Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
aec67abd by security tracker role at 2022-04-20T08:10:19+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2022-29510
+ RESERVED
+CVE-2022-29505
+ RESERVED
+CVE-2022-29486
+ RESERVED
+CVE-2022-29469
+ RESERVED
+CVE-2022-29466
+ RESERVED
+CVE-2022-29262
+ RESERVED
+CVE-2022-28858
+ RESERVED
+CVE-2022-27497
+ RESERVED
+CVE-2022-27493
+ RESERVED
+CVE-2022-26424
+ RESERVED
+CVE-2022-25899
+ RESERVED
+CVE-2022-1406
+ RESERVED
CVE-2022-29504
RESERVED
CVE-2022-29503
@@ -267,10 +291,10 @@ CVE-2022-1386
RESERVED
CVE-2022-29405
RESERVED
-CVE-2022-1385
- RESERVED
-CVE-2022-1384
- RESERVED
+CVE-2022-1385 (Mattermost 6.4.x and earlier fails to properly invalidate
pending emai ...)
+ TODO: check
+CVE-2022-1384 (Mattermost version 6.4.x and earlier fails to properly check
the plugi ...)
+ TODO: check
CVE-2022-1383 (Heap-based Buffer Overflow in GitHub repository
radareorg/radare2 prio ...)
- radare2 <unfixed>
NOTE: https://huntr.dev/bounties/02b4b563-b946-4343-9092-38d1c5cd60c9
@@ -1059,8 +1083,8 @@ CVE-2022-1331
RESERVED
CVE-2022-1330 (stored xss due to unsantized anchor url in GitHub repository
alvarotri ...)
TODO: check
-CVE-2022-1329
- RESERVED
+CVE-2022-1329 (The Elementor Website Builder plugin for WordPress is
vulnerable to un ...)
+ TODO: check
CVE-2022-1328 (Buffer Overflow in uudecoder in Mutt affecting all versions
starting f ...)
- mutt 2.2.3-1 (bug #1009734)
- neomutt <unfixed> (bug #1009735)
@@ -1571,8 +1595,8 @@ CVE-2022-28892
RESERVED
CVE-2022-28891
RESERVED
-CVE-2022-27629
- RESERVED
+CVE-2022-27629 (Cross-site request forgery (CSRF) vulnerability in
'MicroPayments - Pa ...)
+ TODO: check
CVE-2022-1291 (XSS vulnerability with default `onCellHtmlData` function in
GitHub rep ...)
TODO: check
CVE-2022-1290 (Stored XSS in "Name", "Group Name" & "Title" in GitHub
repository ...)
@@ -3371,16 +3395,16 @@ CVE-2022-1189 (An issue has been discovered in GitLab
CE/EE affecting all versio
- gitlab <unfixed>
CVE-2022-1188 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
- gitlab <unfixed>
-CVE-2022-1187
- RESERVED
-CVE-2022-1186
- RESERVED
+CVE-2022-1187 (The WordPress WP YouTube Live Plugin is vulnerable to Reflected
Cross- ...)
+ TODO: check
+CVE-2022-1186 (The WordPress plugin Be POPIA Compliant exposed sensitive
information ...)
+ TODO: check
CVE-2022-28223 (Tekon KIO devices through 2022-03-30 allow an authenticated
admin user ...)
NOT-FOR-US: Tekon KIO devices
-CVE-2022-28222
- RESERVED
-CVE-2022-28221
- RESERVED
+CVE-2022-28222 (The CleanTalk AntiSpam plugin <= 5.173 for WordPress is
vulnerable ...)
+ TODO: check
+CVE-2022-28221 (The CleanTalk AntiSpam plugin <= 5.173 for WordPress is
vulnerable ...)
+ TODO: check
CVE-2022-28220
RESERVED
CVE-2022-1185 (A denial of service vulnerability when rendering RDoc files in
GitLab ...)
@@ -3837,8 +3861,8 @@ CVE-2022-1121 (A lack of appropriate timeouts in GitLab
Pages included in GitLab
- gitlab <unfixed>
CVE-2022-1120 (Missing filtering in an error message in GitLab CE/EE affecting
all ve ...)
- gitlab <unfixed>
-CVE-2022-1119
- RESERVED
+CVE-2022-1119 (The Simple File List WordPress plugin is vulnerable to
Arbitrary File ...)
+ TODO: check
CVE-2022-1118
RESERVED
CVE-2022-1117
@@ -4526,10 +4550,10 @@ CVE-2022-1068 (Modbus Tools Modbus Slave (versions
7.4.2 and prior) is vulnerabl
NOT-FOR-US: Modbus Tools Modbus Slave
CVE-2022-1067 (Navigating to a specific URL with a patient ID number will
result in t ...)
NOT-FOR-US: LifePoint Informatics Patient Portal
-CVE-2022-27863
- RESERVED
-CVE-2022-27862
- RESERVED
+CVE-2022-27863 (Sensitive Information Exposure in E4J s.r.l. VikBooking Hotel
Booking ...)
+ TODO: check
+CVE-2022-27862 (Sensitive Information Exposure in E4J s.r.l. VikBooking Hotel
Booking ...)
+ TODO: check
CVE-2022-27861
RESERVED
CVE-2022-27860
@@ -4605,7 +4629,7 @@ CVE-2022-27838 (Improper access control vulnerability in
FactoryCamera prior to
NOT-FOR-US: Samsung
CVE-2022-27837 (A vulnerability using PendingIntent in Accessibility prior to
version ...)
NOT-FOR-US: Samsung
-CVE-2022-27836 (Improper access control and path traversal vulnerability in
StroageMan ...)
+CVE-2022-27836 (Improper access control and path traversal vulnerability in
Storage Ma ...)
NOT-FOR-US: Samsung
CVE-2022-27835 (Improper boundary check in UWB firmware prior to SMR Apr-2022
Release ...)
NOT-FOR-US: Samsung
@@ -5293,8 +5317,8 @@ CVE-2022-27529 (A maliciously crafted PICT, BMP, PSD or
TIF file in Autodesk Aut
NOT-FOR-US: Autodesk
CVE-2022-27528 (A maliciously crafted DWFX and SKP files in Autodesk
Navisworks 2022 c ...)
NOT-FOR-US: Autodesk
-CVE-2022-27527
- RESERVED
+CVE-2022-27527 (A Memory Corruption vulnerability may lead to code execution
through m ...)
+ TODO: check
CVE-2022-27526 (A malicious crafted TGA file when consumed through
DesignReview.exe ap ...)
NOT-FOR-US: Autodesk
CVE-2022-27525 (A malicious crafted .dwf file when consumed through
DesignReview.exe a ...)
@@ -6068,8 +6092,8 @@ CVE-2022-26349 (Delta Electronics DIAEnergie (All
versions prior to 1.8.02.004)
NOT-FOR-US: Delta Electronics
CVE-2022-25880 (Delta Electronics DIAEnergie (All versions prior to
1.8.02.004) has a ...)
NOT-FOR-US: Delta Electronics
-CVE-2022-1019
- RESERVED
+CVE-2022-1019 (Automated Logic's WebCtrl Server Version 6.1 'Help' index pages
are vu ...)
+ TODO: check
CVE-2022-1018 (When opening a malicious solution file provided by an attacker,
the ap ...)
NOT-FOR-US: Rockwell Automation
CVE-2022-27172
@@ -6170,11 +6194,9 @@ CVE-2022-27223 (In drivers/usb/gadget/udc/udc-xilinx.c
in the Linux kernel befor
NOTE:
https://git.kernel.org/linus/7f14c7227f342d9932f9b918893c8814f86d2a0d (5.17-rc6)
CVE-2022-27222
RESERVED
-CVE-2022-0993
- RESERVED
+CVE-2022-0993 (The SiteGround Security plugin for WordPress is vulnerable to
authenti ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-0992
- RESERVED
+CVE-2022-0992 (The SiteGround Security plugin for WordPress is vulnerable to
authenti ...)
NOT-FOR-US: WordPress plugin
CVE-2022-0991 (Insufficient Session Expiration in GitHub repository
admidio/admidio p ...)
NOT-FOR-US: admidio
@@ -10069,8 +10091,8 @@ CVE-2022-25790 (A maliciously crafted DWF file in
Autodesk AutoCAD 2022, 2021, 2
NOT-FOR-US: Autodesk
CVE-2022-25789 (A maliciously crafted DWF, 3DS and DWFX files in Autodesk
AutoCAD 2022 ...)
NOT-FOR-US: Autodesk
-CVE-2022-25788
- RESERVED
+CVE-2022-25788 (A maliciously crafted JT file in Autodesk AutoCAD 2022 may be
used to ...)
+ TODO: check
CVE-2022-25787
RESERVED
CVE-2022-25786
@@ -12669,15 +12691,15 @@ CVE-2022-24862
RESERVED
CVE-2022-24861
RESERVED
-CVE-2022-24860
- RESERVED
+CVE-2022-24860 (Databasir is a team-oriented relational database model
document manage ...)
+ TODO: check
CVE-2022-24859 (PyPDF2 is an open source python PDF library capable of
splitting, merg ...)
- pypdf2 <unfixed> (bug #1009879)
NOTE:
https://github.com/py-pdf/PyPDF2/security/advisories/GHSA-xcjx-m2pj-8g79
NOTE: https://github.com/py-pdf/PyPDF2/issues/329
NOTE: https://github.com/py-pdf/PyPDF2/pull/740
-CVE-2022-24858
- RESERVED
+CVE-2022-24858 (next-auth v3 users before version 3.29.2 are impacted.
next-auth versi ...)
+ TODO: check
CVE-2022-24857 (django-mfa3 is a library that implements multi factor
authentication f ...)
TODO: check
CVE-2022-24856
@@ -12750,10 +12772,10 @@ CVE-2022-24828 (Composer is a dependency manager for
the PHP programming languag
TODO: check
CVE-2022-24827 (Elide is a Java library that lets you stand up a
GraphQL/JSON-API web ...)
TODO: check
-CVE-2022-24826
- RESERVED
-CVE-2022-24825
- RESERVED
+CVE-2022-24826 (On Windows, if Git LFS operates on a malicious repository with
a `..ex ...)
+ TODO: check
+CVE-2022-24825 (Smokescreen is a simple HTTP proxy that fogs over naughty
URLs. The pr ...)
+ TODO: check
CVE-2022-24824 (Discourse is an open source platform for community discussion.
In affe ...)
NOT-FOR-US: Discourse
CVE-2022-24823
@@ -22404,10 +22426,10 @@ CVE-2022-0073
RESERVED
CVE-2022-0072
RESERVED
-CVE-2022-0071
- RESERVED
-CVE-2022-0070
- RESERVED
+CVE-2022-0071 (Incomplete fix for CVE-2021-3101. Hotdog, prior to v1.0.2, did
not mim ...)
+ TODO: check
+CVE-2022-0070 (Incomplete fix for CVE-2021-3100. The Apache Log4j hotpatch
package st ...)
+ TODO: check
CVE-2022-0069
RESERVED
CVE-2022-0068
@@ -26447,8 +26469,8 @@ CVE-2021-4098 (Insufficient data validation in Mojo in
Google Chrome prior to 96
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4097 (phpservermon is vulnerable to Improper Neutralization of CRLF
Sequence ...)
NOT-FOR-US: phpservermon
-CVE-2021-4096
- RESERVED
+CVE-2021-4096 (The Fancy Product Designer plugin for WordPress is vulnerable
to Cross ...)
+ TODO: check
CVE-2022-21822 (NVIDIA FLARE contains a vulnerability in the admin interface,
where an ...)
NOT-FOR-US: NVIDIA
CVE-2022-21821 (NVIDIA CUDA Toolkit SDK contains an integer overflow
vulnerability in ...)
@@ -30189,196 +30211,196 @@ CVE-2022-21500
RESERVED
CVE-2022-21499
RESERVED
-CVE-2022-21498
- RESERVED
-CVE-2022-21497
- RESERVED
-CVE-2022-21496
- RESERVED
+CVE-2022-21498 (Vulnerability in the Java VM component of Oracle Database
Server. Supp ...)
+ TODO: check
+CVE-2022-21497 (Vulnerability in the Oracle Web Services Manager product of
Oracle Fus ...)
+ TODO: check
+CVE-2022-21496 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
+ TODO: check
CVE-2022-21495
RESERVED
-CVE-2022-21494
- RESERVED
-CVE-2022-21493
- RESERVED
-CVE-2022-21492
- RESERVED
-CVE-2022-21491
- RESERVED
-CVE-2022-21490
- RESERVED
-CVE-2022-21489
- RESERVED
-CVE-2022-21488
- RESERVED
-CVE-2022-21487
- RESERVED
-CVE-2022-21486
- RESERVED
-CVE-2022-21485
- RESERVED
-CVE-2022-21484
- RESERVED
-CVE-2022-21483
- RESERVED
-CVE-2022-21482
- RESERVED
-CVE-2022-21481
- RESERVED
-CVE-2022-21480
- RESERVED
-CVE-2022-21479
- RESERVED
-CVE-2022-21478
- RESERVED
-CVE-2022-21477
- RESERVED
-CVE-2022-21476
- RESERVED
-CVE-2022-21475
- RESERVED
-CVE-2022-21474
- RESERVED
-CVE-2022-21473
- RESERVED
-CVE-2022-21472
- RESERVED
-CVE-2022-21471
- RESERVED
-CVE-2022-21470
- RESERVED
-CVE-2022-21469
- RESERVED
-CVE-2022-21468
- RESERVED
-CVE-2022-21467
- RESERVED
-CVE-2022-21466
- RESERVED
-CVE-2022-21465
- RESERVED
-CVE-2022-21464
- RESERVED
-CVE-2022-21463
- RESERVED
-CVE-2022-21462
- RESERVED
-CVE-2022-21461
- RESERVED
-CVE-2022-21460
- RESERVED
-CVE-2022-21459
- RESERVED
-CVE-2022-21458
- RESERVED
-CVE-2022-21457
- RESERVED
-CVE-2022-21456
- RESERVED
+CVE-2022-21494 (Vulnerability in the Oracle Solaris product of Oracle Systems
(compone ...)
+ TODO: check
+CVE-2022-21493 (Vulnerability in the Oracle Solaris product of Oracle Systems
(compone ...)
+ TODO: check
+CVE-2022-21492 (Vulnerability in the Oracle Business Intelligence Enterprise
Edition p ...)
+ TODO: check
+CVE-2022-21491 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2022-21490 (Vulnerability in the MySQL Cluster product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21489 (Vulnerability in the MySQL Cluster product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21488 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2022-21487 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2022-21486 (Vulnerability in the MySQL Cluster product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21485 (Vulnerability in the MySQL Cluster product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21484 (Vulnerability in the MySQL Cluster product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21483 (Vulnerability in the MySQL Cluster product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21482 (Vulnerability in the MySQL Cluster product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21481 (Vulnerability in the PeopleSoft Enterprise FIN Cash Management
product ...)
+ TODO: check
+CVE-2022-21480 (Vulnerability in the Oracle Transportation Management product
of Oracl ...)
+ TODO: check
+CVE-2022-21479 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21478 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21477 (Vulnerability in the Oracle Applications Framework product of
Oracle E ...)
+ TODO: check
+CVE-2022-21476 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
+ TODO: check
+CVE-2022-21475 (Vulnerability in the Oracle Banking Payments product of Oracle
Financi ...)
+ TODO: check
+CVE-2022-21474 (Vulnerability in the Oracle Banking Trade Finance product of
Oracle Fi ...)
+ TODO: check
+CVE-2022-21473 (Vulnerability in the Oracle Banking Treasury Management
product of Ora ...)
+ TODO: check
+CVE-2022-21472 (Vulnerability in the Oracle FLEXCUBE Universal Banking product
of Orac ...)
+ TODO: check
+CVE-2022-21471 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2022-21470 (Vulnerability in the PeopleSoft Enterprise PeopleTools product
of Orac ...)
+ TODO: check
+CVE-2022-21469 (Vulnerability in the Enterprise Manager Base Platform product
of Oracl ...)
+ TODO: check
+CVE-2022-21468 (Vulnerability in the Oracle Applications Framework product of
Oracle E ...)
+ TODO: check
+CVE-2022-21467 (Vulnerability in the Oracle Agile PLM product of Oracle Supply
Chain ( ...)
+ TODO: check
+CVE-2022-21466 (Vulnerability in the Oracle Commerce Guided Search product of
Oracle C ...)
+ TODO: check
+CVE-2022-21465 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
+ TODO: check
+CVE-2022-21464 (Vulnerability in the JD Edwards EnterpriseOne Tools product of
Oracle ...)
+ TODO: check
+CVE-2022-21463 (Vulnerability in the Oracle Solaris product of Oracle Systems
(compone ...)
+ TODO: check
+CVE-2022-21462 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21461 (Vulnerability in the Oracle Solaris product of Oracle Systems
(compone ...)
+ TODO: check
+CVE-2022-21460 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21459 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21458 (Vulnerability in the PeopleSoft Enterprise PeopleTools product
of Orac ...)
+ TODO: check
+CVE-2022-21457 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21456 (Vulnerability in the PeopleSoft Enterprise PeopleTools product
of Orac ...)
+ TODO: check
CVE-2022-21455
RESERVED
-CVE-2022-21454
- RESERVED
-CVE-2022-21453
- RESERVED
-CVE-2022-21452
- RESERVED
-CVE-2022-21451
- RESERVED
-CVE-2022-21450
- RESERVED
-CVE-2022-21449
- RESERVED
-CVE-2022-21448
- RESERVED
-CVE-2022-21447
- RESERVED
-CVE-2022-21446
- RESERVED
-CVE-2022-21445
- RESERVED
-CVE-2022-21444
- RESERVED
-CVE-2022-21443
- RESERVED
-CVE-2022-21442
- RESERVED
-CVE-2022-21441
- RESERVED
-CVE-2022-21440
- RESERVED
+CVE-2022-21454 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21453 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
+ TODO: check
+CVE-2022-21452 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21451 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21450 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction
Hub produc ...)
+ TODO: check
+CVE-2022-21449 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
+ TODO: check
+CVE-2022-21448 (Vulnerability in the Oracle Business Intelligence Enterprise
Edition p ...)
+ TODO: check
+CVE-2022-21447 (Vulnerability in the PeopleSoft Enterprise CS Academic
Advisement prod ...)
+ TODO: check
+CVE-2022-21446 (Vulnerability in the Oracle Solaris product of Oracle Systems
(compone ...)
+ TODO: check
+CVE-2022-21445 (Vulnerability in the Oracle JDeveloper product of Oracle
Fusion Middle ...)
+ TODO: check
+CVE-2022-21444 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21443 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
+ TODO: check
+CVE-2022-21442 (Vulnerability in Oracle GoldenGate (component: OGG Core
Library). The ...)
+ TODO: check
+CVE-2022-21441 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
+ TODO: check
+CVE-2022-21440 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
CVE-2022-21439
RESERVED
-CVE-2022-21438
- RESERVED
-CVE-2022-21437
- RESERVED
-CVE-2022-21436
- RESERVED
-CVE-2022-21435
- RESERVED
-CVE-2022-21434
- RESERVED
+CVE-2022-21438 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21437 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21436 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21435 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21434 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
+ TODO: check
CVE-2022-21433
RESERVED
CVE-2022-21432
RESERVED
-CVE-2022-21431
- RESERVED
-CVE-2022-21430
- RESERVED
+CVE-2022-21431 (Vulnerability in the Oracle Communications Billing and Revenue
Managem ...)
+ TODO: check
+CVE-2022-21430 (Vulnerability in the Oracle Communications Billing and Revenue
Managem ...)
+ TODO: check
CVE-2022-21429
RESERVED
CVE-2022-21428
RESERVED
-CVE-2022-21427
- RESERVED
-CVE-2022-21426
- RESERVED
-CVE-2022-21425
- RESERVED
-CVE-2022-21424
- RESERVED
-CVE-2022-21423
- RESERVED
-CVE-2022-21422
- RESERVED
-CVE-2022-21421
- RESERVED
-CVE-2022-21420
- RESERVED
-CVE-2022-21419
- RESERVED
-CVE-2022-21418
- RESERVED
-CVE-2022-21417
- RESERVED
-CVE-2022-21416
- RESERVED
-CVE-2022-21415
- RESERVED
-CVE-2022-21414
- RESERVED
-CVE-2022-21413
- RESERVED
-CVE-2022-21412
- RESERVED
-CVE-2022-21411
- RESERVED
-CVE-2022-21410
- RESERVED
-CVE-2022-21409
- RESERVED
+CVE-2022-21427 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21426 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
+ TODO: check
+CVE-2022-21425 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21424 (Vulnerability in the Oracle Communications Billing and Revenue
Managem ...)
+ TODO: check
+CVE-2022-21423 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21422 (Vulnerability in the Oracle Communications Billing and Revenue
Managem ...)
+ TODO: check
+CVE-2022-21421 (Vulnerability in the Oracle Business Intelligence Enterprise
Edition p ...)
+ TODO: check
+CVE-2022-21420 (Vulnerability in the Oracle Coherence product of Oracle Fusion
Middlew ...)
+ TODO: check
+CVE-2022-21419 (Vulnerability in the Oracle Business Intelligence Enterprise
Edition p ...)
+ TODO: check
+CVE-2022-21418 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21417 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21416 (Vulnerability in the Oracle Solaris product of Oracle Systems
(compone ...)
+ TODO: check
+CVE-2022-21415 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21414 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21413 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21412 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
+ TODO: check
+CVE-2022-21411 (Vulnerability in the RDBMS Gateway / Generic ODBC Connectivity
compone ...)
+ TODO: check
+CVE-2022-21410 (Vulnerability in the Oracle Database - Enterprise Edition
Sharding com ...)
+ TODO: check
+CVE-2022-21409 (Vulnerability in the JD Edwards EnterpriseOne Tools product of
Oracle ...)
+ TODO: check
CVE-2022-21408
RESERVED
CVE-2022-21407
RESERVED
CVE-2022-21406
RESERVED
-CVE-2022-21405
- RESERVED
-CVE-2022-21404
- RESERVED
+CVE-2022-21405 (Vulnerability in the OSS Support Tools product of Oracle
Support Tools ...)
+ TODO: check
+CVE-2022-21404 (Vulnerability in the Helidon product of Oracle Fusion
Middleware (comp ...)
+ TODO: check
CVE-2022-21403 (Vulnerability in the Oracle Communications Operations Monitor
product ...)
NOT-FOR-US: Oracle
CVE-2022-21402 (Vulnerability in the Oracle Communications Operations Monitor
product ...)
@@ -36989,7 +37011,8 @@ CVE-2021-42188
RESERVED
CVE-2021-42187
RESERVED
-CVE-2021-42186 (SAS Logon Manager v9.4 was discovered to contain a
vulnerability in th ...)
+CVE-2021-42186
+ REJECTED
NOT-FOR-US: SAS Logon Manager
CVE-2021-42185
RESERVED
@@ -42052,7 +42075,7 @@ CVE-2021-40169
RESERVED
CVE-2021-40168
RESERVED
-CVE-2021-40167 (A Memory Corruption Vulnerability may lead to remote code
execution th ...)
+CVE-2021-40167 (A malicious crafted dwf file when consumed through
DesignReview.exe ap ...)
NOT-FOR-US: Autodesk
CVE-2021-40166
RESERVED
@@ -76096,12 +76119,12 @@ CVE-2021-26629
RESERVED
CVE-2021-26628
RESERVED
-CVE-2021-26627
- RESERVED
-CVE-2021-26626
- RESERVED
-CVE-2021-26625
- RESERVED
+CVE-2021-26627 (Real-time image information exposure is caused by insufficient
authent ...)
+ TODO: check
+CVE-2021-26626 (Improper input validation vulnerability in XPLATFORM's
execBrowser met ...)
+ TODO: check
+CVE-2021-26625 (Insufficient Verification of input Data leading to arbitrary
file down ...)
+ TODO: check
CVE-2021-26624 (An local privilege escalation vulnerability due to a
"runasroot" comma ...)
NOT-FOR-US: eScan Antivirus
CVE-2021-26623 (A remote code execution vulnerability due to incomplete check
for 'xhe ...)
@@ -84289,8 +84312,8 @@ CVE-2021-23285 (Eaton Intelligent Power Manager
Infrastructure (IPM Infrastructu
TODO: check
CVE-2021-23284 (Eaton Intelligent Power Manager Infrastructure (IPM
Infrastructure) ve ...)
TODO: check
-CVE-2021-23283
- RESERVED
+CVE-2021-23283 (Eaton Intelligent Power Protector (IPP) prior to version 1.69
is vulne ...)
+ TODO: check
CVE-2021-23282
RESERVED
CVE-2021-23281 (Eaton Intelligent Power Manager (IPM) prior to 1.69 is
vulnerable to u ...)
@@ -84415,10 +84438,10 @@ CVE-2021-3103
RESERVED
CVE-2021-3102
RESERVED
-CVE-2021-3101
- RESERVED
-CVE-2021-3100
- RESERVED
+CVE-2021-3101 (Hotdog, prior to v1.0.1, did not mimic the capabilities or the
SELinux ...)
+ TODO: check
+CVE-2021-3100 (The Apache Log4j hotpatch package before
log4j-cve-2021-44228-hotpatch ...)
+ TODO: check
CVE-2021-3099
RESERVED
CVE-2021-3098
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aec67abd33c37c814e2e41dd07fb9adcc4c936c2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aec67abd33c37c814e2e41dd07fb9adcc4c936c2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
