-2022-39411
- RESERVED
-CVE-2022-39410
- RESERVED
-CVE-2022-39409
- RESERVED
-CVE-2022-39408
- RESERVED
-CVE-2022-39407
- RESERVED
-CVE-2022-39406
- RESERVED
-CVE-2022-39405
- RESERVED
-CVE-2022-39404
- RESERVED
-CVE-2022-39403
- RESERVED
-CVE-2022-39402
- RESERVED
-CVE-2022-39401
- RESERVED
-CVE-2022-39400
- RESERVED
-CVE-2022-39399
- RESERVED
+CVE-2022-39412 (Vulnerability in the Oracle Access Manager product of Oracle
Fusion Mi ...)
+ TODO: check
+CVE-2022-39411 (Vulnerability in the Oracle Transportation Management product
of Oracl ...)
+ TODO: check
+CVE-2022-39410 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-39409 (Vulnerability in the Oracle Transportation Management product
of Oracl ...)
+ TODO: check
+CVE-2022-39408 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-39407 (Vulnerability in the PeopleSoft Enterprise PeopleTools product
of Orac ...)
+ TODO: check
+CVE-2022-39406 (Vulnerability in the PeopleSoft Enterprise Common Components
product o ...)
+ TODO: check
+CVE-2022-39405 (Vulnerability in the Oracle Access Manager product of Oracle
Fusion Mi ...)
+ TODO: check
+CVE-2022-39404 (Vulnerability in the MySQL Installer product of Oracle MySQL
(componen ...)
+ TODO: check
+CVE-2022-39403 (Vulnerability in the MySQL Shell product of Oracle MySQL
(component: S ...)
+ TODO: check
+CVE-2022-39402 (Vulnerability in the MySQL Shell product of Oracle MySQL
(component: S ...)
+ TODO: check
+CVE-2022-39401 (Vulnerability in the Oracle Solaris product of Oracle Systems
(compone ...)
+ TODO: check
+CVE-2022-39400 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-39399 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
+ TODO: check
CVE-2022-39398
RESERVED
CVE-2022-39397
@@ -10032,8 +10114,7 @@ CVE-2022-39200 (Dendrite is a Matrix homeserver written
in Go. In affected versi
NOT-FOR-US: Dendrite
CVE-2022-39199
RESERVED
-CVE-2022-39198
- RESERVED
+CVE-2022-39198 (A deserialization vulnerability existed in dubbo hessian-lite
3.2.12 a ...)
NOT-FOR-US: Apache Dubbo
CVE-2022-3099 (Use After Free in GitHub repository vim/vim prior to 9.0.0360.
...)
- vim 2:9.0.0626-1 (bug #1019590)
@@ -10855,8 +10936,8 @@ CVE-2022-38903
RESERVED
CVE-2022-38902 (A Cross-site scripting (XSS) vulnerability in the Blog module
- add ne ...)
NOT-FOR-US: Liferay
-CVE-2022-38901
- RESERVED
+CVE-2022-38901 (A Cross-site scripting (XSS) vulnerability in the Document and
Media m ...)
+ TODO: check
CVE-2022-38900
RESERVED
CVE-2022-38899
@@ -68321,116 +68402,116 @@ CVE-2021-3962 (A flaw was found in ImageMagick
where it did not properly sanitiz
- imagemagick <not-affected> (Specific to 7.x)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/4446
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/82775af03bbb10a0a1d0e15c0156c75673b4525e
-CVE-2022-21641
- RESERVED
-CVE-2022-21640
- RESERVED
-CVE-2022-21639
- RESERVED
-CVE-2022-21638
- RESERVED
-CVE-2022-21637
- RESERVED
-CVE-2022-21636
- RESERVED
-CVE-2022-21635
- RESERVED
-CVE-2022-21634
- RESERVED
-CVE-2022-21633
- RESERVED
-CVE-2022-21632
- RESERVED
-CVE-2022-21631
- RESERVED
-CVE-2022-21630
- RESERVED
-CVE-2022-21629
- RESERVED
-CVE-2022-21628
- RESERVED
-CVE-2022-21627
- RESERVED
-CVE-2022-21626
- RESERVED
-CVE-2022-21625
- RESERVED
-CVE-2022-21624
- RESERVED
-CVE-2022-21623
- RESERVED
-CVE-2022-21622
- RESERVED
-CVE-2022-21621
- RESERVED
-CVE-2022-21620
- RESERVED
-CVE-2022-21619
- RESERVED
-CVE-2022-21618
- RESERVED
-CVE-2022-21617
- RESERVED
-CVE-2022-21616
- RESERVED
-CVE-2022-21615
- RESERVED
-CVE-2022-21614
- RESERVED
-CVE-2022-21613
- RESERVED
-CVE-2022-21612
- RESERVED
-CVE-2022-21611
- RESERVED
-CVE-2022-21610
- RESERVED
-CVE-2022-21609
- RESERVED
-CVE-2022-21608
- RESERVED
-CVE-2022-21607
- RESERVED
-CVE-2022-21606
- RESERVED
-CVE-2022-21605
- RESERVED
-CVE-2022-21604
- RESERVED
-CVE-2022-21603
- RESERVED
-CVE-2022-21602
- RESERVED
-CVE-2022-21601
- RESERVED
-CVE-2022-21600
- RESERVED
-CVE-2022-21599
- RESERVED
-CVE-2022-21598
- RESERVED
-CVE-2022-21597
- RESERVED
-CVE-2022-21596
- RESERVED
-CVE-2022-21595
- RESERVED
-CVE-2022-21594
- RESERVED
-CVE-2022-21593
- RESERVED
-CVE-2022-21592
- RESERVED
-CVE-2022-21591
- RESERVED
-CVE-2022-21590
- RESERVED
-CVE-2022-21589
- RESERVED
+CVE-2022-21641 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21640 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21639 (Vulnerability in the PeopleSoft Enterprise PeopleTools product
of Orac ...)
+ TODO: check
+CVE-2022-21638 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21637 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21636 (Vulnerability in the Oracle Applications Framework product of
Oracle E ...)
+ TODO: check
+CVE-2022-21635 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21634 (Vulnerability in the Oracle GraalVM Enterprise Edition product
of Orac ...)
+ TODO: check
+CVE-2022-21633 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21632 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21631 (Vulnerability in the JD Edwards EnterpriseOne Tools product of
Oracle ...)
+ TODO: check
+CVE-2022-21630 (Vulnerability in the JD Edwards EnterpriseOne Tools product of
Oracle ...)
+ TODO: check
+CVE-2022-21629 (Vulnerability in the JD Edwards EnterpriseOne Tools product of
Oracle ...)
+ TODO: check
+CVE-2022-21628 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
+ TODO: check
+CVE-2022-21627 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2022-21626 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
+ TODO: check
+CVE-2022-21625 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21624 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
+ TODO: check
+CVE-2022-21623 (Vulnerability in the Enterprise Manager Base Platform product
of Oracl ...)
+ TODO: check
+CVE-2022-21622 (Vulnerability in the Oracle SOA Suite product of Oracle Fusion
Middlew ...)
+ TODO: check
+CVE-2022-21621 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2022-21620 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2022-21619 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
+ TODO: check
+CVE-2022-21618 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
+ TODO: check
+CVE-2022-21617 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21616 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
+ TODO: check
+CVE-2022-21615 (Vulnerability in the Oracle Enterprise Data Quality product of
Oracle ...)
+ TODO: check
+CVE-2022-21614 (Vulnerability in the Oracle Enterprise Data Quality product of
Oracle ...)
+ TODO: check
+CVE-2022-21613 (Vulnerability in the Oracle Enterprise Data Quality product of
Oracle ...)
+ TODO: check
+CVE-2022-21612 (Vulnerability in the Oracle Enterprise Data Quality product of
Oracle ...)
+ TODO: check
+CVE-2022-21611 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21610 (Vulnerability in the Oracle Solaris product of Oracle Systems
(compone ...)
+ TODO: check
+CVE-2022-21609 (Vulnerability in the Oracle Business Intelligence Enterprise
Edition p ...)
+ TODO: check
+CVE-2022-21608 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21607 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21606 (Vulnerability in the Oracle Services for Microsoft Transaction
Server ...)
+ TODO: check
+CVE-2022-21605 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21604 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21603 (Vulnerability in the Oracle Database - Sharding component of
Oracle Da ...)
+ TODO: check
+CVE-2022-21602 (Vulnerability in the PeopleSoft Enterprise PeopleTools product
of Orac ...)
+ TODO: check
+CVE-2022-21601 (Vulnerability in the Oracle Communications Billing and Revenue
Managem ...)
+ TODO: check
+CVE-2022-21600 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21599 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21598 (Vulnerability in the Siebel Core - DB Deployment and
Configuration pro ...)
+ TODO: check
+CVE-2022-21597 (Vulnerability in the Oracle GraalVM Enterprise Edition product
of Orac ...)
+ TODO: check
+CVE-2022-21596 (Vulnerability in the Oracle Database - Advanced Queuing
component of O ...)
+ TODO: check
+CVE-2022-21595 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21594 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21593 (Vulnerability in the Oracle HTTP Server product of Oracle
Fusion Middl ...)
+ TODO: check
+CVE-2022-21592 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21591 (Vulnerability in the Oracle Transportation Management product
of Oracl ...)
+ TODO: check
+CVE-2022-21590 (Vulnerability in the Oracle BI Publisher product of Oracle
Fusion Midd ...)
+ TODO: check
+CVE-2022-21589 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
CVE-2022-21588
RESERVED
-CVE-2022-21587
- RESERVED
+CVE-2022-21587 (Vulnerability in the Oracle Web Applications Desktop
Integrator produc ...)
+ TODO: check
CVE-2022-21586 (Vulnerability in the Oracle Banking Trade Finance product of
Oracle Fi ...)
NOT-FOR-US: Oracle
CVE-2022-21585 (Vulnerability in the Oracle Banking Trade Finance product of
Oracle Fi ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b679747da71b8b894175598fdf8a09238a9dd86e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b679747da71b8b894175598fdf8a09238a9dd86e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
