[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Apr 11 09:10:22 BST 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8e4d7416 by security tracker role at 2022-04-11T08:10:14+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,281 @@
+CVE-2022-29027
+	RESERVED
+CVE-2022-29026
+	RESERVED
+CVE-2022-29025
+	RESERVED
+CVE-2022-29024
+	RESERVED
+CVE-2022-29023
+	RESERVED
+CVE-2022-29022
+	RESERVED
+CVE-2022-29021
+	RESERVED
+CVE-2022-29020
+	RESERVED
+CVE-2022-29019
+	RESERVED
+CVE-2022-29018
+	RESERVED
+CVE-2022-29017
+	RESERVED
+CVE-2022-29016
+	RESERVED
+CVE-2022-29015
+	RESERVED
+CVE-2022-29014
+	RESERVED
+CVE-2022-29013
+	RESERVED
+CVE-2022-29012
+	RESERVED
+CVE-2022-29011
+	RESERVED
+CVE-2022-29010
+	RESERVED
+CVE-2022-29009
+	RESERVED
+CVE-2022-29008
+	RESERVED
+CVE-2022-29007
+	RESERVED
+CVE-2022-29006
+	RESERVED
+CVE-2022-29005
+	RESERVED
+CVE-2022-29004
+	RESERVED
+CVE-2022-29003
+	RESERVED
+CVE-2022-29002
+	RESERVED
+CVE-2022-29001
+	RESERVED
+CVE-2022-29000
+	RESERVED
+CVE-2022-28999
+	RESERVED
+CVE-2022-28998
+	RESERVED
+CVE-2022-28997
+	RESERVED
+CVE-2022-28996
+	RESERVED
+CVE-2022-28995
+	RESERVED
+CVE-2022-28994
+	RESERVED
+CVE-2022-28993
+	RESERVED
+CVE-2022-28992
+	RESERVED
+CVE-2022-28991
+	RESERVED
+CVE-2022-28990
+	RESERVED
+CVE-2022-28989
+	RESERVED
+CVE-2022-28988
+	RESERVED
+CVE-2022-28987
+	RESERVED
+CVE-2022-28986
+	RESERVED
+CVE-2022-28985
+	RESERVED
+CVE-2022-28984
+	RESERVED
+CVE-2022-28983
+	RESERVED
+CVE-2022-28982
+	RESERVED
+CVE-2022-28981
+	RESERVED
+CVE-2022-28980
+	RESERVED
+CVE-2022-28979
+	RESERVED
+CVE-2022-28978
+	RESERVED
+CVE-2022-28977
+	RESERVED
+CVE-2022-28976
+	RESERVED
+CVE-2022-28975
+	RESERVED
+CVE-2022-28974
+	RESERVED
+CVE-2022-28973
+	RESERVED
+CVE-2022-28972
+	RESERVED
+CVE-2022-28971
+	RESERVED
+CVE-2022-28970
+	RESERVED
+CVE-2022-28969
+	RESERVED
+CVE-2022-28968
+	RESERVED
+CVE-2022-28967
+	RESERVED
+CVE-2022-28966
+	RESERVED
+CVE-2022-28965
+	RESERVED
+CVE-2022-28964
+	RESERVED
+CVE-2022-28963
+	RESERVED
+CVE-2022-28962
+	RESERVED
+CVE-2022-28961
+	RESERVED
+CVE-2022-28960
+	RESERVED
+CVE-2022-28959
+	RESERVED
+CVE-2022-28958
+	RESERVED
+CVE-2022-28957
+	RESERVED
+CVE-2022-28956
+	RESERVED
+CVE-2022-28955
+	RESERVED
+CVE-2022-28954
+	RESERVED
+CVE-2022-28953
+	RESERVED
+CVE-2022-28952
+	RESERVED
+CVE-2022-28951
+	RESERVED
+CVE-2022-28950
+	RESERVED
+CVE-2022-28949
+	RESERVED
+CVE-2022-28948
+	RESERVED
+CVE-2022-28947
+	RESERVED
+CVE-2022-28946
+	RESERVED
+CVE-2022-28945
+	RESERVED
+CVE-2022-28944
+	RESERVED
+CVE-2022-28943
+	RESERVED
+CVE-2022-28942
+	RESERVED
+CVE-2022-28941
+	RESERVED
+CVE-2022-28940
+	RESERVED
+CVE-2022-28939
+	RESERVED
+CVE-2022-28938
+	RESERVED
+CVE-2022-28937
+	RESERVED
+CVE-2022-28936
+	RESERVED
+CVE-2022-28935
+	RESERVED
+CVE-2022-28934
+	RESERVED
+CVE-2022-28933
+	RESERVED
+CVE-2022-28932
+	RESERVED
+CVE-2022-28931
+	RESERVED
+CVE-2022-28930
+	RESERVED
+CVE-2022-28929
+	RESERVED
+CVE-2022-28928
+	RESERVED
+CVE-2022-28927
+	RESERVED
+CVE-2022-28926
+	RESERVED
+CVE-2022-28925
+	RESERVED
+CVE-2022-28924
+	RESERVED
+CVE-2022-28923
+	RESERVED
+CVE-2022-28922
+	RESERVED
+CVE-2022-28921
+	RESERVED
+CVE-2022-28920
+	RESERVED
+CVE-2022-28919
+	RESERVED
+CVE-2022-28918
+	RESERVED
+CVE-2022-28917
+	RESERVED
+CVE-2022-28916
+	RESERVED
+CVE-2022-28915
+	RESERVED
+CVE-2022-28914
+	RESERVED
+CVE-2022-28913
+	RESERVED
+CVE-2022-28912
+	RESERVED
+CVE-2022-28911
+	RESERVED
+CVE-2022-28910
+	RESERVED
+CVE-2022-28909
+	RESERVED
+CVE-2022-28908
+	RESERVED
+CVE-2022-28907
+	RESERVED
+CVE-2022-28906
+	RESERVED
+CVE-2022-28905
+	RESERVED
+CVE-2022-28904
+	RESERVED
+CVE-2022-28903
+	RESERVED
+CVE-2022-28902
+	RESERVED
+CVE-2022-28901
+	RESERVED
+CVE-2022-28900
+	RESERVED
+CVE-2022-28899
+	RESERVED
+CVE-2022-28898
+	RESERVED
+CVE-2022-28897
+	RESERVED
+CVE-2022-28896
+	RESERVED
+CVE-2022-28895
+	RESERVED
+CVE-2022-28894
+	RESERVED
+CVE-2022-28893 (The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xp ...)
+	TODO: check
+CVE-2022-28892
+	RESERVED
+CVE-2022-28891
+	RESERVED
+CVE-2022-27629
+	RESERVED
+CVE-2022-1291 (XSS vulnerability with default `onCellHtmlData` function in GitHub rep ...)
+	TODO: check
 CVE-2022-1290 (Stored XSS in "Name", "Group Name" & "Title" in GitHub repository  ...)
 	NOT-FOR-US: Trudesk
 CVE-2022-1289 (A denial of service vulnerability was found in tildearrow Furnace. It  ...)
@@ -2585,14 +2863,14 @@ CVE-2022-27963 (Xftp 7.0.0088p and below contains a binary hijack vulnerability
 	NOT-FOR-US: NetSarang Xftp
 CVE-2022-27962
 	RESERVED
-CVE-2022-27961
-	RESERVED
-CVE-2022-27960
-	RESERVED
+CVE-2022-27961 (A cross-site scripting (XSS) vulnerability at /ofcms/company-c-47 in O ...)
+	TODO: check
+CVE-2022-27960 (Insecure permissions configured in the user_id parameter at SysUserCon ...)
+	TODO: check
 CVE-2022-27959
 	RESERVED
-CVE-2022-27958
-	RESERVED
+CVE-2022-27958 (Insecure permissions configured in the userid parameter at /user/getus ...)
+	TODO: check
 CVE-2022-27957
 	RESERVED
 CVE-2022-27956
@@ -3460,8 +3738,8 @@ CVE-2022-1047
 	RESERVED
 CVE-2022-1046
 	RESERVED
-CVE-2022-1045
-	RESERVED
+CVE-2022-1045 (Stored XSS viva .svg file upload in GitHub repository polonel/trudesk  ...)
+	TODO: check
 CVE-2022-1044
 	RESERVED
 CVE-2022-1043 [Linux Kernel io_uring Use-After-Free Privilege Escalation Vulnerability]
@@ -3790,10 +4068,10 @@ CVE-2022-27479
 	RESERVED
 CVE-2022-27478
 	RESERVED
-CVE-2022-27477
-	RESERVED
-CVE-2022-27476
-	RESERVED
+CVE-2022-27477 (Newbee-Mall v1.0.0 was discovered to contain an arbitrary file upload  ...)
+	TODO: check
+CVE-2022-27476 (A cross-site scripting (XSS) vulnerability at /admin/goods/update in N ...)
+	TODO: check
 CVE-2022-27475
 	RESERVED
 CVE-2022-27474
@@ -4154,26 +4432,26 @@ CVE-2022-27297
 	RESERVED
 CVE-2022-27296
 	RESERVED
-CVE-2022-27295
-	RESERVED
-CVE-2022-27294
-	RESERVED
-CVE-2022-27293
-	RESERVED
-CVE-2022-27292
-	RESERVED
-CVE-2022-27291
-	RESERVED
-CVE-2022-27290
-	RESERVED
-CVE-2022-27289
-	RESERVED
-CVE-2022-27288
-	RESERVED
-CVE-2022-27287
-	RESERVED
-CVE-2022-27286
-	RESERVED
+CVE-2022-27295 (D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in  ...)
+	TODO: check
+CVE-2022-27294 (D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in  ...)
+	TODO: check
+CVE-2022-27293 (D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in  ...)
+	TODO: check
+CVE-2022-27292 (D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in  ...)
+	TODO: check
+CVE-2022-27291 (D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in  ...)
+	TODO: check
+CVE-2022-27290 (D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in  ...)
+	TODO: check
+CVE-2022-27289 (D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in  ...)
+	TODO: check
+CVE-2022-27288 (D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in  ...)
+	TODO: check
+CVE-2022-27287 (D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in  ...)
+	TODO: check
+CVE-2022-27286 (D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in  ...)
+	TODO: check
 CVE-2022-27285
 	RESERVED
 CVE-2022-27284
@@ -4184,32 +4462,32 @@ CVE-2022-27282
 	RESERVED
 CVE-2022-27281
 	RESERVED
-CVE-2022-27280
-	RESERVED
-CVE-2022-27279
-	RESERVED
+CVE-2022-27280 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
+	TODO: check
+CVE-2022-27279 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
+	TODO: check
 CVE-2022-27278
 	RESERVED
-CVE-2022-27277
-	RESERVED
-CVE-2022-27276
-	RESERVED
-CVE-2022-27275
-	RESERVED
-CVE-2022-27274
-	RESERVED
-CVE-2022-27273
-	RESERVED
-CVE-2022-27272
-	RESERVED
-CVE-2022-27271
-	RESERVED
-CVE-2022-27270
-	RESERVED
-CVE-2022-27269
-	RESERVED
-CVE-2022-27268
-	RESERVED
+CVE-2022-27277 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
+	TODO: check
+CVE-2022-27276 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
+	TODO: check
+CVE-2022-27275 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
+	TODO: check
+CVE-2022-27274 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
+	TODO: check
+CVE-2022-27273 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
+	TODO: check
+CVE-2022-27272 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
+	TODO: check
+CVE-2022-27271 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
+	TODO: check
+CVE-2022-27270 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
+	TODO: check
+CVE-2022-27269 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
+	TODO: check
+CVE-2022-27268 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
+	TODO: check
 CVE-2022-27267
 	RESERVED
 CVE-2022-27266
@@ -4829,24 +5107,24 @@ CVE-2022-27135
 	RESERVED
 CVE-2022-27134
 	RESERVED
-CVE-2022-27133
-	RESERVED
+CVE-2022-27133 (zbzcms v1.0 was discovered to contain an arbitrary file deletion vulne ...)
+	TODO: check
 CVE-2022-27132
 	RESERVED
-CVE-2022-27131
-	RESERVED
+CVE-2022-27131 (An arbitrary file upload vulnerability at /zbzedit/php/zbz.php in zbzc ...)
+	TODO: check
 CVE-2022-27130
 	RESERVED
-CVE-2022-27129
-	RESERVED
-CVE-2022-27128
-	RESERVED
-CVE-2022-27127
-	RESERVED
-CVE-2022-27126
-	RESERVED
-CVE-2022-27125
-	RESERVED
+CVE-2022-27129 (An arbitrary file upload vulnerability at /admin/ajax.php in zbzcms v1 ...)
+	TODO: check
+CVE-2022-27128 (An incorrect access control issue at /admin/run_ajax.php in zbzcms v1. ...)
+	TODO: check
+CVE-2022-27127 (zbzcms v1.0 was discovered to contain a SQL injection vulnerability vi ...)
+	TODO: check
+CVE-2022-27126 (zbzcms v1.0 was discovered to contain a SQL injection vulnerability vi ...)
+	TODO: check
+CVE-2022-27125 (zbzcms v1.0 was discovered to contain a stored cross-site scripting (X ...)
+	TODO: check
 CVE-2022-27124 (Insurance Management System 1.0 was discovered to contain a SQL inject ...)
 	NOT-FOR-US: Insurance Management System
 CVE-2022-27123 (Employee Performance Evaluation v1.0 was discovered to contain a SQL i ...)
@@ -5244,8 +5522,8 @@ CVE-2022-26948 (The Archer RSS feed integration for Archer 6.x through 6.9 SP1 (
 	NOT-FOR-US: Archer
 CVE-2022-26947 (Archer 6.x through 6.9 SP3 (6.9.3.0) contains a reflected XSS vulnerab ...)
 	NOT-FOR-US: Archer
-CVE-2022-0936
-	RESERVED
+CVE-2022-0936 (Cross-site Scripting (XSS) - Stored in GitHub repository autolab/autol ...)
+	TODO: check
 CVE-2022-26946
 	RESERVED
 CVE-2022-26945
@@ -59900,20 +60178,20 @@ CVE-2021-32164
 	RESERVED
 CVE-2021-32163
 	RESERVED
-CVE-2021-32162
-	RESERVED
-CVE-2021-32161
-	RESERVED
-CVE-2021-32160
-	RESERVED
-CVE-2021-32159
-	RESERVED
-CVE-2021-32158
-	RESERVED
-CVE-2021-32157
-	RESERVED
-CVE-2021-32156
-	RESERVED
+CVE-2021-32162 (A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.9 ...)
+	TODO: check
+CVE-2021-32161 (A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 thro ...)
+	TODO: check
+CVE-2021-32160 (A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 thro ...)
+	TODO: check
+CVE-2021-32159 (A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.9 ...)
+	TODO: check
+CVE-2021-32158 (A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via  ...)
+	TODO: check
+CVE-2021-32157 (A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via  ...)
+	TODO: check
+CVE-2021-32156 (A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.9 ...)
+	TODO: check
 CVE-2021-32155
 	RESERVED
 CVE-2021-32154



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e4d7416c196b408e78065d732bb8b35d21dbfb0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e4d7416c196b408e78065d732bb8b35d21dbfb0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220411/e11bbd61/attachment.htm>


More information about the debian-security-tracker-commits mailing list