Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
19700527 by security tracker role at 2022-11-03T08:10:14+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2022-44643
+ RESERVED
+CVE-2022-44642
+ RESERVED
+CVE-2022-44641
+ RESERVED
+CVE-2022-44640
+ RESERVED
+CVE-2022-44639
+ RESERVED
+CVE-2022-44638 (In libpixman in Pixman before 0.42.2, there is an
out-of-bounds write ...)
+ TODO: check
+CVE-2022-44637
+ RESERVED
+CVE-2022-44636
+ RESERVED
+CVE-2022-3846
+ RESERVED
+CVE-2022-3845 (A vulnerability has been found in phpipam and classified as
problemati ...)
+ TODO: check
+CVE-2022-3844 (A vulnerability, which was classified as problematic, was found
in Web ...)
+ TODO: check
+CVE-2021-46853 (Alpine before 2.25 allows remote attackers to cause a denial
of servic ...)
+ TODO: check
CVE-2022-44635
RESERVED
CVE-2022-44634
@@ -113,8 +137,8 @@ CVE-2022-3813 (A vulnerability classified as problematic
has been found in Axiom
NOT-FOR-US: Bento4
CVE-2022-3812 (A vulnerability was found in Axiomatic Bento4. It has been
rated as pr ...)
NOT-FOR-US: Bento4
-CVE-2020-36608
- RESERVED
+CVE-2020-36608 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
CVE-2023-20903
RESERVED
CVE-2023-20902
@@ -253,8 +277,8 @@ CVE-2022-44588
RESERVED
CVE-2022-44587
RESERVED
-CVE-2022-44586
- RESERVED
+CVE-2022-44586 (Auth. (admin+) Stored Cross-Site Scripting (XSS) in Ayoub
Media AM-HiL ...)
+ TODO: check
CVE-2022-44585
RESERVED
CVE-2022-44584
@@ -273,8 +297,8 @@ CVE-2022-44578
RESERVED
CVE-2022-44577
RESERVED
-CVE-2022-44576
- RESERVED
+CVE-2022-44576 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Agen ...)
+ TODO: check
CVE-2022-44575
RESERVED
CVE-2022-44574
@@ -5710,12 +5734,12 @@ CVE-2022-43070
RESERVED
CVE-2022-43069
RESERVED
-CVE-2022-43068
- RESERVED
+CVE-2022-43068 (Online Diagnostic Lab Management System v1.0 was discovered to
contain ...)
+ TODO: check
CVE-2022-43067
RESERVED
-CVE-2022-43066
- RESERVED
+CVE-2022-43066 (Online Diagnostic Lab Management System v1.0 was discovered to
contain ...)
+ TODO: check
CVE-2022-43065
RESERVED
CVE-2022-43064
@@ -5933,12 +5957,14 @@ CVE-2022-3557
RESERVED
CVE-2022-3556
RESERVED
-CVE-2022-3555 (A vulnerability was found in X.org libX11 and classified as
problemati ...)
+CVE-2022-3555
+ REJECTED
- libx11 2:1.7.4-1
[bullseye] - libx11 <no-dsa> (Minor issue)
[buster] - libx11 <postponed> (Minor issue)
NOTE:
https://gitlab.freedesktop.org/xorg/lib/libx11/commit/8a368d808fec166b5fb3dfe6312aab22c7ee20af
(libX11-1.7.4)
-CVE-2022-3554 (A vulnerability has been found in X.org libX11 and classified
as probl ...)
+CVE-2022-3554
+ REJECTED
- libx11 <unfixed> (bug #1022560)
[bullseye] - libx11 <no-dsa> (Minor issue)
[buster] - libx11 <postponed> (Minor issue)
@@ -6812,10 +6838,12 @@ CVE-2022-42733
CVE-2022-42732
RESERVED
CVE-2022-3444 (Insufficient data validation in File System API in Google
Chrome prior ...)
+ {DSA-5244-1}
- chromium 106.0.5249.61-1
[buster] - chromium <end-of-life> (see DSA 5046)
NOTE:
https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html
CVE-2022-3443 (Insufficient data validation in File System API in Google
Chrome prior ...)
+ {DSA-5244-1}
- chromium 106.0.5249.61-1
[buster] - chromium <end-of-life> (see DSA 5046)
NOTE:
https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html
@@ -12222,8 +12250,8 @@ CVE-2022-40503
RESERVED
CVE-2022-40502
RESERVED
-CVE-2022-3181
- RESERVED
+CVE-2022-3181 (An Improper Input Validation vulnerability exists in Trihedral
VTScada ...)
+ TODO: check
CVE-2022-3180
RESERVED
CVE-2022-3179 (Weak Password Requirements in GitHub repository
ikus060/rdiffweb prior ...)
@@ -17470,8 +17498,7 @@ CVE-2022-2905 (An out-of-bounds memory read flaw was
found in the Linux kernel's
[bullseye] - linux 5.10.140-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://www.openwall.com/lists/oss-security/2022/08/26/1
-CVE-2022-2904
- RESERVED
+CVE-2022-2904 (A cross-site scripting issue has been discovered in GitLab
CE/EE affec ...)
- gitlab <unfixed>
CVE-2022-2903 (The Ninja Forms Contact Form WordPress plugin before 3.6.13
unserialis ...)
NOT-FOR-US: WordPress plugin
@@ -55611,8 +55638,8 @@ CVE-2022-24947 (Apache JSPWiki user preferences form is
vulnerable to CSRF attac
- jspwiki <removed>
CVE-2022-24946 (Improper Resource Locking vulnerability in Mitsubishi Electric
MELSEC ...)
NOT-FOR-US: Mitsubishi
-CVE-2022-24945
- RESERVED
+CVE-2022-24945 (This CVE ID has been rejected or withdrawn by its CVE
Numbering Author ...)
+ TODO: check
CVE-2022-24944
RESERVED
CVE-2022-24943
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1970052743466cf34d22739843f1290c03689346
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1970052743466cf34d22739843f1290c03689346
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
