Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e80f2d9b by security tracker role at 2022-11-24T08:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,31 @@
+CVE-2022-45873 (systemd 250 and 251 allows local users to achieve a
systemd-coredump d ...)
+ TODO: check
+CVE-2022-45872 (iTerm2 before 3.4.18 mishandles a DECRQSS response. ...)
+ TODO: check
+CVE-2022-45871
+ RESERVED
+CVE-2022-45870
+ RESERVED
+CVE-2022-45869
+ RESERVED
+CVE-2022-45868 (The web-based admin console in H2 Database Engine through
2.1.214 can ...)
+ TODO: check
+CVE-2022-45867
+ RESERVED
+CVE-2022-45866 (qpress before PierreLvx/qpress 20220819 and before version
11.3, as us ...)
+ TODO: check
+CVE-2022-4136
+ RESERVED
+CVE-2022-4135
+ RESERVED
+CVE-2022-4134
+ RESERVED
+CVE-2022-4133
+ RESERVED
+CVE-2022-4132
+ RESERVED
+CVE-2021-46855
+ RESERVED
CVE-2022-45865
RESERVED
CVE-2022-45864
@@ -1789,16 +1817,16 @@ CVE-2022-45282
RESERVED
CVE-2022-45281
RESERVED
-CVE-2022-45280
- RESERVED
+CVE-2022-45280 (A cross-site scripting (XSS) vulnerability in the Url
parameter in /lo ...)
+ TODO: check
CVE-2022-45279
RESERVED
-CVE-2022-45278
- RESERVED
+CVE-2022-45278 (Jizhicms v2.3.3 was discovered to contain a SQL injection
vulnerabilit ...)
+ TODO: check
CVE-2022-45277
RESERVED
-CVE-2022-45276
- RESERVED
+CVE-2022-45276 (An issue in the /index/user/user_edit.html component of YJCMS
v1.0.9 a ...)
+ TODO: check
CVE-2022-45275
RESERVED
CVE-2022-45274
@@ -3084,8 +3112,8 @@ CVE-2022-44791
RESERVED
CVE-2022-44790
RESERVED
-CVE-2022-44789
- RESERVED
+CVE-2022-44789 (A logical issue in O_getOwnPropertyDescriptor() in Artifex
MuJS 1.0.0 ...)
+ TODO: check
CVE-2022-44788 (An issue was discovered in Appalti & Contratti 9.12.2. It
allows S ...)
NOT-FOR-US: Appalti & Contratti
CVE-2022-44787 (An issue was discovered in Appalti & Contratti 9.12.2. The
web app ...)
@@ -3266,10 +3294,10 @@ CVE-2023-21405
RESERVED
CVE-2023-21404
RESERVED
-CVE-2022-44749
- RESERVED
-CVE-2022-44748
- RESERVED
+CVE-2022-44749 (A directory traversal vulnerability in the ZIP archive
extraction rout ...)
+ TODO: check
+CVE-2022-44748 (A directory traversal vulnerability in the ZIP archive
extraction rout ...)
+ TODO: check
CVE-2022-44731
RESERVED
CVE-2022-44730
@@ -5802,8 +5830,8 @@ CVE-2022-44142
RESERVED
CVE-2022-44141
RESERVED
-CVE-2022-44140
- RESERVED
+CVE-2022-44140 (Jizhicms v2.3.3 was discovered to contain a SQL injection
vulnerabilit ...)
+ TODO: check
CVE-2022-44139 (Apartment Visitor Management System v1.0 is vulnerable to SQL
Injectio ...)
NOT-FOR-US: Apartment Visitor Management System
CVE-2022-44138
@@ -5842,14 +5870,14 @@ CVE-2022-44122
RESERVED
CVE-2022-44121
RESERVED
-CVE-2022-44120
- RESERVED
+CVE-2022-44120 (dedecmdv6 6.1.9 is vulnerable to SQL Injection. via
sys_sql_query.php. ...)
+ TODO: check
CVE-2022-44119
RESERVED
-CVE-2022-44118
- RESERVED
-CVE-2022-44117
- RESERVED
+CVE-2022-44118 (dedecmdv6 v6.1.9 is vulnerable to Remote Code Execution (RCE)
via file ...)
+ TODO: check
+CVE-2022-44117 (Boa 0.94.14rc21 is vulnerable to SQL Injection via username.
...)
+ TODO: check
CVE-2022-44116
RESERVED
CVE-2022-44115
@@ -10013,8 +10041,8 @@ CVE-2022-43198
RESERVED
CVE-2022-43197
RESERVED
-CVE-2022-43196
- RESERVED
+CVE-2022-43196 (dedecmdv6 v6.1.9 is vulnerable to Arbitrary file deletion via
file_man ...)
+ TODO: check
CVE-2022-43195
RESERVED
CVE-2022-43194
@@ -13235,8 +13263,8 @@ CVE-2022-41948
RESERVED
CVE-2022-41947
RESERVED
-CVE-2022-41946
- RESERVED
+CVE-2022-41946 (pgjdbc is an open source postgresql JDBC Driver. In affected
versions ...)
+ TODO: check
CVE-2022-41945 (super-xray is a vulnerability scanner (xray) GUI launcher. In
version ...)
NOT-FOR-US: super-xray
CVE-2022-41944
@@ -13257,18 +13285,18 @@ CVE-2022-41937 (XWiki Platform is a generic wiki
platform offering runtime servi
NOT-FOR-US: XWiki
CVE-2022-41936 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
NOT-FOR-US: XWiki
-CVE-2022-41935
- RESERVED
-CVE-2022-41934
- RESERVED
-CVE-2022-41933
- RESERVED
-CVE-2022-41932
- RESERVED
-CVE-2022-41931
- RESERVED
-CVE-2022-41930
- RESERVED
+CVE-2022-41935 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
+ TODO: check
+CVE-2022-41934 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
+ TODO: check
+CVE-2022-41933 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
+ TODO: check
+CVE-2022-41932 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
+ TODO: check
+CVE-2022-41931 (xwiki-platform-icon-ui is vulnerable to Improper
Neutralization of Dir ...)
+ TODO: check
+CVE-2022-41930 (org.xwiki.platform:xwiki-platform-user-profile-ui is missing
authoriza ...)
+ TODO: check
CVE-2022-41929 (org.xwiki.platform:xwiki-platform-oldcore is missing
authorization in ...)
TODO: check
CVE-2022-41928 (XWiki Platform vulnerable to Improper Neutralization of
Directives in ...)
@@ -118836,8 +118864,8 @@ CVE-2021-29336
RESERVED
CVE-2021-29335
RESERVED
-CVE-2021-29334
- RESERVED
+CVE-2021-29334 (An issue was discovered in JIZHI CMS 1.9.4. There is a CSRF
vulnerabil ...)
+ TODO: check
CVE-2021-29333
RESERVED
CVE-2021-29332
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e80f2d9b699e86dc62e6ed4f3c586202e395705e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e80f2d9b699e86dc62e6ed4f3c586202e395705e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
