[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Apr 4 09:10:24 BST 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
970ad590 by security tracker role at 2022-04-04T08:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,465 @@
+CVE-2022-28609
+	RESERVED
+CVE-2022-28608
+	RESERVED
+CVE-2022-28607
+	RESERVED
+CVE-2022-28606
+	RESERVED
+CVE-2022-28605
+	RESERVED
+CVE-2022-28604
+	RESERVED
+CVE-2022-28603
+	RESERVED
+CVE-2022-28602
+	RESERVED
+CVE-2022-28601
+	RESERVED
+CVE-2022-28600
+	RESERVED
+CVE-2022-28599
+	RESERVED
+CVE-2022-28598
+	RESERVED
+CVE-2022-28597
+	RESERVED
+CVE-2022-28596
+	RESERVED
+CVE-2022-28595
+	RESERVED
+CVE-2022-28594
+	RESERVED
+CVE-2022-28593
+	RESERVED
+CVE-2022-28592
+	RESERVED
+CVE-2022-28591
+	RESERVED
+CVE-2022-28590
+	RESERVED
+CVE-2022-28589
+	RESERVED
+CVE-2022-28588
+	RESERVED
+CVE-2022-28587
+	RESERVED
+CVE-2022-28586
+	RESERVED
+CVE-2022-28585
+	RESERVED
+CVE-2022-28584
+	RESERVED
+CVE-2022-28583
+	RESERVED
+CVE-2022-28582
+	RESERVED
+CVE-2022-28581
+	RESERVED
+CVE-2022-28580
+	RESERVED
+CVE-2022-28579
+	RESERVED
+CVE-2022-28578
+	RESERVED
+CVE-2022-28577
+	RESERVED
+CVE-2022-28576
+	RESERVED
+CVE-2022-28575
+	RESERVED
+CVE-2022-28574
+	RESERVED
+CVE-2022-28573
+	RESERVED
+CVE-2022-28572
+	RESERVED
+CVE-2022-28571
+	RESERVED
+CVE-2022-28570
+	RESERVED
+CVE-2022-28569
+	RESERVED
+CVE-2022-28568
+	RESERVED
+CVE-2022-28567
+	RESERVED
+CVE-2022-28566
+	RESERVED
+CVE-2022-28565
+	RESERVED
+CVE-2022-28564
+	RESERVED
+CVE-2022-28563
+	RESERVED
+CVE-2022-28562
+	RESERVED
+CVE-2022-28561
+	RESERVED
+CVE-2022-28560
+	RESERVED
+CVE-2022-28559
+	RESERVED
+CVE-2022-28558
+	RESERVED
+CVE-2022-28557
+	RESERVED
+CVE-2022-28556
+	RESERVED
+CVE-2022-28555
+	RESERVED
+CVE-2022-28554
+	RESERVED
+CVE-2022-28553
+	RESERVED
+CVE-2022-28552
+	RESERVED
+CVE-2022-28551
+	RESERVED
+CVE-2022-28550
+	RESERVED
+CVE-2022-28549
+	RESERVED
+CVE-2022-28548
+	RESERVED
+CVE-2022-28547
+	RESERVED
+CVE-2022-28546
+	RESERVED
+CVE-2022-28545
+	RESERVED
+CVE-2022-28544
+	RESERVED
+CVE-2022-28543
+	RESERVED
+CVE-2022-28542
+	RESERVED
+CVE-2022-28541
+	RESERVED
+CVE-2022-28540
+	RESERVED
+CVE-2022-28539
+	RESERVED
+CVE-2022-28538
+	RESERVED
+CVE-2022-28537
+	RESERVED
+CVE-2022-28536
+	RESERVED
+CVE-2022-28535
+	RESERVED
+CVE-2022-28534
+	RESERVED
+CVE-2022-28533
+	RESERVED
+CVE-2022-28532
+	RESERVED
+CVE-2022-28531
+	RESERVED
+CVE-2022-28530
+	RESERVED
+CVE-2022-28529
+	RESERVED
+CVE-2022-28528
+	RESERVED
+CVE-2022-28527
+	RESERVED
+CVE-2022-28526
+	RESERVED
+CVE-2022-28525
+	RESERVED
+CVE-2022-28524
+	RESERVED
+CVE-2022-28523
+	RESERVED
+CVE-2022-28522
+	RESERVED
+CVE-2022-28521
+	RESERVED
+CVE-2022-28520
+	RESERVED
+CVE-2022-28519
+	RESERVED
+CVE-2022-28518
+	RESERVED
+CVE-2022-28517
+	RESERVED
+CVE-2022-28516
+	RESERVED
+CVE-2022-28515
+	RESERVED
+CVE-2022-28514
+	RESERVED
+CVE-2022-28513
+	RESERVED
+CVE-2022-28512
+	RESERVED
+CVE-2022-28511
+	RESERVED
+CVE-2022-28510
+	RESERVED
+CVE-2022-28509
+	RESERVED
+CVE-2022-28508
+	RESERVED
+CVE-2022-28507
+	RESERVED
+CVE-2022-28506
+	RESERVED
+CVE-2022-28505
+	RESERVED
+CVE-2022-28504
+	RESERVED
+CVE-2022-28503
+	RESERVED
+CVE-2022-28502
+	RESERVED
+CVE-2022-28501
+	RESERVED
+CVE-2022-28500
+	RESERVED
+CVE-2022-28499
+	RESERVED
+CVE-2022-28498
+	RESERVED
+CVE-2022-28497
+	RESERVED
+CVE-2022-28496
+	RESERVED
+CVE-2022-28495
+	RESERVED
+CVE-2022-28494
+	RESERVED
+CVE-2022-28493
+	RESERVED
+CVE-2022-28492
+	RESERVED
+CVE-2022-28491
+	RESERVED
+CVE-2022-28490
+	RESERVED
+CVE-2022-28489
+	RESERVED
+CVE-2022-28488
+	RESERVED
+CVE-2022-28487
+	RESERVED
+CVE-2022-28486
+	RESERVED
+CVE-2022-28485
+	RESERVED
+CVE-2022-28484
+	RESERVED
+CVE-2022-28483
+	RESERVED
+CVE-2022-28482
+	RESERVED
+CVE-2022-28481
+	RESERVED
+CVE-2022-28480
+	RESERVED
+CVE-2022-28479
+	RESERVED
+CVE-2022-28478
+	RESERVED
+CVE-2022-28477
+	RESERVED
+CVE-2022-28476
+	RESERVED
+CVE-2022-28475
+	RESERVED
+CVE-2022-28474
+	RESERVED
+CVE-2022-28473
+	RESERVED
+CVE-2022-28472
+	RESERVED
+CVE-2022-28471
+	RESERVED
+CVE-2022-28470
+	RESERVED
+CVE-2022-28469
+	RESERVED
+CVE-2022-28468
+	RESERVED
+CVE-2022-28467
+	RESERVED
+CVE-2022-28466
+	RESERVED
+CVE-2022-28465
+	RESERVED
+CVE-2022-28464
+	RESERVED
+CVE-2022-28463
+	RESERVED
+CVE-2022-28462
+	RESERVED
+CVE-2022-28461
+	RESERVED
+CVE-2022-28460
+	RESERVED
+CVE-2022-28459
+	RESERVED
+CVE-2022-28458
+	RESERVED
+CVE-2022-28457
+	RESERVED
+CVE-2022-28456
+	RESERVED
+CVE-2022-28455
+	RESERVED
+CVE-2022-28454
+	RESERVED
+CVE-2022-28453
+	RESERVED
+CVE-2022-28452
+	RESERVED
+CVE-2022-28451
+	RESERVED
+CVE-2022-28450
+	RESERVED
+CVE-2022-28449
+	RESERVED
+CVE-2022-28448
+	RESERVED
+CVE-2022-28447
+	RESERVED
+CVE-2022-28446
+	RESERVED
+CVE-2022-28445
+	RESERVED
+CVE-2022-28444
+	RESERVED
+CVE-2022-28443
+	RESERVED
+CVE-2022-28442
+	RESERVED
+CVE-2022-28441
+	RESERVED
+CVE-2022-28440
+	RESERVED
+CVE-2022-28439
+	RESERVED
+CVE-2022-28438
+	RESERVED
+CVE-2022-28437
+	RESERVED
+CVE-2022-28436
+	RESERVED
+CVE-2022-28435
+	RESERVED
+CVE-2022-28434
+	RESERVED
+CVE-2022-28433
+	RESERVED
+CVE-2022-28432
+	RESERVED
+CVE-2022-28431
+	RESERVED
+CVE-2022-28430
+	RESERVED
+CVE-2022-28429
+	RESERVED
+CVE-2022-28428
+	RESERVED
+CVE-2022-28427
+	RESERVED
+CVE-2022-28426
+	RESERVED
+CVE-2022-28425
+	RESERVED
+CVE-2022-28424
+	RESERVED
+CVE-2022-28423
+	RESERVED
+CVE-2022-28422
+	RESERVED
+CVE-2022-28421
+	RESERVED
+CVE-2022-28420
+	RESERVED
+CVE-2022-28419
+	RESERVED
+CVE-2022-28418
+	RESERVED
+CVE-2022-28417
+	RESERVED
+CVE-2022-28416
+	RESERVED
+CVE-2022-28415
+	RESERVED
+CVE-2022-28414
+	RESERVED
+CVE-2022-28413
+	RESERVED
+CVE-2022-28412
+	RESERVED
+CVE-2022-28411
+	RESERVED
+CVE-2022-28410
+	RESERVED
+CVE-2022-28409
+	RESERVED
+CVE-2022-28408
+	RESERVED
+CVE-2022-28407
+	RESERVED
+CVE-2022-28406
+	RESERVED
+CVE-2022-28405
+	RESERVED
+CVE-2022-28404
+	RESERVED
+CVE-2022-28403
+	RESERVED
+CVE-2022-28402
+	RESERVED
+CVE-2022-28401
+	RESERVED
+CVE-2022-28400
+	RESERVED
+CVE-2022-28399
+	RESERVED
+CVE-2022-28398
+	RESERVED
+CVE-2022-28397
+	RESERVED
+CVE-2022-28396
+	RESERVED
+CVE-2022-28395
+	RESERVED
+CVE-2022-28394
+	RESERVED
+CVE-2022-28393
+	RESERVED
+CVE-2022-28392
+	RESERVED
+CVE-2022-28391 (BusyBox through 1.35.0 allows remote attackers to execute arbitrary co ...)
+	TODO: check
+CVE-2022-28390 (ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kerne ...)
+	TODO: check
+CVE-2022-28389 (mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux ker ...)
+	TODO: check
+CVE-2022-28388 (usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux ker ...)
+	TODO: check
+CVE-2022-28387
+	RESERVED
+CVE-2022-28386
+	RESERVED
+CVE-2022-28385
+	RESERVED
+CVE-2022-28384
+	RESERVED
+CVE-2022-28383
+	RESERVED
+CVE-2022-28382
+	RESERVED
+CVE-2022-1214
+	RESERVED
+CVE-2022-1213
+	RESERVED
+CVE-2022-1212
+	RESERVED
 CVE-2022-28381 (Mediaserver.exe in ALLMediaServer 1.6 has a stack-based buffer overflo ...)
 	NOT-FOR-US: ALLMediaServer
 CVE-2022-28380 (The rc-httpd component through 2022-03-31 for 9front (Plan 9 fork) all ...)
@@ -2966,10 +3428,10 @@ CVE-2022-1029
 	RESERVED
 CVE-2022-1028
 	RESERVED
-CVE-2022-27249
-	RESERVED
-CVE-2022-27248
-	RESERVED
+CVE-2022-27249 (An unrestricted file upload vulnerability in IdeaRE RefTree before 202 ...)
+	TODO: check
+CVE-2022-27248 (A directory traversal vulnerability in IdeaRE RefTree before 2021.09.1 ...)
+	TODO: check
 CVE-2022-27247
 	RESERVED
 CVE-2022-27246 (An issue was discovered in MISP before 2.4.156. An SVG org logo (which ...)
@@ -4948,8 +5410,8 @@ CVE-2022-26532
 	RESERVED
 CVE-2022-26531
 	RESERVED
-CVE-2022-26530
-	RESERVED
+CVE-2022-26530 (swaylock before 1.6 allows attackers to trigger a crash and achieve un ...)
+	TODO: check
 CVE-2022-26529
 	RESERVED
 CVE-2022-26528
@@ -5774,8 +6236,8 @@ CVE-2022-26235
 	RESERVED
 CVE-2022-26234
 	RESERVED
-CVE-2022-26233
-	RESERVED
+CVE-2022-26233 (Barco Control Room Management through Suite 2.9 Build 0275 was discove ...)
+	TODO: check
 CVE-2022-26232
 	RESERVED
 CVE-2022-26231
@@ -13167,7 +13629,8 @@ CVE-2021-46445 (H.H.G Multistore v5.1.0 and below was discovered to contain a SQ
 	NOT-FOR-US: H.H.G Multistore
 CVE-2021-46444 (H.H.G Multistore v5.1.0 and below was discovered to contain a SQL inje ...)
 	NOT-FOR-US: H.H.G Multistore
-CVE-2021-46443 (Spoofer 1.4.6 suffers from unquoted service paths vulnerability. An at ...)
+CVE-2021-46443
+	REJECTED
 	NOT-FOR-US: Spoofer
 CVE-2021-46442
 	RESERVED
@@ -13175,7 +13638,8 @@ CVE-2021-46441
 	RESERVED
 CVE-2021-46440
 	RESERVED
-CVE-2021-46439 (The WinSEGAV AutoConfig service in EG Free Antivirus v2020 suffers fro ...)
+CVE-2021-46439
+	REJECTED
 	NOT-FOR-US: EG Free Antivirus
 CVE-2021-46438
 	RESERVED
@@ -63895,7 +64359,7 @@ CVE-2021-30203
 	RESERVED
 CVE-2021-30202
 	RESERVED
-CVE-2021-30201 (An XML External Entity (XXE) issue exists in Kaseya VSA before 9.5.6. ...)
+CVE-2021-30201 (The API /vsaWS/KaseyaWS.asmx can be used to submit XML to the system.  ...)
 	NOT-FOR-US: Kaseya
 CVE-2021-30200
 	RESERVED
@@ -64218,15 +64682,15 @@ CVE-2021-30123 (FFmpeg <=4.3 contains a buffer overflow vulnerability in liba
 	NOTE: Introduced in https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=9c0beaf0d3bb72f6e83b3b155a598a9ec28c8468
 CVE-2021-30122
 	RESERVED
-CVE-2021-30121 (Authenticated local file inclusion in Kaseya VSA < v9.5.6 ...)
+CVE-2021-30121 (Semi-authenticated local file inclusion The contents of arbitrary file ...)
 	NOT-FOR-US: Kaseya
-CVE-2021-30120 (Kaseya VSA through 9.5.7 allows attackers to bypass the 2FA requiremen ...)
+CVE-2021-30120 (Kaseya VSA before 9.5.7 allows attackers to bypass the 2FA requirement ...)
 	NOT-FOR-US: Kaseya
-CVE-2021-30119 (Cross Site Scripting (XSS) exists in Kaseya VSA before 9.5.7. ...)
+CVE-2021-30119 (Authenticated reflective XSS in HelpDeskTab/rcResults.asp The paramete ...)
 	NOT-FOR-US: Kaseya
-CVE-2021-30118 (Kaseya VSA before 9.5.5 allows remote code execution. ...)
+CVE-2021-30118 (An attacker can upload files with the privilege of the Web Server proc ...)
 	NOT-FOR-US: Kaseya
-CVE-2021-30117 (SQL injection exists in Kaseya VSA before 9.5.6. ...)
+CVE-2021-30117 (The API call /InstallTab/exportFldr.asp is vulnerable to a semi-authen ...)
 	NOT-FOR-US: Kaseya
 CVE-2021-30116 (Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in  ...)
 	NOT-FOR-US: Kaseya
@@ -64328,18 +64792,18 @@ CVE-2021-30068
 	RESERVED
 CVE-2021-30067
 	RESERVED
-CVE-2021-30066
-	RESERVED
-CVE-2021-30065
-	RESERVED
-CVE-2021-30064
-	RESERVED
-CVE-2021-30063
-	RESERVED
-CVE-2021-30062
-	RESERVED
-CVE-2021-30061
-	RESERVED
+CVE-2021-30066 (On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before  ...)
+	TODO: check
+CVE-2021-30065 (On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before  ...)
+	TODO: check
+CVE-2021-30064 (On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before  ...)
+	TODO: check
+CVE-2021-30063 (On Schneider Electric ConneXium Tofino OPCLSM TCSEFM0000 before 03.23  ...)
+	TODO: check
+CVE-2021-30062 (On Schneider Electric ConneXium Tofino OPCLSM TCSEFM0000 before 03.23  ...)
+	TODO: check
+CVE-2021-30061 (On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before  ...)
+	TODO: check
 CVE-2021-30060
 	RESERVED
 CVE-2021-30059



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/970ad59090739088d62c0dabf88fcbed3b04e3c0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/970ad59090739088d62c0dabf88fcbed3b04e3c0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220404/fcd6f9c0/attachment.htm>


More information about the debian-security-tracker-commits mailing list