[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Apr 15 21:10:37 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c4ab2c4e by security tracker role at 2022-04-15T20:10:28+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2022-29281
+ RESERVED
+CVE-2022-29280
+ RESERVED
+CVE-2022-29279
+ RESERVED
+CVE-2022-29278
+ RESERVED
+CVE-2022-29277
+ RESERVED
+CVE-2022-29276
+ RESERVED
+CVE-2022-29275
+ RESERVED
+CVE-2022-29274
+ RESERVED
+CVE-2022-29273
+ RESERVED
+CVE-2022-29272
+ RESERVED
+CVE-2022-29271
+ RESERVED
+CVE-2022-29270
+ RESERVED
+CVE-2022-29269
+ RESERVED
+CVE-2022-29268 (Bitrix through 7.5.0 allows remote attackers to execute arbitrary code ...)
+ TODO: check
+CVE-2022-29267
+ RESERVED
+CVE-2022-1380
+ RESERVED
+CVE-2022-1379
+ RESERVED
CVE-2022-29266
RESERVED
CVE-2022-1378
@@ -65,7 +99,7 @@ CVE-2022-29264
RESERVED
CVE-2022-28719
RESERVED
-CVE-2022-1350 (A vulnerability classified as problematic was found in Ghostscript 9.5 ...)
+CVE-2022-1350 (A vulnerability classified as problematic was found in GhostPCL 9.55.0 ...)
- ghostscript <unfixed> (unimportant)
NOTE: https://vuldb.com/?id.197290
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=705156
@@ -1057,12 +1091,12 @@ CVE-2022-28872
RESERVED
CVE-2022-28871
RESERVED
-CVE-2022-28870
- RESERVED
-CVE-2022-28869
- RESERVED
-CVE-2022-28868
- RESERVED
+CVE-2022-28870 (A vulnerability affecting F-Secure SAFE browser was discovered. A mali ...)
+ TODO: check
+CVE-2022-28869 (A vulnerability affecting F-Secure SAFE browser was discovered. A mali ...)
+ TODO: check
+CVE-2022-28868 (An Address bar spoofing vulnerability was discovered in Safe Browser f ...)
+ TODO: check
CVE-2022-28867
RESERVED
CVE-2022-28866
@@ -1732,8 +1766,8 @@ CVE-2022-28610
RESERVED
CVE-2022-26838
RESERVED
-CVE-2022-1231
- RESERVED
+CVE-2022-1231 (XSS via Embedded SVG in SVG Diagram Format in GitHub repository plantu ...)
+ TODO: check
CVE-2022-1230
RESERVED
CVE-2022-1229
@@ -3302,16 +3336,16 @@ CVE-2022-28115 (Online Sports Complex Booking v1.0 was discovered to contain a S
NOT-FOR-US: Online Sports Complex Booking
CVE-2022-28114
RESERVED
-CVE-2022-28113
- RESERVED
+CVE-2022-28113 (An issue in upload.csp of FANTEC GmbH MWiD25-DS Firmware v2.000.030 al ...)
+ TODO: check
CVE-2022-28112
RESERVED
CVE-2022-28111
RESERVED
CVE-2022-28110
RESERVED
-CVE-2022-28109
- RESERVED
+CVE-2022-28109 (Selenium Selenium Grid (formerly Selenium Standalone Server) Fixed in ...)
+ TODO: check
CVE-2022-28108
RESERVED
CVE-2022-28107
@@ -3430,24 +3464,24 @@ CVE-2022-28051
RESERVED
CVE-2022-28050
RESERVED
-CVE-2022-28049
- RESERVED
-CVE-2022-28048
- RESERVED
+CVE-2022-28049 (NGINX NJS 0.7.2 was discovered to contain a NULL pointer dereference v ...)
+ TODO: check
+CVE-2022-28048 (STB v2.27 was discovered to contain an integer shift of invalid size i ...)
+ TODO: check
CVE-2022-28047
RESERVED
CVE-2022-28046
RESERVED
CVE-2022-28045
RESERVED
-CVE-2022-28044
- RESERVED
+CVE-2022-28044 (Irzip v0.640 was discovered to contain a heap memory corruption via th ...)
+ TODO: check
CVE-2022-28043
RESERVED
-CVE-2022-28042
- RESERVED
-CVE-2022-28041
- RESERVED
+CVE-2022-28042 (stb_image.h v2.27 was discovered to contain an heap-based use-after-fr ...)
+ TODO: check
+CVE-2022-28041 (stb_image.h v2.27 was discovered to contain an integer overflow via th ...)
+ TODO: check
CVE-2022-28040
RESERVED
CVE-2022-28039
@@ -3955,14 +3989,14 @@ CVE-2022-27854
RESERVED
CVE-2022-27853
RESERVED
-CVE-2022-27852
- RESERVED
-CVE-2022-27851
- RESERVED
-CVE-2022-27850
- RESERVED
-CVE-2022-27849
- RESERVED
+CVE-2022-27852 (Multiple Unauthenticated Stored Cross-Site Scripting (XSS) vulnerabili ...)
+ TODO: check
+CVE-2022-27851 (Cross-Site Request Forgery (CSRF) in Use Any Font (WordPress plugin) & ...)
+ TODO: check
+CVE-2022-27850 (Cross-Site Request Forgery (CSRF) in Simple Ajax Chat (WordPress plugi ...)
+ TODO: check
+CVE-2022-27849 (Sensitive Information Disclosure (sac-export.csv) in Simple Ajax Chat ...)
+ TODO: check
CVE-2022-27848 (Authenticated (admin+ user) Stored Cross-Site Scripting (XSS) in Moder ...)
NOT-FOR-US: WordPress plugin
CVE-2022-27847 (Cross-Site Request Forgery (CSRF) vulnerability in Yooslider Yoo Slide ...)
@@ -4821,8 +4855,8 @@ CVE-2022-27476 (A cross-site scripting (XSS) vulnerability at /admin/goods/updat
NOT-FOR-US: Newbee-Mall
CVE-2022-27475 (Cross site scripting (XSS) vulnerability in tramyardg hotel-mgmt-syste ...)
NOT-FOR-US: tramyardg hotel-mgmt-system
-CVE-2022-27474
- RESERVED
+CVE-2022-27474 (SuiteCRM v7.11.23 was discovered to allow remote code execution via a ...)
+ TODO: check
CVE-2022-27473 (SQL injection vulnerability in Topics Searching feature of Roothub 2.6 ...)
NOT-FOR-US: Roothub
CVE-2022-27472 (SQL injection vulnerability in Topics Counting feature of Roothub 2.6. ...)
@@ -5064,16 +5098,16 @@ CVE-2022-27371
RESERVED
CVE-2022-27370
RESERVED
-CVE-2022-27369
- RESERVED
-CVE-2022-27368
- RESERVED
-CVE-2022-27367
- RESERVED
-CVE-2022-27366
- RESERVED
-CVE-2022-27365
- RESERVED
+CVE-2022-27369 (Cscms Music Portal System v4.2 was discovered to contain a SQL injecti ...)
+ TODO: check
+CVE-2022-27368 (Cscms Music Portal System v4.2 was discovered to contain a SQL injecti ...)
+ TODO: check
+CVE-2022-27367 (Cscms Music Portal System v4.2 was discovered to contain a SQL injecti ...)
+ TODO: check
+CVE-2022-27366 (Cscms Music Portal System v4.2 was discovered to contain a blind SQL i ...)
+ TODO: check
+CVE-2022-27365 (Cscms Music Portal System v4.2 was discovered to contain a SQL injecti ...)
+ TODO: check
CVE-2022-27364
RESERVED
CVE-2022-27363
@@ -5320,10 +5354,10 @@ CVE-2022-1031 (Use After Free in op_is_set_bp in GitHub repository radareorg/rad
- radare2 <unfixed>
NOTE: https://huntr.dev/bounties/37da2cd6-0b46-4878-a32e-acbfd8f6f457
NOTE: https://github.com/radareorg/radare2/commit/a7ce29647fcb38386d7439696375e16e093d6acb
-CVE-2022-27258
- RESERVED
-CVE-2022-27257
- RESERVED
+CVE-2022-27258 (Multiple Cross-Site Scripting (XSS) vulnerabilities in Hubzilla 7.0.3 ...)
+ TODO: check
+CVE-2022-27257 (A PHP Local File Inclusion vulneraility in the default Redbasic theme ...)
+ TODO: check
CVE-2022-27256 (A PHP Local File inclusion vulnerability in the Redbasic theme for Hub ...)
TODO: check
CVE-2022-27255
@@ -5837,10 +5871,10 @@ CVE-2022-27160
RESERVED
CVE-2022-27159
RESERVED
-CVE-2022-27158
- RESERVED
-CVE-2022-27157
- RESERVED
+CVE-2022-27158 (pearweb < 1.32 suffers from Deserialization of Untrusted Data. ...)
+ TODO: check
+CVE-2022-27157 (pearweb < 1.32 is suffers from a Weak Password Recovery Mechanism v ...)
+ TODO: check
CVE-2022-27156 (Daylight Studio Fuel CMS 1.5.1 is vulnerable to HTML Injection. ...)
NOT-FOR-US: Daylight Studio Fuel CMS
CVE-2022-27155
@@ -6065,8 +6099,8 @@ CVE-2022-27050 (BitComet Service for Windows before version 1.8.6 contains an un
NOT-FOR-US: BitComet Service for Windows
CVE-2022-27049 (Raidrive before v2021.12.35 allows attackers to arbitrarily move log f ...)
NOT-FOR-US: Raidrive
-CVE-2022-27048
- RESERVED
+CVE-2022-27048 (A vulnerability has been discovered in Moxa MGate which allows an atta ...)
+ TODO: check
CVE-2022-27047 (mogu_blog_cms 5.2 suffers from upload arbitrary files without any limi ...)
NOT-FOR-US: mogu_blog_cms
CVE-2022-27046 (libsixel 1.8.6 suffers from a Heap Use After Free vulnerability in in ...)
@@ -6075,8 +6109,8 @@ CVE-2022-27045
RESERVED
CVE-2022-27044 (libsixel 1.8.6 is affected by Buffer Overflow in libsixel/src/quant.c: ...)
TODO: check
-CVE-2022-27043
- RESERVED
+CVE-2022-27043 (Yearning versions 2.3.1 and 2.3.2 Interstellar GA and 2.3.4 - 2.3.6 Ne ...)
+ TODO: check
CVE-2022-27042
RESERVED
CVE-2022-27041 (Due to lack of protection, parameter student_id in OpenSIS Classic 8.0 ...)
@@ -6356,64 +6390,64 @@ CVE-2022-26926
RESERVED
CVE-2022-26925
RESERVED
-CVE-2022-26924
- RESERVED
+CVE-2022-26924 (YARP Denial of Service Vulnerability. ...)
+ TODO: check
CVE-2022-26923
RESERVED
CVE-2022-26922
RESERVED
-CVE-2022-26921
- RESERVED
-CVE-2022-26920
- RESERVED
-CVE-2022-26919
- RESERVED
-CVE-2022-26918
- RESERVED
-CVE-2022-26917
- RESERVED
-CVE-2022-26916
- RESERVED
-CVE-2022-26915
- RESERVED
-CVE-2022-26914
- RESERVED
+CVE-2022-26921 (Visual Studio Code Elevation of Privilege Vulnerability. ...)
+ TODO: check
+CVE-2022-26920 (Windows Graphics Component Information Disclosure Vulnerability. ...)
+ TODO: check
+CVE-2022-26919 (Windows LDAP Remote Code Execution Vulnerability. ...)
+ TODO: check
+CVE-2022-26918 (Windows Fax Compose Form Remote Code Execution Vulnerability. This CVE ...)
+ TODO: check
+CVE-2022-26917 (Windows Fax Compose Form Remote Code Execution Vulnerability. This CVE ...)
+ TODO: check
+CVE-2022-26916 (Windows Fax Compose Form Remote Code Execution Vulnerability. This CVE ...)
+ TODO: check
+CVE-2022-26915 (Windows Secure Channel Denial of Service Vulnerability. ...)
+ TODO: check
+CVE-2022-26914 (Win32k Elevation of Privilege Vulnerability. ...)
+ TODO: check
CVE-2022-26913
RESERVED
CVE-2022-26912 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. ...)
NOT-FOR-US: Microsoft
-CVE-2022-26911
- RESERVED
-CVE-2022-26910
- RESERVED
+CVE-2022-26911 (Skype for Business Information Disclosure Vulnerability. ...)
+ TODO: check
+CVE-2022-26910 (Skype for Business and Lync Spoofing Vulnerability. ...)
+ TODO: check
CVE-2022-26909 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-26908 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. ...)
NOT-FOR-US: Microsoft
-CVE-2022-26907
- RESERVED
+CVE-2022-26907 (Azure SDK for .NET Information Disclosure Vulnerability. ...)
+ TODO: check
CVE-2022-26906
RESERVED
CVE-2022-26905
RESERVED
-CVE-2022-26904
- RESERVED
-CVE-2022-26903
- RESERVED
+CVE-2022-26904 (Windows User Profile Service Elevation of Privilege Vulnerability. ...)
+ TODO: check
+CVE-2022-26903 (Windows Graphics Component Remote Code Execution Vulnerability. ...)
+ TODO: check
CVE-2022-26902
RESERVED
-CVE-2022-26901
- RESERVED
+CVE-2022-26901 (Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is un ...)
+ TODO: check
CVE-2022-26900 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-26899
RESERVED
-CVE-2022-26898
- RESERVED
-CVE-2022-26897
- RESERVED
-CVE-2022-26896
- RESERVED
+CVE-2022-26898 (Azure Site Recovery Remote Code Execution Vulnerability. ...)
+ TODO: check
+CVE-2022-26897 (Azure Site Recovery Information Disclosure Vulnerability. This CVE ID ...)
+ TODO: check
+CVE-2022-26896 (Azure Site Recovery Information Disclosure Vulnerability. This CVE ID ...)
+ TODO: check
CVE-2022-26895 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-26894 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. ...)
@@ -6584,106 +6618,106 @@ CVE-2022-26848
RESERVED
CVE-2022-26843
RESERVED
-CVE-2022-26832
- RESERVED
-CVE-2022-26831
- RESERVED
-CVE-2022-26830
- RESERVED
-CVE-2022-26829
- RESERVED
-CVE-2022-26828
- RESERVED
-CVE-2022-26827
- RESERVED
-CVE-2022-26826
- RESERVED
-CVE-2022-26825
- RESERVED
-CVE-2022-26824
- RESERVED
-CVE-2022-26823
- RESERVED
-CVE-2022-26822
- RESERVED
-CVE-2022-26821
- RESERVED
-CVE-2022-26820
- RESERVED
-CVE-2022-26819
- RESERVED
-CVE-2022-26818
- RESERVED
-CVE-2022-26817
- RESERVED
-CVE-2022-26816
- RESERVED
-CVE-2022-26815
- RESERVED
-CVE-2022-26814
- RESERVED
-CVE-2022-26813
- RESERVED
-CVE-2022-26812
- RESERVED
-CVE-2022-26811
- RESERVED
-CVE-2022-26810
- RESERVED
-CVE-2022-26809
- RESERVED
-CVE-2022-26808
- RESERVED
-CVE-2022-26807
- RESERVED
+CVE-2022-26832 (.NET Framework Denial of Service Vulnerability. ...)
+ TODO: check
+CVE-2022-26831 (Windows LDAP Denial of Service Vulnerability. ...)
+ TODO: check
+CVE-2022-26830 (DiskUsage.exe Remote Code Execution Vulnerability. ...)
+ TODO: check
+CVE-2022-26829 (Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is ...)
+ TODO: check
+CVE-2022-26828 (Windows Bluetooth Driver Elevation of Privilege Vulnerability. ...)
+ TODO: check
+CVE-2022-26827 (Windows File Server Resource Management Service Elevation of Privilege ...)
+ TODO: check
+CVE-2022-26826 (Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is ...)
+ TODO: check
+CVE-2022-26825 (Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is ...)
+ TODO: check
+CVE-2022-26824 (Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is ...)
+ TODO: check
+CVE-2022-26823 (Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is ...)
+ TODO: check
+CVE-2022-26822 (Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is ...)
+ TODO: check
+CVE-2022-26821 (Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is ...)
+ TODO: check
+CVE-2022-26820 (Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is ...)
+ TODO: check
+CVE-2022-26819 (Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is ...)
+ TODO: check
+CVE-2022-26818 (Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is ...)
+ TODO: check
+CVE-2022-26817 (Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is ...)
+ TODO: check
+CVE-2022-26816 (Windows DNS Server Information Disclosure Vulnerability. ...)
+ TODO: check
+CVE-2022-26815 (Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is ...)
+ TODO: check
+CVE-2022-26814 (Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is ...)
+ TODO: check
+CVE-2022-26813 (Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is ...)
+ TODO: check
+CVE-2022-26812 (Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is ...)
+ TODO: check
+CVE-2022-26811 (Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is ...)
+ TODO: check
+CVE-2022-26810 (Windows File Server Resource Management Service Elevation of Privilege ...)
+ TODO: check
+CVE-2022-26809 (Remote Procedure Call Runtime Remote Code Execution Vulnerability. Thi ...)
+ TODO: check
+CVE-2022-26808 (Windows File Explorer Elevation of Privilege Vulnerability. ...)
+ TODO: check
+CVE-2022-26807 (Windows Work Folder Service Elevation of Privilege Vulnerability. ...)
+ TODO: check
CVE-2022-26806
RESERVED
CVE-2022-26805
RESERVED
CVE-2022-26804
RESERVED
-CVE-2022-26803
- RESERVED
-CVE-2022-26802
- RESERVED
-CVE-2022-26801
- RESERVED
+CVE-2022-26803 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
+ TODO: check
+CVE-2022-26802 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
+ TODO: check
+CVE-2022-26801 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
+ TODO: check
CVE-2022-26800
RESERVED
CVE-2022-26799
RESERVED
-CVE-2022-26798
- RESERVED
-CVE-2022-26797
- RESERVED
-CVE-2022-26796
- RESERVED
-CVE-2022-26795
- RESERVED
-CVE-2022-26794
- RESERVED
-CVE-2022-26793
- RESERVED
-CVE-2022-26792
- RESERVED
-CVE-2022-26791
- RESERVED
-CVE-2022-26790
- RESERVED
-CVE-2022-26789
- RESERVED
-CVE-2022-26788
- RESERVED
-CVE-2022-26787
- RESERVED
-CVE-2022-26786
- RESERVED
-CVE-2022-26785
- RESERVED
-CVE-2022-26784
- RESERVED
-CVE-2022-26783
- RESERVED
+CVE-2022-26798 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
+ TODO: check
+CVE-2022-26797 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
+ TODO: check
+CVE-2022-26796 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
+ TODO: check
+CVE-2022-26795 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
+ TODO: check
+CVE-2022-26794 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
+ TODO: check
+CVE-2022-26793 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
+ TODO: check
+CVE-2022-26792 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
+ TODO: check
+CVE-2022-26791 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
+ TODO: check
+CVE-2022-26790 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
+ TODO: check
+CVE-2022-26789 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
+ TODO: check
+CVE-2022-26788 (PowerShell Elevation of Privilege Vulnerability. ...)
+ TODO: check
+CVE-2022-26787 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
+ TODO: check
+CVE-2022-26786 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
+ TODO: check
+CVE-2022-26785 (Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulne ...)
+ TODO: check
+CVE-2022-26784 (Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability. T ...)
+ TODO: check
+CVE-2022-26783 (Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulne ...)
+ TODO: check
CVE-2022-26512
RESERVED
CVE-2022-26425
@@ -7195,8 +7229,8 @@ CVE-2022-26596
RESERVED
CVE-2022-26595
RESERVED
-CVE-2022-26594
- RESERVED
+CVE-2022-26594 (Multiple cross-site scripting (XSS) vulnerabilities in Liferay Portal ...)
+ TODO: check
CVE-2022-26593
RESERVED
CVE-2022-26592
@@ -11031,8 +11065,8 @@ CVE-2022-24435 (Cross-site scripting vulnerability in phpUploader v1.2 and earli
NOT-FOR-US: phpUploader
CVE-2022-23986 (SQL injection vulnerability in the phpUploader v1.2 and earlier allows ...)
NOT-FOR-US: phpUploader
-CVE-2022-21159
- RESERVED
+CVE-2022-21159 (A denial of service vulnerability exists in the parseNormalModeParamet ...)
+ TODO: check
CVE-2022-0618 (A program using swift-nio-http2 is vulnerable to a denial of service a ...)
NOT-FOR-US: swift-nio-http2
CVE-2022-0617 (A flaw null pointer dereference in the Linux kernel UDF file system fu ...)
@@ -11996,8 +12030,8 @@ CVE-2022-24859
RESERVED
CVE-2022-24858
RESERVED
-CVE-2022-24857
- RESERVED
+CVE-2022-24857 (django-mfa3 is a library that implements multi factor authentication f ...)
+ TODO: check
CVE-2022-24856
RESERVED
CVE-2022-24855 (Metabase is an open source business intelligence and analytics applica ...)
@@ -12008,8 +12042,8 @@ CVE-2022-24853 (Metabase is an open source business intelligence and analytics a
TODO: check
CVE-2022-24852
RESERVED
-CVE-2022-24851
- RESERVED
+CVE-2022-24851 (LDAP Account Manager (LAM) is an open source web frontend for managing ...)
+ TODO: check
CVE-2022-24850 (Discourse is an open source platform for community discussion. A categ ...)
TODO: check
CVE-2022-24849 (DisCatSharp is a Discord API wrapper for .NET. Users of versions 9.8.5 ...)
@@ -12212,7 +12246,7 @@ CVE-2022-24769 (Moby is an open-source project created by Docker to enable and a
NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-c9cp-9c75-9v8c
CVE-2022-24768 (Argo CD is a declarative, GitOps continuous delivery tool for Kubernet ...)
NOT-FOR-US: Argo CD
-CVE-2022-24767 (Git for Windows is a fork of Git containing Windows-specific patches. ...)
+CVE-2022-24767 (GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when ...)
NOT-FOR-US: Git-for-Windows (Git fork containing Windows-specific patches)
CVE-2022-24766 (mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mi ...)
- mitmproxy <unfixed> (bug #1008948)
@@ -12961,54 +12995,54 @@ CVE-2022-24552 (StarWind SAN and NAS before 0.2 build 1685 allows remote code ex
NOT-FOR-US: StarWind
CVE-2022-24551 (StarWind SAN and NAS before 0.2 build 1685 allows users to reset other ...)
NOT-FOR-US: StarWind
-CVE-2022-24550
- RESERVED
-CVE-2022-24549
- RESERVED
-CVE-2022-24548
- RESERVED
-CVE-2022-24547
- RESERVED
-CVE-2022-24546
- RESERVED
-CVE-2022-24545
- RESERVED
-CVE-2022-24544
- RESERVED
-CVE-2022-24543
- RESERVED
-CVE-2022-24542
- RESERVED
-CVE-2022-24541
- RESERVED
-CVE-2022-24540
- RESERVED
-CVE-2022-24539
- RESERVED
-CVE-2022-24538
- RESERVED
-CVE-2022-24537
- RESERVED
-CVE-2022-24536
- RESERVED
+CVE-2022-24550 (Windows Telephony Server Elevation of Privilege Vulnerability. ...)
+ TODO: check
+CVE-2022-24549 (Windows AppX Package Manager Elevation of Privilege Vulnerability. ...)
+ TODO: check
+CVE-2022-24548 (Microsoft Defender Denial of Service Vulnerability. ...)
+ TODO: check
+CVE-2022-24547 (Windows Digital Media Receiver Elevation of Privilege Vulnerability. ...)
+ TODO: check
+CVE-2022-24546 (Windows DWM Core Library Elevation of Privilege Vulnerability. ...)
+ TODO: check
+CVE-2022-24545 (Windows Kerberos Remote Code Execution Vulnerability. ...)
+ TODO: check
+CVE-2022-24544 (Windows Kerberos Elevation of Privilege Vulnerability. This CVE ID is ...)
+ TODO: check
+CVE-2022-24543 (Windows Upgrade Assistant Remote Code Execution Vulnerability. ...)
+ TODO: check
+CVE-2022-24542 (Windows Win32k Elevation of Privilege Vulnerability. This CVE ID is un ...)
+ TODO: check
+CVE-2022-24541 (Windows Server Service Remote Code Execution Vulnerability. ...)
+ TODO: check
+CVE-2022-24540 (Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is uniq ...)
+ TODO: check
+CVE-2022-24539 (Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulne ...)
+ TODO: check
+CVE-2022-24538 (Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability. T ...)
+ TODO: check
+CVE-2022-24537 (Windows Hyper-V Remote Code Execution Vulnerability. This CVE ID is un ...)
+ TODO: check
+CVE-2022-24536 (Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is ...)
+ TODO: check
CVE-2022-24535
RESERVED
-CVE-2022-24534
- RESERVED
-CVE-2022-24533
- RESERVED
-CVE-2022-24532
- RESERVED
+CVE-2022-24534 (Win32 Stream Enumeration Remote Code Execution Vulnerability. This CVE ...)
+ TODO: check
+CVE-2022-24533 (Remote Desktop Protocol Remote Code Execution Vulnerability. ...)
+ TODO: check
+CVE-2022-24532 (HEVC Video Extensions Remote Code Execution Vulnerability. ...)
+ TODO: check
CVE-2022-24531
RESERVED
-CVE-2022-24530
- RESERVED
+CVE-2022-24530 (Windows Installer Elevation of Privilege Vulnerability. This CVE ID is ...)
+ TODO: check
CVE-2022-24529
RESERVED
-CVE-2022-24528
- RESERVED
-CVE-2022-24527
- RESERVED
+CVE-2022-24528 (Remote Procedure Call Runtime Remote Code Execution Vulnerability. Thi ...)
+ TODO: check
+CVE-2022-24527 (Windows Endpoint Configuration Manager Elevation of Privilege Vulnerab ...)
+ TODO: check
CVE-2022-24526 (Visual Studio Code Spoofing Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-24525 (Windows Update Stack Elevation of Privilege Vulnerability. ...)
@@ -13019,8 +13053,8 @@ CVE-2022-24523 (Microsoft Edge (Chromium-based) Spoofing Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-24522 (Skype Extension for Chrome Information Disclosure Vulnerability. ...)
NOT-FOR-US: Skype Extension for Chrome
-CVE-2022-24521
- RESERVED
+CVE-2022-24521 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
+ TODO: check
CVE-2022-24520 (Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID i ...)
NOT-FOR-US: Microsoft
CVE-2022-24519 (Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID ...)
@@ -13035,8 +13069,8 @@ CVE-2022-24515 (Azure Site Recovery Elevation of Privilege Vulnerability. This C
NOT-FOR-US: Microsoft
CVE-2022-24514
RESERVED
-CVE-2022-24513
- RESERVED
+CVE-2022-24513 (Visual Studio Elevation of Privilege Vulnerability. ...)
+ TODO: check
CVE-2022-24512 (.NET and Visual Studio Remote Code Execution Vulnerability. ...)
NOT-FOR-US: Microsoft .NET
CVE-2022-24511 (Microsoft Office Word Tampering Vulnerability. ...)
@@ -13061,50 +13095,50 @@ CVE-2022-24502 (Windows HTML Platforms Security Feature Bypass Vulnerability. ..
NOT-FOR-US: Microsoft
CVE-2022-24501 (VP9 Video Extensions Remote Code Execution Vulnerability. This CVE ID ...)
NOT-FOR-US: Microsoft
-CVE-2022-24500
- RESERVED
-CVE-2022-24499
- RESERVED
-CVE-2022-24498
- RESERVED
-CVE-2022-24497
- RESERVED
-CVE-2022-24496
- RESERVED
-CVE-2022-24495
- RESERVED
-CVE-2022-24494
- RESERVED
-CVE-2022-24493
- RESERVED
-CVE-2022-24492
- RESERVED
-CVE-2022-24491
- RESERVED
-CVE-2022-24490
- RESERVED
-CVE-2022-24489
- RESERVED
-CVE-2022-24488
- RESERVED
-CVE-2022-24487
- RESERVED
-CVE-2022-24486
- RESERVED
-CVE-2022-24485
- RESERVED
-CVE-2022-24484
- RESERVED
-CVE-2022-24483
- RESERVED
-CVE-2022-24482
- RESERVED
-CVE-2022-24481
- RESERVED
+CVE-2022-24500 (Windows SMB Remote Code Execution Vulnerability. ...)
+ TODO: check
+CVE-2022-24499 (Windows Installer Elevation of Privilege Vulnerability. This CVE ID is ...)
+ TODO: check
+CVE-2022-24498 (Windows iSCSI Target Service Information Disclosure Vulnerability. ...)
+ TODO: check
+CVE-2022-24497 (Windows Network File System Remote Code Execution Vulnerability. This ...)
+ TODO: check
+CVE-2022-24496 (Local Security Authority (LSA) Elevation of Privilege Vulnerability. ...)
+ TODO: check
+CVE-2022-24495 (Windows Direct Show - Remote Code Execution Vulnerability. ...)
+ TODO: check
+CVE-2022-24494 (Windows Ancillary Function Driver for WinSock Elevation of Privilege V ...)
+ TODO: check
+CVE-2022-24493 (Microsoft Local Security Authority (LSA) Server Information Disclosure ...)
+ TODO: check
+CVE-2022-24492 (Remote Procedure Call Runtime Remote Code Execution Vulnerability. Thi ...)
+ TODO: check
+CVE-2022-24491 (Windows Network File System Remote Code Execution Vulnerability. This ...)
+ TODO: check
+CVE-2022-24490 (Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulne ...)
+ TODO: check
+CVE-2022-24489 (Cluster Client Failover (CCF) Elevation of Privilege Vulnerability. ...)
+ TODO: check
+CVE-2022-24488 (Windows Desktop Bridge Elevation of Privilege Vulnerability. ...)
+ TODO: check
+CVE-2022-24487 (Windows Local Security Authority (LSA) Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2022-24486 (Windows Kerberos Elevation of Privilege Vulnerability. This CVE ID is ...)
+ TODO: check
+CVE-2022-24485 (Win32 File Enumeration Remote Code Execution Vulnerability. ...)
+ TODO: check
+CVE-2022-24484 (Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability. T ...)
+ TODO: check
+CVE-2022-24483 (Windows Kernel Information Disclosure Vulnerability. ...)
+ TODO: check
+CVE-2022-24482 (Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is uniq ...)
+ TODO: check
+CVE-2022-24481 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
+ TODO: check
CVE-2022-24480
RESERVED
-CVE-2022-24479
- RESERVED
+CVE-2022-24479 (Connected User Experiences and Telemetry Elevation of Privilege Vulner ...)
+ TODO: check
CVE-2022-24478
RESERVED
CVE-2022-24477
@@ -13113,12 +13147,12 @@ CVE-2022-24476
RESERVED
CVE-2022-24475 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. ...)
NOT-FOR-US: Microsoft
-CVE-2022-24474
- RESERVED
-CVE-2022-24473
- RESERVED
-CVE-2022-24472
- RESERVED
+CVE-2022-24474 (Windows Win32k Elevation of Privilege Vulnerability. This CVE ID is un ...)
+ TODO: check
+CVE-2022-24473 (Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is un ...)
+ TODO: check
+CVE-2022-24472 (Microsoft SharePoint Server Spoofing Vulnerability. ...)
+ TODO: check
CVE-2022-24471 (Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID i ...)
NOT-FOR-US: Microsoft
CVE-2022-24470 (Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID i ...)
@@ -15340,8 +15374,8 @@ CVE-2022-23867
RESERVED
CVE-2022-23866
RESERVED
-CVE-2022-23865
- RESERVED
+CVE-2022-23865 (Nyron 1.0 is affected by a SQL injection vulnerability through Nyron/L ...)
+ TODO: check
CVE-2022-0352 (Cross-site Scripting (XSS) - Reflected in Pypi calibreweb prior to 0.6 ...)
NOT-FOR-US: calibre-web
CVE-2022-0351 (Access of Memory Location Before Start of Buffer in GitHub repository ...)
@@ -17622,8 +17656,8 @@ CVE-2022-23294 (Windows Event Tracing Remote Code Execution Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-23293 (Windows Fast FAT File System Driver Elevation of Privilege Vulnerabili ...)
NOT-FOR-US: Microsoft
-CVE-2022-23292
- RESERVED
+CVE-2022-23292 (Microsoft Power BI Spoofing Vulnerability. ...)
+ TODO: check
CVE-2022-23291 (Windows DWM Core Library Elevation of Privilege Vulnerability. This CV ...)
NOT-FOR-US: Microsoft
CVE-2022-23290 (Windows Inking COM Elevation of Privilege Vulnerability. ...)
@@ -17670,8 +17704,8 @@ CVE-2022-23270
RESERVED
CVE-2022-23269 (Microsoft Dynamics GP Spoofing Vulnerability. ...)
NOT-FOR-US: Microsoft
-CVE-2022-23268
- RESERVED
+CVE-2022-23268 (Windows Hyper-V Denial of Service Vulnerability. ...)
+ TODO: check
CVE-2022-23267
RESERVED
CVE-2022-23266 (Microsoft Defender for IoT Elevation of Privilege Vulnerability. ...)
@@ -17688,12 +17722,12 @@ CVE-2022-23261 (Microsoft Edge (Chromium-based) Tampering Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-23260
RESERVED
-CVE-2022-23259
- RESERVED
+CVE-2022-23259 (Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerabili ...)
+ TODO: check
CVE-2022-23258 (Microsoft Edge for Android Spoofing Vulnerability. ...)
NOT-FOR-US: Microsoft
-CVE-2022-23257
- RESERVED
+CVE-2022-23257 (Windows Hyper-V Remote Code Execution Vulnerability. This CVE ID is un ...)
+ TODO: check
CVE-2022-23256 (Azure Data Explorer Spoofing Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-23255 (Microsoft OneDrive for Android Security Feature Bypass Vulnerability. ...)
@@ -24130,10 +24164,10 @@ CVE-2022-22011
RESERVED
CVE-2022-22010 (Media Foundation Information Disclosure Vulnerability. This CVE ID is ...)
NOT-FOR-US: Microsoft
-CVE-2022-22009
- RESERVED
-CVE-2022-22008
- RESERVED
+CVE-2022-22009 (Windows Hyper-V Remote Code Execution Vulnerability. This CVE ID is un ...)
+ TODO: check
+CVE-2022-22008 (Windows Hyper-V Remote Code Execution Vulnerability. This CVE ID is un ...)
+ TODO: check
CVE-2022-22007 (HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID ...)
NOT-FOR-US: Microsoft
CVE-2022-22006 (HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID ...)
@@ -24182,8 +24216,8 @@ CVE-2022-21985 (Windows Remote Access Connection Manager Information Disclosure
NOT-FOR-US: Microsoft
CVE-2022-21984 (Windows DNS Server Remote Code Execution Vulnerability. ...)
NOT-FOR-US: Microsoft
-CVE-2022-21983
- RESERVED
+CVE-2022-21983 (Win32 Stream Enumeration Remote Code Execution Vulnerability. This CVE ...)
+ TODO: check
CVE-2022-21982
RESERVED
CVE-2022-21981 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
@@ -26800,66 +26834,66 @@ CVE-2015-20105 (The ClickBank Affiliate Ads WordPress plugin through 1.20 does n
NOT-FOR-US: WordPress plugin
CVE-2021-44511
RESERVED
-CVE-2021-44510
- RESERVED
-CVE-2021-44509
- RESERVED
-CVE-2021-44508
- RESERVED
-CVE-2021-44507
- RESERVED
-CVE-2021-44506
- RESERVED
-CVE-2021-44505
- RESERVED
-CVE-2021-44504
- RESERVED
-CVE-2021-44503
- RESERVED
-CVE-2021-44502
- RESERVED
-CVE-2021-44501
- RESERVED
-CVE-2021-44500
- RESERVED
-CVE-2021-44499
- RESERVED
-CVE-2021-44498
- RESERVED
-CVE-2021-44497
- RESERVED
-CVE-2021-44496
- RESERVED
-CVE-2021-44495
- RESERVED
-CVE-2021-44494
- RESERVED
-CVE-2021-44493
- RESERVED
-CVE-2021-44492
- RESERVED
-CVE-2021-44491
- RESERVED
-CVE-2021-44490
- RESERVED
-CVE-2021-44489
- RESERVED
-CVE-2021-44488
- RESERVED
-CVE-2021-44487
- RESERVED
-CVE-2021-44486
- RESERVED
-CVE-2021-44485
- RESERVED
-CVE-2021-44484
- RESERVED
-CVE-2021-44483
- RESERVED
-CVE-2021-44482
- RESERVED
-CVE-2021-44481
- RESERVED
+CVE-2021-44510 (An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...)
+ TODO: check
+CVE-2021-44509 (An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...)
+ TODO: check
+CVE-2021-44508 (An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...)
+ TODO: check
+CVE-2021-44507 (An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...)
+ TODO: check
+CVE-2021-44506 (An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...)
+ TODO: check
+CVE-2021-44505 (An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...)
+ TODO: check
+CVE-2021-44504 (An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...)
+ TODO: check
+CVE-2021-44503 (An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...)
+ TODO: check
+CVE-2021-44502 (An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...)
+ TODO: check
+CVE-2021-44501 (An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...)
+ TODO: check
+CVE-2021-44500 (An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...)
+ TODO: check
+CVE-2021-44499 (An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...)
+ TODO: check
+CVE-2021-44498 (An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...)
+ TODO: check
+CVE-2021-44497 (An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...)
+ TODO: check
+CVE-2021-44496 (An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...)
+ TODO: check
+CVE-2021-44495 (An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS ...)
+ TODO: check
+CVE-2021-44494 (An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS ...)
+ TODO: check
+CVE-2021-44493 (An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS ...)
+ TODO: check
+CVE-2021-44492 (An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS ...)
+ TODO: check
+CVE-2021-44491 (An issue was discovered in YottaDB through r1.32 and V7.0-000. Using c ...)
+ TODO: check
+CVE-2021-44490 (An issue was discovered in YottaDB through r1.32 and V7.0-000. Using c ...)
+ TODO: check
+CVE-2021-44489 (An issue was discovered in YottaDB through r1.32 and V7.0-000. Using c ...)
+ TODO: check
+CVE-2021-44488 (An issue was discovered in YottaDB through r1.32 and V7.0-000. Using c ...)
+ TODO: check
+CVE-2021-44487 (An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack ...)
+ TODO: check
+CVE-2021-44486 (An issue was discovered in YottaDB through r1.32 and V7.0-000. Using c ...)
+ TODO: check
+CVE-2021-44485 (An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack ...)
+ TODO: check
+CVE-2021-44484 (An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack ...)
+ TODO: check
+CVE-2021-44483 (An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack ...)
+ TODO: check
+CVE-2021-44482 (An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack ...)
+ TODO: check
+CVE-2021-44481 (An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack ...)
+ TODO: check
CVE-2021-44480 (Wokka Lokka Q50 devices through 2021-11-30 allow remote attackers (who ...)
NOT-FOR-US: Wokka Lokka Q50 devices
CVE-2021-44479 (NXP Kinetis K82 devices have a buffer over-read via a crafted wlength ...)
@@ -32215,14 +32249,14 @@ CVE-2022-20763 (A vulnerability in the login authorization components of Cisco W
TODO: check
CVE-2022-20762 (A vulnerability in the Common Execution Environment (CEE) ConfD CLI of ...)
TODO: check
-CVE-2022-20761
- RESERVED
+CVE-2022-20761 (A vulnerability in the integrated wireless access point (AP) packet pr ...)
+ TODO: check
CVE-2022-20760
RESERVED
CVE-2022-20759
RESERVED
-CVE-2022-20758
- RESERVED
+CVE-2022-20758 (A vulnerability in the implementation of the Border Gateway Protocol ( ...)
+ TODO: check
CVE-2022-20757
RESERVED
CVE-2022-20756 (A vulnerability in the RADIUS feature of Cisco Identity Services Engin ...)
@@ -32243,8 +32277,8 @@ CVE-2022-20749 (Multiple vulnerabilities in Cisco Small Business RV160, RV260, R
NOT-FOR-US: Cisco Small Business RV Series Routers
CVE-2022-20748
RESERVED
-CVE-2022-20747
- RESERVED
+CVE-2022-20747 (A vulnerability in the History API of Cisco SD-WAN vManage Software co ...)
+ TODO: check
CVE-2022-20746
RESERVED
CVE-2022-20745
@@ -32259,58 +32293,58 @@ CVE-2022-20741 (A vulnerability in the web-based management interface of the Net
TODO: check
CVE-2022-20740
RESERVED
-CVE-2022-20739
- RESERVED
+CVE-2022-20739 (A vulnerability in the CLI of Cisco SD-WAN vManage Software could allo ...)
+ TODO: check
CVE-2022-20738 (A vulnerability in the Cisco Umbrella Secure Web Gateway service could ...)
NOT-FOR-US: Cisco
CVE-2022-20737
RESERVED
CVE-2022-20736
RESERVED
-CVE-2022-20735
- RESERVED
+CVE-2022-20735 (A vulnerability in the web-based management interface of Cisco SD-WAN ...)
+ TODO: check
CVE-2022-20734
RESERVED
CVE-2022-20733
RESERVED
CVE-2022-20732
RESERVED
-CVE-2022-20731
- RESERVED
+CVE-2022-20731 (Multiple vulnerabilities that affect Cisco Catalyst Digital Building S ...)
+ TODO: check
CVE-2022-20730
RESERVED
CVE-2022-20729
RESERVED
CVE-2022-20728
RESERVED
-CVE-2022-20727
- RESERVED
-CVE-2022-20726
- RESERVED
-CVE-2022-20725
- RESERVED
-CVE-2022-20724
- RESERVED
-CVE-2022-20723
- RESERVED
-CVE-2022-20722
- RESERVED
-CVE-2022-20721
- RESERVED
-CVE-2022-20720
- RESERVED
-CVE-2022-20719
- RESERVED
-CVE-2022-20718
- RESERVED
-CVE-2022-20717
- RESERVED
-CVE-2022-20716
- RESERVED
+CVE-2022-20727 (Multiple vulnerabilities in the Cisco IOx application hosting environm ...)
+ TODO: check
+CVE-2022-20726 (Multiple vulnerabilities in the Cisco IOx application hosting environm ...)
+ TODO: check
+CVE-2022-20725 (Multiple vulnerabilities in the Cisco IOx application hosting environm ...)
+ TODO: check
+CVE-2022-20724 (Multiple vulnerabilities in the Cisco IOx application hosting environm ...)
+ TODO: check
+CVE-2022-20723 (Multiple vulnerabilities in the Cisco IOx application hosting environm ...)
+ TODO: check
+CVE-2022-20722 (Multiple vulnerabilities in the Cisco IOx application hosting environm ...)
+ TODO: check
+CVE-2022-20721 (Multiple vulnerabilities in the Cisco IOx application hosting environm ...)
+ TODO: check
+CVE-2022-20720 (Multiple vulnerabilities in the Cisco IOx application hosting environm ...)
+ TODO: check
+CVE-2022-20719 (Multiple vulnerabilities in the Cisco IOx application hosting environm ...)
+ TODO: check
+CVE-2022-20718 (Multiple vulnerabilities in the Cisco IOx application hosting environm ...)
+ TODO: check
+CVE-2022-20717 (A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers c ...)
+ TODO: check
+CVE-2022-20716 (A vulnerability in the CLI of Cisco SD-WAN Software could allow an aut ...)
+ TODO: check
CVE-2022-20715
RESERVED
-CVE-2022-20714
- RESERVED
+CVE-2022-20714 (A vulnerability in the data plane microcode of Lightspeed-Plus line ca ...)
+ TODO: check
CVE-2022-20713
RESERVED
CVE-2022-20712 (Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, ...)
@@ -32348,18 +32382,18 @@ CVE-2022-20698 (A vulnerability in the OOXML parsing module in Clam AntiVirus (C
[stretch] - clamav <postponed> (Minor issue; clean crash; follow stable updates)
NOTE: https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html
NOTE: https://github.com/Cisco-Talos/clamav/commit/9a6bb57f89721db637f4ddb5b233c1c4e23d223a (0.103.5)
-CVE-2022-20697
- RESERVED
+CVE-2022-20697 (A vulnerability in the web services interface of Cisco IOS Software an ...)
+ TODO: check
CVE-2022-20696
RESERVED
-CVE-2022-20695
- RESERVED
-CVE-2022-20694
- RESERVED
-CVE-2022-20693
- RESERVED
-CVE-2022-20692
- RESERVED
+CVE-2022-20695 (A vulnerability in the authentication functionality of Cisco Wireless ...)
+ TODO: check
+CVE-2022-20694 (A vulnerability in the implementation of the Resource Public Key Infra ...)
+ TODO: check
+CVE-2022-20693 (A vulnerability in the web UI feature of Cisco IOS XE Software could a ...)
+ TODO: check
+CVE-2022-20692 (A vulnerability in the NETCONF over SSH feature of Cisco IOS XE Softwa ...)
+ TODO: check
CVE-2022-20691
RESERVED
CVE-2022-20690
@@ -32374,24 +32408,24 @@ CVE-2022-20686
RESERVED
CVE-2022-20685
RESERVED
-CVE-2022-20684
- RESERVED
-CVE-2022-20683
- RESERVED
-CVE-2022-20682
- RESERVED
-CVE-2022-20681
- RESERVED
+CVE-2022-20684 (A vulnerability in Simple Network Management Protocol (SNMP) trap gene ...)
+ TODO: check
+CVE-2022-20683 (A vulnerability in the Application Visibility and Control (AVC-FNF) fe ...)
+ TODO: check
+CVE-2022-20682 (A vulnerability in the Control and Provisioning of Wireless Access Poi ...)
+ TODO: check
+CVE-2022-20681 (A vulnerability in the CLI of Cisco IOS XE Software for Cisco Catalyst ...)
+ TODO: check
CVE-2022-20680 (A vulnerability in the web-based management interface of Cisco Prime S ...)
NOT-FOR-US: Cisco
-CVE-2022-20679
- RESERVED
-CVE-2022-20678
- RESERVED
-CVE-2022-20677
- RESERVED
-CVE-2022-20676
- RESERVED
+CVE-2022-20679 (A vulnerability in the IPSec decryption routine of Cisco IOS XE Softwa ...)
+ TODO: check
+CVE-2022-20678 (A vulnerability in the AppNav-XE feature of Cisco IOS XE Software coul ...)
+ TODO: check
+CVE-2022-20677 (Multiple vulnerabilities in the Cisco IOx application hosting environm ...)
+ TODO: check
+CVE-2022-20676 (A vulnerability in the Tool Command Language (Tcl) interpreter of Cisc ...)
+ TODO: check
CVE-2022-20675 (A vulnerability in the TCP/IP stack of Cisco Email Security Appliance ...)
TODO: check
CVE-2022-20674
@@ -32420,8 +32454,8 @@ CVE-2022-20663
RESERVED
CVE-2022-20662
RESERVED
-CVE-2022-20661
- RESERVED
+CVE-2022-20661 (Multiple vulnerabilities that affect Cisco Catalyst Digital Building S ...)
+ TODO: check
CVE-2022-20660 (A vulnerability in the information storage architecture of several Cis ...)
NOT-FOR-US: Cisco
CVE-2022-20659 (A vulnerability in the web-based management interface of Cisco Prime I ...)
@@ -32498,8 +32532,8 @@ CVE-2022-20624 (A vulnerability in the Cisco Fabric Services over IP (CFSoIP) fe
NOT-FOR-US: Cisco
CVE-2022-20623 (A vulnerability in the rate limiter for Bidirectional Forwarding Detec ...)
NOT-FOR-US: Cisco
-CVE-2022-20622
- RESERVED
+CVE-2022-20622 (A vulnerability in IP ingress packet processing of the Cisco Embedded ...)
+ TODO: check
CVE-2021-43256 (Microsoft Excel Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-43255 (Microsoft Office Trust Center Spoofing Vulnerability ...)
@@ -36143,7 +36177,7 @@ CVE-2021-42256
RESERVED
CVE-2021-3878 (corenlp is vulnerable to Improper Restriction of XML External Entity R ...)
NOT-FOR-US: CoreNLP
-CVE-2021-42255 (BeyondTrust AppGuard Enterprise through 6.6.20.2 creates a Temporary F ...)
+CVE-2021-42255 (AppGuard Enterprise before 6.7.100.1 creates a Temporary File in a Dir ...)
NOT-FOR-US: BeyondTrust AppGuard
CVE-2021-42254 (BeyondTrust Privilege Management prior to version 21.6 creates a Tempo ...)
NOT-FOR-US: BeyondTrust Privilege Management
@@ -36198,8 +36232,8 @@ CVE-2021-42232
RESERVED
CVE-2021-42231
RESERVED
-CVE-2021-42230
- RESERVED
+CVE-2021-42230 (Seowon 130-SLC router all versions as of 2021-09-15 is vulnerable to R ...)
+ TODO: check
CVE-2021-42229
RESERVED
CVE-2021-42228 (A Cross Site Request Forgery (CSRF) vulnerability exists in KindEditor ...)
@@ -46020,7 +46054,7 @@ CVE-2021-38270
RESERVED
CVE-2021-38269 (Liferay Portal through v7.4.0 and Liferay DXP through v7.1 were discov ...)
NOT-FOR-US: Liferay
-CVE-2021-38268 (The Dynamic Data Mapping module in Liferay Portal through v7.3.6 and L ...)
+CVE-2021-38268 (The Dynamic Data Mapping module in Liferay Portal 7.0.0 through 7.3.6, ...)
NOT-FOR-US: Liferay
CVE-2021-38267 (Liferay Portal through v7.3.6 and Liferay DXP through v7.3 were discov ...)
NOT-FOR-US: Liferay
@@ -46028,9 +46062,9 @@ CVE-2021-38266 (Liferay Portal through v7.2.1 and Liferay DXP through v7.2 does
NOT-FOR-US: Liferay
CVE-2021-38265 (Liferay Portal v7.3.6 and below and Liferay DXP v7.3 and below were di ...)
NOT-FOR-US: Liferay
-CVE-2021-38264 (Liferay Portal v7.4.1 and below was discovered to contain a cross-site ...)
+CVE-2021-38264 (Cross-site scripting (XSS) vulnerability in the Frontend Taglib module ...)
NOT-FOR-US: Liferay
-CVE-2021-38263 (Liferay Portal v7.3.2 and below and Liferay DXP v7.0 and below were di ...)
+CVE-2021-38263 (Cross-site scripting (XSS) vulnerability in the Server module's script ...)
NOT-FOR-US: Liferay
CVE-2021-38262
RESERVED
@@ -49669,8 +49703,8 @@ CVE-2021-36830
RESERVED
CVE-2021-36829
RESERVED
-CVE-2021-36828
- RESERVED
+CVE-2021-36828 (Authenticated (admin+) Stored Cross-Site Scripting (XSS) in WP Mainten ...)
+ TODO: check
CVE-2021-36827
RESERVED
CVE-2021-36826 (Authenticated (subscriber or higher user role if allowed to access pro ...)
@@ -51161,8 +51195,8 @@ CVE-2021-36207
RESERVED
CVE-2021-36206
RESERVED
-CVE-2021-36205
- RESERVED
+CVE-2021-36205 (Under certain circumstances the session token is not cleared on logout ...)
+ TODO: check
CVE-2021-36204
RESERVED
CVE-2021-36203
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c4ab2c4e0d92d8ad7a6183f4674d36dfa76b7a41
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c4ab2c4e0d92d8ad7a6183f4674d36dfa76b7a41
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220415/c8b2beaf/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list