[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Apr 20 09:10:30 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
aec67abd by security tracker role at 2022-04-20T08:10:19+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2022-29510
+ RESERVED
+CVE-2022-29505
+ RESERVED
+CVE-2022-29486
+ RESERVED
+CVE-2022-29469
+ RESERVED
+CVE-2022-29466
+ RESERVED
+CVE-2022-29262
+ RESERVED
+CVE-2022-28858
+ RESERVED
+CVE-2022-27497
+ RESERVED
+CVE-2022-27493
+ RESERVED
+CVE-2022-26424
+ RESERVED
+CVE-2022-25899
+ RESERVED
+CVE-2022-1406
+ RESERVED
CVE-2022-29504
RESERVED
CVE-2022-29503
@@ -267,10 +291,10 @@ CVE-2022-1386
RESERVED
CVE-2022-29405
RESERVED
-CVE-2022-1385
- RESERVED
-CVE-2022-1384
- RESERVED
+CVE-2022-1385 (Mattermost 6.4.x and earlier fails to properly invalidate pending emai ...)
+ TODO: check
+CVE-2022-1384 (Mattermost version 6.4.x and earlier fails to properly check the plugi ...)
+ TODO: check
CVE-2022-1383 (Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prio ...)
- radare2 <unfixed>
NOTE: https://huntr.dev/bounties/02b4b563-b946-4343-9092-38d1c5cd60c9
@@ -1059,8 +1083,8 @@ CVE-2022-1331
RESERVED
CVE-2022-1330 (stored xss due to unsantized anchor url in GitHub repository alvarotri ...)
TODO: check
-CVE-2022-1329
- RESERVED
+CVE-2022-1329 (The Elementor Website Builder plugin for WordPress is vulnerable to un ...)
+ TODO: check
CVE-2022-1328 (Buffer Overflow in uudecoder in Mutt affecting all versions starting f ...)
- mutt 2.2.3-1 (bug #1009734)
- neomutt <unfixed> (bug #1009735)
@@ -1571,8 +1595,8 @@ CVE-2022-28892
RESERVED
CVE-2022-28891
RESERVED
-CVE-2022-27629
- RESERVED
+CVE-2022-27629 (Cross-site request forgery (CSRF) vulnerability in 'MicroPayments - Pa ...)
+ TODO: check
CVE-2022-1291 (XSS vulnerability with default `onCellHtmlData` function in GitHub rep ...)
TODO: check
CVE-2022-1290 (Stored XSS in "Name", "Group Name" & "Title" in GitHub repository ...)
@@ -3371,16 +3395,16 @@ CVE-2022-1189 (An issue has been discovered in GitLab CE/EE affecting all versio
- gitlab <unfixed>
CVE-2022-1188 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
- gitlab <unfixed>
-CVE-2022-1187
- RESERVED
-CVE-2022-1186
- RESERVED
+CVE-2022-1187 (The WordPress WP YouTube Live Plugin is vulnerable to Reflected Cross- ...)
+ TODO: check
+CVE-2022-1186 (The WordPress plugin Be POPIA Compliant exposed sensitive information ...)
+ TODO: check
CVE-2022-28223 (Tekon KIO devices through 2022-03-30 allow an authenticated admin user ...)
NOT-FOR-US: Tekon KIO devices
-CVE-2022-28222
- RESERVED
-CVE-2022-28221
- RESERVED
+CVE-2022-28222 (The CleanTalk AntiSpam plugin <= 5.173 for WordPress is vulnerable ...)
+ TODO: check
+CVE-2022-28221 (The CleanTalk AntiSpam plugin <= 5.173 for WordPress is vulnerable ...)
+ TODO: check
CVE-2022-28220
RESERVED
CVE-2022-1185 (A denial of service vulnerability when rendering RDoc files in GitLab ...)
@@ -3837,8 +3861,8 @@ CVE-2022-1121 (A lack of appropriate timeouts in GitLab Pages included in GitLab
- gitlab <unfixed>
CVE-2022-1120 (Missing filtering in an error message in GitLab CE/EE affecting all ve ...)
- gitlab <unfixed>
-CVE-2022-1119
- RESERVED
+CVE-2022-1119 (The Simple File List WordPress plugin is vulnerable to Arbitrary File ...)
+ TODO: check
CVE-2022-1118
RESERVED
CVE-2022-1117
@@ -4526,10 +4550,10 @@ CVE-2022-1068 (Modbus Tools Modbus Slave (versions 7.4.2 and prior) is vulnerabl
NOT-FOR-US: Modbus Tools Modbus Slave
CVE-2022-1067 (Navigating to a specific URL with a patient ID number will result in t ...)
NOT-FOR-US: LifePoint Informatics Patient Portal
-CVE-2022-27863
- RESERVED
-CVE-2022-27862
- RESERVED
+CVE-2022-27863 (Sensitive Information Exposure in E4J s.r.l. VikBooking Hotel Booking ...)
+ TODO: check
+CVE-2022-27862 (Sensitive Information Exposure in E4J s.r.l. VikBooking Hotel Booking ...)
+ TODO: check
CVE-2022-27861
RESERVED
CVE-2022-27860
@@ -4605,7 +4629,7 @@ CVE-2022-27838 (Improper access control vulnerability in FactoryCamera prior to
NOT-FOR-US: Samsung
CVE-2022-27837 (A vulnerability using PendingIntent in Accessibility prior to version ...)
NOT-FOR-US: Samsung
-CVE-2022-27836 (Improper access control and path traversal vulnerability in StroageMan ...)
+CVE-2022-27836 (Improper access control and path traversal vulnerability in Storage Ma ...)
NOT-FOR-US: Samsung
CVE-2022-27835 (Improper boundary check in UWB firmware prior to SMR Apr-2022 Release ...)
NOT-FOR-US: Samsung
@@ -5293,8 +5317,8 @@ CVE-2022-27529 (A maliciously crafted PICT, BMP, PSD or TIF file in Autodesk Aut
NOT-FOR-US: Autodesk
CVE-2022-27528 (A maliciously crafted DWFX and SKP files in Autodesk Navisworks 2022 c ...)
NOT-FOR-US: Autodesk
-CVE-2022-27527
- RESERVED
+CVE-2022-27527 (A Memory Corruption vulnerability may lead to code execution through m ...)
+ TODO: check
CVE-2022-27526 (A malicious crafted TGA file when consumed through DesignReview.exe ap ...)
NOT-FOR-US: Autodesk
CVE-2022-27525 (A malicious crafted .dwf file when consumed through DesignReview.exe a ...)
@@ -6068,8 +6092,8 @@ CVE-2022-26349 (Delta Electronics DIAEnergie (All versions prior to 1.8.02.004)
NOT-FOR-US: Delta Electronics
CVE-2022-25880 (Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a ...)
NOT-FOR-US: Delta Electronics
-CVE-2022-1019
- RESERVED
+CVE-2022-1019 (Automated Logic's WebCtrl Server Version 6.1 'Help' index pages are vu ...)
+ TODO: check
CVE-2022-1018 (When opening a malicious solution file provided by an attacker, the ap ...)
NOT-FOR-US: Rockwell Automation
CVE-2022-27172
@@ -6170,11 +6194,9 @@ CVE-2022-27223 (In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel befor
NOTE: https://git.kernel.org/linus/7f14c7227f342d9932f9b918893c8814f86d2a0d (5.17-rc6)
CVE-2022-27222
RESERVED
-CVE-2022-0993
- RESERVED
+CVE-2022-0993 (The SiteGround Security plugin for WordPress is vulnerable to authenti ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-0992
- RESERVED
+CVE-2022-0992 (The SiteGround Security plugin for WordPress is vulnerable to authenti ...)
NOT-FOR-US: WordPress plugin
CVE-2022-0991 (Insufficient Session Expiration in GitHub repository admidio/admidio p ...)
NOT-FOR-US: admidio
@@ -10069,8 +10091,8 @@ CVE-2022-25790 (A maliciously crafted DWF file in Autodesk AutoCAD 2022, 2021, 2
NOT-FOR-US: Autodesk
CVE-2022-25789 (A maliciously crafted DWF, 3DS and DWFX files in Autodesk AutoCAD 2022 ...)
NOT-FOR-US: Autodesk
-CVE-2022-25788
- RESERVED
+CVE-2022-25788 (A maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to ...)
+ TODO: check
CVE-2022-25787
RESERVED
CVE-2022-25786
@@ -12669,15 +12691,15 @@ CVE-2022-24862
RESERVED
CVE-2022-24861
RESERVED
-CVE-2022-24860
- RESERVED
+CVE-2022-24860 (Databasir is a team-oriented relational database model document manage ...)
+ TODO: check
CVE-2022-24859 (PyPDF2 is an open source python PDF library capable of splitting, merg ...)
- pypdf2 <unfixed> (bug #1009879)
NOTE: https://github.com/py-pdf/PyPDF2/security/advisories/GHSA-xcjx-m2pj-8g79
NOTE: https://github.com/py-pdf/PyPDF2/issues/329
NOTE: https://github.com/py-pdf/PyPDF2/pull/740
-CVE-2022-24858
- RESERVED
+CVE-2022-24858 (next-auth v3 users before version 3.29.2 are impacted. next-auth versi ...)
+ TODO: check
CVE-2022-24857 (django-mfa3 is a library that implements multi factor authentication f ...)
TODO: check
CVE-2022-24856
@@ -12750,10 +12772,10 @@ CVE-2022-24828 (Composer is a dependency manager for the PHP programming languag
TODO: check
CVE-2022-24827 (Elide is a Java library that lets you stand up a GraphQL/JSON-API web ...)
TODO: check
-CVE-2022-24826
- RESERVED
-CVE-2022-24825
- RESERVED
+CVE-2022-24826 (On Windows, if Git LFS operates on a malicious repository with a `..ex ...)
+ TODO: check
+CVE-2022-24825 (Smokescreen is a simple HTTP proxy that fogs over naughty URLs. The pr ...)
+ TODO: check
CVE-2022-24824 (Discourse is an open source platform for community discussion. In affe ...)
NOT-FOR-US: Discourse
CVE-2022-24823
@@ -22404,10 +22426,10 @@ CVE-2022-0073
RESERVED
CVE-2022-0072
RESERVED
-CVE-2022-0071
- RESERVED
-CVE-2022-0070
- RESERVED
+CVE-2022-0071 (Incomplete fix for CVE-2021-3101. Hotdog, prior to v1.0.2, did not mim ...)
+ TODO: check
+CVE-2022-0070 (Incomplete fix for CVE-2021-3100. The Apache Log4j hotpatch package st ...)
+ TODO: check
CVE-2022-0069
RESERVED
CVE-2022-0068
@@ -26447,8 +26469,8 @@ CVE-2021-4098 (Insufficient data validation in Mojo in Google Chrome prior to 96
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4097 (phpservermon is vulnerable to Improper Neutralization of CRLF Sequence ...)
NOT-FOR-US: phpservermon
-CVE-2021-4096
- RESERVED
+CVE-2021-4096 (The Fancy Product Designer plugin for WordPress is vulnerable to Cross ...)
+ TODO: check
CVE-2022-21822 (NVIDIA FLARE contains a vulnerability in the admin interface, where an ...)
NOT-FOR-US: NVIDIA
CVE-2022-21821 (NVIDIA CUDA Toolkit SDK contains an integer overflow vulnerability in ...)
@@ -30189,196 +30211,196 @@ CVE-2022-21500
RESERVED
CVE-2022-21499
RESERVED
-CVE-2022-21498
- RESERVED
-CVE-2022-21497
- RESERVED
-CVE-2022-21496
- RESERVED
+CVE-2022-21498 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
+ TODO: check
+CVE-2022-21497 (Vulnerability in the Oracle Web Services Manager product of Oracle Fus ...)
+ TODO: check
+CVE-2022-21496 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
+ TODO: check
CVE-2022-21495
RESERVED
-CVE-2022-21494
- RESERVED
-CVE-2022-21493
- RESERVED
-CVE-2022-21492
- RESERVED
-CVE-2022-21491
- RESERVED
-CVE-2022-21490
- RESERVED
-CVE-2022-21489
- RESERVED
-CVE-2022-21488
- RESERVED
-CVE-2022-21487
- RESERVED
-CVE-2022-21486
- RESERVED
-CVE-2022-21485
- RESERVED
-CVE-2022-21484
- RESERVED
-CVE-2022-21483
- RESERVED
-CVE-2022-21482
- RESERVED
-CVE-2022-21481
- RESERVED
-CVE-2022-21480
- RESERVED
-CVE-2022-21479
- RESERVED
-CVE-2022-21478
- RESERVED
-CVE-2022-21477
- RESERVED
-CVE-2022-21476
- RESERVED
-CVE-2022-21475
- RESERVED
-CVE-2022-21474
- RESERVED
-CVE-2022-21473
- RESERVED
-CVE-2022-21472
- RESERVED
-CVE-2022-21471
- RESERVED
-CVE-2022-21470
- RESERVED
-CVE-2022-21469
- RESERVED
-CVE-2022-21468
- RESERVED
-CVE-2022-21467
- RESERVED
-CVE-2022-21466
- RESERVED
-CVE-2022-21465
- RESERVED
-CVE-2022-21464
- RESERVED
-CVE-2022-21463
- RESERVED
-CVE-2022-21462
- RESERVED
-CVE-2022-21461
- RESERVED
-CVE-2022-21460
- RESERVED
-CVE-2022-21459
- RESERVED
-CVE-2022-21458
- RESERVED
-CVE-2022-21457
- RESERVED
-CVE-2022-21456
- RESERVED
+CVE-2022-21494 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2022-21493 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2022-21492 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+ TODO: check
+CVE-2022-21491 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2022-21490 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21489 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21488 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2022-21487 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2022-21486 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21485 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21484 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21483 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21482 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21481 (Vulnerability in the PeopleSoft Enterprise FIN Cash Management product ...)
+ TODO: check
+CVE-2022-21480 (Vulnerability in the Oracle Transportation Management product of Oracl ...)
+ TODO: check
+CVE-2022-21479 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21478 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21477 (Vulnerability in the Oracle Applications Framework product of Oracle E ...)
+ TODO: check
+CVE-2022-21476 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
+ TODO: check
+CVE-2022-21475 (Vulnerability in the Oracle Banking Payments product of Oracle Financi ...)
+ TODO: check
+CVE-2022-21474 (Vulnerability in the Oracle Banking Trade Finance product of Oracle Fi ...)
+ TODO: check
+CVE-2022-21473 (Vulnerability in the Oracle Banking Treasury Management product of Ora ...)
+ TODO: check
+CVE-2022-21472 (Vulnerability in the Oracle FLEXCUBE Universal Banking product of Orac ...)
+ TODO: check
+CVE-2022-21471 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2022-21470 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2022-21469 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2022-21468 (Vulnerability in the Oracle Applications Framework product of Oracle E ...)
+ TODO: check
+CVE-2022-21467 (Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain ( ...)
+ TODO: check
+CVE-2022-21466 (Vulnerability in the Oracle Commerce Guided Search product of Oracle C ...)
+ TODO: check
+CVE-2022-21465 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2022-21464 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
+ TODO: check
+CVE-2022-21463 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2022-21462 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21461 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2022-21460 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21459 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21458 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2022-21457 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21456 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
CVE-2022-21455
RESERVED
-CVE-2022-21454
- RESERVED
-CVE-2022-21453
- RESERVED
-CVE-2022-21452
- RESERVED
-CVE-2022-21451
- RESERVED
-CVE-2022-21450
- RESERVED
-CVE-2022-21449
- RESERVED
-CVE-2022-21448
- RESERVED
-CVE-2022-21447
- RESERVED
-CVE-2022-21446
- RESERVED
-CVE-2022-21445
- RESERVED
-CVE-2022-21444
- RESERVED
-CVE-2022-21443
- RESERVED
-CVE-2022-21442
- RESERVED
-CVE-2022-21441
- RESERVED
-CVE-2022-21440
- RESERVED
+CVE-2022-21454 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21453 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2022-21452 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21451 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21450 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub produc ...)
+ TODO: check
+CVE-2022-21449 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
+ TODO: check
+CVE-2022-21448 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+ TODO: check
+CVE-2022-21447 (Vulnerability in the PeopleSoft Enterprise CS Academic Advisement prod ...)
+ TODO: check
+CVE-2022-21446 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2022-21445 (Vulnerability in the Oracle JDeveloper product of Oracle Fusion Middle ...)
+ TODO: check
+CVE-2022-21444 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21443 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
+ TODO: check
+CVE-2022-21442 (Vulnerability in Oracle GoldenGate (component: OGG Core Library). The ...)
+ TODO: check
+CVE-2022-21441 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2022-21440 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
CVE-2022-21439
RESERVED
-CVE-2022-21438
- RESERVED
-CVE-2022-21437
- RESERVED
-CVE-2022-21436
- RESERVED
-CVE-2022-21435
- RESERVED
-CVE-2022-21434
- RESERVED
+CVE-2022-21438 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21437 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21436 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21435 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21434 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
+ TODO: check
CVE-2022-21433
RESERVED
CVE-2022-21432
RESERVED
-CVE-2022-21431
- RESERVED
-CVE-2022-21430
- RESERVED
+CVE-2022-21431 (Vulnerability in the Oracle Communications Billing and Revenue Managem ...)
+ TODO: check
+CVE-2022-21430 (Vulnerability in the Oracle Communications Billing and Revenue Managem ...)
+ TODO: check
CVE-2022-21429
RESERVED
CVE-2022-21428
RESERVED
-CVE-2022-21427
- RESERVED
-CVE-2022-21426
- RESERVED
-CVE-2022-21425
- RESERVED
-CVE-2022-21424
- RESERVED
-CVE-2022-21423
- RESERVED
-CVE-2022-21422
- RESERVED
-CVE-2022-21421
- RESERVED
-CVE-2022-21420
- RESERVED
-CVE-2022-21419
- RESERVED
-CVE-2022-21418
- RESERVED
-CVE-2022-21417
- RESERVED
-CVE-2022-21416
- RESERVED
-CVE-2022-21415
- RESERVED
-CVE-2022-21414
- RESERVED
-CVE-2022-21413
- RESERVED
-CVE-2022-21412
- RESERVED
-CVE-2022-21411
- RESERVED
-CVE-2022-21410
- RESERVED
-CVE-2022-21409
- RESERVED
+CVE-2022-21427 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21426 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
+ TODO: check
+CVE-2022-21425 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21424 (Vulnerability in the Oracle Communications Billing and Revenue Managem ...)
+ TODO: check
+CVE-2022-21423 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21422 (Vulnerability in the Oracle Communications Billing and Revenue Managem ...)
+ TODO: check
+CVE-2022-21421 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+ TODO: check
+CVE-2022-21420 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...)
+ TODO: check
+CVE-2022-21419 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+ TODO: check
+CVE-2022-21418 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21417 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21416 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2022-21415 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21414 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21413 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21412 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21411 (Vulnerability in the RDBMS Gateway / Generic ODBC Connectivity compone ...)
+ TODO: check
+CVE-2022-21410 (Vulnerability in the Oracle Database - Enterprise Edition Sharding com ...)
+ TODO: check
+CVE-2022-21409 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
+ TODO: check
CVE-2022-21408
RESERVED
CVE-2022-21407
RESERVED
CVE-2022-21406
RESERVED
-CVE-2022-21405
- RESERVED
-CVE-2022-21404
- RESERVED
+CVE-2022-21405 (Vulnerability in the OSS Support Tools product of Oracle Support Tools ...)
+ TODO: check
+CVE-2022-21404 (Vulnerability in the Helidon product of Oracle Fusion Middleware (comp ...)
+ TODO: check
CVE-2022-21403 (Vulnerability in the Oracle Communications Operations Monitor product ...)
NOT-FOR-US: Oracle
CVE-2022-21402 (Vulnerability in the Oracle Communications Operations Monitor product ...)
@@ -36989,7 +37011,8 @@ CVE-2021-42188
RESERVED
CVE-2021-42187
RESERVED
-CVE-2021-42186 (SAS Logon Manager v9.4 was discovered to contain a vulnerability in th ...)
+CVE-2021-42186
+ REJECTED
NOT-FOR-US: SAS Logon Manager
CVE-2021-42185
RESERVED
@@ -42052,7 +42075,7 @@ CVE-2021-40169
RESERVED
CVE-2021-40168
RESERVED
-CVE-2021-40167 (A Memory Corruption Vulnerability may lead to remote code execution th ...)
+CVE-2021-40167 (A malicious crafted dwf file when consumed through DesignReview.exe ap ...)
NOT-FOR-US: Autodesk
CVE-2021-40166
RESERVED
@@ -76096,12 +76119,12 @@ CVE-2021-26629
RESERVED
CVE-2021-26628
RESERVED
-CVE-2021-26627
- RESERVED
-CVE-2021-26626
- RESERVED
-CVE-2021-26625
- RESERVED
+CVE-2021-26627 (Real-time image information exposure is caused by insufficient authent ...)
+ TODO: check
+CVE-2021-26626 (Improper input validation vulnerability in XPLATFORM's execBrowser met ...)
+ TODO: check
+CVE-2021-26625 (Insufficient Verification of input Data leading to arbitrary file down ...)
+ TODO: check
CVE-2021-26624 (An local privilege escalation vulnerability due to a "runasroot" comma ...)
NOT-FOR-US: eScan Antivirus
CVE-2021-26623 (A remote code execution vulnerability due to incomplete check for 'xhe ...)
@@ -84289,8 +84312,8 @@ CVE-2021-23285 (Eaton Intelligent Power Manager Infrastructure (IPM Infrastructu
TODO: check
CVE-2021-23284 (Eaton Intelligent Power Manager Infrastructure (IPM Infrastructure) ve ...)
TODO: check
-CVE-2021-23283
- RESERVED
+CVE-2021-23283 (Eaton Intelligent Power Protector (IPP) prior to version 1.69 is vulne ...)
+ TODO: check
CVE-2021-23282
RESERVED
CVE-2021-23281 (Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to u ...)
@@ -84415,10 +84438,10 @@ CVE-2021-3103
RESERVED
CVE-2021-3102
RESERVED
-CVE-2021-3101
- RESERVED
-CVE-2021-3100
- RESERVED
+CVE-2021-3101 (Hotdog, prior to v1.0.1, did not mimic the capabilities or the SELinux ...)
+ TODO: check
+CVE-2021-3100 (The Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch ...)
+ TODO: check
CVE-2021-3099
RESERVED
CVE-2021-3098
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aec67abd33c37c814e2e41dd07fb9adcc4c936c2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aec67abd33c37c814e2e41dd07fb9adcc4c936c2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220420/9276b1ba/attachment.htm>
More information about the debian-security-tracker-commits
mailing list