Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 1065b6a6 by security tracker role at 2022-11-08T08:10:17+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,19 @@ +CVE-2022-45045 + RESERVED +CVE-2022-3890 + RESERVED +CVE-2022-3889 + RESERVED +CVE-2022-3888 + RESERVED +CVE-2022-3887 + RESERVED +CVE-2022-3886 + RESERVED +CVE-2022-3885 + RESERVED +CVE-2022-3884 + RESERVED CVE-2022-45044 RESERVED CVE-2022-3883 @@ -22,8 +38,7 @@ CVE-2022-3874 RESERVED CVE-2022-3873 (Cross-site Scripting (XSS) - DOM in GitHub repository jgraph/drawio pr ...) NOT-FOR-US: jgraph/drawio -CVE-2022-3872 [sdhci: buffer data port register off-by-one read/write] - RESERVED +CVE-2022-3872 (An off-by-one read/write issue was found in the SDHCI device of QEMU. ...) - qemu <unfixed> NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2140567 NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2022-11/msg01068.html @@ -7092,8 +7107,8 @@ CVE-2022-43361 (Senayan Library Management System v9.4.2 was discovered to conta NOT-FOR-US: Senayan Library Management System CVE-2022-43360 RESERVED -CVE-2022-43359 - RESERVED +CVE-2022-43359 (Gifdec commit 1dcbae19363597314f6623010cc80abad4e47f7c was discovered ...) + TODO: check CVE-2022-43358 RESERVED CVE-2022-43357 @@ -7739,20 +7754,20 @@ CVE-2022-43054 RESERVED CVE-2022-43053 RESERVED -CVE-2022-43052 - RESERVED -CVE-2022-43051 - RESERVED -CVE-2022-43050 - RESERVED -CVE-2022-43049 - RESERVED +CVE-2022-43052 (Online Diagnostic Lab Management System v1.0 was discovered to contain ...) + TODO: check +CVE-2022-43051 (Online Diagnostic Lab Management System v1.0 was discovered to contain ...) + TODO: check +CVE-2022-43050 (Online Tours & Travels Management System v1.0 was discovered to co ...) + TODO: check +CVE-2022-43049 (Canteen Management System Project v1.0 was discovered to contain a SQL ...) + TODO: check CVE-2022-43048 RESERVED CVE-2022-43047 RESERVED -CVE-2022-43046 - RESERVED +CVE-2022-43046 (Food Ordering Management System v1.0 was discovered to contain a cross ...) + TODO: check CVE-2022-43045 (GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segm ...) - gpac <unfixed> [bullseye] - gpac <ignored> (Minor issue) @@ -11966,12 +11981,12 @@ CVE-2022-41436 (An issue in OXHOO TP50 OXH1.50 allows unauthenticated attackers NOT-FOR-US: OXHOO CVE-2022-41435 (OpenWRT LuCI version git-22.140.66206-02913be was discovered to contai ...) NOT-FOR-US: OpenWRT LuCI -CVE-2022-41434 - RESERVED -CVE-2022-41433 - RESERVED -CVE-2022-41432 - RESERVED +CVE-2022-41434 (EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected ...) + TODO: check +CVE-2022-41433 (EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected ...) + TODO: check +CVE-2022-41432 (EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected ...) + TODO: check CVE-2022-41431 (xzs v3.8.0 was discovered to contain a cross-site scripting (XSS) vuln ...) NOT-FOR-US: xzs CVE-2022-41430 (Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP ...) @@ -39285,8 +39300,8 @@ CVE-2022-31201 (SoftGuard Web (SGW) before 5.1.5 allows HTML injection. ...) NOT-FOR-US: SoftGuard Web CVE-2022-31200 RESERVED -CVE-2022-31199 - RESERVED +CVE-2022-31199 (Remote code execution vulnerabilities exist in the Netwrix Auditor Use ...) + TODO: check CVE-2022-1797 (A malformed Class 3 common industrial protocol message with a cached c ...) NOT-FOR-US: Rockwell Automation CVE-2022-31198 (OpenZeppelin Contracts is a library for secure smart contract developm ...) @@ -140932,8 +140947,8 @@ CVE-2020-35474 (In MediaWiki before 1.35.1, the combination of Html::rawElement [stretch] - mediawiki <not-affected> (Introduced in 1.35) NOTE: https://phabricator.wikimedia.org/T268894 NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-December/094126.html -CVE-2020-35473 - RESERVED +CVE-2020-35473 (An information leakage vulnerability in the Bluetooth Low Energy adver ...) + TODO: check CVE-2020-35472 RESERVED CVE-2020-35471 (Envoy before 1.16.1 mishandles dropped and truncated datagrams, as dem ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1065b6a6b3854e083a6f1cfb9834e495273f3548 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1065b6a6b3854e083a6f1cfb9834e495273f3548 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits