Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6bf12a0e by security tracker role at 2022-10-28T08:10:15+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,559 @@
+CVE-2023-20851
+ RESERVED
+CVE-2023-20850
+ RESERVED
+CVE-2023-20849
+ RESERVED
+CVE-2023-20848
+ RESERVED
+CVE-2023-20847
+ RESERVED
+CVE-2023-20846
+ RESERVED
+CVE-2023-20845
+ RESERVED
+CVE-2023-20844
+ RESERVED
+CVE-2023-20843
+ RESERVED
+CVE-2023-20842
+ RESERVED
+CVE-2023-20841
+ RESERVED
+CVE-2023-20840
+ RESERVED
+CVE-2023-20839
+ RESERVED
+CVE-2023-20838
+ RESERVED
+CVE-2023-20837
+ RESERVED
+CVE-2023-20836
+ RESERVED
+CVE-2023-20835
+ RESERVED
+CVE-2023-20834
+ RESERVED
+CVE-2023-20833
+ RESERVED
+CVE-2023-20832
+ RESERVED
+CVE-2023-20831
+ RESERVED
+CVE-2023-20830
+ RESERVED
+CVE-2023-20829
+ RESERVED
+CVE-2023-20828
+ RESERVED
+CVE-2023-20827
+ RESERVED
+CVE-2023-20826
+ RESERVED
+CVE-2023-20825
+ RESERVED
+CVE-2023-20824
+ RESERVED
+CVE-2023-20823
+ RESERVED
+CVE-2023-20822
+ RESERVED
+CVE-2023-20821
+ RESERVED
+CVE-2023-20820
+ RESERVED
+CVE-2023-20819
+ RESERVED
+CVE-2023-20818
+ RESERVED
+CVE-2023-20817
+ RESERVED
+CVE-2023-20816
+ RESERVED
+CVE-2023-20815
+ RESERVED
+CVE-2023-20814
+ RESERVED
+CVE-2023-20813
+ RESERVED
+CVE-2023-20812
+ RESERVED
+CVE-2023-20811
+ RESERVED
+CVE-2023-20810
+ RESERVED
+CVE-2023-20809
+ RESERVED
+CVE-2023-20808
+ RESERVED
+CVE-2023-20807
+ RESERVED
+CVE-2023-20806
+ RESERVED
+CVE-2023-20805
+ RESERVED
+CVE-2023-20804
+ RESERVED
+CVE-2023-20803
+ RESERVED
+CVE-2023-20802
+ RESERVED
+CVE-2023-20801
+ RESERVED
+CVE-2023-20800
+ RESERVED
+CVE-2023-20799
+ RESERVED
+CVE-2023-20798
+ RESERVED
+CVE-2023-20797
+ RESERVED
+CVE-2023-20796
+ RESERVED
+CVE-2023-20795
+ RESERVED
+CVE-2023-20794
+ RESERVED
+CVE-2023-20793
+ RESERVED
+CVE-2023-20792
+ RESERVED
+CVE-2023-20791
+ RESERVED
+CVE-2023-20790
+ RESERVED
+CVE-2023-20789
+ RESERVED
+CVE-2023-20788
+ RESERVED
+CVE-2023-20787
+ RESERVED
+CVE-2023-20786
+ RESERVED
+CVE-2023-20785
+ RESERVED
+CVE-2023-20784
+ RESERVED
+CVE-2023-20783
+ RESERVED
+CVE-2023-20782
+ RESERVED
+CVE-2023-20781
+ RESERVED
+CVE-2023-20780
+ RESERVED
+CVE-2023-20779
+ RESERVED
+CVE-2023-20778
+ RESERVED
+CVE-2023-20777
+ RESERVED
+CVE-2023-20776
+ RESERVED
+CVE-2023-20775
+ RESERVED
+CVE-2023-20774
+ RESERVED
+CVE-2023-20773
+ RESERVED
+CVE-2023-20772
+ RESERVED
+CVE-2023-20771
+ RESERVED
+CVE-2023-20770
+ RESERVED
+CVE-2023-20769
+ RESERVED
+CVE-2023-20768
+ RESERVED
+CVE-2023-20767
+ RESERVED
+CVE-2023-20766
+ RESERVED
+CVE-2023-20765
+ RESERVED
+CVE-2023-20764
+ RESERVED
+CVE-2023-20763
+ RESERVED
+CVE-2023-20762
+ RESERVED
+CVE-2023-20761
+ RESERVED
+CVE-2023-20760
+ RESERVED
+CVE-2023-20759
+ RESERVED
+CVE-2023-20758
+ RESERVED
+CVE-2023-20757
+ RESERVED
+CVE-2023-20756
+ RESERVED
+CVE-2023-20755
+ RESERVED
+CVE-2023-20754
+ RESERVED
+CVE-2023-20753
+ RESERVED
+CVE-2023-20752
+ RESERVED
+CVE-2023-20751
+ RESERVED
+CVE-2023-20750
+ RESERVED
+CVE-2023-20749
+ RESERVED
+CVE-2023-20748
+ RESERVED
+CVE-2023-20747
+ RESERVED
+CVE-2023-20746
+ RESERVED
+CVE-2023-20745
+ RESERVED
+CVE-2023-20744
+ RESERVED
+CVE-2023-20743
+ RESERVED
+CVE-2023-20742
+ RESERVED
+CVE-2023-20741
+ RESERVED
+CVE-2023-20740
+ RESERVED
+CVE-2023-20739
+ RESERVED
+CVE-2023-20738
+ RESERVED
+CVE-2023-20737
+ RESERVED
+CVE-2023-20736
+ RESERVED
+CVE-2023-20735
+ RESERVED
+CVE-2023-20734
+ RESERVED
+CVE-2023-20733
+ RESERVED
+CVE-2023-20732
+ RESERVED
+CVE-2023-20731
+ RESERVED
+CVE-2023-20730
+ RESERVED
+CVE-2023-20729
+ RESERVED
+CVE-2023-20728
+ RESERVED
+CVE-2023-20727
+ RESERVED
+CVE-2023-20726
+ RESERVED
+CVE-2023-20725
+ RESERVED
+CVE-2023-20724
+ RESERVED
+CVE-2023-20723
+ RESERVED
+CVE-2023-20722
+ RESERVED
+CVE-2023-20721
+ RESERVED
+CVE-2023-20720
+ RESERVED
+CVE-2023-20719
+ RESERVED
+CVE-2023-20718
+ RESERVED
+CVE-2023-20717
+ RESERVED
+CVE-2023-20716
+ RESERVED
+CVE-2023-20715
+ RESERVED
+CVE-2023-20714
+ RESERVED
+CVE-2023-20713
+ RESERVED
+CVE-2023-20712
+ RESERVED
+CVE-2023-20711
+ RESERVED
+CVE-2023-20710
+ RESERVED
+CVE-2023-20709
+ RESERVED
+CVE-2023-20708
+ RESERVED
+CVE-2023-20707
+ RESERVED
+CVE-2023-20706
+ RESERVED
+CVE-2023-20705
+ RESERVED
+CVE-2023-20704
+ RESERVED
+CVE-2023-20703
+ RESERVED
+CVE-2023-20702
+ RESERVED
+CVE-2023-20701
+ RESERVED
+CVE-2023-20700
+ RESERVED
+CVE-2023-20699
+ RESERVED
+CVE-2023-20698
+ RESERVED
+CVE-2023-20697
+ RESERVED
+CVE-2023-20696
+ RESERVED
+CVE-2023-20695
+ RESERVED
+CVE-2023-20694
+ RESERVED
+CVE-2023-20693
+ RESERVED
+CVE-2023-20692
+ RESERVED
+CVE-2023-20691
+ RESERVED
+CVE-2023-20690
+ RESERVED
+CVE-2023-20689
+ RESERVED
+CVE-2023-20688
+ RESERVED
+CVE-2023-20687
+ RESERVED
+CVE-2023-20686
+ RESERVED
+CVE-2023-20685
+ RESERVED
+CVE-2023-20684
+ RESERVED
+CVE-2023-20683
+ RESERVED
+CVE-2023-20682
+ RESERVED
+CVE-2023-20681
+ RESERVED
+CVE-2023-20680
+ RESERVED
+CVE-2023-20679
+ RESERVED
+CVE-2023-20678
+ RESERVED
+CVE-2023-20677
+ RESERVED
+CVE-2023-20676
+ RESERVED
+CVE-2023-20675
+ RESERVED
+CVE-2023-20674
+ RESERVED
+CVE-2023-20673
+ RESERVED
+CVE-2023-20672
+ RESERVED
+CVE-2023-20671
+ RESERVED
+CVE-2023-20670
+ RESERVED
+CVE-2023-20669
+ RESERVED
+CVE-2023-20668
+ RESERVED
+CVE-2023-20667
+ RESERVED
+CVE-2023-20666
+ RESERVED
+CVE-2023-20665
+ RESERVED
+CVE-2023-20664
+ RESERVED
+CVE-2023-20663
+ RESERVED
+CVE-2023-20662
+ RESERVED
+CVE-2023-20661
+ RESERVED
+CVE-2023-20660
+ RESERVED
+CVE-2023-20659
+ RESERVED
+CVE-2023-20658
+ RESERVED
+CVE-2023-20657
+ RESERVED
+CVE-2023-20656
+ RESERVED
+CVE-2023-20655
+ RESERVED
+CVE-2023-20654
+ RESERVED
+CVE-2023-20653
+ RESERVED
+CVE-2023-20652
+ RESERVED
+CVE-2023-20651
+ RESERVED
+CVE-2023-20650
+ RESERVED
+CVE-2023-20649
+ RESERVED
+CVE-2023-20648
+ RESERVED
+CVE-2023-20647
+ RESERVED
+CVE-2023-20646
+ RESERVED
+CVE-2023-20645
+ RESERVED
+CVE-2023-20644
+ RESERVED
+CVE-2023-20643
+ RESERVED
+CVE-2023-20642
+ RESERVED
+CVE-2023-20641
+ RESERVED
+CVE-2023-20640
+ RESERVED
+CVE-2023-20639
+ RESERVED
+CVE-2023-20638
+ RESERVED
+CVE-2023-20637
+ RESERVED
+CVE-2023-20636
+ RESERVED
+CVE-2023-20635
+ RESERVED
+CVE-2023-20634
+ RESERVED
+CVE-2023-20633
+ RESERVED
+CVE-2023-20632
+ RESERVED
+CVE-2023-20631
+ RESERVED
+CVE-2023-20630
+ RESERVED
+CVE-2023-20629
+ RESERVED
+CVE-2023-20628
+ RESERVED
+CVE-2023-20627
+ RESERVED
+CVE-2023-20626
+ RESERVED
+CVE-2023-20625
+ RESERVED
+CVE-2023-20624
+ RESERVED
+CVE-2023-20623
+ RESERVED
+CVE-2023-20622
+ RESERVED
+CVE-2023-20621
+ RESERVED
+CVE-2023-20620
+ RESERVED
+CVE-2023-20619
+ RESERVED
+CVE-2023-20618
+ RESERVED
+CVE-2023-20617
+ RESERVED
+CVE-2023-20616
+ RESERVED
+CVE-2023-20615
+ RESERVED
+CVE-2023-20614
+ RESERVED
+CVE-2023-20613
+ RESERVED
+CVE-2023-20612
+ RESERVED
+CVE-2023-20611
+ RESERVED
+CVE-2023-20610
+ RESERVED
+CVE-2023-20609
+ RESERVED
+CVE-2023-20608
+ RESERVED
+CVE-2023-20607
+ RESERVED
+CVE-2023-20606
+ RESERVED
+CVE-2023-20605
+ RESERVED
+CVE-2023-20604
+ RESERVED
+CVE-2023-20603
+ RESERVED
+CVE-2023-20602
+ RESERVED
+CVE-2022-43977
+ RESERVED
+CVE-2022-43976
+ RESERVED
+CVE-2022-43975
+ RESERVED
+CVE-2022-43974
+ RESERVED
+CVE-2022-43973
+ RESERVED
+CVE-2022-43972
+ RESERVED
+CVE-2022-43971
+ RESERVED
+CVE-2022-43970
+ RESERVED
+CVE-2022-43969
+ RESERVED
+CVE-2022-43968
+ RESERVED
+CVE-2022-43967
+ RESERVED
+CVE-2022-43966
+ RESERVED
+CVE-2022-43965
+ RESERVED
+CVE-2022-43964
+ RESERVED
+CVE-2022-43963
+ RESERVED
+CVE-2022-43962
+ RESERVED
+CVE-2022-43961
+ RESERVED
+CVE-2022-43960
+ RESERVED
+CVE-2022-43959
+ RESERVED
+CVE-2022-3736
+ RESERVED
+CVE-2022-3735
+ RESERVED
+CVE-2022-3734
+ RESERVED
+CVE-2022-3733
+ RESERVED
+CVE-2022-3732
+ RESERVED
+CVE-2022-3731
+ RESERVED
+CVE-2022-3730
+ RESERVED
+CVE-2022-3729
+ RESERVED
+CVE-2022-3728
+ RESERVED
CVE-2023-20601
RESERVED
CVE-2023-20600
@@ -1886,6 +2442,7 @@ CVE-2022-43682
CVE-2022-43681
RESERVED
CVE-2022-43680 (In libexpat through 2.4.9, there is a use-after free caused by
overeag ...)
+ {DLA-3165-1}
- expat 2.5.0-1 (bug #1022743)
NOTE: https://github.com/libexpat/libexpat/issues/649
NOTE: https://github.com/libexpat/libexpat/pull/616
@@ -2599,8 +3156,8 @@ CVE-2022-3618
RESERVED
CVE-2022-3617
RESERVED
-CVE-2022-3616
- RESERVED
+CVE-2022-3616 (Attackers can create long chains of CAs that would lead to
OctoRPKI ex ...)
+ TODO: check
CVE-2022-3615
RESERVED
CVE-2022-3614
@@ -3918,7 +4475,7 @@ CVE-2022-42933 (A malicious crafted .dwf or .pct file
when consumed through Desi
NOT-FOR-US: Autodesk
CVE-2022-42932
RESERVED
- {DSA-5259-1 DLA-3156-1}
+ {DSA-5262-1 DSA-5259-1 DLA-3156-1}
- firefox 106.0-1
- firefox-esr 102.4.0esr-1
- thunderbird 1:102.4.0-1
@@ -3935,7 +4492,7 @@ CVE-2022-42930
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-44/#CVE-2022-42930
CVE-2022-42929
RESERVED
- {DSA-5259-1 DLA-3156-1}
+ {DSA-5262-1 DSA-5259-1 DLA-3156-1}
- firefox 106.0-1
- firefox-esr 102.4.0esr-1
- thunderbird 1:102.4.0-1
@@ -3944,7 +4501,7 @@ CVE-2022-42929
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-46/#CVE-2022-42929
CVE-2022-42928
RESERVED
- {DSA-5259-1 DLA-3156-1}
+ {DSA-5262-1 DSA-5259-1 DLA-3156-1}
- firefox 106.0-1
- firefox-esr 102.4.0esr-1
- thunderbird 1:102.4.0-1
@@ -3953,7 +4510,7 @@ CVE-2022-42928
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-46/#CVE-2022-42928
CVE-2022-42927
RESERVED
- {DSA-5259-1 DLA-3156-1}
+ {DSA-5262-1 DSA-5259-1 DLA-3156-1}
- firefox 106.0-1
- firefox-esr 102.4.0esr-1
- thunderbird 1:102.4.0-1
@@ -6190,12 +6747,12 @@ CVE-2022-36354
RESERVED
CVE-2022-3388
RESERVED
-CVE-2022-3387
- RESERVED
-CVE-2022-3386
- RESERVED
-CVE-2022-3385
- RESERVED
+CVE-2022-3387 (Advantech R-SeeNet Versions 2.4.19 and prior are vulnerable to
path tr ...)
+ TODO: check
+CVE-2022-3386 (Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to
a stack ...)
+ TODO: check
+CVE-2022-3385 (Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to
a stack ...)
+ TODO: check
CVE-2022-3384
RESERVED
CVE-2022-3383
@@ -6503,10 +7060,10 @@ CVE-2022-3381
RESERVED
CVE-2022-3380
RESERVED
-CVE-2022-3379
- RESERVED
-CVE-2022-3378
- RESERVED
+CVE-2022-3379 (Horner Automation's Cscape version 9.90 SP7 and prior does not
properl ...)
+ TODO: check
+CVE-2022-3378 (Horner Automation's Cscape version 9.90 SP 7 and prior does not
proper ...)
+ TODO: check
CVE-2022-3377
RESERVED
CVE-2022-3376 (Weak Password Requirements in GitHub repository
ikus060/rdiffweb prior ...)
@@ -6640,14 +7197,14 @@ CVE-2022-41778
RESERVED
CVE-2022-41776
RESERVED
-CVE-2022-41773
- RESERVED
+CVE-2022-41773 (The affected product DIAEnergie (versions prior to
v1.9.01.002) is vul ...)
+ TODO: check
CVE-2022-41772
RESERVED
-CVE-2022-41702
- RESERVED
-CVE-2022-41701
- RESERVED
+CVE-2022-41702 (The affected product DIAEnergie (versions prior to
v1.9.01.002) is vul ...)
+ TODO: check
+CVE-2022-41701 (The affected product DIAEnergie (versions prior to
v1.9.01.002) is vul ...)
+ TODO: check
CVE-2022-41697
RESERVED
CVE-2022-41688
@@ -6660,8 +7217,8 @@ CVE-2022-41654
RESERVED
CVE-2022-41653
RESERVED
-CVE-2022-41651
- RESERVED
+CVE-2022-41651 (The affected product DIAEnergie (versions prior to
v1.9.01.002) is vul ...)
+ TODO: check
CVE-2022-41648
RESERVED
CVE-2022-41644
@@ -6670,22 +7227,22 @@ CVE-2022-41636
RESERVED
CVE-2022-41629
RESERVED
-CVE-2022-41627
- RESERVED
+CVE-2022-41627 (The physical IoT device of the AliveCor's KardiaMobile, a
smartphone-b ...)
+ TODO: check
CVE-2022-41613
RESERVED
CVE-2022-41607
RESERVED
-CVE-2022-41555
- RESERVED
-CVE-2022-41133
- RESERVED
+CVE-2022-41555 (The affected product DIAEnergie (versions prior to
v1.9.01.002) is vul ...)
+ TODO: check
+CVE-2022-41133 (The affected product DIAEnergie (versions prior to
v1.9.01.002) is vul ...)
+ TODO: check
CVE-2022-40981
RESERVED
-CVE-2022-40967
- RESERVED
-CVE-2022-40965
- RESERVED
+CVE-2022-40967 (The affected product DIAEnergie (versions prior to
v1.9.01.002) is vul ...)
+ TODO: check
+CVE-2022-40965 (The affected product DIAEnergie (versions prior to
v1.9.01.002) is vul ...)
+ TODO: check
CVE-2022-40703 (CWE-302 Authentication Bypass by Assumed-Immutable Data in
AliveCor Ka ...)
NOT-FOR-US: AliveCor Kardia App
CVE-2022-40204
@@ -8964,8 +9521,8 @@ CVE-2022-40878 (In Exam Reviewer Management System 1.0,
an authenticated attacke
NOT-FOR-US: Exam Reviewer Management System
CVE-2022-40877 (Exam Reviewer Management System 1.0 is vulnerable to SQL
Injection via ...)
NOT-FOR-US: Exam Reviewer Management System
-CVE-2022-40876
- RESERVED
+CVE-2022-40876 (In Tenda ax1803 v1.0.0.1, the http requests handled by the
fromAdvSetM ...)
+ TODO: check
CVE-2022-40875 (Tenda AX1803 v1.0.0.1 was discovered to contain a heap
overflow in the ...)
NOT-FOR-US: Tenda
CVE-2022-40874 (Tenda AX1803 v1.0.0.1 was discovered to contain a heap
overflow vulner ...)
@@ -11128,12 +11685,12 @@ CVE-2022-39980
RESERVED
CVE-2022-39979
RESERVED
-CVE-2022-39978
- RESERVED
-CVE-2022-39977
- RESERVED
-CVE-2022-39976
- RESERVED
+CVE-2022-39978 (Online Pet Shop We App v1.0 was discovered to contain an
arbitrary fil ...)
+ TODO: check
+CVE-2022-39977 (Online Pet Shop We App v1.0 was discovered to contain an
arbitrary fil ...)
+ TODO: check
+CVE-2022-39976 (School Activity Updates with SMS Notification v1.0 was
discovered to c ...)
+ TODO: check
CVE-2022-39975 (The Layout module in Liferay Portal v7.3.3 through v7.4.3.34,
and Life ...)
NOT-FOR-US: Liferay
CVE-2022-39974 (WASM3 v0.5.0 was discovered to contain a segmentation fault
via the co ...)
@@ -16772,12 +17329,12 @@ CVE-2022-37917
RESERVED
CVE-2022-37916
RESERVED
-CVE-2022-37915
- RESERVED
-CVE-2022-37914
- RESERVED
-CVE-2022-37913
- RESERVED
+CVE-2022-37915 (A vulnerability in the web-based management interface of Aruba
EdgeCon ...)
+ TODO: check
+CVE-2022-37914 (Vulnerabilities in the web-based management interface of Aruba
EdgeCon ...)
+ TODO: check
+CVE-2022-37913 (Vulnerabilities in the web-based management interface of Aruba
EdgeCon ...)
+ TODO: check
CVE-2022-37912
RESERVED
CVE-2022-37911
@@ -27774,8 +28331,8 @@ CVE-2022-33861
RESERVED
CVE-2022-33860
RESERVED
-CVE-2022-33859
- RESERVED
+CVE-2022-33859 (A security vulnerability was discovered in the Eaton Foreseer
EPMS sof ...)
+ TODO: check
CVE-2022-33858
RESERVED
CVE-2022-33857
@@ -33386,8 +33943,8 @@ CVE-2022-31680 (The vCenter Server contains an unsafe
deserialisation vulnerabil
NOT-FOR-US: VMware
CVE-2022-31679 (Applications that allow HTTP PATCH access to resources exposed
by Spri ...)
NOT-FOR-US: VMware
-CVE-2022-31678
- RESERVED
+CVE-2022-31678 (VMware Cloud Foundation (NSX-V) contains an XML External
Entity (XXE) ...)
+ TODO: check
CVE-2022-31677 (An Insufficient Session Expiration issue was discovered in the
Pinnipe ...)
NOT-FOR-US: Pinniped Supervisor
CVE-2022-31676 (VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local
privilege es ...)
@@ -38476,6 +39033,7 @@ CVE-2022-29972 (An argument injection vulnerability in
the browser-based authent
CVE-2022-29971 (An argument injection vulnerability in the browser-based
authenticatio ...)
NOT-FOR-US: Magnitude Simba Amazon Athena ODBC Driver
CVE-2022-29970 (Sinatra before 2.2.0 does not validate that the expanded path
matches ...)
+ {DLA-3166-1}
- ruby-sinatra 2.2.2-1 (bug #1014717)
NOTE:
https://github.com/sinatra/sinatra/commit/462c3ca1db53ed3cfc394cf5948e9c948ad1c10e
(v2.2.0)
CVE-2022-29969 (The RSS extension before 2022-04-29 for MediaWiki allows XSS
via an rs ...)
@@ -63484,12 +64042,12 @@ CVE-2022-0076
RESERVED
CVE-2022-0075
RESERVED
-CVE-2022-0074
- RESERVED
-CVE-2022-0073
- RESERVED
-CVE-2022-0072
- RESERVED
+CVE-2022-0074 (Untrusted Search Path vulnerability in LiteSpeed Technologies
OpenLite ...)
+ TODO: check
+CVE-2022-0073 (Improper Input Validation vulnerability in LiteSpeed
Technologies Open ...)
+ TODO: check
+CVE-2022-0072 (Directory Traversal vulnerability in LiteSpeed Technologies
OpenLiteSp ...)
+ TODO: check
CVE-2022-0071 (Incomplete fix for CVE-2021-3101. Hotdog, prior to v1.0.2, did
not mim ...)
NOT-FOR-US: Amazon Web Services hotpatch
CVE-2022-0070 (Incomplete fix for CVE-2021-3100. The Apache Log4j hotpatch
package st ...)
@@ -88232,16 +88790,16 @@ CVE-2021-38401 (Fuji Electric V-Server Lite and
Tellus Lite V-Simulator prior to
NOT-FOR-US: Fuji Electric
CVE-2021-38400 (An attacker with physical access to Boston Scientific Zoom
Latitude Mo ...)
NOT-FOR-US: Boston Scientific Zoom Latitude Model 3120
-CVE-2021-38399
- RESERVED
+CVE-2021-38399 (Honeywell Experion PKS C200, C200E, C300, and ACE controllers
are vuln ...)
+ TODO: check
CVE-2021-38398 (The affected device uses off-the-shelf software components
that contai ...)
NOT-FOR-US: Boston Scientific
-CVE-2021-38397
- RESERVED
+CVE-2021-38397 (Honeywell Experion PKS C200, C200E, C300, and ACE controllers
are vuln ...)
+ TODO: check
CVE-2021-38396 (The programmer installation utility does not perform a
cryptographic a ...)
NOT-FOR-US: Boston Scientific
-CVE-2021-38395
- RESERVED
+CVE-2021-38395 (Honeywell Experion PKS C200, C200E, C300, and ACE controllers
are vuln ...)
+ TODO: check
CVE-2021-38394 (An attacker with physical access to the device can extract the
binary ...)
NOT-FOR-US: Boston Scientific
CVE-2021-38393 (A Blind SQL injection vulnerability exists in the
/DataHandler/Handler ...)
@@ -93767,8 +94325,8 @@ CVE-2021-36208
RESERVED
CVE-2021-36207 (Under certain circumstances improper privilege management in
Metasys A ...)
NOT-FOR-US: Metasys
-CVE-2021-36206
- RESERVED
+CVE-2021-36206 (All versions of CEVAS prior to 1.01.46 do not sufficiently
validate us ...)
+ TODO: check
CVE-2021-36205 (Under certain circumstances the session token is not cleared
on logout ...)
NOT-FOR-US: Johnson Controls
CVE-2021-36204
@@ -197522,7 +198080,7 @@ CVE-2020-7563 (A CWE-787: Out-of-bounds Write
vulnerability exists in the Web Se
NOT-FOR-US: Modicon
CVE-2020-7562 (A CWE-125: Out-of-Bounds Read vulnerability exists in the Web
Server o ...)
NOT-FOR-US: Modicon
-CVE-2020-7561 (A CWE-284: Improper Access Control vulnerability exists in
Easergy T30 ...)
+CVE-2020-7561 (A CWE-306: Missing Authentication for Critical Function
vulnerability ...)
NOT-FOR-US: Easergy
CVE-2020-7560 (A CWE-123: Write-what-where Condition vulnerability exists in
EcoStrux ...)
NOT-FOR-US: EcoStruxure Control Expert
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6bf12a0e489298c3a9ebb46f79e04dad16e90837
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6bf12a0e489298c3a9ebb46f79e04dad16e90837
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
