Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
de9ecb6e by security tracker role at 2023-05-09T08:12:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2023-32113 (SAP GUI for Windows - version 7.70, 8.0, allows an
unauthorized attack ...)
+ TODO: check
+CVE-2023-32112 (Vendor Master Hierarchy - versions SAP_APPL 500, SAP_APPL 600,
SAP_APP ...)
+ TODO: check
+CVE-2023-32111 (In SAP PowerDesigner (Proxy) - version 16.7, an attacker can
send a cr ...)
+ TODO: check
+CVE-2023-31407 (SAP Business Planning and Consolidation - versions 740, 750,
allows an ...)
+ TODO: check
+CVE-2023-31406 (Due to insufficient input validation, SAP BusinessObjects
Business Int ...)
+ TODO: check
+CVE-2023-31404 (Under certain conditions,SAP BusinessObjects Business
Intelligence Pla ...)
+ TODO: check
+CVE-2023-2590 (Missing Authorization in GitHub repository answerdev/answer
prior to 1 ...)
+ TODO: check
+CVE-2023-2478 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
+ TODO: check
CVE-2023-2583 (Code Injection in GitHub repository jsreport/jsreport prior to
3.11.3.)
TODO: check
CVE-2023-2582 (A prototype pollution vulnerability exists in Strikingly CMS
which can ...)
@@ -80,7 +96,7 @@ CVE-2023-2520 (A vulnerability was found in Caton Prime
2.1.2.51.e8d7225049(2023
NOT-FOR-US: Caton Prime
CVE-2023-2519 (A vulnerability has been found in Caton CTP Relay Server 1.2.9
and cla ...)
NOT-FOR-US: Caton CTP Relay Server
-CVE-2023-2513
+CVE-2023-2513 (A use-after-free vulnerability was found in the Linux kernel's
ext4 fi ...)
- linux 5.19.6-1
[bullseye] - linux 5.10.140-1
[buster] - linux 4.19.260-1
@@ -658,18 +674,18 @@ CVE-2023-31185
RESERVED
CVE-2023-31184
RESERVED
-CVE-2023-31183
- RESERVED
-CVE-2023-31182
- RESERVED
-CVE-2023-31181
- RESERVED
-CVE-2023-31180
- RESERVED
-CVE-2023-31179
- RESERVED
-CVE-2023-31178
- RESERVED
+CVE-2023-31183 (Cybonet PineApp Mail SecureA reflected cross-site scripting
(XSS) vuln ...)
+ TODO: check
+CVE-2023-31182 (EasyTor Applications \u2013 Authorization Bypass - EasyTor
Application ...)
+ TODO: check
+CVE-2023-31181 (WJJ Software - InnoKB Server, InnoKB/Console 2.2.1 - CWE-22:
Path Trav ...)
+ TODO: check
+CVE-2023-31180 (WJJ Software - InnoKB Server, InnoKB/Console 2.2.1 - Reflected
cross-s ...)
+ TODO: check
+CVE-2023-31179 (AgilePoint NX v8.0 SU2.2 & SU2.3 - Path traversal
-Vulnerability allow ...)
+ TODO: check
+CVE-2023-31178 (AgilePoint NX v8.0 SU2.2 & SU2.3 \u2013 Arbitrary File
DeleteVulnerabi ...)
+ TODO: check
CVE-2023-31177
RESERVED
CVE-2023-31176
@@ -742,10 +758,10 @@ CVE-2023-31143
RESERVED
CVE-2023-31142
RESERVED
-CVE-2023-31141
- RESERVED
-CVE-2023-31140
- RESERVED
+CVE-2023-31141 (OpenSearch is open-source software suite for search,
analytics, and ob ...)
+ TODO: check
+CVE-2023-31140 (OpenProject is open source project management software.
Starting with ...)
+ TODO: check
CVE-2023-31139
RESERVED
CVE-2023-31138
@@ -758,24 +774,24 @@ CVE-2023-31135
RESERVED
CVE-2023-31134
RESERVED
-CVE-2023-31133
- RESERVED
+CVE-2023-31133 (Ghost is an app for new-media creators with tools to build a
website, ...)
+ TODO: check
CVE-2023-31132
RESERVED
CVE-2023-31131
RESERVED
CVE-2023-31130
RESERVED
-CVE-2023-31129
- RESERVED
+CVE-2023-31129 (The Contiki-NG operating system versions 4.8 and prior can be
triggere ...)
+ TODO: check
CVE-2023-31128
RESERVED
CVE-2023-31127 (libspdm is a sample implementation that follows the DMTF SPDM
specific ...)
TODO: check
CVE-2023-31126
RESERVED
-CVE-2023-31125
- RESERVED
+CVE-2023-31125 (Engine.IO is the implementation of transport-based
cross-browser/cross ...)
+ TODO: check
CVE-2023-31124
RESERVED
CVE-2023-31123 (`effectindex/tripreporter` is a community-powered, universal
platform ...)
@@ -2070,16 +2086,16 @@ CVE-2023-30746
RESERVED
CVE-2023-30745
RESERVED
-CVE-2023-30744
- RESERVED
-CVE-2023-30743
- RESERVED
-CVE-2023-30742
- RESERVED
-CVE-2023-30741
- RESERVED
-CVE-2023-30740
- RESERVED
+CVE-2023-30744 (In SAP AS NetWeaver JAVA - versions SERVERCORE 7.50, J2EE-FRMW
7.50, C ...)
+ TODO: check
+CVE-2023-30743 (Due to improper neutralization of input in SAPUI5 - versions
SAP_UI 75 ...)
+ TODO: check
+CVE-2023-30742 (SAP CRM (WebClient UI) - versions S4FND 102, S4FND 103, S4FND
104, S4F ...)
+ TODO: check
+CVE-2023-30741 (Due to insufficient input validation, SAP BusinessObjects
Business Int ...)
+ TODO: check
+CVE-2023-30740 (SAP BusinessObjects Business Intelligence Platform - versions
420, 430 ...)
+ TODO: check
CVE-2023-30739
RESERVED
CVE-2023-30738
@@ -3330,8 +3346,8 @@ CVE-2023-30336
RESERVED
CVE-2023-30335
RESERVED
-CVE-2023-30334
- RESERVED
+CVE-2023-30334 (AsmBB v2.9.1 was discovered to contain multiple cross-site
scripting ( ...)
+ TODO: check
CVE-2023-30333
RESERVED
CVE-2023-30332
@@ -3528,8 +3544,8 @@ CVE-2023-30239
RESERVED
CVE-2023-30238
RESERVED
-CVE-2023-30237
- RESERVED
+CVE-2023-30237 (CyberGhostVPN Windows Client before v8.3.10.10015 was
discovered to co ...)
+ TODO: check
CVE-2023-30236
RESERVED
CVE-2023-30235
@@ -6262,8 +6278,8 @@ CVE-2023-29190
RESERVED
CVE-2023-29189 (SAP CRM (WebClient UI) - versions S4FND 102, 103, 104, 105,
106, 107, ...)
NOT-FOR-US: SAP
-CVE-2023-29188
- RESERVED
+CVE-2023-29188 (SAP CRM WebClient UI - versions SAPSCORE 129, S4FND 102, S4FND
103, S4 ...)
+ TODO: check
CVE-2023-29187 (A Windows user with basic user authorization can exploit a DLL
hijacki ...)
NOT-FOR-US: SAP
CVE-2023-29186 (In SAP NetWeaver (BI CONT ADDON) - versions 707, 737, 747,
757, an att ...)
@@ -6543,8 +6559,8 @@ CVE-2023-1766 (Improper Neutralization of Input During
Web Page Generation ('Cro
NOT-FOR-US: Akbim Computer Panon
CVE-2023-1765 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: Akbim Computer Panon
-CVE-2023-29092
- RESERVED
+CVE-2023-29092 (An issue was discovered in Exynos Mobile Processor and Modem
for Exyno ...)
+ TODO: check
CVE-2023-29091 (An issue was discovered in Samsung Exynos Mobile Processor,
Automotive ...)
NOT-FOR-US: Samsung
CVE-2023-29090 (An issue was discovered in Samsung Exynos Mobile Processor,
Automotive ...)
@@ -7736,12 +7752,12 @@ CVE-2023-XXXX [RUSTSEC-2022-0092]
NOTE: https://rustsec.org/advisories/RUSTSEC-2022-0092.html
CVE-2023-28765 (An attacker with basic privileges in SAP BusinessObjects
Business Inte ...)
NOT-FOR-US: SAP
-CVE-2023-28764
- RESERVED
+CVE-2023-28764 (SAP BusinessObjects Platform - versions 420, 430, Information
design t ...)
+ TODO: check
CVE-2023-28763 (SAP NetWeaver AS for ABAP and ABAP Platform - versions 740,
750, 751, ...)
NOT-FOR-US: SAP
-CVE-2023-28762
- RESERVED
+CVE-2023-28762 (SAP BusinessObjects Business Intelligence Platform - versions
420, 430 ...)
+ TODO: check
CVE-2023-28761 (InSAP NetWeaver Enterprise Portal - version 7.50,an
unauthenticated at ...)
NOT-FOR-US: SAP
CVE-2023-28760
@@ -9848,50 +9864,50 @@ CVE-2022-48391
RESERVED
CVE-2022-48390
RESERVED
-CVE-2022-48389
- RESERVED
-CVE-2022-48388
- RESERVED
-CVE-2022-48387
- RESERVED
-CVE-2022-48386
- RESERVED
-CVE-2022-48385
- RESERVED
-CVE-2022-48384
- RESERVED
-CVE-2022-48383
- RESERVED
-CVE-2022-48382
- RESERVED
-CVE-2022-48381
- RESERVED
-CVE-2022-48380
- RESERVED
-CVE-2022-48379
- RESERVED
-CVE-2022-48378
- RESERVED
-CVE-2022-48377
- RESERVED
-CVE-2022-48376
- RESERVED
-CVE-2022-48375
- RESERVED
-CVE-2022-48374
- RESERVED
-CVE-2022-48373
- RESERVED
-CVE-2022-48372
- RESERVED
-CVE-2022-48371
- RESERVED
-CVE-2022-48370
- RESERVED
-CVE-2022-48369
- RESERVED
-CVE-2022-48368
- RESERVED
+CVE-2022-48389 (In modem control device, there is a possible out of bounds
write due t ...)
+ TODO: check
+CVE-2022-48388 (In powerEx service, there is a possible missing permission
check. This ...)
+ TODO: check
+CVE-2022-48387 (the apipe driver, there is a possible out of bounds write due
to a mis ...)
+ TODO: check
+CVE-2022-48386 (the apipe driver, there is a possible use after free due to a
logic er ...)
+ TODO: check
+CVE-2022-48385 (In cp_dump driver, there is a possible out of bounds write due
to a mi ...)
+ TODO: check
+CVE-2022-48384 (In srtd service, there is a possible missing permission check.
This co ...)
+ TODO: check
+CVE-2022-48383 (.In srtd service, there is a possible missing permission
check. This c ...)
+ TODO: check
+CVE-2022-48382 (In log service, there is a possible out of bounds write due to
a missi ...)
+ TODO: check
+CVE-2022-48381 (In modem control device, there is a possible out of bounds
write due t ...)
+ TODO: check
+CVE-2022-48380 (In modem control device, there is a possible out of bounds
write due t ...)
+ TODO: check
+CVE-2022-48379 (In dialer service, there is a possible missing permission
check. This ...)
+ TODO: check
+CVE-2022-48378 (In engineermode service, there is a possible missing
permission check. ...)
+ TODO: check
+CVE-2022-48377 (In dialer service, there is a possible missing permission
check. This ...)
+ TODO: check
+CVE-2022-48376 (In dialer service, there is a possible missing permission
check. This ...)
+ TODO: check
+CVE-2022-48375 (In contacts service, there is a possible missing permission
check. Thi ...)
+ TODO: check
+CVE-2022-48374 (In tee service, there is a possible out of bounds write due to
a missi ...)
+ TODO: check
+CVE-2022-48373 (In tee service, there is a possible out of bounds write due to
a missi ...)
+ TODO: check
+CVE-2022-48372 (In bootcp service, there is a possible out of bounds write due
to a mi ...)
+ TODO: check
+CVE-2022-48371 (In dialer service, there is a possible missing permission
check. This ...)
+ TODO: check
+CVE-2022-48370 (In dialer service, there is a possible missing permission
check. This ...)
+ TODO: check
+CVE-2022-48369 (In audio service, there is a possible missing permission
check. This c ...)
+ TODO: check
+CVE-2022-48368 (In audio service, there is a possible missing permission
check. This c ...)
+ TODO: check
CVE-2023-1360 (A vulnerability was found in SourceCodester Employee Payslip
Generator ...)
NOT-FOR-US: SourceCodester Employee Payslip Generator with Sending Mail
CVE-2023-1359 (A vulnerability has been found in SourceCodester Gadget Works
Online O ...)
@@ -20487,12 +20503,12 @@ CVE-2023-24509 (On affected modular platforms running
Arista EOS equipped with b
NOT-FOR-US: Arista
CVE-2023-24508 (Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB and
Nova 246 ...)
NOT-FOR-US: Baicells
-CVE-2023-24507
- RESERVED
-CVE-2023-24506
- RESERVED
-CVE-2023-24505
- RESERVED
+CVE-2023-24507 (AgilePoint NX v8.0 SU2.2 & SU2.3 \u2013 Insecure File Upload
-Vulnerab ...)
+ TODO: check
+CVE-2023-24506 (Milesight NCR/camera version 71.8.0.6-r5 exposes credentials
through a ...)
+ TODO: check
+CVE-2023-24505 (Milesight NCR/camera version 71.8.0.6-r5 discloses sensitive
informati ...)
+ TODO: check
CVE-2023-24504 (Electra Central AC unit \u2013 Adjacent attacker may cause the
unit to ...)
NOT-FOR-US: Electra Central
CVE-2023-24503 (Electra Central AC unit \u2013 Adjacent attacker may cause the
unit to ...)
@@ -20888,8 +20904,8 @@ CVE-2023-24378 (Auth. (contributor+) Stored Cross-Site
Scripting (XSS) vulnerabi
NOT-FOR-US: WordPress plugin
CVE-2023-24377 (Cross-Site Request Forgery (CSRF) vulnerability in Ecwid
Ecommerce Ecw ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-24376
- RESERVED
+CVE-2023-24376 (Auth. (admin+) Stored Cross-Site Scripting (XSS)
vulnerabilityin Nico ...)
+ TODO: check
CVE-2023-24375
RESERVED
CVE-2023-24374 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
@@ -22112,8 +22128,8 @@ CVE-2023-23896
RESERVED
CVE-2023-23895
RESERVED
-CVE-2023-23894
- RESERVED
+CVE-2023-23894 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
+ TODO: check
CVE-2023-23893
RESERVED
CVE-2023-23892 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
@@ -22174,8 +22190,8 @@ CVE-2023-23865 (Cross-Site Request Forgery (CSRF)
vulnerability in Checkout Plug
NOT-FOR-US: WordPress plugin
CVE-2023-23864 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability
in Micha ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23863
- RESERVED
+CVE-2023-23863 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Blac ...)
+ TODO: check
CVE-2023-23862
RESERVED
CVE-2023-23861 (Cross-Site Request Forgery (CSRF) vulnerability in German
Mesky GMAce ...)
@@ -25539,46 +25555,46 @@ CVE-2022-4883 (A flaw was found in libXpm. When
processing files with .Z or .gz
NOTE:
https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/8178eb0834d82242e1edbc7d4fb0d1b397569c68
(libXpm-3.5.15)
CVE-2022-4882 (A vulnerability was found in kaltura mwEmbed up to 2.91. It has
been r ...)
NOT-FOR-US: Kaltura
-CVE-2022-48250
- RESERVED
-CVE-2022-48249
- RESERVED
-CVE-2022-48248
- RESERVED
-CVE-2022-48247
- RESERVED
-CVE-2022-48246
- RESERVED
-CVE-2022-48245
- RESERVED
-CVE-2022-48244
- RESERVED
-CVE-2022-48243
- RESERVED
-CVE-2022-48242
- RESERVED
-CVE-2022-48241
- RESERVED
-CVE-2022-48240
- RESERVED
-CVE-2022-48239
- RESERVED
-CVE-2022-48238
- RESERVED
-CVE-2022-48237
- RESERVED
-CVE-2022-48236
- RESERVED
-CVE-2022-48235
- RESERVED
-CVE-2022-48234
- RESERVED
-CVE-2022-48233
- RESERVED
-CVE-2022-48232
- RESERVED
-CVE-2022-48231
- RESERVED
+CVE-2022-48250 (In audio service, there is a possible missing permission
check. This c ...)
+ TODO: check
+CVE-2022-48249 (In audio service, there is a possible missing permission
check. This c ...)
+ TODO: check
+CVE-2022-48248 (In audio service, there is a possible missing permission
check. This c ...)
+ TODO: check
+CVE-2022-48247 (In audio service, there is a possible missing permission
check. This c ...)
+ TODO: check
+CVE-2022-48246 (In audio service, there is a possible missing permission
check. This c ...)
+ TODO: check
+CVE-2022-48245 (In audio service, there is a possible missing permission
check. This c ...)
+ TODO: check
+CVE-2022-48244 (In audio service, there is a possible missing permission
check. This c ...)
+ TODO: check
+CVE-2022-48243 (In audio service, there is a possible missing permission
check. This c ...)
+ TODO: check
+CVE-2022-48242 (In telephony service, there is a possible missing permission
check. Th ...)
+ TODO: check
+CVE-2022-48241 (In telephony service, there is a possible missing permission
check. Th ...)
+ TODO: check
+CVE-2022-48240 (In camera driver, there is a possible out of bounds write due
to a mis ...)
+ TODO: check
+CVE-2022-48239 (In camera driver, there is a possible out of bounds write due
to a mis ...)
+ TODO: check
+CVE-2022-48238 (In Image filter, there is a possible out of bounds write due
to a miss ...)
+ TODO: check
+CVE-2022-48237 (In Image filter, there is a possible out of bounds write due
to a miss ...)
+ TODO: check
+CVE-2022-48236 (In MP3 encoder, there is a possible out of bounds read due to
a missin ...)
+ TODO: check
+CVE-2022-48235 (In MP3 encoder, there is a possible out of bounds write due to
a missi ...)
+ TODO: check
+CVE-2022-48234 (In FM service , there is a possible missing params check. This
could l ...)
+ TODO: check
+CVE-2022-48233 (In FM service , there is a possible missing params check. This
could l ...)
+ TODO: check
+CVE-2022-48232 (In FM service , there is a possible missing params check. This
could l ...)
+ TODO: check
+CVE-2022-48231 (In soter service, there is a possible missing permission
check. This c ...)
+ TODO: check
CVE-2022-48230 (There is a misinterpretation of input vulnerability in
BiSheng-WNM FW ...)
NOT-FOR-US: Huawei
CVE-2022-46285 (A flaw was found in libXpm. This issue occurs when parsing a
file with ...)
@@ -25798,8 +25814,8 @@ CVE-2023-22815
RESERVED
CVE-2023-22814
RESERVED
-CVE-2023-22813
- RESERVED
+CVE-2023-22813 (A device API endpoint was missing access controls onWestern
Digital My ...)
+ TODO: check
CVE-2023-22812 (SanDisk PrivateAccess versions prior to 6.4.9 support insecure
TLS 1.0 ...)
NOT-FOR-US: SanDisk PrivateAccess
CVE-2023-22811
@@ -26091,8 +26107,8 @@ CVE-2023-22712 (Auth. (contributor+) Stored Cross-Site
Scripting (XSS) vulnerabi
NOT-FOR-US: WordPress plugin
CVE-2023-22711
RESERVED
-CVE-2023-22710
- RESERVED
+CVE-2023-22710 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
chilidev ...)
+ TODO: check
CVE-2023-22709
RESERVED
CVE-2023-22708
@@ -30831,8 +30847,8 @@ CVE-2022-4539
RESERVED
CVE-2022-4538
RESERVED
-CVE-2022-4537
- RESERVED
+CVE-2022-4537 (The Hide My WP Ghost \u2013 Security Plugin plugin for
WordPress is vu ...)
+ TODO: check
CVE-2022-4536
RESERVED
CVE-2022-4535
@@ -30897,36 +30913,36 @@ CVE-2022-47501 (Arbitrary file reading vulnerability
in Apache Software Foundati
NOT-FOR-US: Apache OFBiz
CVE-2022-47500 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in A ...)
NOT-FOR-US: Apache Helix
-CVE-2022-47499
- RESERVED
-CVE-2022-47498
- RESERVED
-CVE-2022-47497
- RESERVED
-CVE-2022-47496
- RESERVED
-CVE-2022-47495
- RESERVED
-CVE-2022-47494
- RESERVED
-CVE-2022-47493
- RESERVED
-CVE-2022-47492
- RESERVED
-CVE-2022-47491
- RESERVED
-CVE-2022-47490
- RESERVED
-CVE-2022-47489
- RESERVED
-CVE-2022-47488
- RESERVED
-CVE-2022-47487
- RESERVED
-CVE-2022-47486
- RESERVED
-CVE-2022-47485
- RESERVED
+CVE-2022-47499 (In soter service, there is a possible out of bounds write due
to a mis ...)
+ TODO: check
+CVE-2022-47498 (In soter service, there is a possible out of bounds write due
to a mis ...)
+ TODO: check
+CVE-2022-47497 (In soter service, there is a possible out of bounds write due
to a mis ...)
+ TODO: check
+CVE-2022-47496 (In soter service, there is a possible out of bounds write due
to a mis ...)
+ TODO: check
+CVE-2022-47495 (In soter service, there is a possible out of bounds write due
to a mis ...)
+ TODO: check
+CVE-2022-47494 (In soter service, there is a possible out of bounds write due
to a mis ...)
+ TODO: check
+CVE-2022-47493 (In soter service, there is a possible missing permission
check. This c ...)
+ TODO: check
+CVE-2022-47492 (In soter service, there is a possible missing permission
check. This c ...)
+ TODO: check
+CVE-2022-47491 (In soter service, there is a possible out of bounds write due
to a mis ...)
+ TODO: check
+CVE-2022-47490 (In soter service, there is a possible missing permission
check. This c ...)
+ TODO: check
+CVE-2022-47489 (In soter service, there is a possible out of bounds write due
to a mis ...)
+ TODO: check
+CVE-2022-47488 (In spipe drive, there is a possible out of bounds write due to
a missi ...)
+ TODO: check
+CVE-2022-47487 (In thermal service, there is a possible out of bounds write
due to a m ...)
+ TODO: check
+CVE-2022-47486 (In ext4fsfilter driver, there is a possible out of bounds read
due to ...)
+ TODO: check
+CVE-2022-47485 (In modem control device, there is a possible out of bounds
write due t ...)
+ TODO: check
CVE-2022-47484 (In telephony service, there is a missing permission check.
This could ...)
NOT-FOR-US: Unisoc
CVE-2022-47483 (In telephony service, there is a missing permission check.
This could ...)
@@ -30955,10 +30971,10 @@ CVE-2022-47472 (In telephony service, there is a
missing permission check. This
NOT-FOR-US: Unisoc
CVE-2022-47471 (In telephony service, there is a missing permission check.
This could ...)
NOT-FOR-US: Unisoc
-CVE-2022-47470
- RESERVED
-CVE-2022-47469
- RESERVED
+CVE-2022-47470 (In ext4fsfilter driver, there is a possible out of bounds read
due to ...)
+ TODO: check
+CVE-2022-47469 (In ext4fsfilter driver, there is a possible out of bounds read
due to ...)
+ TODO: check
CVE-2022-47468 (In telecom service, there is a missing permission check. This
could le ...)
NOT-FOR-US: Unisoc
CVE-2022-47467 (In telecom service, there is a missing permission check. This
could le ...)
@@ -31600,8 +31616,8 @@ CVE-2022-47342 (In engineermode services, there is a
missing permission check. T
NOT-FOR-US: Unisoc
CVE-2022-47341 (In engineermode services, there is a missing permission check.
This co ...)
NOT-FOR-US: Unisoc
-CVE-2022-47340
- RESERVED
+CVE-2022-47340 (In h265 codec firmware, there is a possible out of bounds
write due to ...)
+ TODO: check
CVE-2022-47339 (In cmd services, there is a OS command injection issue due to
missing ...)
NOT-FOR-US: Unisoc
CVE-2022-47338 (In telecom service, there is a missing permission check. This
could le ...)
@@ -31612,8 +31628,8 @@ CVE-2022-47336 (In telecom service, there is a missing
permission check. This co
NOT-FOR-US: Unisoc
CVE-2022-47335 (In telecom service, there is a missing permission check. This
could le ...)
NOT-FOR-US: Unisoc
-CVE-2022-47334
- RESERVED
+CVE-2022-47334 (In phasecheck server, there is a possible out of bounds read
due to a ...)
+ TODO: check
CVE-2022-47333 (In wlan driver, there is a possible missing permission check.
This cou ...)
NOT-FOR-US: Unisoc
CVE-2022-47332 (In wlan driver, there is a possible missing permission check.
This cou ...)
@@ -39273,8 +39289,8 @@ CVE-2023-21406
RESERVED
CVE-2023-21405
RESERVED
-CVE-2023-21404
- RESERVED
+CVE-2023-21404 (AXIS OS 11.0.X - 11.3.x use a static RSA key in legacy
LUA-components ...)
+ TODO: check
CVE-2022-44749 (A directory traversal vulnerability in the ZIP archive
extraction rout ...)
NOT-FOR-US: KNIME
CVE-2022-44748 (A directory traversal vulnerability in the ZIP archive
extraction rout ...)
@@ -41276,8 +41292,8 @@ CVE-2022-44435 (In messaging service, there is a
missing permission check. This
NOT-FOR-US: Unisoc
CVE-2022-44434 (In messaging service, there is a missing permission check.
This could ...)
NOT-FOR-US: Unisoc
-CVE-2022-44433
- RESERVED
+CVE-2022-44433 (In phoneEx service, there is a possible missing permission
check. This ...)
+ TODO: check
CVE-2022-44432 (In wlan driver, there is a possible missing bounds check. This
could l ...)
NOT-FOR-US: Unisoc
CVE-2022-44431 (In wlan driver, there is a possible missing bounds check. This
could l ...)
@@ -41302,10 +41318,10 @@ CVE-2022-44422 (In music service, there is a missing
permission check. This coul
NOT-FOR-US: Unisoc
CVE-2022-44421 (In wlan driver, there is a possible missing permission check.
This cou ...)
NOT-FOR-US: Unisoc
-CVE-2022-44420
- RESERVED
-CVE-2022-44419
- RESERVED
+CVE-2022-44420 (In modem, there is a possible missing verification of HashMME
value in ...)
+ TODO: check
+CVE-2022-44419 (In modem, there is a possible missing verification of NAS
Security Mod ...)
+ TODO: check
CVE-2022-3760 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: Mia-Med
CVE-2022-3759 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
@@ -57049,8 +57065,8 @@ CVE-2022-39091 (In power management service, there is a
missing permission check
NOT-FOR-US: Unisoc
CVE-2022-39090 (In power management service, there is a missing permission
check. This ...)
NOT-FOR-US: Unisoc
-CVE-2022-39089
- RESERVED
+CVE-2022-39089 (In mlog service, there is a possible out of bounds read due to
a missi ...)
+ TODO: check
CVE-2022-39088 (In network service, there is a missing permission check. This
could le ...)
NOT-FOR-US: Unisoc
CVE-2022-39087 (In network service, there is a missing permission check. This
could le ...)
@@ -58390,8 +58406,8 @@ CVE-2022-38687 (In messaging service, there is a
missing permission check. This
NOT-FOR-US: Unisoc
CVE-2022-38686 (In wlan driver, there is a possible missing params check. This
could l ...)
NOT-FOR-US: Unisoc
-CVE-2022-38685
- RESERVED
+CVE-2022-38685 (In bluetooth service, there is a possible missing permission
check. Th ...)
+ TODO: check
CVE-2022-38684 (In contacts service, there is a missing permission check. This
could l ...)
NOT-FOR-US: Unisoc
CVE-2022-38683 (In contacts service, there is a missing permission check. This
could l ...)
@@ -113813,8 +113829,8 @@ CVE-2021-44285
RESERVED
CVE-2021-44284
RESERVED
-CVE-2021-44283
- RESERVED
+CVE-2021-44283 (A buffer overflow in the component /Enclave.cpp of Electronics
and Tel ...)
+ TODO: check
CVE-2021-44282
RESERVED
CVE-2021-44281
@@ -151115,8 +151131,8 @@ CVE-2021-31241
RESERVED
CVE-2021-31240
RESERVED
-CVE-2021-31239
- RESERVED
+CVE-2021-31239 (An issue found in SQLite SQLite3 v.3.35.4 that allows a remote
attacke ...)
+ TODO: check
CVE-2021-31238
RESERVED
CVE-2021-31237
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de9ecb6ed692e289fefff3ca22250b1513506ef3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de9ecb6ed692e289fefff3ca22250b1513506ef3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
