[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Fri, 10 Mar 2023 12:10:46 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
3766e10f by security tracker role at 2023-03-10T20:10:28+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,271 @@
+CVE-2023-28119
+       RESERVED
+CVE-2023-28118
+       RESERVED
+CVE-2023-28117
+       RESERVED
+CVE-2023-28116
+       RESERVED
+CVE-2023-28115
+       RESERVED
+CVE-2023-28114
+       RESERVED
+CVE-2023-28113
+       RESERVED
+CVE-2023-28112
+       RESERVED
+CVE-2023-28111
+       RESERVED
+CVE-2023-28110
+       RESERVED
+CVE-2023-28109
+       RESERVED
+CVE-2023-28108
+       RESERVED
+CVE-2023-28107
+       RESERVED
+CVE-2023-28106
+       RESERVED
+CVE-2023-28105
+       RESERVED
+CVE-2023-28104
+       RESERVED
+CVE-2023-28103
+       RESERVED
+CVE-2023-28102
+       RESERVED
+CVE-2023-28101
+       RESERVED
+CVE-2023-28100
+       RESERVED
+CVE-2023-28099
+       RESERVED
+CVE-2023-28098
+       RESERVED
+CVE-2023-28097
+       RESERVED
+CVE-2023-28096
+       RESERVED
+CVE-2023-28095
+       RESERVED
+CVE-2023-28094
+       RESERVED
+CVE-2023-28093
+       RESERVED
+CVE-2023-28092
+       RESERVED
+CVE-2023-28091
+       RESERVED
+CVE-2023-28090
+       RESERVED
+CVE-2023-28089
+       RESERVED
+CVE-2023-28088
+       RESERVED
+CVE-2023-28087
+       RESERVED
+CVE-2023-28086
+       RESERVED
+CVE-2023-28085
+       RESERVED
+CVE-2023-28084
+       RESERVED
+CVE-2023-28083
+       RESERVED
+CVE-2023-28082
+       RESERVED
+CVE-2023-28081
+       RESERVED
+CVE-2023-28080
+       RESERVED
+CVE-2023-28079
+       RESERVED
+CVE-2023-28078
+       RESERVED
+CVE-2023-28077
+       RESERVED
+CVE-2023-28076
+       RESERVED
+CVE-2023-28075
+       RESERVED
+CVE-2023-28074
+       RESERVED
+CVE-2023-28073
+       RESERVED
+CVE-2023-28072
+       RESERVED
+CVE-2023-28071
+       RESERVED
+CVE-2023-28070
+       RESERVED
+CVE-2023-28069
+       RESERVED
+CVE-2023-28068
+       RESERVED
+CVE-2023-28067
+       RESERVED
+CVE-2023-28066
+       RESERVED
+CVE-2023-28065
+       RESERVED
+CVE-2023-28064
+       RESERVED
+CVE-2023-28063
+       RESERVED
+CVE-2023-28062
+       RESERVED
+CVE-2023-28061
+       RESERVED
+CVE-2023-28060
+       RESERVED
+CVE-2023-28059
+       RESERVED
+CVE-2023-28058
+       RESERVED
+CVE-2023-28057
+       RESERVED
+CVE-2023-28056
+       RESERVED
+CVE-2023-28055
+       RESERVED
+CVE-2023-28054
+       RESERVED
+CVE-2023-28053
+       RESERVED
+CVE-2023-28052
+       RESERVED
+CVE-2023-28051
+       RESERVED
+CVE-2023-28050
+       RESERVED
+CVE-2023-28049
+       RESERVED
+CVE-2023-28048
+       RESERVED
+CVE-2023-28047
+       RESERVED
+CVE-2023-28046
+       RESERVED
+CVE-2023-28045
+       RESERVED
+CVE-2023-28044
+       RESERVED
+CVE-2023-28043
+       RESERVED
+CVE-2023-28042
+       RESERVED
+CVE-2023-28041
+       RESERVED
+CVE-2023-28040
+       RESERVED
+CVE-2023-28039
+       RESERVED
+CVE-2023-28038
+       RESERVED
+CVE-2023-28037
+       RESERVED
+CVE-2023-28036
+       RESERVED
+CVE-2023-28035
+       RESERVED
+CVE-2023-28034
+       RESERVED
+CVE-2023-28033
+       RESERVED
+CVE-2023-28032
+       RESERVED
+CVE-2023-28031
+       RESERVED
+CVE-2023-28030
+       RESERVED
+CVE-2023-28029
+       RESERVED
+CVE-2023-28028
+       RESERVED
+CVE-2023-28027
+       RESERVED
+CVE-2023-28026
+       RESERVED
+CVE-2023-1346
+       RESERVED
+CVE-2023-1345
+       RESERVED
+CVE-2023-1344
+       RESERVED
+CVE-2023-1343
+       RESERVED
+CVE-2023-1342
+       RESERVED
+CVE-2023-1341
+       RESERVED
+CVE-2023-1340
+       RESERVED
+CVE-2023-1339
+       RESERVED
+CVE-2023-1338
+       RESERVED
+CVE-2023-1337
+       RESERVED
+CVE-2023-1336
+       RESERVED
+CVE-2023-1335
+       RESERVED
+CVE-2023-1334 (The RapidLoad Power-Up for Autoptimize plugin for WordPress is 
vulnera ...)
+       TODO: check
+CVE-2023-1333 (The RapidLoad Power-Up for Autoptimize plugin for WordPress is 
vulnera ...)
+       TODO: check
+CVE-2023-1332
+       RESERVED
+CVE-2023-1331
+       RESERVED
+CVE-2023-1330
+       RESERVED
+CVE-2023-1329
+       RESERVED
+CVE-2023-1328 (A vulnerability was found in Guizhou 115cms 4.2. It has been 
classifie ...)
+       TODO: check
+CVE-2023-1327
+       RESERVED
+CVE-2023-1326
+       RESERVED
+CVE-2023-1325
+       RESERVED
+CVE-2023-1324
+       RESERVED
+CVE-2023-1323
+       RESERVED
+CVE-2023-1322 (A vulnerability was found in lmxcms 1.41 and classified as 
critical. A ...)
+       TODO: check
+CVE-2023-1321 (A vulnerability has been found in lmxcms 1.41 and classified as 
critic ...)
+       TODO: check
+CVE-2023-1320 (Cross-site Scripting (XSS) - Stored in GitHub repository 
osticket/osti ...)
+       TODO: check
+CVE-2023-1319 (Cross-site Scripting (XSS) - Stored in GitHub repository 
osticket/osti ...)
+       TODO: check
+CVE-2023-1318 (Cross-site Scripting (XSS) - Generic in GitHub repository 
osticket/ost ...)
+       TODO: check
+CVE-2023-1317 (Cross-site Scripting (XSS) - Reflected in GitHub repository 
osticket/o ...)
+       TODO: check
+CVE-2023-1316 (Cross-site Scripting (XSS) - Stored in GitHub repository 
osticket/osti ...)
+       TODO: check
+CVE-2023-1315 (Cross-site Scripting (XSS) - Reflected in GitHub repository 
osticket/o ...)
+       TODO: check
+CVE-2023-1314
+       RESERVED
+CVE-2023-1313 (Unrestricted Upload of File with Dangerous Type in GitHub 
repository c ...)
+       TODO: check
+CVE-2023-1312 (Cross-site Scripting (XSS) - Reflected in GitHub repository 
pimcore/pi ...)
+       TODO: check
+CVE-2023-1311 (A vulnerability, which was classified as critical, was found in 
Source ...)
+       TODO: check
+CVE-2023-1310 (A vulnerability, which was classified as critical, has been 
found in S ...)
+       TODO: check
+CVE-2023-1309 (A vulnerability classified as critical was found in 
SourceCodester Onl ...)
+       TODO: check
+CVE-2023-1308 (A vulnerability classified as critical has been found in 
SourceCodeste ...)
+       TODO: check
+CVE-2013-10021
+       RESERVED
 CVE-2023-28025
        RESERVED
 CVE-2023-28024
@@ -492,12 +760,12 @@ CVE-2023-27855
        RESERVED
 CVE-2023-27854
        RESERVED
-CVE-2023-25947
-       RESERVED
+CVE-2023-25947 (The bundle management subsystem within OpenHarmony-v3.1.4 and 
prior ve ...)
+       TODO: check
 CVE-2023-25076
        RESERVED
-CVE-2023-24465
-       RESERVED
+CVE-2023-24465 (Communication Wi-Fi subsystem within OpenHarmony-v3.1.4 and 
prior vers ...)
+       TODO: check
 CVE-2023-1246
        RESERVED
 CVE-2023-1245 (Cross-site Scripting (XSS) - Stored in GitHub repository 
answerdev/ans ...)
@@ -628,16 +896,16 @@ CVE-2023-1207
        RESERVED
 CVE-2023-1206
        RESERVED
-CVE-2023-27853
-       RESERVED
-CVE-2023-27852
-       RESERVED
-CVE-2023-27851
-       RESERVED
-CVE-2023-27850
-       RESERVED
-CVE-2023-1205
-       RESERVED
+CVE-2023-27853 (NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a 
format s ...)
+       TODO: check
+CVE-2023-27852 (NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a 
buffer o ...)
+       TODO: check
+CVE-2023-27851 (NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a 
file sha ...)
+       TODO: check
+CVE-2023-27850 (NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a 
file sha ...)
+       TODO: check
+CVE-2023-1205 (NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 is 
vulnerable to cr ...)
+       TODO: check
 CVE-2023-1204
        RESERVED
 CVE-2023-1203 (Improper removal of sensitive data in the entry edit feature of 
Hub Bu ...)
@@ -2090,8 +2358,8 @@ CVE-2023-1093
        RESERVED
 CVE-2023-1092
        RESERVED
-CVE-2023-1091
-       RESERVED
+CVE-2023-1091 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
+       TODO: check
 CVE-2023-1090
        RESERVED
 CVE-2023-1089
@@ -2489,14 +2757,14 @@ CVE-2023-27166
        RESERVED
 CVE-2023-27165
        RESERVED
-CVE-2023-27164
-       RESERVED
+CVE-2023-27164 (An arbitrary file upload vulnerability in Halo up to v1.6.1 
allows att ...)
+       TODO: check
 CVE-2023-27163
        RESERVED
 CVE-2023-27162
        RESERVED
-CVE-2023-27161
-       RESERVED
+CVE-2023-27161 (Jellyfin up to v10.7.7 was discovered to contain a Server-Side 
Request ...)
+       TODO: check
 CVE-2023-27160
        RESERVED
 CVE-2023-27159
@@ -3921,8 +4189,8 @@ CVE-2023-1017 (An out-of-bounds write vulnerability 
exists in TPM2.0's Module Li
        NOTE: 
https://trustedcomputinggroup.org/wp-content/uploads/TCGVRT0007-Advisory-FINAL.pdf
 CVE-2023-1016
        RESERVED
-CVE-2023-1015
-       RESERVED
+CVE-2023-1015 (This CVE ID has been rejected or withdrawn by its CVE Numbering 
Author ...)
+       TODO: check
 CVE-2023-1014
        RESERVED
 CVE-2023-1013
@@ -4090,8 +4358,8 @@ CVE-2022-48345 (sanitize-url (aka 
@braintree/sanitize-url) before 6.0.2 allows X
        - node-mermaid <unfixed> (bug #1032313)
        [bullseye] - node-mermaid <no-dsa> (Minor issue)
        NOTE: 
https://github.com/braintree/sanitize-url/commit/d4bdc89f1743fe3cdb7c3f24b06e4c875f349b0c
-CVE-2023-26464
-       RESERVED
+CVE-2023-26464 (** UNSUPPORTED WHEN ASSIGNED ** When using the Chainsaw or 
SocketAppen ...)
+       TODO: check
 CVE-2023-0991
        RESERVED
 CVE-2023-0990
@@ -5104,8 +5372,8 @@ CVE-2023-26077
        RESERVED
 CVE-2023-26076
        RESERVED
-CVE-2023-26075
-       RESERVED
+CVE-2023-26075 (An issue was discovered in Samsung Mobile Chipset and Baseband 
Modem C ...)
+       TODO: check
 CVE-2023-26074
        RESERVED
 CVE-2023-26073
@@ -6751,8 +7019,8 @@ CVE-2023-0748 (Open Redirect in GitHub repository 
btcpayserver/btcpayserver prio
        NOT-FOR-US: btcpayserver
 CVE-2023-0747 (Cross-site Scripting (XSS) - Stored in GitHub repository 
btcpayserver/ ...)
        NOT-FOR-US: btcpayserver
-CVE-2023-0746
-       RESERVED
+CVE-2023-0746 (The help page in GigaVUE-FM, when using GigaVUE-OS software 
version 5. ...)
+       TODO: check
 CVE-2023-0745 (Relative Path Traversal vulnerability in YugaByte, Inc. 
Yugabyte Manag ...)
        - yugabyte-db <itp> (bug #989673)
 CVE-2022-48321 (Limited Server-Side Request Forgery (SSRF) in agent-receiver 
in Tribe2 ...)
@@ -8948,8 +9216,8 @@ CVE-2023-24776 (Funadmin v3.2.0 was discovered to contain 
a remote code executio
        NOT-FOR-US: Funadmin
 CVE-2023-24775 (Funadmin v3.2.0 was discovered to contain a SQL injection 
vulnerabilit ...)
        NOT-FOR-US: Funadmin
-CVE-2023-24774
-       RESERVED
+CVE-2023-24774 (Funadmin v3.2.0 was discovered to contain a SQL injection 
vulnerabilit ...)
+       TODO: check
 CVE-2023-24773 (Funadmin v3.2.0 was discovered to contain a SQL injection 
vulnerabilit ...)
        NOT-FOR-US: Funadmin
 CVE-2023-24772
@@ -15318,10 +15586,10 @@ CVE-2023-22634
        RESERVED
 CVE-2023-22633
        RESERVED
-CVE-2023-22436
-       RESERVED
-CVE-2023-22301
-       RESERVED
+CVE-2023-22436 (The kernel subsystem function check_permission_for_set_tokenid 
within  ...)
+       TODO: check
+CVE-2023-22301 (The kernel subsystem hmdfs within OpenHarmony-v3.1.5 and prior 
version ...)
+       TODO: check
 CVE-2023-22291
        RESERVED
 CVE-2023-0091 (A flaw was found in Keycloak, where it did not properly check 
client t ...)
@@ -15336,8 +15604,8 @@ CVE-2023-0085 (The Metform Elementor Contact Form 
Builder plugin for WordPress i
        NOT-FOR-US: Metform Elementor Contact Form Builder plugin for WordPress
 CVE-2023-0084 (The Metform Elementor Contact Form Builder plugin for WordPress 
is vul ...)
        NOT-FOR-US: Metform Elementor Contact Form Builder plugin for WordPress
-CVE-2023-0083
-       RESERVED
+CVE-2023-0083 (The ArKUI framework subsystem within OpenHarmony-v3.1.5 and 
prior vers ...)
+       TODO: check
 CVE-2023-0082 (The ExactMetrics WordPress plugin before 7.12.1 does not 
validate and  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-0081 (The MonsterInsights WordPress plugin before 8.12.1 does not 
validate a ...)
@@ -16395,8 +16663,8 @@ CVE-2022-48113 (A vulnerability in TOTOLINK N200RE_v5 
firmware V9.3.5u.6139 allo
        NOT-FOR-US: TOTOLINK
 CVE-2022-48112
        RESERVED
-CVE-2022-48111
-       RESERVED
+CVE-2022-48111 (A cross-site scripting (XSS) vulnerability in the check_login 
function ...)
+       TODO: check
 CVE-2022-48110 (** DISPUTED ** CKSource CKEditor 5 35.4.0 was discovered to 
contain a  ...)
        NOT-FOR-US: Disputed ckeditor issue
 CVE-2022-48109
@@ -20768,11 +21036,11 @@ CVE-2022-47215
        RESERVED
 CVE-2022-47214
        RESERVED
-CVE-2022-47213 (Microsoft Office Graphics Remote Code Execution Vulnerability. 
This CV ...)
+CVE-2022-47213 (Microsoft Office Graphics Remote Code Execution Vulnerability 
...)
        NOT-FOR-US: Microsoft
-CVE-2022-47212 (Microsoft Office Graphics Remote Code Execution Vulnerability. 
This CV ...)
+CVE-2022-47212 (Microsoft Office Graphics Remote Code Execution Vulnerability 
...)
        NOT-FOR-US: Microsoft
-CVE-2022-47211 (Microsoft Office Graphics Remote Code Execution Vulnerability. 
This CV ...)
+CVE-2022-47211 (Microsoft Office Graphics Remote Code Execution Vulnerability 
...)
        NOT-FOR-US: Microsoft
 CVE-2022-47210 (The default console presented to users over telnet (when 
enabled) is r ...)
        NOT-FOR-US: Netgear
@@ -29260,19 +29528,19 @@ CVE-2023-20904 (In getTrampolineIntent of 
SettingsActivity.java, there is a poss
        NOT-FOR-US: Android
 CVE-2022-44714
        RESERVED
-CVE-2022-44713 (Microsoft Outlook for Mac Spoofing Vulnerability. ...)
+CVE-2022-44713 (Microsoft Outlook for Mac Spoofing Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-44712
        RESERVED
 CVE-2022-44711
        RESERVED
-CVE-2022-44710 (DirectX Graphics Kernel Elevation of Privilege Vulnerability. 
...)
+CVE-2022-44710 (DirectX Graphics Kernel Elevation of Privilege Vulnerability 
...)
        NOT-FOR-US: Microsoft
 CVE-2022-44709
        RESERVED
 CVE-2022-44708 (Microsoft Edge (Chromium-based) Elevation of Privilege 
Vulnerability. ...)
        NOT-FOR-US: Microsoft
-CVE-2022-44707 (Windows Kernel Denial of Service Vulnerability. ...)
+CVE-2022-44707 (Windows Kernel Denial of Service Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-44706
        RESERVED
@@ -29290,27 +29558,27 @@ CVE-2022-44700
        RESERVED
 CVE-2022-44699 (Azure Network Watcher Agent Security Feature Bypass 
Vulnerability. ...)
        NOT-FOR-US: Microsoft
-CVE-2022-44698 (Windows SmartScreen Security Feature Bypass Vulnerability. ...)
+CVE-2022-44698 (Windows SmartScreen Security Feature Bypass Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-44697 (Windows Graphics Component Elevation of Privilege 
Vulnerability. This  ...)
+CVE-2022-44697 (Windows Graphics Component Elevation of Privilege 
Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-44696 (Microsoft Office Visio Remote Code Execution Vulnerability. 
This CVE I ...)
+CVE-2022-44696 (Microsoft Office Visio Remote Code Execution Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-44695 (Microsoft Office Visio Remote Code Execution Vulnerability. 
This CVE I ...)
+CVE-2022-44695 (Microsoft Office Visio Remote Code Execution Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-44694 (Microsoft Office Visio Remote Code Execution Vulnerability. 
This CVE I ...)
+CVE-2022-44694 (Microsoft Office Visio Remote Code Execution Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-44693 (Microsoft SharePoint Server Remote Code Execution 
Vulnerability. This  ...)
+CVE-2022-44693 (Microsoft SharePoint Server Remote Code Execution 
Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-44692 (Microsoft Office Graphics Remote Code Execution Vulnerability. 
This CV ...)
+CVE-2022-44692 (Microsoft Office Graphics Remote Code Execution Vulnerability 
...)
        NOT-FOR-US: Microsoft
-CVE-2022-44691 (Microsoft Office OneNote Remote Code Execution Vulnerability. 
...)
+CVE-2022-44691 (Microsoft Office OneNote Remote Code Execution Vulnerability 
...)
        NOT-FOR-US: Microsoft
-CVE-2022-44690 (Microsoft SharePoint Server Remote Code Execution 
Vulnerability. This  ...)
+CVE-2022-44690 (Microsoft SharePoint Server Remote Code Execution 
Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-44689 (Windows Subsystem for Linux (WSL2) Kernel Elevation of 
Privilege Vulne ...)
        NOT-FOR-US: Microsoft
-CVE-2022-44688 (Microsoft Edge (Chromium-based) Spoofing Vulnerability. ...)
+CVE-2022-44688 (Microsoft Edge (Chromium-based) Spoofing Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-44687 (Raw Image Extension Remote Code Execution Vulnerability. ...)
        NOT-FOR-US: Microsoft
@@ -29320,41 +29588,41 @@ CVE-2022-44685
        RESERVED
 CVE-2022-44684
        RESERVED
-CVE-2022-44683 (Windows Kernel Elevation of Privilege Vulnerability. ...)
+CVE-2022-44683 (Windows Kernel Elevation of Privilege Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-44682 (Windows Hyper-V Denial of Service Vulnerability. ...)
+CVE-2022-44682 (Windows Hyper-V Denial of Service Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-44681 (Windows Print Spooler Elevation of Privilege Vulnerability. 
This CVE I ...)
+CVE-2022-44681 (Windows Print Spooler Elevation of Privilege Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-44680 (Windows Graphics Component Elevation of Privilege 
Vulnerability. This  ...)
+CVE-2022-44680 (Windows Graphics Component Elevation of Privilege 
Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-44679 (Windows Graphics Component Information Disclosure 
Vulnerability. This  ...)
+CVE-2022-44679 (Windows Graphics Component Information Disclosure 
Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-44678 (Windows Print Spooler Elevation of Privilege Vulnerability. 
This CVE I ...)
+CVE-2022-44678 (Windows Print Spooler Elevation of Privilege Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-44677 (Windows Projected File System Elevation of Privilege 
Vulnerability. ...)
+CVE-2022-44677 (Windows Projected File System Elevation of Privilege 
Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-44676 (Windows Secure Socket Tunneling Protocol (SSTP) Remote Code 
Execution  ...)
        NOT-FOR-US: Microsoft
-CVE-2022-44675 (Windows Bluetooth Driver Elevation of Privilege Vulnerability. 
...)
+CVE-2022-44675 (Windows Bluetooth Driver Elevation of Privilege Vulnerability 
...)
        NOT-FOR-US: Microsoft
-CVE-2022-44674 (Windows Bluetooth Driver Information Disclosure Vulnerability. 
...)
+CVE-2022-44674 (Windows Bluetooth Driver Information Disclosure Vulnerability 
...)
        NOT-FOR-US: Microsoft
 CVE-2022-44673 (Windows Client Server Run-Time Subsystem (CSRSS) Elevation of 
Privileg ...)
        NOT-FOR-US: Microsoft
 CVE-2022-44672
        RESERVED
-CVE-2022-44671 (Windows Graphics Component Elevation of Privilege 
Vulnerability. This  ...)
+CVE-2022-44671 (Windows Graphics Component Elevation of Privilege 
Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-44670 (Windows Secure Socket Tunneling Protocol (SSTP) Remote Code 
Execution  ...)
        NOT-FOR-US: Microsoft
-CVE-2022-44669 (Windows Error Reporting Elevation of Privilege Vulnerability. 
...)
+CVE-2022-44669 (Windows Error Reporting Elevation of Privilege Vulnerability 
...)
        NOT-FOR-US: Microsoft
-CVE-2022-44668 (Windows Media Remote Code Execution Vulnerability. This CVE ID 
is uniq ...)
+CVE-2022-44668 (Windows Media Remote Code Execution Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-44667 (Windows Media Remote Code Execution Vulnerability. This CVE ID 
is uniq ...)
+CVE-2022-44667 (Windows Media Remote Code Execution Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-44666 (Windows Contacts Remote Code Execution Vulnerability. ...)
+CVE-2022-44666 (Windows Contacts Remote Code Execution Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-44665
        RESERVED
@@ -40876,7 +41144,7 @@ CVE-2022-41124
        RESERVED
 CVE-2022-41123 (Microsoft Exchange Server Elevation of Privilege 
Vulnerability. This C ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41122 (Microsoft SharePoint Server Spoofing Vulnerability. ...)
+CVE-2022-41122 (Microsoft SharePoint Server Spoofing Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-41121 (Windows Graphics Component Elevation of Privilege 
Vulnerability. This  ...)
        NOT-FOR-US: Microsoft
@@ -40884,7 +41152,7 @@ CVE-2022-41120 (Microsoft Windows Sysmon Elevation of 
Privilege Vulnerability. .
        NOT-FOR-US: Microsoft
 CVE-2022-41119 (Visual Studio Remote Code Execution Vulnerability. ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41118 (Windows Scripting Languages Remote Code Execution 
Vulnerability. This  ...)
+CVE-2022-41118 (Windows Scripting Languages Remote Code Execution 
Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-41117
        RESERVED
@@ -40892,9 +41160,9 @@ CVE-2022-41116 (Windows Point-to-Point Tunneling 
Protocol Denial of Service Vuln
        NOT-FOR-US: Microsoft
 CVE-2022-41115 (Microsoft Edge (Chromium-based) Update Elevation of Privilege 
Vulnerab ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41114 (Windows Bind Filter Driver Elevation of Privilege 
Vulnerability. ...)
+CVE-2022-41114 (Windows Bind Filter Driver Elevation of Privilege 
Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41113 (Windows Win32 Kernel Subsystem Elevation of Privilege 
Vulnerability. ...)
+CVE-2022-41113 (Windows Win32 Kernel Subsystem Elevation of Privilege 
Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-41112
        RESERVED
@@ -40902,43 +41170,43 @@ CVE-2022-41111
        RESERVED
 CVE-2022-41110
        RESERVED
-CVE-2022-41109 (Windows Win32k Elevation of Privilege Vulnerability. This CVE 
ID is un ...)
+CVE-2022-41109 (Windows Win32k Elevation of Privilege Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-41108
        RESERVED
-CVE-2022-41107 (Microsoft Office Graphics Remote Code Execution Vulnerability. 
...)
+CVE-2022-41107 (Microsoft Office Graphics Remote Code Execution Vulnerability 
...)
        NOT-FOR-US: Microsoft
 CVE-2022-41106 (Microsoft Excel Remote Code Execution Vulnerability. This CVE 
ID is un ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41105 (Microsoft Excel Information Disclosure Vulnerability. ...)
+CVE-2022-41105 (Microsoft Excel Information Disclosure Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-41104 (Microsoft Excel Security Feature Bypass Vulnerability. ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41103 (Microsoft Word Information Disclosure Vulnerability. This CVE 
ID is un ...)
+CVE-2022-41103 (Microsoft Word Information Disclosure Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41102 (Windows Overlay Filter Elevation of Privilege Vulnerability. 
This CVE  ...)
+CVE-2022-41102 (Windows Overlay Filter Elevation of Privilege Vulnerability 
...)
        NOT-FOR-US: Microsoft
-CVE-2022-41101 (Windows Overlay Filter Elevation of Privilege Vulnerability. 
This CVE  ...)
+CVE-2022-41101 (Windows Overlay Filter Elevation of Privilege Vulnerability 
...)
        NOT-FOR-US: Microsoft
 CVE-2022-41100 (Windows Advanced Local Procedure Call (ALPC) Elevation of 
Privilege Vu ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41099 (BitLocker Security Feature Bypass Vulnerability. ...)
+CVE-2022-41099 (BitLocker Security Feature Bypass Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41098 (Windows GDI+ Information Disclosure Vulnerability. ...)
+CVE-2022-41098 (Windows GDI+ Information Disclosure Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-41097 (Network Policy Server (NPS) RADIUS Protocol Information 
Disclosure Vul ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41096 (Microsoft DWM Core Library Elevation of Privilege 
Vulnerability. ...)
+CVE-2022-41096 (Microsoft DWM Core Library Elevation of Privilege 
Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41095 (Windows Digital Media Receiver Elevation of Privilege 
Vulnerability. ...)
+CVE-2022-41095 (Windows Digital Media Receiver Elevation of Privilege 
Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41094 (Windows Hyper-V Elevation of Privilege Vulnerability. ...)
+CVE-2022-41094 (Windows Hyper-V Elevation of Privilege Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-41093 (Windows Advanced Local Procedure Call (ALPC) Elevation of 
Privilege Vu ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41092 (Windows Win32k Elevation of Privilege Vulnerability. This CVE 
ID is un ...)
+CVE-2022-41092 (Windows Win32k Elevation of Privilege Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41091 (Windows Mark of the Web Security Feature Bypass Vulnerability. 
This CV ...)
+CVE-2022-41091 (Windows Mark of the Web Security Feature Bypass Vulnerability 
...)
        NOT-FOR-US: Microsoft
 CVE-2022-41090 (Windows Point-to-Point Tunneling Protocol Denial of Service 
Vulnerabil ...)
        NOT-FOR-US: Microsoft
@@ -40948,7 +41216,7 @@ CVE-2022-41088 (Windows Point-to-Point Tunneling 
Protocol Remote Code Execution
        NOT-FOR-US: Microsoft
 CVE-2022-41087
        RESERVED
-CVE-2022-41086 (Windows Group Policy Elevation of Privilege Vulnerability. 
This CVE ID ...)
+CVE-2022-41086 (Windows Group Policy Elevation of Privilege Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-41085 (Azure CycleCloud Elevation of Privilege Vulnerability. ...)
        NOT-FOR-US: Microsoft
@@ -40966,15 +41234,15 @@ CVE-2022-41079 (Microsoft Exchange Server Spoofing 
Vulnerability. This CVE ID is
        NOT-FOR-US: Microsoft
 CVE-2022-41078 (Microsoft Exchange Server Spoofing Vulnerability. This CVE ID 
is uniqu ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41077 (Windows Fax Compose Form Elevation of Privilege Vulnerability. 
...)
+CVE-2022-41077 (Windows Fax Compose Form Elevation of Privilege Vulnerability 
...)
        NOT-FOR-US: Microsoft
 CVE-2022-41076 (PowerShell Remote Code Execution Vulnerability. ...)
        NOT-FOR-US: Microsoft
 CVE-2022-41075
        RESERVED
-CVE-2022-41074 (Windows Graphics Component Information Disclosure 
Vulnerability. This  ...)
+CVE-2022-41074 (Windows Graphics Component Information Disclosure 
Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41073 (Windows Print Spooler Elevation of Privilege Vulnerability. 
...)
+CVE-2022-41073 (Windows Print Spooler Elevation of Privilege Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-41072
        RESERVED
@@ -40988,7 +41256,7 @@ CVE-2022-41068
        RESERVED
 CVE-2022-41067
        RESERVED
-CVE-2022-41066 (Microsoft Business Central Information Disclosure 
Vulnerability. ...)
+CVE-2022-41066 (Microsoft Business Central Information Disclosure 
Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-41065
        RESERVED
@@ -40996,37 +41264,37 @@ CVE-2022-41064 (.NET Framework Information Disclosure 
Vulnerability. ...)
        NOT-FOR-US: Microsoft
 CVE-2022-41063 (Microsoft Excel Remote Code Execution Vulnerability. This CVE 
ID is un ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41062 (Microsoft SharePoint Server Remote Code Execution 
Vulnerability. ...)
+CVE-2022-41062 (Microsoft SharePoint Server Remote Code Execution 
Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41061 (Microsoft Word Remote Code Execution Vulnerability. ...)
+CVE-2022-41061 (Microsoft Word Remote Code Execution Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41060 (Microsoft Word Information Disclosure Vulnerability. This CVE 
ID is un ...)
+CVE-2022-41060 (Microsoft Word Information Disclosure Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-41059
        RESERVED
 CVE-2022-41058 (Windows Network Address Translation (NAT) Denial of Service 
Vulnerabil ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41057 (Windows HTTP.sys Elevation of Privilege Vulnerability. ...)
+CVE-2022-41057 (Windows HTTP.sys Elevation of Privilege Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-41056 (Network Policy Server (NPS) RADIUS Protocol Denial of Service 
Vulnerab ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41055 (Windows Human Interface Device Information Disclosure 
Vulnerability. ...)
+CVE-2022-41055 (Windows Human Interface Device Information Disclosure 
Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-41054 (Windows Resilient File System (ReFS) Elevation of Privilege 
Vulnerabil ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41053 (Windows Kerberos Denial of Service Vulnerability. ...)
+CVE-2022-41053 (Windows Kerberos Denial of Service Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41052 (Windows Graphics Component Remote Code Execution 
Vulnerability. ...)
+CVE-2022-41052 (Windows Graphics Component Remote Code Execution Vulnerability 
...)
        NOT-FOR-US: Microsoft
 CVE-2022-41051 (Azure RTOS GUIX Studio Remote Code Execution Vulnerability. 
...)
        NOT-FOR-US: Microsoft
 CVE-2022-41050 (Windows Extensible File Allocation Table Elevation of 
Privilege Vulner ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41049 (Windows Mark of the Web Security Feature Bypass Vulnerability. 
This CV ...)
+CVE-2022-41049 (Windows Mark of the Web Security Feature Bypass Vulnerability 
...)
        NOT-FOR-US: Microsoft
-CVE-2022-41048 (Microsoft ODBC Driver Remote Code Execution Vulnerability. 
This CVE ID ...)
+CVE-2022-41048 (Microsoft ODBC Driver Remote Code Execution Vulnerability ...)
        NOT-FOR-US: Microsoft
-CVE-2022-41047 (Microsoft ODBC Driver Remote Code Execution Vulnerability. 
This CVE ID ...)
+CVE-2022-41047 (Microsoft ODBC Driver Remote Code Execution Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-41046
        RESERVED
@@ -49231,7 +49499,7 @@ CVE-2022-38025 (Windows Distributed File System (DFS) 
Information Disclosure Vul
        NOT-FOR-US: Microsoft
 CVE-2022-38024
        RESERVED
-CVE-2022-38023 (Netlogon RPC Elevation of Privilege Vulnerability. ...)
+CVE-2022-38023 (Netlogon RPC Elevation of Privilege Vulnerability ...)
        - samba 2:4.17.4+dfsg-1
        NOTE: https://www.samba.org/samba/security/CVE-2022-38023.html
 CVE-2022-38022 (Windows Kernel Elevation of Privilege Vulnerability. This CVE 
ID is un ...)
@@ -49248,7 +49516,7 @@ CVE-2022-38017 (StorSimple 8000 Series Elevation of 
Privilege Vulnerability. ...
        NOT-FOR-US: Microsoft
 CVE-2022-38016 (Windows Local Security Authority (LSA) Elevation of Privilege 
Vulnerab ...)
        NOT-FOR-US: Microsoft
-CVE-2022-38015 (Windows Hyper-V Denial of Service Vulnerability. ...)
+CVE-2022-38015 (Windows Hyper-V Denial of Service Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-38014 (Windows Subsystem for Linux (WSL2) Kernel Elevation of 
Privilege Vulne ...)
        NOT-FOR-US: Microsoft
@@ -49294,7 +49562,7 @@ CVE-2022-37994 (Windows Group Policy Preference Client 
Elevation of Privilege Vu
        NOT-FOR-US: Microsoft
 CVE-2022-37993 (Windows Group Policy Preference Client Elevation of Privilege 
Vulnerab ...)
        NOT-FOR-US: Microsoft
-CVE-2022-37992 (Windows Group Policy Elevation of Privilege Vulnerability. 
This CVE ID ...)
+CVE-2022-37992 (Windows Group Policy Elevation of Privilege Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2022-37991 (Windows Kernel Elevation of Privilege Vulnerability. This CVE 
ID is un ...)
        NOT-FOR-US: Microsoft
@@ -49344,10 +49612,10 @@ CVE-2022-37969 (Windows Common Log File System Driver 
Elevation of Privilege Vul
        NOT-FOR-US: Microsoft
 CVE-2022-37968 (Azure Arc-enabled Kubernetes cluster Connect Elevation of 
Privilege Vu ...)
        NOT-FOR-US: Microsoft
-CVE-2022-37967 (Windows Kerberos Elevation of Privilege Vulnerability. ...)
+CVE-2022-37967 (Windows Kerberos Elevation of Privilege Vulnerability ...)
        - samba 2:4.17.4+dfsg-1
        NOTE: https://www.samba.org/samba/security/CVE-2022-37967.html
-CVE-2022-37966 (Windows Kerberos RC4-HMAC Elevation of Privilege 
Vulnerability. ...)
+CVE-2022-37966 (Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability 
...)
        - samba 2:4.17.4+dfsg-1
        NOTE: https://www.samba.org/samba/security/CVE-2022-37966.html
 CVE-2022-37965 (Windows Point-to-Point Tunneling Protocol Denial of Service 
Vulnerabil ...)
@@ -80920,11 +81188,11 @@ CVE-2022-26808 (Windows File Explorer Elevation of 
Privilege Vulnerability. ...)
        NOT-FOR-US: Microsoft
 CVE-2022-26807 (Windows Work Folder Service Elevation of Privilege 
Vulnerability. ...)
        NOT-FOR-US: Microsoft
-CVE-2022-26806 (Microsoft Office Graphics Remote Code Execution Vulnerability. 
This CV ...)
+CVE-2022-26806 (Microsoft Office Graphics Remote Code Execution Vulnerability 
...)
        NOT-FOR-US: Microsoft
-CVE-2022-26805 (Microsoft Office Graphics Remote Code Execution Vulnerability. 
This CV ...)
+CVE-2022-26805 (Microsoft Office Graphics Remote Code Execution Vulnerability 
...)
        NOT-FOR-US: Microsoft
-CVE-2022-26804 (Microsoft Office Graphics Remote Code Execution Vulnerability. 
This CV ...)
+CVE-2022-26804 (Microsoft Office Graphics Remote Code Execution Vulnerability 
...)
        NOT-FOR-US: Microsoft
 CVE-2022-26803 (Windows Print Spooler Elevation of Privilege Vulnerability. 
This CVE I ...)
        NOT-FOR-US: Microsoft
@@ -133989,8 +134257,8 @@ CVE-2021-33361 (Memory leak in the afra_box_read 
function in MP4Box in GPAC 1.0.
        NOTE: 
https://github.com/gpac/gpac/commit/a51f951b878c2b73c1d8e2f1518c7cdc5fb82c3f
        NOTE: https://github.com/gpac/gpac/issues/1782
        NOTE: Negligible security impact
-CVE-2021-33360
-       RESERVED
+CVE-2021-33360 (An issue found in Stoqey gnuplot v.0.0.3 and earlier allows 
attackers  ...)
+       TODO: check
 CVE-2021-33359 (A vulnerability exists in gowitness &lt; 2.3.6 that allows an 
unauthen ...)
        NOT-FOR-US: gowitness
 CVE-2021-33358 (Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the 
"interfac ...)
@@ -148754,8 +149022,8 @@ CVE-2021-27790 (The command ipfilter in Brocade 
Fabric OS before Brocade Fabric
        NOT-FOR-US: Brocade Fabric OS
 CVE-2021-27789 (The Web application of Brocade Fabric OS before versions 
Brocade Fabri ...)
        NOT-FOR-US: Brocade Fabric OS
-CVE-2021-27788
-       RESERVED
+CVE-2021-27788 (HCL Verse is susceptible to a Cross Site Scripting (XSS) 
vulnerability ...)
+       TODO: check
 CVE-2021-27787
        RESERVED
 CVE-2021-27786 (Cross-origin resource sharing (CORS) enables browsers to 
perform cross ...)
@@ -192662,7 +192930,7 @@ CVE-2020-22663
        RESERVED
 CVE-2020-22662 (In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus 
R600 10. ...)
        NOT-FOR-US: Ruckus
-CVE-2020-22661
+CVE-2020-22661 (In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus 
R600 10. ...)
        NOT-FOR-US: Ruckus
 CVE-2020-22660 (In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus 
R600 10. ...)
        NOT-FOR-US: Ruckus



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3766e10f437fb0710f65a27b1d28a45934a4525d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3766e10f437fb0710f65a27b1d28a45934a4525d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to