[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Tue, 08 Nov 2022 00:10:35 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
1065b6a6 by security tracker role at 2022-11-08T08:10:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2022-45045
+       RESERVED
+CVE-2022-3890
+       RESERVED
+CVE-2022-3889
+       RESERVED
+CVE-2022-3888
+       RESERVED
+CVE-2022-3887
+       RESERVED
+CVE-2022-3886
+       RESERVED
+CVE-2022-3885
+       RESERVED
+CVE-2022-3884
+       RESERVED
 CVE-2022-45044
        RESERVED
 CVE-2022-3883
@@ -22,8 +38,7 @@ CVE-2022-3874
        RESERVED
 CVE-2022-3873 (Cross-site Scripting (XSS) - DOM in GitHub repository 
jgraph/drawio pr ...)
        NOT-FOR-US: jgraph/drawio
-CVE-2022-3872 [sdhci: buffer data port register off-by-one read/write]
-       RESERVED
+CVE-2022-3872 (An off-by-one read/write issue was found in the SDHCI device of 
QEMU.  ...)
        - qemu <unfixed>
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2140567
        NOTE: 
https://lists.nongnu.org/archive/html/qemu-devel/2022-11/msg01068.html
@@ -7092,8 +7107,8 @@ CVE-2022-43361 (Senayan Library Management System v9.4.2 
was discovered to conta
        NOT-FOR-US: Senayan Library Management System
 CVE-2022-43360
        RESERVED
-CVE-2022-43359
-       RESERVED
+CVE-2022-43359 (Gifdec commit 1dcbae19363597314f6623010cc80abad4e47f7c was 
discovered  ...)
+       TODO: check
 CVE-2022-43358
        RESERVED
 CVE-2022-43357
@@ -7739,20 +7754,20 @@ CVE-2022-43054
        RESERVED
 CVE-2022-43053
        RESERVED
-CVE-2022-43052
-       RESERVED
-CVE-2022-43051
-       RESERVED
-CVE-2022-43050
-       RESERVED
-CVE-2022-43049
-       RESERVED
+CVE-2022-43052 (Online Diagnostic Lab Management System v1.0 was discovered to 
contain ...)
+       TODO: check
+CVE-2022-43051 (Online Diagnostic Lab Management System v1.0 was discovered to 
contain ...)
+       TODO: check
+CVE-2022-43050 (Online Tours &amp; Travels Management System v1.0 was 
discovered to co ...)
+       TODO: check
+CVE-2022-43049 (Canteen Management System Project v1.0 was discovered to 
contain a SQL ...)
+       TODO: check
 CVE-2022-43048
        RESERVED
 CVE-2022-43047
        RESERVED
-CVE-2022-43046
-       RESERVED
+CVE-2022-43046 (Food Ordering Management System v1.0 was discovered to contain 
a cross ...)
+       TODO: check
 CVE-2022-43045 (GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to 
contain a segm ...)
        - gpac <unfixed>
        [bullseye] - gpac <ignored> (Minor issue)
@@ -11966,12 +11981,12 @@ CVE-2022-41436 (An issue in OXHOO TP50 OXH1.50 allows 
unauthenticated attackers
        NOT-FOR-US: OXHOO
 CVE-2022-41435 (OpenWRT LuCI version git-22.140.66206-02913be was discovered 
to contai ...)
        NOT-FOR-US: OpenWRT LuCI
-CVE-2022-41434
-       RESERVED
-CVE-2022-41433
-       RESERVED
-CVE-2022-41432
-       RESERVED
+CVE-2022-41434 (EyesOfNetwork Web Interface v5.3 was discovered to contain a 
reflected ...)
+       TODO: check
+CVE-2022-41433 (EyesOfNetwork Web Interface v5.3 was discovered to contain a 
reflected ...)
+       TODO: check
+CVE-2022-41432 (EyesOfNetwork Web Interface v5.3 was discovered to contain a 
reflected ...)
+       TODO: check
 CVE-2022-41431 (xzs v3.8.0 was discovered to contain a cross-site scripting 
(XSS) vuln ...)
        NOT-FOR-US: xzs
 CVE-2022-41430 (Bento4 v1.6.0-639 was discovered to contain a heap overflow 
via the AP ...)
@@ -39285,8 +39300,8 @@ CVE-2022-31201 (SoftGuard Web (SGW) before 5.1.5 allows 
HTML injection. ...)
        NOT-FOR-US: SoftGuard Web
 CVE-2022-31200
        RESERVED
-CVE-2022-31199
-       RESERVED
+CVE-2022-31199 (Remote code execution vulnerabilities exist in the Netwrix 
Auditor Use ...)
+       TODO: check
 CVE-2022-1797 (A malformed Class 3 common industrial protocol message with a 
cached c ...)
        NOT-FOR-US: Rockwell Automation
 CVE-2022-31198 (OpenZeppelin Contracts is a library for secure smart contract 
developm ...)
@@ -140932,8 +140947,8 @@ CVE-2020-35474 (In MediaWiki before 1.35.1, the 
combination of Html::rawElement
        [stretch] - mediawiki <not-affected> (Introduced in 1.35)
        NOTE: https://phabricator.wikimedia.org/T268894
        NOTE: 
https://lists.wikimedia.org/pipermail/wikitech-l/2020-December/094126.html
-CVE-2020-35473
-       RESERVED
+CVE-2020-35473 (An information leakage vulnerability in the Bluetooth Low 
Energy adver ...)
+       TODO: check
 CVE-2020-35472
        RESERVED
 CVE-2020-35471 (Envoy before 1.16.1 mishandles dropped and truncated 
datagrams, as dem ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1065b6a6b3854e083a6f1cfb9834e495273f3548

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1065b6a6b3854e083a6f1cfb9834e495273f3548
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to