[Git][security-tracker-team/security-tracker][master] automatic update

Fri Apr 29 09:10:31 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d9c7da95 by security tracker role at 2022-04-29T08:10:22+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2022-29908
+	RESERVED
+CVE-2022-29907 (The Nimbus skin for MediaWiki through 1.37.2 (before 6f9c8fb868345701d ...)
+	TODO: check
+CVE-2022-29906 (The admin API module in the QuizGame extension for MediaWiki through 1 ...)
+	TODO: check
+CVE-2022-29905 (The FanBoxes extension for MediaWiki through 1.37.2 (before 027ffb0b9d ...)
+	TODO: check
+CVE-2022-29904 (The SemanticDrilldown extension for MediaWiki through 1.37.2 (before e ...)
+	TODO: check
+CVE-2022-29903 (The Private Domains extension for MediaWiki through 1.37.2 (before 1ad ...)
+	TODO: check
+CVE-2022-29902
+	RESERVED
+CVE-2022-1526
+	RESERVED
 CVE-2022-29901
 	RESERVED
 CVE-2022-29900
@@ -1077,10 +1093,10 @@ CVE-2022-29558
 	RESERVED
 CVE-2022-29557
 	RESERVED
-CVE-2022-29556
-	RESERVED
-CVE-2022-29555
-	RESERVED
+CVE-2022-29556 (The iot-manager microservice 1.0.0 in Northern.tech Mender Enterprise  ...)
+	TODO: check
+CVE-2022-29555 (The Deviceconnect microservice through 1.3.0 in Northern.tech Mender E ...)
+	TODO: check
 CVE-2022-29554
 	RESERVED
 CVE-2022-29553
@@ -2307,8 +2323,8 @@ CVE-2022-1321
 	RESERVED
 CVE-2022-1320
 	RESERVED
-CVE-2022-29081
-	RESERVED
+CVE-2022-29081 (Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pr ...)
+	TODO: check
 CVE-2022-29080 (The npm-dependency-versions package through 0.3.0 for Node.js allows c ...)
 	NOT-FOR-US: Node npm-dependency-versions
 CVE-2022-29079
@@ -3872,8 +3888,8 @@ CVE-2022-28479
 	RESERVED
 CVE-2022-28478
 	RESERVED
-CVE-2022-28477
-	RESERVED
+CVE-2022-28477 (WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS). ...)
+	TODO: check
 CVE-2022-28476
 	RESERVED
 CVE-2022-28475
@@ -3918,8 +3934,8 @@ CVE-2022-28456
 	RESERVED
 CVE-2022-28455
 	RESERVED
-CVE-2022-28454
-	RESERVED
+CVE-2022-28454 (Limbas 4.3.36.1319 is vulnerable to Cross Site Scripting (XSS). ...)
+	TODO: check
 CVE-2022-28453
 	RESERVED
 CVE-2022-28452
@@ -5267,8 +5283,8 @@ CVE-2022-28062 (Car Rental System v1.0 contains an arbitrary file upload vulnera
 	NOT-FOR-US: Car Rental System
 CVE-2022-28061
 	RESERVED
-CVE-2022-28060
-	RESERVED
+CVE-2022-28060 (SQL Injection vulnerability in Victor CMS v1.0, via the user_name para ...)
+	TODO: check
 CVE-2022-28059 (Verydows v2.0 was discovered to contain an arbitrary file deletion vul ...)
 	NOT-FOR-US: Verydows
 CVE-2022-28058 (Verydows v2.0 was discovered to contain an arbitrary file deletion vul ...)
@@ -13939,8 +13955,8 @@ CVE-2022-24900
 	RESERVED
 CVE-2022-24899
 	RESERVED
-CVE-2022-24898
-	RESERVED
+CVE-2022-24898 (org.xwiki.commons:xwiki-commons-xml is a common module used by other X ...)
+	TODO: check
 CVE-2022-24897
 	RESERVED
 CVE-2022-24896
@@ -15253,8 +15269,8 @@ CVE-2022-24451 (VP9 Video Extensions Remote Code Execution Vulnerability. This C
 	NOT-FOR-US: Microsoft
 CVE-2022-24450 (NATS nats-server before 2.7.2 has Incorrect Access Control. Any authen ...)
 	NOT-FOR-US: nats-server
-CVE-2022-24449
-	RESERVED
+CVE-2022-24449 (Solar appScreener through 3.10.4, when a valid license is not present, ...)
+	TODO: check
 CVE-2022-24448 (An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.1 ...)
 	{DSA-5096-1 DSA-5092-1 DLA-2941-1 DLA-2940-1}
 	- linux 5.16.7-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9c7da9579023239a99c9756baeb4bff6cc471a7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9c7da9579023239a99c9756baeb4bff6cc471a7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220429/e92d5896/attachment.htm>
