Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
272931f4 by security tracker role at 2023-02-06T08:10:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2023-25198
+ RESERVED
+CVE-2023-25197
+ RESERVED
+CVE-2023-25196
+ RESERVED
+CVE-2023-25195
+ RESERVED
+CVE-2022-48314
+ RESERVED
+CVE-2022-48313
+ RESERVED
+CVE-2022-48312
+ RESERVED
CVE-2023-25194
RESERVED
CVE-2022-4902
@@ -12,12 +26,12 @@ CVE-2023-25193 (hb-ot-layout-gsubgpos.hh in HarfBuzz
through 6.0.0 allows attack
- harfbuzz <unfixed> (bug #1030612)
[bullseye] - harfbuzz <no-dsa> (Minor issue)
NOTE:
https://github.com/harfbuzz/harfbuzz/commit/85be877925ddbf34f74a1229f3ca1716bb6170dc
-CVE-2014-125086
- RESERVED
-CVE-2014-125085
- RESERVED
-CVE-2014-125084
- RESERVED
+CVE-2014-125086 (A vulnerability has been found in Gimmie Plugin 1.2.2 and
classified a ...)
+ TODO: check
+CVE-2014-125085 (A vulnerability, which was classified as critical, was found
in Gimmie ...)
+ TODO: check
+CVE-2014-125084 (A vulnerability, which was classified as critical, has been
found in G ...)
+ TODO: check
CVE-2023-25192
RESERVED
CVE-2023-25191
@@ -36,10 +50,10 @@ CVE-2023-0674 (A vulnerability, which was classified as
problematic, has been fo
NOT-FOR-US: XXL-JOB
CVE-2023-0673 (A vulnerability classified as critical was found in
SourceCodester Onl ...)
NOT-FOR-US: SourceCodester Online Eyewear Shop
-CVE-2017-20176
- RESERVED
-CVE-2017-20175
- RESERVED
+CVE-2017-20176 (A vulnerability classified as problematic was found in
ciubotaru share ...)
+ TODO: check
+CVE-2017-20175 (A vulnerability classified as problematic has been found in
DaSchTour ...)
+ TODO: check
CVE-2023-25189
RESERVED
CVE-2023-25188
@@ -11851,12 +11865,12 @@ CVE-2022-47454
RESERVED
CVE-2022-47453
RESERVED
-CVE-2022-47452
- RESERVED
-CVE-2022-47451
- RESERVED
-CVE-2022-47450
- RESERVED
+CVE-2022-47452 (In gnss driver, there is a possible out of bounds write due to
a missi ...)
+ TODO: check
+CVE-2022-47451 (In wlan driver, there is a possible missing params check. This
could l ...)
+ TODO: check
+CVE-2022-47450 (In wlan driver, there is a possible missing permission check.
This cou ...)
+ TODO: check
CVE-2022-46732 (Even if the authentication fails for local service
authentication, the ...)
NOT-FOR-US: GE Digital
CVE-2022-46660 (An unauthorized user could alter or write files with full
control over ...)
@@ -12389,42 +12403,42 @@ CVE-2019-25078 (A vulnerability classified as
problematic was found in pacparser
[buster] - pacparser <no-dsa> (Minor issue)
NOTE: https://github.com/manugarg/pacparser/issues/99
NOTE:
https://github.com/manugarg/pacparser/commit/853e8f45607cb07b877ffd270c63dbcdd5201ad9
(v1.4.0)
-CVE-2022-47371
- RESERVED
-CVE-2022-47370
- RESERVED
-CVE-2022-47369
- RESERVED
-CVE-2022-47368
- RESERVED
-CVE-2022-47367
- RESERVED
-CVE-2022-47366
- RESERVED
-CVE-2022-47365
- RESERVED
-CVE-2022-47364
- RESERVED
-CVE-2022-47363
- RESERVED
+CVE-2022-47371 (In bt driver, there is a thread competition leads to early
release of ...)
+ TODO: check
+CVE-2022-47370 (In wlan driver, there is a possible missing params check. This
could l ...)
+ TODO: check
+CVE-2022-47369 (In wlan driver, there is a possible missing params check. This
could l ...)
+ TODO: check
+CVE-2022-47368 (In wlan driver, there is a possible missing params check. This
could l ...)
+ TODO: check
+CVE-2022-47367 (In bluetooth driver, there is a missing permission check. This
could l ...)
+ TODO: check
+CVE-2022-47366 (In wlan driver, there is a possible out of bounds write due to
a missi ...)
+ TODO: check
+CVE-2022-47365 (In wlan driver, there is a possible out of bounds write due to
a missi ...)
+ TODO: check
+CVE-2022-47364 (In wlan driver, there is a possible out of bounds write due to
a missi ...)
+ TODO: check
+CVE-2022-47363 (In wlan driver, there is a possible out of bounds read due to
a missin ...)
+ TODO: check
CVE-2022-47362
RESERVED
-CVE-2022-47361
- RESERVED
-CVE-2022-47360
- RESERVED
-CVE-2022-47359
- RESERVED
-CVE-2022-47358
- RESERVED
-CVE-2022-47357
- RESERVED
-CVE-2022-47356
- RESERVED
-CVE-2022-47355
- RESERVED
-CVE-2022-47354
- RESERVED
+CVE-2022-47361 (In firewall service, there is a missing permission check. This
could l ...)
+ TODO: check
+CVE-2022-47360 (In log service, there is a missing permission check. This
could lead t ...)
+ TODO: check
+CVE-2022-47359 (In log service, there is a missing permission check. This
could lead t ...)
+ TODO: check
+CVE-2022-47358 (In log service, there is a missing permission check. This
could lead t ...)
+ TODO: check
+CVE-2022-47357 (In log service, there is a missing permission check. This
could lead t ...)
+ TODO: check
+CVE-2022-47356 (In log service, there is a missing permission check. This
could lead t ...)
+ TODO: check
+CVE-2022-47355 (In log service, there is a missing permission check. This
could lead t ...)
+ TODO: check
+CVE-2022-47354 (In log service, there is a missing permission check. This
could lead t ...)
+ TODO: check
CVE-2022-47353
RESERVED
CVE-2022-47352
@@ -12435,26 +12449,26 @@ CVE-2022-47350
RESERVED
CVE-2022-47349
RESERVED
-CVE-2022-47348
- RESERVED
-CVE-2022-47347
- RESERVED
-CVE-2022-47346
- RESERVED
-CVE-2022-47345
- RESERVED
-CVE-2022-47344
- RESERVED
-CVE-2022-47343
- RESERVED
-CVE-2022-47342
- RESERVED
-CVE-2022-47341
- RESERVED
+CVE-2022-47348 (In engineermode services, there is a missing permission check.
This co ...)
+ TODO: check
+CVE-2022-47347 (In engineermode services, there is a missing permission check.
This co ...)
+ TODO: check
+CVE-2022-47346 (In engineermode services, there is a missing permission check.
This co ...)
+ TODO: check
+CVE-2022-47345 (In engineermode services, there is a missing permission check.
This co ...)
+ TODO: check
+CVE-2022-47344 (In engineermode services, there is a missing permission check.
This co ...)
+ TODO: check
+CVE-2022-47343 (In engineermode services, there is a missing permission check.
This co ...)
+ TODO: check
+CVE-2022-47342 (In engineermode services, there is a missing permission check.
This co ...)
+ TODO: check
+CVE-2022-47341 (In engineermode services, there is a missing permission check.
This co ...)
+ TODO: check
CVE-2022-47340
RESERVED
-CVE-2022-47339
- RESERVED
+CVE-2022-47339 (In cmd services, there is a OS command injection issue due to
missing ...)
+ TODO: check
CVE-2022-47338
RESERVED
CVE-2022-47337
@@ -12465,30 +12479,30 @@ CVE-2022-47335
RESERVED
CVE-2022-47334
RESERVED
-CVE-2022-47333
- RESERVED
-CVE-2022-47332
- RESERVED
-CVE-2022-47331
- RESERVED
-CVE-2022-47330
- RESERVED
-CVE-2022-47329
- RESERVED
-CVE-2022-47328
- RESERVED
-CVE-2022-47327
- RESERVED
-CVE-2022-47326
- RESERVED
-CVE-2022-47325
- RESERVED
-CVE-2022-47324
- RESERVED
-CVE-2022-47323
- RESERVED
-CVE-2022-47322
- RESERVED
+CVE-2022-47333 (In wlan driver, there is a possible missing permission check.
This cou ...)
+ TODO: check
+CVE-2022-47332 (In wlan driver, there is a possible missing permission check.
This cou ...)
+ TODO: check
+CVE-2022-47331 (In wlan driver, there is a race condition. This could lead to
local de ...)
+ TODO: check
+CVE-2022-47330 (In wlan driver, there is a possible missing permission check.
This cou ...)
+ TODO: check
+CVE-2022-47329 (In wlan driver, there is a possible missing permission check.
This cou ...)
+ TODO: check
+CVE-2022-47328 (In wlan driver, there is a possible missing permission check.
This cou ...)
+ TODO: check
+CVE-2022-47327 (In wlan driver, there is a possible missing permission check.
This cou ...)
+ TODO: check
+CVE-2022-47326 (In wlan driver, there is a possible missing permission check.
This cou ...)
+ TODO: check
+CVE-2022-47325 (In wlan driver, there is a possible missing permission check.
This cou ...)
+ TODO: check
+CVE-2022-47324 (In wlan driver, there is a possible missing permission check.
This cou ...)
+ TODO: check
+CVE-2022-47323 (In wlan driver, there is a possible missing params check. This
could l ...)
+ TODO: check
+CVE-2022-47322 (In wlan driver, there is a possible missing params check. This
could l ...)
+ TODO: check
CVE-2022-47310
RESERVED
CVE-2022-47309
@@ -22015,10 +22029,10 @@ CVE-2023-20853
RESERVED
CVE-2023-20852
RESERVED
-CVE-2022-44448
- RESERVED
-CVE-2022-44447
- RESERVED
+CVE-2022-44448 (In wlan driver, there is a possible missing params check. This
could l ...)
+ TODO: check
+CVE-2022-44447 (In wlan driver, there is a possible null pointer dereference
issue due ...)
+ TODO: check
CVE-2022-44446 (In wlan driver, there is a possible missing bounds check. This
could l ...)
NOT-FOR-US: Unisoc
CVE-2022-44445 (In wlan driver, there is a possible missing bounds check. This
could l ...)
@@ -22069,8 +22083,8 @@ CVE-2022-44423 (In music service, there is a missing
permission check. This coul
NOT-FOR-US: Unisoc
CVE-2022-44422 (In music service, there is a missing permission check. This
could lead ...)
NOT-FOR-US: Unisoc
-CVE-2022-44421
- RESERVED
+CVE-2022-44421 (In wlan driver, there is a possible missing permission check.
This cou ...)
+ TODO: check
CVE-2022-44420
RESERVED
CVE-2022-44419
@@ -28250,8 +28264,8 @@ CVE-2022-3453 (A vulnerability was found in
SourceCodester Book Store Management
NOT-FOR-US: SourceCodester Book Store Management System
CVE-2022-3452 (A vulnerability was found in SourceCodester Book Store
Management Syst ...)
NOT-FOR-US: SourceCodester Book Store Management System
-CVE-2022-42783
- RESERVED
+CVE-2022-42783 (In wlan driver, there is a possible missing params check. This
could l ...)
+ TODO: check
CVE-2022-42782 (In wlan driver, there is a possible missing permission check,
This cou ...)
NOT-FOR-US: Unisoc
CVE-2022-42781 (In wlan driver, there is a possible missing bounds check, This
could l ...)
@@ -38933,8 +38947,8 @@ CVE-2022-38688 (In telephony service, there is a
missing permission check. This
NOT-FOR-US: Unisoc
CVE-2022-38687 (In messaging service, there is a missing permission check.
This could ...)
NOT-FOR-US: Unisoc
-CVE-2022-38686
- RESERVED
+CVE-2022-38686 (In wlan driver, there is a possible missing params check. This
could l ...)
+ TODO: check
CVE-2022-38685
RESERVED
CVE-2022-38684 (In contacts service, there is a missing permission check. This
could l ...)
@@ -38943,10 +38957,10 @@ CVE-2022-38683 (In contacts service, there is a
missing permission check. This c
NOT-FOR-US: Unisoc
CVE-2022-38682 (In contacts service, there is a missing permission check. This
could l ...)
NOT-FOR-US: Unisoc
-CVE-2022-38681
- RESERVED
-CVE-2022-38680
- RESERVED
+CVE-2022-38681 (In wlan driver, there is a possible missing params check. This
could l ...)
+ TODO: check
+CVE-2022-38680 (In wlan driver, there is a possible missing params check. This
could l ...)
+ TODO: check
CVE-2022-38679 (In music service, there is a missing permission check. This
could lead ...)
NOT-FOR-US: Unisoc
CVE-2022-38678 (In contacts service, there is a missing permission check. This
could l ...)
@@ -38955,10 +38969,10 @@ CVE-2022-38677 (In cell service, there is a missing
permission check. This could
NOT-FOR-US: Unisoc
CVE-2022-38676 (In gpu driver, there is a possible out of bounds write due to
a missin ...)
NOT-FOR-US: Unisoc
-CVE-2022-38675
- RESERVED
-CVE-2022-38674
- RESERVED
+CVE-2022-38675 (In gpu driver, there is a possible out of bounds write due to
a missin ...)
+ TODO: check
+CVE-2022-38674 (In wlan driver, there is a possible missing params check. This
could l ...)
+ TODO: check
CVE-2022-38673 (In face detect driver, there is a possible out of bounds write
due to ...)
NOT-FOR-US: Unisoc
CVE-2022-38672 (In face detect driver, there is a possible out of bounds write
due to ...)
@@ -75100,12 +75114,12 @@ CVE-2022-25857 (The package org.yaml:snakeyaml from 0
and before 1.31 are vulner
NOTE: https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-2806360
CVE-2022-25856 (The package github.com/argoproj/argo-events/sensors/artifacts
before 1 ...)
NOT-FOR-US: github.com/argoproj/argo-events/sensors/artifacts
-CVE-2022-25855
- RESERVED
+CVE-2022-25855 (All versions of the package create-choo-app3 are vulnerable to
Command ...)
+ TODO: check
CVE-2022-25854 (This affects the package @yaireo/tagify before 4.9.8. The
package is u ...)
NOT-FOR-US: Tagify
-CVE-2022-25853
- RESERVED
+CVE-2022-25853 (All versions of the package semver-tags are vulnerable to
Command Inje ...)
+ TODO: check
CVE-2022-25852 (All versions of package pg-native; all versions of package
libpq are v ...)
NOT-FOR-US: Node pgnative
CVE-2022-25851 (The package jpeg-js before 0.4.4 are vulnerable to Denial of
Service ( ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/272931f4b76e18f9d3a7d4917d4473d557dce939
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/272931f4b76e18f9d3a7d4917d4473d557dce939
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
