Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0a4a6839 by security tracker role at 2023-02-06T20:10:25+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,631 @@
+CVE-2023-25498
+ RESERVED
+CVE-2023-25497
+ RESERVED
+CVE-2023-25496
+ RESERVED
+CVE-2023-25495
+ RESERVED
+CVE-2023-25494
+ RESERVED
+CVE-2023-25493
+ RESERVED
+CVE-2023-25492
+ RESERVED
+CVE-2023-25491
+ RESERVED
+CVE-2023-25490
+ RESERVED
+CVE-2023-25489
+ RESERVED
+CVE-2023-25488
+ RESERVED
+CVE-2023-25487
+ RESERVED
+CVE-2023-25486
+ RESERVED
+CVE-2023-25485
+ RESERVED
+CVE-2023-25484
+ RESERVED
+CVE-2023-25483
+ RESERVED
+CVE-2023-25482
+ RESERVED
+CVE-2023-25481
+ RESERVED
+CVE-2023-25480
+ RESERVED
+CVE-2023-25479
+ RESERVED
+CVE-2023-25478
+ RESERVED
+CVE-2023-25477
+ RESERVED
+CVE-2023-25476
+ RESERVED
+CVE-2023-25475
+ RESERVED
+CVE-2023-25474
+ RESERVED
+CVE-2023-25473
+ RESERVED
+CVE-2023-25472
+ RESERVED
+CVE-2023-25471
+ RESERVED
+CVE-2023-25470
+ RESERVED
+CVE-2023-25469
+ RESERVED
+CVE-2023-25468
+ RESERVED
+CVE-2023-25467
+ RESERVED
+CVE-2023-25466
+ RESERVED
+CVE-2023-25465
+ RESERVED
+CVE-2023-25464
+ RESERVED
+CVE-2023-25463
+ RESERVED
+CVE-2023-25462
+ RESERVED
+CVE-2023-25461
+ RESERVED
+CVE-2023-25460
+ RESERVED
+CVE-2023-25459
+ RESERVED
+CVE-2023-25458
+ RESERVED
+CVE-2023-25457
+ RESERVED
+CVE-2023-25456
+ RESERVED
+CVE-2023-25455
+ RESERVED
+CVE-2023-25454
+ RESERVED
+CVE-2023-25453
+ RESERVED
+CVE-2023-25452
+ RESERVED
+CVE-2023-25451
+ RESERVED
+CVE-2023-25450
+ RESERVED
+CVE-2023-25449
+ RESERVED
+CVE-2023-25448
+ RESERVED
+CVE-2023-25447
+ RESERVED
+CVE-2023-25446
+ RESERVED
+CVE-2023-25445
+ RESERVED
+CVE-2023-25444
+ RESERVED
+CVE-2023-25443
+ RESERVED
+CVE-2023-25442
+ RESERVED
+CVE-2023-25441
+ RESERVED
+CVE-2023-25440
+ RESERVED
+CVE-2023-25439
+ RESERVED
+CVE-2023-25438
+ RESERVED
+CVE-2023-25437
+ RESERVED
+CVE-2023-25436
+ RESERVED
+CVE-2023-25435
+ RESERVED
+CVE-2023-25434
+ RESERVED
+CVE-2023-25433
+ RESERVED
+CVE-2023-25432
+ RESERVED
+CVE-2023-25431
+ RESERVED
+CVE-2023-25430
+ RESERVED
+CVE-2023-25429
+ RESERVED
+CVE-2023-25428
+ RESERVED
+CVE-2023-25427
+ RESERVED
+CVE-2023-25426
+ RESERVED
+CVE-2023-25425
+ RESERVED
+CVE-2023-25424
+ RESERVED
+CVE-2023-25423
+ RESERVED
+CVE-2023-25422
+ RESERVED
+CVE-2023-25421
+ RESERVED
+CVE-2023-25420
+ RESERVED
+CVE-2023-25419
+ RESERVED
+CVE-2023-25418
+ RESERVED
+CVE-2023-25417
+ RESERVED
+CVE-2023-25416
+ RESERVED
+CVE-2023-25415
+ RESERVED
+CVE-2023-25414
+ RESERVED
+CVE-2023-25413
+ RESERVED
+CVE-2023-25412
+ RESERVED
+CVE-2023-25411
+ RESERVED
+CVE-2023-25410
+ RESERVED
+CVE-2023-25409
+ RESERVED
+CVE-2023-25408
+ RESERVED
+CVE-2023-25407
+ RESERVED
+CVE-2023-25406
+ RESERVED
+CVE-2023-25405
+ RESERVED
+CVE-2023-25404
+ RESERVED
+CVE-2023-25403
+ RESERVED
+CVE-2023-25402
+ RESERVED
+CVE-2023-25401
+ RESERVED
+CVE-2023-25400
+ RESERVED
+CVE-2023-25399
+ RESERVED
+CVE-2023-25398
+ RESERVED
+CVE-2023-25397
+ RESERVED
+CVE-2023-25396
+ RESERVED
+CVE-2023-25395
+ RESERVED
+CVE-2023-25394
+ RESERVED
+CVE-2023-25393
+ RESERVED
+CVE-2023-25392
+ RESERVED
+CVE-2023-25391
+ RESERVED
+CVE-2023-25390
+ RESERVED
+CVE-2023-25389
+ RESERVED
+CVE-2023-25388
+ RESERVED
+CVE-2023-25387
+ RESERVED
+CVE-2023-25386
+ RESERVED
+CVE-2023-25385
+ RESERVED
+CVE-2023-25384
+ RESERVED
+CVE-2023-25383
+ RESERVED
+CVE-2023-25382
+ RESERVED
+CVE-2023-25381
+ RESERVED
+CVE-2023-25380
+ RESERVED
+CVE-2023-25379
+ RESERVED
+CVE-2023-25378
+ RESERVED
+CVE-2023-25377
+ RESERVED
+CVE-2023-25376
+ RESERVED
+CVE-2023-25375
+ RESERVED
+CVE-2023-25374
+ RESERVED
+CVE-2023-25373
+ RESERVED
+CVE-2023-25372
+ RESERVED
+CVE-2023-25371
+ RESERVED
+CVE-2023-25370
+ RESERVED
+CVE-2023-25369
+ RESERVED
+CVE-2023-25368
+ RESERVED
+CVE-2023-25367
+ RESERVED
+CVE-2023-25366
+ RESERVED
+CVE-2023-25365
+ RESERVED
+CVE-2023-25364
+ RESERVED
+CVE-2023-25363
+ RESERVED
+CVE-2023-25362
+ RESERVED
+CVE-2023-25361
+ RESERVED
+CVE-2023-25360
+ RESERVED
+CVE-2023-25359
+ RESERVED
+CVE-2023-25358
+ RESERVED
+CVE-2023-25357
+ RESERVED
+CVE-2023-25356
+ RESERVED
+CVE-2023-25355
+ RESERVED
+CVE-2023-25354
+ RESERVED
+CVE-2023-25353
+ RESERVED
+CVE-2023-25352
+ RESERVED
+CVE-2023-25351
+ RESERVED
+CVE-2023-25350
+ RESERVED
+CVE-2023-25349
+ RESERVED
+CVE-2023-25348
+ RESERVED
+CVE-2023-25347
+ RESERVED
+CVE-2023-25346
+ RESERVED
+CVE-2023-25345
+ RESERVED
+CVE-2023-25344
+ RESERVED
+CVE-2023-25343
+ RESERVED
+CVE-2023-25342
+ RESERVED
+CVE-2023-25341
+ RESERVED
+CVE-2023-25340
+ RESERVED
+CVE-2023-25339
+ RESERVED
+CVE-2023-25338
+ RESERVED
+CVE-2023-25337
+ RESERVED
+CVE-2023-25336
+ RESERVED
+CVE-2023-25335
+ RESERVED
+CVE-2023-25334
+ RESERVED
+CVE-2023-25333
+ RESERVED
+CVE-2023-25332
+ RESERVED
+CVE-2023-25331
+ RESERVED
+CVE-2023-25330
+ RESERVED
+CVE-2023-25329
+ RESERVED
+CVE-2023-25328
+ RESERVED
+CVE-2023-25327
+ RESERVED
+CVE-2023-25326
+ RESERVED
+CVE-2023-25325
+ RESERVED
+CVE-2023-25324
+ RESERVED
+CVE-2023-25323
+ RESERVED
+CVE-2023-25322
+ RESERVED
+CVE-2023-25321
+ RESERVED
+CVE-2023-25320
+ RESERVED
+CVE-2023-25319
+ RESERVED
+CVE-2023-25318
+ RESERVED
+CVE-2023-25317
+ RESERVED
+CVE-2023-25316
+ RESERVED
+CVE-2023-25315
+ RESERVED
+CVE-2023-25314
+ RESERVED
+CVE-2023-25313
+ RESERVED
+CVE-2023-25312
+ RESERVED
+CVE-2023-25311
+ RESERVED
+CVE-2023-25310
+ RESERVED
+CVE-2023-25309
+ RESERVED
+CVE-2023-25308
+ RESERVED
+CVE-2023-25307
+ RESERVED
+CVE-2023-25306
+ RESERVED
+CVE-2023-25305
+ RESERVED
+CVE-2023-25304
+ RESERVED
+CVE-2023-25303
+ RESERVED
+CVE-2023-25302
+ RESERVED
+CVE-2023-25301
+ RESERVED
+CVE-2023-25300
+ RESERVED
+CVE-2023-25299
+ RESERVED
+CVE-2023-25298
+ RESERVED
+CVE-2023-25297
+ RESERVED
+CVE-2023-25296
+ RESERVED
+CVE-2023-25295
+ RESERVED
+CVE-2023-25294
+ RESERVED
+CVE-2023-25293
+ RESERVED
+CVE-2023-25292
+ RESERVED
+CVE-2023-25291
+ RESERVED
+CVE-2023-25290
+ RESERVED
+CVE-2023-25289
+ RESERVED
+CVE-2023-25288
+ RESERVED
+CVE-2023-25287
+ RESERVED
+CVE-2023-25286
+ RESERVED
+CVE-2023-25285
+ RESERVED
+CVE-2023-25284
+ RESERVED
+CVE-2023-25283
+ RESERVED
+CVE-2023-25282
+ RESERVED
+CVE-2023-25281
+ RESERVED
+CVE-2023-25280
+ RESERVED
+CVE-2023-25279
+ RESERVED
+CVE-2023-25278
+ RESERVED
+CVE-2023-25277
+ RESERVED
+CVE-2023-25276
+ RESERVED
+CVE-2023-25275
+ RESERVED
+CVE-2023-25274
+ RESERVED
+CVE-2023-25273
+ RESERVED
+CVE-2023-25272
+ RESERVED
+CVE-2023-25271
+ RESERVED
+CVE-2023-25270
+ RESERVED
+CVE-2023-25269
+ RESERVED
+CVE-2023-25268
+ RESERVED
+CVE-2023-25267
+ RESERVED
+CVE-2023-25266
+ RESERVED
+CVE-2023-25265
+ RESERVED
+CVE-2023-25264
+ RESERVED
+CVE-2023-25263
+ RESERVED
+CVE-2023-25262
+ RESERVED
+CVE-2023-25261
+ RESERVED
+CVE-2023-25260
+ RESERVED
+CVE-2023-25259
+ RESERVED
+CVE-2023-25258
+ RESERVED
+CVE-2023-25257
+ RESERVED
+CVE-2023-25256
+ RESERVED
+CVE-2023-25255
+ RESERVED
+CVE-2023-25254
+ RESERVED
+CVE-2023-25253
+ RESERVED
+CVE-2023-25252
+ RESERVED
+CVE-2023-25251
+ RESERVED
+CVE-2023-25250
+ RESERVED
+CVE-2023-25249
+ RESERVED
+CVE-2023-25248
+ RESERVED
+CVE-2023-25247
+ RESERVED
+CVE-2023-25246
+ RESERVED
+CVE-2023-25245
+ RESERVED
+CVE-2023-25244
+ RESERVED
+CVE-2023-25243
+ RESERVED
+CVE-2023-25242
+ RESERVED
+CVE-2023-25241
+ RESERVED
+CVE-2023-25240
+ RESERVED
+CVE-2023-25239
+ RESERVED
+CVE-2023-25238
+ RESERVED
+CVE-2023-25237
+ RESERVED
+CVE-2023-25236
+ RESERVED
+CVE-2023-25235
+ RESERVED
+CVE-2023-25234
+ RESERVED
+CVE-2023-25233
+ RESERVED
+CVE-2023-25232
+ RESERVED
+CVE-2023-25231
+ RESERVED
+CVE-2023-25230
+ RESERVED
+CVE-2023-25229
+ RESERVED
+CVE-2023-25228
+ RESERVED
+CVE-2023-25227
+ RESERVED
+CVE-2023-25226
+ RESERVED
+CVE-2023-25225
+ RESERVED
+CVE-2023-25224
+ RESERVED
+CVE-2023-25223
+ RESERVED
+CVE-2023-25222
+ RESERVED
+CVE-2023-25221
+ RESERVED
+CVE-2023-25220
+ RESERVED
+CVE-2023-25219
+ RESERVED
+CVE-2023-25218
+ RESERVED
+CVE-2023-25217
+ RESERVED
+CVE-2023-25216
+ RESERVED
+CVE-2023-25215
+ RESERVED
+CVE-2023-25214
+ RESERVED
+CVE-2023-25213
+ RESERVED
+CVE-2023-25212
+ RESERVED
+CVE-2023-25211
+ RESERVED
+CVE-2023-25210
+ RESERVED
+CVE-2023-25209
+ RESERVED
+CVE-2023-25208
+ RESERVED
+CVE-2023-25207
+ RESERVED
+CVE-2023-25206
+ RESERVED
+CVE-2023-25205
+ RESERVED
+CVE-2023-25204
+ RESERVED
+CVE-2023-25203
+ RESERVED
+CVE-2023-25202
+ RESERVED
+CVE-2023-25201
+ RESERVED
+CVE-2023-25200
+ RESERVED
+CVE-2023-25199
+ RESERVED
+CVE-2023-0687 (A vulnerability was found in GNU C Library 2.38. It has been
declared ...)
+ TODO: check
+CVE-2023-0686 (A vulnerability was found in SourceCodester Online Eyewear Shop
1.0. I ...)
+ TODO: check
+CVE-2023-0685
+ RESERVED
+CVE-2023-0684
+ RESERVED
+CVE-2023-0683
+ RESERVED
+CVE-2023-0682
+ RESERVED
+CVE-2023-0681
+ RESERVED
+CVE-2023-0680
+ RESERVED
+CVE-2023-0679 (A vulnerability was found in SourceCodester Canteen Management
System ...)
+ TODO: check
+CVE-2022-48316
+ RESERVED
+CVE-2022-48315
+ RESERVED
+CVE-2015-10075
+ RESERVED
+CVE-2015-10074
+ RESERVED
+CVE-2011-10002
+ RESERVED
CVE-2023-25198
RESERVED
CVE-2023-25197
@@ -14,10 +642,10 @@ CVE-2022-48312
RESERVED
CVE-2023-25194
RESERVED
-CVE-2022-4902
- RESERVED
-CVE-2020-36660
- RESERVED
+CVE-2022-4902 (A vulnerability classified as problematic has been found in eXo
Chat A ...)
+ TODO: check
+CVE-2020-36660 (A vulnerability was found in paxswill EVE Ship Replacement
Program 0.1 ...)
+ TODO: check
CVE-2017-20177
RESERVED
CVE-2015-10073
@@ -1068,7 +1696,7 @@ CVE-2023-0578
RESERVED
CVE-2023-0577
RESERVED
-CVE-2023-0576 (Server-Side Request Forgery (SSRF), Improperly Controlled
Modification ...)
+CVE-2023-0576 (This CVE ID has been rejected or withdrawn by its CVE Numbering
Author ...)
- yugabyte-db <itp> (bug #989673)
CVE-2023-0575
RESERVED
@@ -2515,8 +3143,8 @@ CVE-2023-24278
RESERVED
CVE-2023-24277
RESERVED
-CVE-2023-24276
- RESERVED
+CVE-2023-24276 (TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to
contain a co ...)
+ TODO: check
CVE-2023-24275
RESERVED
CVE-2023-24274
@@ -2663,30 +3291,30 @@ CVE-2023-24204
RESERVED
CVE-2023-24203
RESERVED
-CVE-2023-24202
- RESERVED
-CVE-2023-24201
- RESERVED
-CVE-2023-24200
- RESERVED
-CVE-2023-24199
- RESERVED
-CVE-2023-24198
- RESERVED
-CVE-2023-24197
- RESERVED
+CVE-2023-24202 (Raffle Draw System v1.0 was discovered to contain a local file
inclusi ...)
+ TODO: check
+CVE-2023-24201 (Raffle Draw System v1.0 was discovered to contain a SQL
injection vuln ...)
+ TODO: check
+CVE-2023-24200 (Raffle Draw System v1.0 was discovered to contain a SQL
injection vuln ...)
+ TODO: check
+CVE-2023-24199 (Raffle Draw System v1.0 was discovered to contain a SQL
injection vuln ...)
+ TODO: check
+CVE-2023-24198 (Raffle Draw System v1.0 was discovered to contain multiple SQL
injecti ...)
+ TODO: check
+CVE-2023-24197 (Online Food Ordering System v2 was discovered to contain a SQL
injecti ...)
+ TODO: check
CVE-2023-24196
RESERVED
-CVE-2023-24195
- RESERVED
-CVE-2023-24194
- RESERVED
+CVE-2023-24195 (Online Food Ordering System v2 was discovered to contain a
cross-site ...)
+ TODO: check
+CVE-2023-24194 (Online Food Ordering System v2 was discovered to contain a
cross-site ...)
+ TODO: check
CVE-2023-24193
RESERVED
-CVE-2023-24192
- RESERVED
-CVE-2023-24191
- RESERVED
+CVE-2023-24192 (Online Food Ordering System v2 was discovered to contain a
cross-site ...)
+ TODO: check
+CVE-2023-24191 (Online Food Ordering System v2 was discovered to contain a
cross-site ...)
+ TODO: check
CVE-2023-24190
RESERVED
CVE-2023-24189
@@ -4666,11 +5294,13 @@ CVE-2023-23519
RESERVED
CVE-2023-23518 [Processing maliciously crafted web content may lead to
arbitrary code execution]
RESERVED
+ {DSA-5341-1 DSA-5340-1 DLA-3308-1}
- webkit2gtk 2.38.4-1
- wpewebkit 2.38.4-1
NOTE: https://webkitgtk.org/security/WSA-2023-0001.html
CVE-2023-23517 [Processing maliciously crafted web content may lead to
arbitrary code execution]
RESERVED
+ {DSA-5341-1 DSA-5340-1 DLA-3308-1}
- webkit2gtk 2.38.4-1
- wpewebkit 2.38.4-1
NOTE: https://webkitgtk.org/security/WSA-2023-0001.html
@@ -8251,8 +8881,8 @@ CVE-2022-48166
RESERVED
CVE-2022-48165 (An access control issue in the component
/cgi-bin/ExportLogs.sh of Wav ...)
TODO: check
-CVE-2022-48164
- RESERVED
+CVE-2022-48164 (An access control issue in the component
/cgi-bin/ExportLogs.sh of Wav ...)
+ TODO: check
CVE-2022-48163
RESERVED
CVE-2022-48162
@@ -8409,8 +9039,8 @@ CVE-2022-48087
RESERVED
CVE-2022-48086
RESERVED
-CVE-2022-48085
- RESERVED
+CVE-2022-48085 (Softr v2.0 was discovered to contain a HTML injection
vulnerability vi ...)
+ TODO: check
CVE-2022-48084
RESERVED
CVE-2022-48083
@@ -8423,8 +9053,8 @@ CVE-2022-48080
RESERVED
CVE-2022-48079 (Monnai aaPanel host system v1.5 contains an access control
issue which ...)
TODO: check
-CVE-2022-48078
- RESERVED
+CVE-2022-48078 (pycdc commit 44a730f3a889503014fec94ae6e62d8401cb75e5 was
discovered t ...)
+ TODO: check
CVE-2022-48077
RESERVED
CVE-2022-48076
@@ -8541,8 +9171,8 @@ CVE-2022-48021 (A vulnerability in Zammad v5.3.0 allows
attackers to execute arb
TODO: check
CVE-2022-48020
RESERVED
-CVE-2022-48019
- RESERVED
+CVE-2022-48019 (The components wfshbr64.sys and wfshbr32.sys in Another Eden
before v3 ...)
+ TODO: check
CVE-2022-48018
RESERVED
CVE-2022-48017
@@ -11362,7 +11992,7 @@ CVE-2023-21845 (Vulnerability in the PeopleSoft
Enterprise PeopleTools product o
CVE-2023-21844 (Vulnerability in the PeopleSoft Enterprise PeopleTools product
of Orac ...)
NOT-FOR-US: Oracle
CVE-2023-21843 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5335-1 DSA-5331-1}
+ {DSA-5335-1 DSA-5331-1 DLA-3307-1}
- openjdk-8 8u362-ga-1
- openjdk-11 11.0.18+10-1
- openjdk-17 17.0.6+10-1
@@ -11382,7 +12012,7 @@ CVE-2023-21837 (Vulnerability in the Oracle WebLogic
Server product of Oracle Fu
CVE-2023-21836 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-8.0 8.0.32-1 (bug #1029151)
CVE-2023-21835 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5335-1 DSA-5331-1}
+ {DSA-5335-1 DSA-5331-1 DLA-3307-1}
- openjdk-11 11.0.18+10-1
- openjdk-17 17.0.6+10-1
- openjdk-21 21~7ea-1
@@ -13079,8 +13709,8 @@ CVE-2022-47073 (A cross-site scripting (XSS)
vulnerability in the Create Ticket
NOT-FOR-US: Small CRM
CVE-2022-47072
RESERVED
-CVE-2022-47071
- RESERVED
+CVE-2022-47071 (In NVS365 V01, the background network test function can
trigger comman ...)
+ TODO: check
CVE-2022-47070 (NVS365 V01 is vulnerable to Incorrect Access Control. After
entering a ...)
TODO: check
CVE-2022-47069
@@ -17118,8 +17748,8 @@ CVE-2022-45724
RESERVED
CVE-2022-45723
RESERVED
-CVE-2022-45722
- RESERVED
+CVE-2022-45722 (ezEIP v5.3.0(0649) was discovered to contain a cross-site
scripting (X ...)
+ TODO: check
CVE-2022-45721 (IP-COM M50 V15.11.0.33(10768) was discovered to contain a
buffer overf ...)
NOT-FOR-US: IP-COM M50
CVE-2022-45720 (IP-COM M50 V15.11.0.33(10768) was discovered to contain
multiple buffe ...)
@@ -22249,8 +22879,8 @@ CVE-2022-44345 (Sanitization Management System v1.0 is
vulnerable to SQL Injecti
NOT-FOR-US: Sanitization Management System
CVE-2022-44344
RESERVED
-CVE-2022-44343
- RESERVED
+CVE-2022-44343 (CRMEB 4.4.4 is vulnerable to Any File download. ...)
+ TODO: check
CVE-2022-44342
RESERVED
CVE-2022-44341
@@ -28161,6 +28791,7 @@ CVE-2022-42827 (An out-of-bounds write issue was
addressed with improved bounds
NOT-FOR-US: Apple
CVE-2022-42826 [Processing maliciously crafted web content may lead to
arbitrary code execution]
RESERVED
+ {DSA-5341-1 DSA-5340-1 DLA-3308-1}
- webkit2gtk 2.38.4-1
- wpewebkit 2.38.4-1
NOTE: https://webkitgtk.org/security/WSA-2023-0001.html
@@ -31452,8 +32083,8 @@ CVE-2022-3329
RESERVED
CVE-2022-30544 (Cross-Site Request Forgery (CSRF) in MiKa's OSM –
OpenStreetMap ...)
NOT-FOR-US: MiKa
-CVE-2022-27628
- RESERVED
+CVE-2022-27628 (Cross-Site Request Forgery (CSRF) vulnerability in AA-Team
WZone ̵ ...)
+ TODO: check
CVE-2022-26375 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Mamm ...)
NOT-FOR-US: WordPress plugin
CVE-2021-46840 (The HW_KEYMASTER module has an out-of-bounds access
vulnerability in p ...)
@@ -31484,8 +32115,8 @@ CVE-2022-41559 (The Web Client component of TIBCO
Software Inc.'s TIBCO Nimbus c
NOT-FOR-US: TIBCO
CVE-2022-41558 (The Visualizations component of TIBCO Software Inc.'s TIBCO
Spotfire A ...)
NOT-FOR-US: TIBCO
-CVE-2022-41342
- RESERVED
+CVE-2022-41342 (Improper buffer restrictions the Intel(R) C++ Compiler Classic
before ...)
+ TODO: check
CVE-2022-41314
RESERVED
CVE-2022-40982
@@ -31498,10 +32129,10 @@ CVE-2022-40964
RESERVED
CVE-2022-40210
RESERVED
-CVE-2022-40196
- RESERVED
-CVE-2022-38136
- RESERVED
+CVE-2022-40196 (Improper access control in the Intel(R) oneAPI DPC++/C++
Compiler befo ...)
+ TODO: check
+CVE-2022-38136 (Uncontrolled search path in the Intel(R) oneAPI DPC++/C++
Compiler bef ...)
+ TODO: check
CVE-2022-38099 (Improper input validation in BIOS firmware for some Intel(R)
NUC 11 Co ...)
NOT-FOR-US: Intel
CVE-2022-3328
@@ -36751,7 +37382,7 @@ CVE-2022-39401 (Vulnerability in the Oracle Solaris
product of Oracle Systems (c
CVE-2022-39400 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-8.0 8.0.31-1 (bug #1024016)
CVE-2022-39399 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5335-1 DSA-5331-1}
+ {DSA-5335-1 DSA-5331-1 DLA-3307-1}
- openjdk-11 11.0.17+8-1
- openjdk-17 17.0.5+8-1
CVE-2022-39398 (tasklists is a tasklists plugin for GLPI (Kanban). Versions
prior to 2 ...)
@@ -39086,8 +39717,8 @@ CVE-2022-2935 (The Image Hover Effects Ultimate plugin
for WordPress is vulnerab
NOT-FOR-US: Image Hover Effects Ultimate plugin for WordPress
CVE-2022-2934 (The Beaver Builder – WordPress Page Builder for WordPress
is vul ...)
NOT-FOR-US: WordPress Page Builder
-CVE-2022-2933
- RESERVED
+CVE-2022-2933 (The 0mk Shortener plugin for WordPress is vulnerable to
Cross-Site Req ...)
+ TODO: check
CVE-2022-2932 (Cross-site Scripting (XSS) - Reflected in GitHub repository
bustle/mob ...)
NOT-FOR-US: Mobiledoc Kit
CVE-2022-2931 (A potential DOS vulnerability was discovered in GitLab CE/EE
affecting ...)
@@ -65023,8 +65654,8 @@ CVE-2022-29418 (Authenticated (admin user role)
Persistent Cross-Site Scripting
NOT-FOR-US: WordPress plugin
CVE-2022-29417 (Plugin Settings Update vulnerability in ShortPixel's
ShortPixel Adapti ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-29416
- RESERVED
+CVE-2022-29416 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Afterpay ...)
+ TODO: check
CVE-2022-29415 (Unauthenticated Reflected Cross-Site Scripting (XSS)
vulnerability in ...)
NOT-FOR-US: WordPress plugin
CVE-2022-29414 (Multiple (13x) Cross-Site Request Forgery (CSRF)
vulnerabilities in WP ...)
@@ -70577,7 +71208,7 @@ CVE-2022-27501
RESERVED
CVE-2022-27500 (Incorrect default permissions for the Intel(R) Support Android
applica ...)
NOT-FOR-US: Intel
-CVE-2022-27233 (XML injection in the Intel(R) Quartus Prime Pro and Standard
edition s ...)
+CVE-2022-27233 (XML injection Quartus(R) Prime Programmer included in the
Intel(R) Qua ...)
NOT-FOR-US: Intel
CVE-2022-27229
RESERVED
@@ -96105,7 +96736,7 @@ CVE-2022-21630 (Vulnerability in the JD Edwards
EnterpriseOne Tools product of O
CVE-2022-21629 (Vulnerability in the JD Edwards EnterpriseOne Tools product of
Oracle ...)
NOT-FOR-US: Oracle
CVE-2022-21628 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5335-1 DSA-5331-1}
+ {DSA-5335-1 DSA-5331-1 DLA-3307-1}
- openjdk-8 8u352-ga-1
- openjdk-11 11.0.17+8-1
- openjdk-17 17.0.5+8-1
@@ -96113,13 +96744,13 @@ CVE-2022-21627 (Vulnerability in the Oracle VM
VirtualBox product of Oracle Virt
- virtualbox 6.1.40-dfsg-1
NOTE:
https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixOVIR
CVE-2022-21626 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5331-1}
+ {DSA-5331-1 DLA-3307-1}
- openjdk-8 8u352-ga-1
- openjdk-11 11.0.17+8-1
CVE-2022-21625 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-8.0 8.0.31-1 (bug #1024016)
CVE-2022-21624 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5335-1 DSA-5331-1}
+ {DSA-5335-1 DSA-5331-1 DLA-3307-1}
- openjdk-8 8u352-ga-1
- openjdk-11 11.0.17+8-1
- openjdk-17 17.0.5+8-1
@@ -96134,7 +96765,7 @@ CVE-2022-21620 (Vulnerability in the Oracle VM
VirtualBox product of Oracle Virt
- virtualbox 6.1.40-dfsg-1
NOTE:
https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixOVIR
CVE-2022-21619 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5335-1 DSA-5331-1}
+ {DSA-5335-1 DSA-5331-1 DLA-3307-1}
- openjdk-8 8u352-ga-1
- openjdk-11 11.0.17+8-1
- openjdk-17 17.0.5+8-1
@@ -118602,12 +119233,12 @@ CVE-2021-36228
RESERVED
CVE-2021-36227
RESERVED
-CVE-2021-36226
- RESERVED
-CVE-2021-36225
- RESERVED
-CVE-2021-36224
- RESERVED
+CVE-2021-36226 (Western Digital My Cloud devices before OS5 do not use
cryptographical ...)
+ TODO: check
+CVE-2021-36225 (Western Digital My Cloud devices before OS5 allow REST API
access by l ...)
+ TODO: check
+CVE-2021-36224 (Western Digital My Cloud devices before OS5 have a nobody
account with ...)
+ TODO: check
CVE-2021-36223
RESERVED
CVE-2021-36222 (ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution
Center (KDC) ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a4a6839579069f0f34e9dedac269e21cfba9c08
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a4a6839579069f0f34e9dedac269e21cfba9c08
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
