[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
24710ea2 by security tracker role at 2022-11-12T08:10:19+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,63 @@
+CVE-2022-45194 (CBRN-Analysis before 22 allows XXE attacks via am mws XML 
document, le ...)
+       TODO: check
+CVE-2022-45193 (CBRN-Analysis before 22 has weak file permissions under Public 
Profile ...)
+       TODO: check
+CVE-2022-45192
+       RESERVED
+CVE-2022-45191
+       RESERVED
+CVE-2022-45190
+       RESERVED
+CVE-2022-45189
+       RESERVED
+CVE-2022-45188 (Netatalk through 3.1.13 has an afp_getappl heap-based buffer 
overflow  ...)
+       TODO: check
+CVE-2022-45187
+       RESERVED
+CVE-2022-45186
+       RESERVED
+CVE-2022-45185
+       RESERVED
+CVE-2022-45184
+       RESERVED
+CVE-2022-45183
+       RESERVED
+CVE-2022-45182 (Pi-Star_DV_Dash (for Pi-Star DV) before 5aa194d mishandles the 
module  ...)
+       TODO: check
+CVE-2022-45181
+       RESERVED
+CVE-2022-45180
+       RESERVED
+CVE-2022-45179
+       RESERVED
+CVE-2022-45178
+       RESERVED
+CVE-2022-45177
+       RESERVED
+CVE-2022-45176
+       RESERVED
+CVE-2022-45175
+       RESERVED
+CVE-2022-45174
+       RESERVED
+CVE-2022-45173
+       RESERVED
+CVE-2022-45172
+       RESERVED
+CVE-2022-45171
+       RESERVED
+CVE-2022-45170
+       RESERVED
+CVE-2022-45169
+       RESERVED
+CVE-2022-45168
+       RESERVED
+CVE-2022-3962
+       RESERVED
+CVE-2022-3961
+       RESERVED
+CVE-2022-3960
+       RESERVED
 CVE-2022-45167
        RESERVED
 CVE-2022-45166
@@ -6537,10 +6597,10 @@ CVE-2022-43674
        RESERVED
 CVE-2022-43673
        RESERVED
-CVE-2022-43672
-       RESERVED
-CVE-2022-43671
-       RESERVED
+CVE-2022-43672 (Zoho ManageEngine Password Manager Pro before 12122, PAM360 
before 571 ...)
+       TODO: check
+CVE-2022-43671 (Zoho ManageEngine Password Manager Pro before 12122, PAM360 
before 571 ...)
+       TODO: check
 CVE-2022-43670 (An improper neutralization of input during web page generation 
('Cross ...)
        NOT-FOR-US: Apache Sling
 CVE-2022-43667
@@ -11162,8 +11222,8 @@ CVE-2022-41907
        RESERVED
 CVE-2022-41906 (OpenSearch Notifications is a notifications plugin for 
OpenSearch that ...)
        TODO: check
-CVE-2022-41905
-       RESERVED
+CVE-2022-41905 (WsgiDAV is a generic and extendable WebDAV server based on 
WSGI. Imple ...)
+       TODO: check
 CVE-2022-41904 (Element iOS is an iOS Matrix client provided by Element. It is 
based o ...)
        TODO: check
 CVE-2022-41903
@@ -12627,8 +12687,8 @@ CVE-2022-36368 (Multiple stored cross-site scripting 
vulnerabilities in the web
        NOT-FOR-US: IPFire
 CVE-2022-41340 (The secp256k1-js package before 1.1.0 for Node.js implements 
ECDSA wit ...)
        NOT-FOR-US: Node secp256k1-js
-CVE-2022-41339
-       RESERVED
+CVE-2022-41339 (In Zoho ManageEngine Mobile Device Manager Plus before 
10.1.2207.5, th ...)
+       TODO: check
 CVE-2022-41338
        RESERVED
 CVE-2022-41337
@@ -13988,8 +14048,8 @@ CVE-2022-40775 (An issue was discovered in Bento4 
through 1.6.0-639. A NULL poin
        NOT-FOR-US: Bento4
 CVE-2022-40774 (An issue was discovered in Bento4 through 1.6.0-639. There is 
a NULL p ...)
        NOT-FOR-US: Bento4
-CVE-2022-40773
-       RESERVED
+CVE-2022-40773 (Zoho ManageEngine ServiceDesk Plus MSP before 10609 and 
SupportCenter  ...)
+       TODO: check
 CVE-2022-40772
        RESERVED
 CVE-2022-40771
@@ -19442,12 +19502,12 @@ CVE-2022-38654 (HCL Domino is susceptible to an 
information disclosure vulnerabi
        NOT-FOR-US: HCL
 CVE-2022-38653
        RESERVED
-CVE-2022-38652
-       RESERVED
-CVE-2022-38651
-       RESERVED
-CVE-2022-38650
-       RESERVED
+CVE-2022-38652 (** UNSUPPORTED WHEN ASSIGNED ** A remote insecure 
deserialization vuln ...)
+       TODO: check
+CVE-2022-38651 (** UNSUPPORTED WHEN ASSIGNED ** A security filter 
misconfiguration exi ...)
+       TODO: check
+CVE-2022-38650 (** UNSUPPORTED WHEN ASSIGNED ** A remote unauthenticated 
insecure dese ...)
+       TODO: check
 CVE-2022-38649
        RESERVED
 CVE-2022-38648 (Server-Side Request Forgery (SSRF) vulnerability in Batik of 
Apache XM ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/24710ea20c9f2f0a9ac059c5831a1653bdb0858c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/24710ea20c9f2f0a9ac059c5831a1653bdb0858c
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits