Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3cd25e2e by security tracker role at 2023-01-03T20:10:26+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,57 @@
+CVE-2023-22586
+ RESERVED
+CVE-2023-22585
+ RESERVED
+CVE-2023-22584
+ RESERVED
+CVE-2023-22583
+ RESERVED
+CVE-2023-22582
+ RESERVED
+CVE-2023-22581
+ RESERVED
+CVE-2023-22580
+ RESERVED
+CVE-2023-22579
+ RESERVED
+CVE-2023-22578
+ RESERVED
+CVE-2023-22577
+ RESERVED
+CVE-2023-0040
+ RESERVED
+CVE-2023-0039 (The User Post Gallery - UPG plugin for WordPress is vulnerable
to auth ...)
+ TODO: check
+CVE-2023-0038 (The "Survey Maker – Best WordPress Survey Plugin" plugin
for Wor ...)
+ TODO: check
+CVE-2023-0037
+ RESERVED
+CVE-2023-0036
+ RESERVED
+CVE-2023-0035
+ RESERVED
+CVE-2022-4871 (A vulnerability classified as problematic was found in ummmmm
nflpick- ...)
+ TODO: check
+CVE-2022-48215
+ RESERVED
+CVE-2022-48214
+ RESERVED
+CVE-2022-48213
+ RESERVED
+CVE-2022-48212
+ RESERVED
+CVE-2022-48211
+ RESERVED
+CVE-2022-48210
+ RESERVED
+CVE-2015-10012 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in
sumocoder ...)
+ TODO: check
+CVE-2013-10007 (A vulnerability classified as problematic has been found in
ethitter W ...)
+ TODO: check
+CVE-2012-10003 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2012-10002 (A vulnerability was found in ahmyi RivetTracker. It has been
declared ...)
+ TODO: check
CVE-2023-0034
RESERVED
CVE-2023-0033
@@ -522,8 +576,8 @@ CVE-2023-22458
RESERVED
CVE-2023-22457
RESERVED
-CVE-2023-22456
- RESERVED
+CVE-2023-22456 (ViewVC, a browser interface for CVS and Subversion version
control rep ...)
+ TODO: check
CVE-2023-22455
RESERVED
CVE-2023-22454
@@ -1674,8 +1728,8 @@ CVE-2023-0021
RESERVED
CVE-2022-47926 (AyaCMS 3.1.2 is vulnerable to file deletion via
/aya/module/admin/fst_ ...)
NOT-FOR-US: AyaCMS
-CVE-2022-4663
- RESERVED
+CVE-2022-4663 (The Members Import plugin for WordPress is vulnerable to Self
Cross-Si ...)
+ TODO: check
CVE-2022-4662 (A flaw incorrect access control in the Linux kernel USB core
subsystem ...)
- linux 5.19.11-1
[bullseye] - linux 5.10.148-1
@@ -11157,8 +11211,8 @@ CVE-2022-3934 (The Flat PM WordPress plugin through
2.661 does not sanitize and
NOT-FOR-US: WordPress plugin
CVE-2022-3933 (The Essential Real Estate WordPress plugin before 3.9.6 does
not sanit ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-45143
- RESERVED
+CVE-2022-45143 (The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to
9.0.68 and ...)
+ TODO: check
CVE-2022-45142
RESERVED
CVE-2022-45141
@@ -18079,14 +18133,14 @@ CVE-2022-43524
RESERVED
CVE-2022-43523
RESERVED
-CVE-2022-43522
- RESERVED
-CVE-2022-43521
- RESERVED
-CVE-2022-43520
- RESERVED
-CVE-2022-43519
- RESERVED
+CVE-2022-43522 (Multiple vulnerabilities in the web-based management interface
of Arub ...)
+ TODO: check
+CVE-2022-43521 (Multiple vulnerabilities in the web-based management interface
of Arub ...)
+ TODO: check
+CVE-2022-43520 (Multiple vulnerabilities in the web-based management interface
of Arub ...)
+ TODO: check
+CVE-2022-43519 (Multiple vulnerabilities in the web-based management interface
of Arub ...)
+ TODO: check
CVE-2022-43518 (An authenticated path traversal vulnerability exists in the
Aruba Edge ...)
NOT-FOR-US: Aruba
CVE-2022-43517 (A vulnerability has been identified in Simcenter STAR-CCM+
(All versio ...)
@@ -21071,8 +21125,8 @@ CVE-2022-42473 (A missing authentication for a critical
function vulnerability i
NOT-FOR-US: FortiGuard
CVE-2022-42472
RESERVED
-CVE-2022-42471
- RESERVED
+CVE-2022-42471 (An improper neutralization of CRLF sequences in HTTP headers
('HTTP Re ...)
+ TODO: check
CVE-2022-42470
RESERVED
CVE-2022-42469
@@ -24115,8 +24169,8 @@ CVE-2022-3293 (Email addresses were leaked in WebHook
logs in GitLab EE affectin
- gitlab <not-affected> (Only affects Gitlab EE)
CVE-2022-3292 (Use of Cache Containing Sensitive Information in GitHub
repository iku ...)
- rdiffweb <itp> (bug #969974)
-CVE-2022-41336
- RESERVED
+CVE-2022-41336 (An improper neutralization of input during web page generation
vulnera ...)
+ TODO: check
CVE-2022-41335
RESERVED
CVE-2022-41334
@@ -27524,8 +27578,8 @@ CVE-2022-39949 (An improper control of a resource
through its lifetime vulnerabi
NOT-FOR-US: FortiGuard
CVE-2022-39948
RESERVED
-CVE-2022-39947
- RESERVED
+CVE-2022-39947 (A improper neutralization of special elements used in an os
command (' ...)
+ TODO: check
CVE-2022-39946
RESERVED
CVE-2022-39945 (An improper access control vulnerability [CWE-284] in
FortiMail 7.2.0, ...)
@@ -30622,8 +30676,8 @@ CVE-2022-38768 (The mobile application in Transtek
Mojodat FAM (Fixed Asset Mana
NOT-FOR-US: Transtek
CVE-2022-38767 (An issue was discovered in Wind River VxWorks 6.9 and 7, that
allows a ...)
NOT-FOR-US: Wind River VxWorks
-CVE-2022-38766
- RESERVED
+CVE-2022-38766 (The remote keyless system on Renault ZOE 2021 vehicles sends
433.92 MH ...)
+ TODO: check
CVE-2022-38765 (Canon Medical Informatics Vitrea Vision 7.7.76.1 does not
adequately e ...)
NOT-FOR-US: Canon Medical Informatics Vitrea
CVE-2022-38764 (A vulnerability on Trend Micro HouseCall version 1.62.1.1133
and below ...)
@@ -33216,10 +33270,10 @@ CVE-2022-37936
RESERVED
CVE-2022-37935
RESERVED
-CVE-2022-37934
- RESERVED
-CVE-2022-37933
- RESERVED
+CVE-2022-37934 (A potential security vulnerability has been identified in HPE
OfficeCo ...)
+ TODO: check
+CVE-2022-37933 (A potential security vulnerability has been identified in HPE
Superdom ...)
+ TODO: check
CVE-2022-37932 (A potential security vulnerability has been identified in
Hewlett Pack ...)
NOT-FOR-US: HPE
CVE-2022-37931 (A vulnerability in NetBatch-Plus software allows unauthorized
access t ...)
@@ -38691,8 +38745,8 @@ CVE-2022-35847 (An improper neutralization of special
elements used in a templat
NOT-FOR-US: FortiGuard
CVE-2022-35846 (An improper restriction of excessive authentication attempts
vulnerabi ...)
NOT-FOR-US: FortiGuard
-CVE-2022-35845
- RESERVED
+CVE-2022-35845 (Multiple improper neutralization of special elements used in
an OS Com ...)
+ TODO: check
CVE-2022-35844 (An improper neutralization of special elements used in an OS
command v ...)
NOT-FOR-US: FortiGuard
CVE-2022-35843 (An authentication bypass by assumed-immutable data
vulnerability [CWE- ...)
@@ -118896,8 +118950,8 @@ CVE-2021-32826 (Proxyee-Down is open source proxy
software. An attacker being ab
NOT-FOR-US: Proxyee-Down
CVE-2021-32825 (bblfshd is an open source self-hosted server for source code
parsing. ...)
NOT-FOR-US: bblfshd
-CVE-2021-32824
- RESERVED
+CVE-2021-32824 (Apache Dubbo is a java based, open source RPC framework.
Versions prio ...)
+ TODO: check
CVE-2021-32823 (In the bindata RubyGem before version 2.4.10 there is a
potential deni ...)
- ruby-bindata <unfixed> (bug #990577)
[bullseye] - ruby-bindata <no-dsa> (Minor issue)
@@ -118908,8 +118962,8 @@ CVE-2021-32823 (In the bindata RubyGem before version
2.4.10 there is a potentia
NOTE:
https://github.com/dmendel/bindata/blob/v2.4.10/ChangeLog.rdoc#version-2410-2021-05-18-
CVE-2021-32822 (The npm hbs package is an Express view engine wrapper for
Handlebars. ...)
NOT-FOR-US: Node hbs
-CVE-2021-32821
- RESERVED
+CVE-2021-32821 (MooTools is a collection of JavaScript utilities for
JavaScript develo ...)
+ TODO: check
CVE-2021-32820 (Express-handlebars is a Handlebars view engine for Express.
Express-ha ...)
NOT-FOR-US: Express-handlebars
CVE-2021-32819 (Squirrelly is a template engine implemented in JavaScript that
works o ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3cd25e2ef840783a98453860868fb6c5c1acc38f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3cd25e2ef840783a98453860868fb6c5c1acc38f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
