Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
589281fb by security tracker role at 2022-11-16T08:10:19+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2022-43468
+ RESERVED
+CVE-2022-41783
+ RESERVED
+CVE-2022-4010
+ RESERVED
+CVE-2022-4009
+ RESERVED
+CVE-2022-4008
+ RESERVED
+CVE-2022-4007
+ RESERVED
+CVE-2022-4006 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2022-4005
+ RESERVED
+CVE-2022-4004
+ RESERVED
+CVE-2021-4241 (A vulnerability, which was classified as problematic, was found
in php ...)
+ TODO: check
+CVE-2021-4240 (A vulnerability, which was classified as problematic, was found
in php ...)
+ TODO: check
CVE-2022-45442
RESERVED
CVE-2022-45441
@@ -394,52 +416,52 @@ CVE-2022-45403
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45403
CVE-2022-45402 (In Apache Airflow versions prior to 2.4.3, there was an open
redirect ...)
- airflow <itp> (bug #819700)
-CVE-2022-45401
- RESERVED
-CVE-2022-45400
- RESERVED
-CVE-2022-45399
- RESERVED
-CVE-2022-45398
- RESERVED
-CVE-2022-45397
- RESERVED
-CVE-2022-45396
- RESERVED
-CVE-2022-45395
- RESERVED
-CVE-2022-45394
- RESERVED
-CVE-2022-45393
- RESERVED
-CVE-2022-45392
- RESERVED
-CVE-2022-45391
- RESERVED
-CVE-2022-45390
- RESERVED
-CVE-2022-45389
- RESERVED
-CVE-2022-45388
- RESERVED
-CVE-2022-45387
- RESERVED
-CVE-2022-45386
- RESERVED
-CVE-2022-45385
- RESERVED
-CVE-2022-45384
- RESERVED
-CVE-2022-45383
- RESERVED
-CVE-2022-45382
- RESERVED
-CVE-2022-45381
- RESERVED
-CVE-2022-45380
- RESERVED
-CVE-2022-45379
- RESERVED
+CVE-2022-45401 (Jenkins Associated Files Plugin 0.2.1 and earlier does not
escape name ...)
+ TODO: check
+CVE-2022-45400 (Jenkins JAPEX Plugin 1.7 and earlier does not configure its
XML parser ...)
+ TODO: check
+CVE-2022-45399 (A missing permission check in Jenkins Cluster Statistics
Plugin 0.4.6 ...)
+ TODO: check
+CVE-2022-45398 (A cross-site request forgery (CSRF) vulnerability in Jenkins
Cluster S ...)
+ TODO: check
+CVE-2022-45397 (Jenkins OSF Builder Suite : : XML Linter Plugin 1.0.2 and
earlier does ...)
+ TODO: check
+CVE-2022-45396 (Jenkins SourceMonitor Plugin 0.2 and earlier does not
configure its XM ...)
+ TODO: check
+CVE-2022-45395 (Jenkins CCCC Plugin 0.6 and earlier does not configure its XML
parser ...)
+ TODO: check
+CVE-2022-45394 (A missing permission check in Jenkins Delete log Plugin 1.0
and earlie ...)
+ TODO: check
+CVE-2022-45393 (A cross-site request forgery (CSRF) vulnerability in Jenkins
Delete lo ...)
+ TODO: check
+CVE-2022-45392 (Jenkins NS-ND Integration Performance Publisher Plugin
4.8.0.143 and e ...)
+ TODO: check
+CVE-2022-45391 (Jenkins NS-ND Integration Performance Publisher Plugin
4.8.0.143 and e ...)
+ TODO: check
+CVE-2022-45390 (A missing permission check in Jenkins loader.io Plugin 1.0.1
and earli ...)
+ TODO: check
+CVE-2022-45389 (A missing permission check in Jenkins XP-Dev Plugin 1.0 and
earlier al ...)
+ TODO: check
+CVE-2022-45388 (Jenkins Config Rotator Plugin 2.0.1 and earlier does not
restrict a fi ...)
+ TODO: check
+CVE-2022-45387 (Jenkins BART Plugin 1.0.3 and earlier does not escape the
parsed conte ...)
+ TODO: check
+CVE-2022-45386 (Jenkins Violations Plugin 0.7.11 and earlier does not
configure its XM ...)
+ TODO: check
+CVE-2022-45385 (A missing permission check in Jenkins CloudBees Docker
Hub/Registry No ...)
+ TODO: check
+CVE-2022-45384 (Jenkins Reverse Proxy Auth Plugin 1.7.3 and earlier stores the
LDAP ma ...)
+ TODO: check
+CVE-2022-45383 (An incorrect permission check in Jenkins Support Core Plugin
1206.v140 ...)
+ TODO: check
+CVE-2022-45382 (Jenkins Naginator Plugin 1.18.1 and earlier does not escape
display na ...)
+ TODO: check
+CVE-2022-45381 (Jenkins Pipeline Utility Steps Plugin 2.13.1 and earlier does
not rest ...)
+ TODO: check
+CVE-2022-45380 (Jenkins JUnit Plugin 1159.v0b_396e1e07dd and earlier converts
HTTP(S) ...)
+ TODO: check
+CVE-2022-45379 (Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fde and
earlier store ...)
+ TODO: check
CVE-2022-45378 (** UNSUPPORTED WHEN ASSIGNED ** In the default configuration
of Apache ...)
NOT-FOR-US: Apache SOAP
CVE-2022-45377
@@ -1136,8 +1158,8 @@ CVE-2022-41659
RESERVED
CVE-2022-3921
RESERVED
-CVE-2022-3920
- RESERVED
+CVE-2022-3920 (HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do
not filt ...)
+ TODO: check
CVE-2022-45108
RESERVED
CVE-2022-45107
@@ -8658,8 +8680,8 @@ CVE-2022-43280 (wasm-interp v1.0.29 was discovered to
contain an out-of-bounds r
- wabt <unfixed> (unimportant)
NOTE: https://github.com/WebAssembly/wabt/issues/1982
NOTE: Crash in CLI tool, no security impact
-CVE-2022-43279
- RESERVED
+CVE-2022-43279 (LimeSurvey v5.4.4 was discovered to contain a SQL injection
vulnerabil ...)
+ TODO: check
CVE-2022-43278 (Canteen Management System v1.0 was discovered to contain a SQL
injecti ...)
NOT-FOR-US: Canteen Management System
CVE-2022-43277 (Canteen Management System v1.0 was discovered to contain an
arbitrary ...)
@@ -8686,8 +8708,8 @@ CVE-2022-43267
RESERVED
CVE-2022-43266
RESERVED
-CVE-2022-43265
- RESERVED
+CVE-2022-43265 (An arbitrary file upload vulnerability in the component
/pages/save_us ...)
+ TODO: check
CVE-2022-43264
RESERVED
CVE-2022-43263
@@ -10090,8 +10112,8 @@ CVE-2022-42787 (Multiple W&T products of the
Comserver Series use a small nu
NOT-FOR-US: Wiesemann & Theis GmbH products
CVE-2022-42786 (Multiple W&T Products of the ComServer Series are prone to
an XSS ...)
NOT-FOR-US: Wiesemann & Theis GmbH products
-CVE-2022-42785
- RESERVED
+CVE-2022-42785 (Multiple W&T products of the ComServer Series are prone to
an auth ...)
+ TODO: check
CVE-2022-42784
RESERVED
CVE-2022-3457 (Origin Validation Error in GitHub repository ikus060/rdiffweb
prior to ...)
@@ -12112,12 +12134,12 @@ CVE-2022-41920
RESERVED
CVE-2022-41919
RESERVED
-CVE-2022-41918
- RESERVED
-CVE-2022-41917
- RESERVED
-CVE-2022-41916
- RESERVED
+CVE-2022-41918 (OpenSearch is a community-driven, open source fork of
Elasticsearch an ...)
+ TODO: check
+CVE-2022-41917 (OpenSearch is a community-driven, open source fork of
Elasticsearch an ...)
+ TODO: check
+CVE-2022-41916 (Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos.
Version ...)
+ TODO: check
CVE-2022-41915
RESERVED
CVE-2022-41914
@@ -12299,8 +12321,8 @@ CVE-2022-3379 (Horner Automation's Cscape version 9.90
SP7 and prior does not pr
NOT-FOR-US: Horner Automation's Cscape
CVE-2022-3378 (Horner Automation's Cscape version 9.90 SP 7 and prior does not
proper ...)
NOT-FOR-US: Horner Automation's Cscape
-CVE-2022-3377
- RESERVED
+CVE-2022-3377 (Horner Automation's Cscape version 9.90 SP 6 and prior does not
proper ...)
+ TODO: check
CVE-2022-3376 (Weak Password Requirements in GitHub repository
ikus060/rdiffweb prior ...)
- rdiffweb <itp> (bug #969974)
CVE-2022-3375
@@ -15021,8 +15043,8 @@ CVE-2022-3234 (Heap-based Buffer Overflow in GitHub
repository vim/vim prior to
NOTE:
https://github.com/vim/vim/commit/c249913edc35c0e666d783bfc21595cf9f7d9e0d
(v9.0.0483)
CVE-2022-40754 (In Apache Airflow 2.3.0 through 2.3.4, there was an open
redirect in t ...)
- airflow <itp> (bug #819700)
-CVE-2022-40753
- RESERVED
+CVE-2022-40753 (IBM InfoSphere Information Server 11.7 is vulnerable to
cross-site scr ...)
+ TODO: check
CVE-2022-40752
RESERVED
CVE-2022-40751
@@ -16497,7 +16519,7 @@ CVE-2022-40162
CVE-2022-40161 (** DISPUTED ** This record was originally reported by the
oss-fuzz pro ...)
- libcommons-jxpath-java <unfixed>
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47097
-CVE-2022-40160 (Those using JXPath to interpret XPath may be vulnerable to
Denial of S ...)
+CVE-2022-40160 (** DISPUTED ** This record was originally reported by the
oss-fuzz pro ...)
- libcommons-jxpath-java <unfixed>
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47053
CVE-2022-40159 (** DISPUTED ** This record was originally reported by the
oss-fuzz pro ...)
@@ -20405,8 +20427,8 @@ CVE-2022-2948
RESERVED
CVE-2022-2947
RESERVED
-CVE-2022-38666
- RESERVED
+CVE-2022-38666 (Jenkins NS-ND Integration Performance Publisher Plugin
4.8.0.146 and e ...)
+ TODO: check
CVE-2022-38665 (Jenkins CollabNet Plugins Plugin 2.0.8 and earlier stores a
RabbitMQ p ...)
NOT-FOR-US: Jenkins CollabNet Plugins Plugin
CVE-2022-38664 (Jenkins Job Configuration History Plugin 1165.v8cc9fd1f4597
and earlie ...)
@@ -21290,8 +21312,8 @@ CVE-2022-38387 (IBM Cloud Pak for Security (CP4S)
1.10.0.0 through 1.10.2.0 coul
NOT-FOR-US: IBM
CVE-2022-38386
RESERVED
-CVE-2022-38385
- RESERVED
+CVE-2022-38385 (IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.2.0
could allo ...)
+ TODO: check
CVE-2022-38384
RESERVED
CVE-2022-38383
@@ -21866,8 +21888,8 @@ CVE-2022-38203
RESERVED
CVE-2022-38202
RESERVED
-CVE-2022-38201
- RESERVED
+CVE-2022-38201 (An unvalidated redirect vulnerability exists in Esri Portal
for ArcGIS ...)
+ TODO: check
CVE-2022-38200 (A cross site scripting vulnerability exists in some map
service config ...)
NOT-FOR-US: ArcGIS Server
CVE-2022-38199 (A remote file download issue can occur in some capabilities of
Esri Ar ...)
@@ -22064,7 +22086,7 @@ CVE-2022-38165
RESERVED
CVE-2022-38164 (WithSecure through 2022-08-10 allows attackers to cause a
denial of se ...)
NOT-FOR-US: WithSecure
-CVE-2022-38163 (WithSecure through 2022-08-10 allows attackers to cause a
denial of se ...)
+CVE-2022-38163 (A Drag and Drop spoof vulnerability was discovered in F-Secure
SAFE Br ...)
NOT-FOR-US: WithSecure
CVE-2022-38162 (Reflected cross-site scripting (XSS) vulnerabilities in
WithSecure thr ...)
NOT-FOR-US: WithSecure
@@ -32670,8 +32692,8 @@ CVE-2022-34171 (In Jenkins 2.321 through 2.355 (both
inclusive) and LTS 2.332.1
- jenkins <removed>
CVE-2022-34170 (In Jenkins 2.320 through 2.355 (both inclusive) and LTS
2.332.1 throug ...)
- jenkins <removed>
-CVE-2022-2166
- RESERVED
+CVE-2022-2166 (Improper Restriction of Excessive Authentication Attempts in
GitHub re ...)
+ TODO: check
CVE-2022-34169 (The Apache Xalan Java XSLT library is vulnerable to an integer
truncat ...)
{DSA-5256-1 DSA-5192-1 DSA-5188-1 DLA-3155-1}
- openjdk-8 8u342-b07-1
@@ -42151,16 +42173,16 @@ CVE-2022-30774 (DMA attacks on the parameter buffer
used by the PnpSmm driver co
TODO: check
CVE-2022-30773 (DMA attacks on the parameter buffer used by the IhisiSmm
driver could ...)
TODO: check
-CVE-2022-30772
- RESERVED
-CVE-2022-30771
- RESERVED
+CVE-2022-30772 (Manipulation of the input address in PnpSmm function 0x52
could be use ...)
+ TODO: check
+CVE-2022-30771 (Initialization function in PnpSmm could lead to SMRAM
corruption when ...)
+ TODO: check
CVE-2022-30770 (Terminalfour versions 8.3.7, 8.3.x versions prior to version
8.3.8 and ...)
NOT-FOR-US: Terminalfour
-CVE-2022-30769
- RESERVED
-CVE-2022-30768
- RESERVED
+CVE-2022-30769 (Session fixation exists in ZoneMinder through 1.36.12 as an
attacker c ...)
+ TODO: check
+CVE-2022-30768 (A Stored Cross Site Scripting (XSS) issue in ZoneMinder
1.36.12 allows ...)
+ TODO: check
CVE-2022-30767 (nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04
(and throu ...)
[experimental] - u-boot 2022.07~rc4+dfsg-1
- u-boot 2022.07+dfsg-1 (bug #1014471)
@@ -43612,8 +43634,8 @@ CVE-2022-30285 (In Quest KACE Systems Management
Appliance (SMA) through 12.0, a
NOT-FOR-US: Quest KACE System Management Appliance
CVE-2022-30284 (** DISPUTED ** In the python-libnmap package through 0.7.2 for
Python, ...)
NOTE: Bogus python-libnmap issue
-CVE-2022-30283
- RESERVED
+CVE-2022-30283 (In UsbCoreDxe, tampering with the contents of the USB working
buffer u ...)
+ TODO: check
CVE-2022-30282
RESERVED
CVE-2022-30281
@@ -46521,16 +46543,16 @@ CVE-2022-29281 (Notable before 1.9.0-beta.8 doesn't
effectively prevent the open
NOT-FOR-US: Notable
CVE-2022-29280
REJECTED
-CVE-2022-29279
- RESERVED
-CVE-2022-29278
- RESERVED
-CVE-2022-29277
- RESERVED
-CVE-2022-29276
- RESERVED
-CVE-2022-29275
- RESERVED
+CVE-2022-29279 (Use of a untrusted pointer allows tampering with SMRAM and OS
memory i ...)
+ TODO: check
+CVE-2022-29278 (Incorrect pointer checks within the NvmExpressDxe driver can
allow tam ...)
+ TODO: check
+CVE-2022-29277 (Incorrect pointer checks within the the FwBlockServiceSmm
driver can a ...)
+ TODO: check
+CVE-2022-29276 (SMI functions in AhciBusDxe use untrusted inputs leading to
corruption ...)
+ TODO: check
+CVE-2022-29275 (In UsbCoreDxe, untrusted input may allow SMRAM or OS memory
tampering ...)
+ TODO: check
CVE-2022-29274
RESERVED
CVE-2022-29273
@@ -50714,8 +50736,8 @@ CVE-2022-27897
RESERVED
CVE-2022-27896 (Information Exposure Through Log Files vulnerability
discovered in Fou ...)
TODO: check
-CVE-2022-27895
- RESERVED
+CVE-2022-27895 (Information Exposure Through Log Files vulnerability
discovered in Fou ...)
+ TODO: check
CVE-2022-27894 (The Foundry Blobster service was found to have a cross-site
scripting ...)
NOT-FOR-US: Foundry Blobster service
CVE-2022-27893 (The Foundry Magritte plugin osisoft-pi-web-connector versions
0.15.0 - ...)
@@ -59185,8 +59207,8 @@ CVE-2022-24944
RESERVED
CVE-2022-24943
RESERVED
-CVE-2022-24942
- RESERVED
+CVE-2022-24942 (Heap based buffer overflow in HTTP Server functionality in
Micrium uC- ...)
+ TODO: check
CVE-2022-24941
RESERVED
CVE-2022-24940
@@ -79946,72 +79968,72 @@ CVE-2022-20952
RESERVED
CVE-2022-20951 (A vulnerability in the web-based management interface of Cisco
BroadWo ...)
NOT-FOR-US: Cisco
-CVE-2022-20950
- RESERVED
-CVE-2022-20949
- RESERVED
+CVE-2022-20950 (A vulnerability in the interaction of SIP and Snort 3 for
Cisco Firepo ...)
+ TODO: check
+CVE-2022-20949 (A vulnerability in the management web server of Cisco
Firepower Threat ...)
+ TODO: check
CVE-2022-20948
RESERVED
-CVE-2022-20947
- RESERVED
-CVE-2022-20946
- RESERVED
+CVE-2022-20947 (A vulnerability in dynamic access policies (DAP) functionality
of Cisc ...)
+ TODO: check
+CVE-2022-20946 (A vulnerability in the generic routing encapsulation (GRE)
tunnel deca ...)
+ TODO: check
CVE-2022-20945 (A vulnerability in the 802.11 association frame validation of
Cisco Ca ...)
NOT-FOR-US: Cisco
CVE-2022-20944 (A vulnerability in the software image verification
functionality of Ci ...)
NOT-FOR-US: Cisco
-CVE-2022-20943
- RESERVED
+CVE-2022-20943 (Multiple vulnerabilities in the Server Message Block Version 2
(SMB2) ...)
+ TODO: check
CVE-2022-20942 (A vulnerability in the web-based management interface of Cisco
Email S ...)
NOT-FOR-US: Cisco
-CVE-2022-20941
- RESERVED
-CVE-2022-20940
- RESERVED
+CVE-2022-20941 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
+ TODO: check
+CVE-2022-20940 (A vulnerability in the TLS handler of Cisco Firepower Threat
Defense ( ...)
+ TODO: check
CVE-2022-20939
RESERVED
-CVE-2022-20938
- RESERVED
+CVE-2022-20938 (A vulnerability in the module import function of the
administrative in ...)
+ TODO: check
CVE-2022-20937 (A vulnerability in a feature that monitors RADIUS requests on
Cisco Id ...)
NOT-FOR-US: Cisco
-CVE-2022-20936
- RESERVED
-CVE-2022-20935
- RESERVED
-CVE-2022-20934
- RESERVED
+CVE-2022-20936 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
+ TODO: check
+CVE-2022-20935 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
+ TODO: check
+CVE-2022-20934 (A vulnerability in the CLI of Cisco Firepower Threat Defense
(FTD) Sof ...)
+ TODO: check
CVE-2022-20933 (A vulnerability in the Cisco AnyConnect VPN server of Cisco
Meraki MX ...)
NOT-FOR-US: Cisco
-CVE-2022-20932
- RESERVED
+CVE-2022-20932 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
+ TODO: check
CVE-2022-20931
RESERVED
CVE-2022-20930 (A vulnerability in the CLI of Cisco SD-WAN Software could
allow an aut ...)
NOT-FOR-US: Cisco
CVE-2022-20929
RESERVED
-CVE-2022-20928
- RESERVED
-CVE-2022-20927
- RESERVED
-CVE-2022-20926
- RESERVED
-CVE-2022-20925
- RESERVED
-CVE-2022-20924
- RESERVED
+CVE-2022-20928 (A vulnerability in the authentication and authorization flows
for VPN ...)
+ TODO: check
+CVE-2022-20927 (A vulnerability in the SSL/TLS client of Cisco Adaptive
Security Appli ...)
+ TODO: check
+CVE-2022-20926 (A vulnerability in the web management interface of the Cisco
Firepower ...)
+ TODO: check
+CVE-2022-20925 (A vulnerability in the web management interface of the Cisco
Firepower ...)
+ TODO: check
+CVE-2022-20924 (A vulnerability in the Simple Network Management Protocol
(SNMP) featu ...)
+ TODO: check
CVE-2022-20923 (A vulnerability in the IPSec VPN Server authentication
functionality o ...)
NOT-FOR-US: Cisco
-CVE-2022-20922
- RESERVED
+CVE-2022-20922 (Multiple vulnerabilities in the Server Message Block Version 2
(SMB2) ...)
+ TODO: check
CVE-2022-20921 (A vulnerability in the API implementation of Cisco ACI
Multi-Site Orch ...)
NOT-FOR-US: Cisco
CVE-2022-20920 (A vulnerability in the SSH implementation of Cisco IOS
Software and Ci ...)
NOT-FOR-US: Cisco
CVE-2022-20919 (A vulnerability in the processing of malformed Common
Industrial Proto ...)
NOT-FOR-US: Cisco
-CVE-2022-20918
- RESERVED
+CVE-2022-20918 (A vulnerability in the Simple Network Management Protocol
(SNMP) acces ...)
+ TODO: check
CVE-2022-20917
RESERVED
CVE-2022-20916 (A vulnerability in the web-based management interface of Cisco
IoT Con ...)
@@ -80036,8 +80058,8 @@ CVE-2022-20907 (Multiple vulnerabilities in Cisco Nexus
Dashboard could allow an
NOT-FOR-US: Cisco
CVE-2022-20906 (Multiple vulnerabilities in Cisco Nexus Dashboard could allow
an authe ...)
NOT-FOR-US: Cisco
-CVE-2022-20905
- RESERVED
+CVE-2022-20905 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
+ TODO: check
CVE-2022-20904 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
NOT-FOR-US: Cisco
CVE-2022-20903 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
@@ -80102,8 +80124,8 @@ CVE-2022-20874 (Multiple vulnerabilities in the
web-based management interface o
NOT-FOR-US: Cisco
CVE-2022-20873 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
NOT-FOR-US: Cisco
-CVE-2022-20872
- RESERVED
+CVE-2022-20872 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
+ TODO: check
CVE-2022-20871
RESERVED
CVE-2022-20870 (A vulnerability in the egress MPLS packet processing function
of Cisco ...)
@@ -80138,8 +80160,8 @@ CVE-2022-20856 (A vulnerability in the processing of
Control and Provisioning of
NOT-FOR-US: Cisco
CVE-2022-20855 (A vulnerability in the self-healing functionality of Cisco IOS
XE Soft ...)
NOT-FOR-US: Cisco
-CVE-2022-20854
- RESERVED
+CVE-2022-20854 (A vulnerability in the processing of SSH connections of Cisco
Firepowe ...)
+ TODO: check
CVE-2022-20853
RESERVED
CVE-2022-20852 (Multiple vulnerabilities in the web interface of Cisco Webex
Meetings ...)
@@ -80160,32 +80182,32 @@ CVE-2022-20845
RESERVED
CVE-2022-20844 (A vulnerability in authentication mechanism of Cisco
Software-Defined ...)
NOT-FOR-US: Cisco
-CVE-2022-20843
- RESERVED
+CVE-2022-20843 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
+ TODO: check
CVE-2022-20842 (Multiple vulnerabilities in Cisco Small Business RV160, RV260,
RV340, ...)
NOT-FOR-US: Cisco
CVE-2022-20841 (Multiple vulnerabilities in Cisco Small Business RV160, RV260,
RV340, ...)
NOT-FOR-US: Cisco
-CVE-2022-20840
- RESERVED
-CVE-2022-20839
- RESERVED
-CVE-2022-20838
- RESERVED
+CVE-2022-20840 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
+ TODO: check
+CVE-2022-20839 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
+ TODO: check
+CVE-2022-20838 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
+ TODO: check
CVE-2022-20837 (A vulnerability in the DNS application layer gateway (ALG)
functionali ...)
NOT-FOR-US: Cisco
-CVE-2022-20836
- RESERVED
-CVE-2022-20835
- RESERVED
-CVE-2022-20834
- RESERVED
-CVE-2022-20833
- RESERVED
-CVE-2022-20832
- RESERVED
-CVE-2022-20831
- RESERVED
+CVE-2022-20836 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
+ TODO: check
+CVE-2022-20835 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
+ TODO: check
+CVE-2022-20834 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
+ TODO: check
+CVE-2022-20833 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
+ TODO: check
+CVE-2022-20832 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
+ TODO: check
+CVE-2022-20831 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
+ TODO: check
CVE-2022-20830 (A vulnerability in authentication mechanism of Cisco
Software-Defined ...)
NOT-FOR-US: Cisco
CVE-2022-20829 (A vulnerability in the packaging of Cisco Adaptive Security
Device Man ...)
@@ -80194,8 +80216,8 @@ CVE-2022-20828 (A vulnerability in the CLI parser of
Cisco FirePOWER Software fo
NOT-FOR-US: Cisco
CVE-2022-20827 (Multiple vulnerabilities in Cisco Small Business RV160, RV260,
RV340, ...)
NOT-FOR-US: Cisco
-CVE-2022-20826
- RESERVED
+CVE-2022-20826 (A vulnerability in the secure boot implementation of Cisco
Secure Fire ...)
+ TODO: check
CVE-2022-20825 (A vulnerability in the web-based management interface of Cisco
Small B ...)
NOT-FOR-US: Cisco
CVE-2022-20824 (A vulnerability in the Cisco Discovery Protocol feature of
Cisco FXOS ...)
@@ -189183,10 +189205,10 @@ CVE-2020-12510 (The default installation path of
the TwinCAT XAR 3.1 software in
NOT-FOR-US: Beckhoff
CVE-2020-12509 (In s::can moni::tools in versions below 4.2 an unauthenticated
attacke ...)
NOT-FOR-US: s::can moni::tools
-CVE-2020-12508
- RESERVED
-CVE-2020-12507
- RESERVED
+CVE-2020-12508 (In s::can moni::tools in versions below 4.2 an unauthenticated
attacke ...)
+ TODO: check
+CVE-2020-12507 (In s::can moni::tools before version 4.2 an authenticated
attacker cou ...)
+ TODO: check
CVE-2020-12506 (Improper Authentication vulnerability in WAGO 750-8XX series
with FW v ...)
NOT-FOR-US: WAGO
CVE-2020-12505 (Improper Authentication vulnerability in WAGO 750-8XX series
with FW v ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/589281fbf92c68bfc24bc94f3dfd86e0138739d5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/589281fbf92c68bfc24bc94f3dfd86e0138739d5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
