Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6073ec15 by security tracker role at 2022-12-30T20:10:34+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2022-4863 (Improper Handling of Insufficient Permissions or Privileges in
GitHub ...)
+ TODO: check
+CVE-2022-4862
+ RESERVED
+CVE-2022-4861 (Incorrect implementation in authentication protocol in M-Files
Client ...)
+ TODO: check
+CVE-2022-4860 (A vulnerability was found in KBase Metrics. It has been
classified as ...)
+ TODO: check
+CVE-2022-4859 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2022-4858 (Insertion of Sensitive Information into Log Files in M-Files
Server be ...)
+ TODO: check
+CVE-2022-4857 (A vulnerability was found in Modbus Tools Modbus Poll up to
9.10.0 and ...)
+ TODO: check
+CVE-2022-4856 (A vulnerability has been found in Modbus Tools Modbus Slave up
to 7.5. ...)
+ TODO: check
+CVE-2022-4855 (A vulnerability, which was classified as critical, was found in
Source ...)
+ TODO: check
+CVE-2022-48196 (Certain NETGEAR devices are affected by a buffer overflow by
an unauth ...)
+ TODO: check
+CVE-2020-36638 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in
Chris92de ...)
+ TODO: check
+CVE-2020-36637 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in
Chris92de ...)
+ TODO: check
+CVE-2018-25060 (A vulnerability was found in Macaron csrf and classified as
problemati ...)
+ TODO: check
+CVE-2018-25059 (A vulnerability was found in pastebinit up to 0.2.2 and
classified as ...)
+ TODO: check
+CVE-2017-20153 (A vulnerability has been found in aerouk imageserve and
classified as ...)
+ TODO: check
+CVE-2017-20152 (A vulnerability, which was classified as problematic, was
found in aer ...)
+ TODO: check
+CVE-2017-20151 (A vulnerability classified as problematic was found in iText
RUPS. Thi ...)
+ TODO: check
CVE-2022-48195
RESERVED
CVE-2022-48194 (TP-Link TL-WR902AC devices through V3 0.9.1 allow remote
authenticated ...)
@@ -13177,8 +13211,7 @@ CVE-2022-44623 (In JetBrains TeamCity version before
2022.10, Project Viewer cou
NOT-FOR-US: JetBrains TeamCity
CVE-2022-44622 (In JetBrains TeamCity version between 2021.2 and 2022.10
access permis ...)
NOT-FOR-US: JetBrains TeamCity
-CVE-2022-44621
- RESERVED
+CVE-2022-44621 (Diagnosis Controller miss parameter validation, so user may
attacked b ...)
NOT-FOR-US: Apache Kylin (different from Kylin desktop environment)
CVE-2022-44618
RESERVED
@@ -18198,8 +18231,7 @@ CVE-2022-43398 (A vulnerability has been identified in
POWER METER SICAM Q100 (A
NOT-FOR-US: Siemens
CVE-2022-43397 (A vulnerability has been identified in Parasolid V34.0 (All
versions & ...)
NOT-FOR-US: Siemens
-CVE-2022-43396
- RESERVED
+CVE-2022-43396 (In the fix for CVE-2022-24697, a blacklist is used to filter
user inpu ...)
NOT-FOR-US: Apache Kylin (different from Kylin desktop environment)
CVE-2022-3591 (Use After Free in GitHub repository vim/vim prior to 9.0.0789.
...)
- vim 2:9.0.0813-1 (unimportant)
@@ -74649,7 +74681,7 @@ CVE-2022-23549
RESERVED
CVE-2022-23548
RESERVED
-CVE-2022-23537
+CVE-2022-23537 (PJSIP is a free and open source multimedia communication
library writt ...)
- asterisk <unfixed>
- ring <unfixed>
- pjproject <removed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6073ec153d4c611a32bb07db03648ea90c49be7f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6073ec153d4c611a32bb07db03648ea90c49be7f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
