[Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Aug 13 13:15:34 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
23ee41d0 by Salvatore Bonaccorso at 2022-08-13T14:14:55+02:00
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2016,7 +2016,7 @@ CVE-2022-2648 (A vulnerability was found in SourceCodester Multi Language Hotel
CVE-2022-2647 (A vulnerability was found in jeecg-boot. It has been declared as criti ...)
NOT-FOR-US: Jeecg-boot
CVE-2022-37397 (An issue was discovered in the YugabyteDB 2.6.1 when using LDAP-based ...)
- TODO: check
+ NOT-FOR-US: YugabyteDB
CVE-2022-37345
RESERVED
CVE-2022-37334
@@ -5610,7 +5610,7 @@ CVE-2022-35955
CVE-2022-35954
RESERVED
CVE-2022-35953 (BookWyrm is a social network for tracking your reading, talking about ...)
- TODO: check
+ NOT-FOR-US: BookWyrm
CVE-2022-35952
RESERVED
CVE-2022-35951
@@ -59023,9 +59023,9 @@ CVE-2021-42753 (An improper limitation of a pathname to a restricted directory (
CVE-2021-42752 (A improper neutralization of input during web page generation ('cross- ...)
NOT-FOR-US: FortiGuard
CVE-2021-42751 (A cross-site scripting (XSS) vulnerability in Rule Engine in ThingsBoa ...)
- TODO: check
+ NOT-FOR-US: ThingsBoard
CVE-2021-42750 (A cross-site scripting (XSS) vulnerability in Rule Engine in ThingsBoa ...)
- TODO: check
+ NOT-FOR-US: ThingsBoard
CVE-2021-42749 (In Beaver Themer, attackers can bypass conditional logic controls (for ...)
NOT-FOR-US: Beaver
CVE-2021-42748 (In Beaver Builder through 2.5.0.3, attackers can bypass the visibility ...)
@@ -60053,23 +60053,23 @@ CVE-2022-20410
CVE-2022-20409
RESERVED
CVE-2022-20408 (Product: AndroidVersions: Android kernelAndroid ID: A-204782372Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20407 (Product: AndroidVersions: Android kernelAndroid ID: A-210916981Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20406 (Product: AndroidVersions: Android kernelAndroid ID: A-184676385Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20405 (Product: AndroidVersions: Android kernelAndroid ID: A-216363416Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20404 (Product: AndroidVersions: Android kernelAndroid ID: A-205714161Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20403 (Product: AndroidVersions: Android kernelAndroid ID: A-207975764Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20402 (Product: AndroidVersions: Android kernelAndroid ID: A-218701042Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20401 (In SAEMM_RetrievEPLMNList of SAEMM_ContextManagement.c, there is a pos ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20400 (In cd_CodeMsg of cd_codec.c, there is a possible out of bounds write d ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20399
RESERVED
CVE-2022-20398
@@ -60101,35 +60101,35 @@ CVE-2022-20386
CVE-2022-20385
RESERVED
CVE-2022-20384 (Product: AndroidVersions: Android kernelAndroid ID: A-211727306Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20383 (In AllocateInternalBuffers of g3aa_buffer_allocator.cc, there is a pos ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20382 (In (TBD) of (TBD), there is a possible out of bounds write due to kern ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20381 (Product: AndroidVersions: Android kernelAndroid ID: A-188935887Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20380 (Product: AndroidVersions: Android kernelAndroid ID: A-212625740Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20379 (In lwis_buffer_alloc of lwis_buffer.c, there is a possible arbitrary c ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20378 (Product: AndroidVersions: Android kernelAndroid ID: A-234657153Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20377 (In TBD of keymaster_ipc.cpp, there is a possible to force gatekeeper, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20376 (In trusty_log_seq_start of trusty-log.c, there is a possible use after ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20375 (In LteRrcNrProAsnDecode of LteRrcNr_Codec.c, there is a possible out o ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20374 (On specific devices, there is a possible bypass of configuration integ ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20373 (In st21nfc_loc_set_polaritymode of fc/st21nfc.c, there is a possible u ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20372 (In exynos5_i2c_irq of (TBD), there is a possible out of bounds write d ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20371 (In dm_bow_dtr and related functions of dm-bow.c, there is a possible u ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20370 (Product: AndroidVersions: Android kernelAndroid ID: A-215730643Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20369 (In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bou ...)
- linux 5.17.3-1
[bullseye] - linux 5.10.113-1
@@ -60140,17 +60140,17 @@ CVE-2022-20368 (Product: AndroidVersions: Android kernelAndroid ID: A-224546354R
[buster] - linux 4.19.249-1
NOTE: https://git.kernel.org/linus/c700525fcc06b05adfea78039de02628af79e07a (5.17)
CVE-2022-20367 (In construct_transaction of lwis_ioctl.c, there is a possible out of b ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20366 (In ioctl_dpm_clk_update of lwis_ioctl.c, there is a possible out of bo ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20365 (Product: AndroidVersions: Android kernelAndroid ID: A-229632566Referen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20364
RESERVED
CVE-2022-20363
RESERVED
CVE-2022-20362 (In Bluetooth, there is a possible out of bounds write due to an intege ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20361 (In btif_dm_auth_cmpl_evt of btif_dm.cc, there is a possible vulnerabil ...)
NOT-FOR-US: Android
CVE-2022-20360 (In setChecked of SecureNfcPreferenceController.java, there is a missin ...)
@@ -60190,209 +60190,209 @@ CVE-2022-20344 (In stealReceiveChannel of EventThread.cpp, there is a possible w
CVE-2022-20343
RESERVED
CVE-2022-20342 (In WiFi, there is a possible disclosure of WiFi password to the end us ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20341 (In ConnectivityService, there is a possible bypass of network permissi ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20340 (In SELinux policy, there is a possible way of inferring which websites ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20339 (In Android, there is a possible access of network neighbor table infor ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20338 (In Core Utilities, there is a possible way to craft a malformed Uri ob ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20337
RESERVED
CVE-2022-20336 (In Settings, there is a possible installed application disclosure due ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20335 (In Wifi Slice, there is a possible way to adjust Wi-Fi settings even w ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20334 (In Bluetooth, there are possible process crashes due to dereferencing ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20333 (In Bluetooth, there is a possible crash due to a missing null check. T ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20332 (In PackageManager, there is a possible way to determine whether an app ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20331 (In the Framework, there is a possible way to enable a work profile wit ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20330 (In Bluetooth, there is a possible way to connect or disconnect bluetoo ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20329 (In Wifi, there is a possible way to enable Wifi without permissions du ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20328 (In PackageManager, there is a possible way to determine whether an app ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20327 (In Wi-Fi, there is a possible way to retrieve the WiFi SSID without lo ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20326 (In Telephony, there is a possible disclosure of SIM identifiers due to ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20325 (In Media, there is a possible code execution due to a use after free. ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20324 (In Framework, there is a possible way to determine whether an app is i ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20323 (In PackageManager, there is a possible package installation disclosure ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20322 (In PackageManager, there is a possible installed package disclosure du ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20321 (In Settings, there is a possible way for an application without permis ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20320 (In ActivityManager, there is a possible way to determine whether an ap ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20319 (In DreamServices, there is a possible way to launch arbitrary protecte ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20318 (In PackageInstaller, there is a possible way to determine whether an a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20317 (In SystemUI, there is a possible way to unexpectedly enable the extern ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20316 (In ContentResolver, there is a possible way to determine whether an ap ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20315 (In ActivityManager, there is a possible disclosure of installed packag ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20314 (In KeyChain, there is a possible spoof keychain chooser activity reque ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20313 (In Bluetooth, there is a possible out of bounds write due to a missing ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20312 (In WifiP2pManager, there is a possible toobtain WiFi P2P MAC address w ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20311 (In Telecomm, there is a possible disclosure of registered self managed ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20310 (In Telecomm, there is a possible disclosure of registered self managed ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20309 (In PackageInstaller, there is a possible way to determine whether an a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20308 (In hostapd, there is a possible insecure configuration due to an insec ...)
- TODO: check
+ NOT-FOR-US: Android (treating this android specific even hostapd mentioned, insecure configuration on Android)
CVE-2022-20307 (In AlarmManagerService, there is a possible way to determine whether a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20306 (In Camera Provider HAL, there is a possible memory corruption due to a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20305 (In ContentService, there is a possible disclosure of available account ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20304 (In Content, there is a possible way to determinate the user's account ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20303 (In ContentService, there is a possible way to determine if an account ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20302 (In Settings, there is a possible way to bypass factory reset protectio ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20301 (In Content, there is a possible way to check if an account exists on t ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20300 (In Content, there is a possible way to check if the given account exis ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20299 (In ContentService, there is a possible way to check if the given accou ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20298 (In ContentService, there is a possible way to check if an account exis ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20297 (In Settings, there is a possible way to bypass factory reset protectio ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20296 (In ContentService, there is a possible way to check if an account exis ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20295 (In ContentService, there is a possible way to check if an account exis ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20294 (In Content, there is a possible way to learn about an account present ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20293 (In LauncherApps, there is a possible way to determine whether an app i ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20292 (In Settings, there is a possible way to bypass factory reset protectio ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20291 (In AppOpsService, there is a possible way to determine whether an app ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20290 (In Midi, there is a possible way to learn about private midi devices d ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20289 (In PackageInstaller, there is a possible way to determine whether an a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20288 (In AppSearchManagerService, there is a possible way to determine wheth ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20287 (In AppSearchManagerService, there is a possible way to determine wheth ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20286 (In Connectivity, there is a possible bypass the restriction of startin ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20285 (In PackageManager, there is a possible way to determine whether an app ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20284 (In Telephony, there is a possible information disclosure due to a miss ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20283 (In Bluetooth, there is a possible out of bounds write due to an intege ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20282 (In AppWidget, there is a possible way to start an activity from the ba ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20281 (In Core, there is a possible way to start an activity from the backgro ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20280 (In MMSProvider, there is a possible read of protected data due to impr ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20279 (In DevicePolicyManager, there is a possible way to determine whether a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20278 (In Accounts, there is a possible way to write sensitive information to ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20277 (In DevicePolicyManager, there is a possible way to determine whether a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20276 (In DevicePolicyManager, there is a possible way to determine whether a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20275 (In DevicePolicyManager, there is a possible way to determine whether a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20274 (In Keyguard, there is a missing permission check. This could lead to l ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20273 (In Bluetooth, there is a possible out of bounds read due to a heap buf ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20272 (In PermissionController, there is a possible misunderstanding about th ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20271 (In PermissionController, there is a possible way to grant some permiss ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20270 (In Content, there is a possible way to learn gmail account name on the ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20269 (In Bluetooth, there is a possible out of bounds write due to an incorr ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20268 (In RestrictionsManager, there is a possible way to send a broadcast th ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20267 (In bluetooth, there is a possible way to enable or disable bluetooth c ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20266 (In Companion, there is a possible way to keep a service running with e ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20265 (In Settings, there is a possible way to bypass factory reset permissio ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20264
RESERVED
CVE-2022-20263 (In ActivityManager, there is a way to read process state for other use ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20262 (In ActivityManager, there is a possible way to check another process's ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20261 (In LocationManager, there is a possible way to get location informatio ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20260 (In the Phone app, there is a possible crash loop due to resource exhau ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20259 (In Telephony, there is a possible leak of ICCID and EID due to a missi ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20258 (In Bluetooth, there is a possible way to bypass compiler exploit mitig ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20257 (In Bluetooth, there is a possible way to pair a display only device wi ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20256 (In the Audio HAL, there is a possible out of bounds write due to a rac ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20255 (In SettingsProvider, there is a possible way to read or change the def ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20254 (In Wi-Fi, there is a permissions bypass. This could lead to local esca ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20253 (In Bluetooth, there is a possible cleanup failure due to an uncaught e ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20252 (In PackageManager, there is a possible way to determine whether an app ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20251 (In LocaleManager, there is a possible way to determine whether an app ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20250 (In Messaging, there is a possible way to attach files to a message wit ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20249 (In LocaleManager, there is a possible way to determine whether an app ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20248 (In Settings, there is a possible way to connect to an open network byp ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20247 (In Media, there is a possible out of bounds read due to a heap buffer ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20246 (In WindowManager, there is a possible bypass of the restrictions for s ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20245 (In WindowManager, there is a possible method to create a recording of ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20244 (In Bluetooth, there is a possible out of bounds write due to a missing ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20243 (In Core Utilities, there is a possible log information disclosure. Thi ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20242 (In Telephony, there is a possible way to determine whether an app is i ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20241 (In Messaging, there is a possible way to attach a private file to an S ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20240
RESERVED
CVE-2022-20239 ('remap_pfn_range' here may map out of size kernel memory (for example, ...)
@@ -60400,7 +60400,7 @@ CVE-2022-20239 ('remap_pfn_range' here may map out of size kernel memory (for ex
CVE-2022-20238 ('remap_pfn_range' here may map out of size kernel memory (for example, ...)
NOT-FOR-US: Unisoc
CVE-2022-20237 (In BuildDevIDResponse of miscdatabuilder.cpp, there is a possible out ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20236 (A drm driver have oob problem, could cause the system crash or EOPProd ...)
NOT-FOR-US: Unisoc
CVE-2022-20235
@@ -60515,7 +60515,7 @@ CVE-2022-20182 (In handle_ramdump of pixel_loader.c, there is a possible way to
CVE-2022-20181 (Product: AndroidVersions: Android kernelAndroid ID: A-210936609Referen ...)
NOT-FOR-US: Google Pixel
CVE-2022-20180 (In several functions of mali_gralloc_reference.cpp, there is a possibl ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2022-20179 (Product: AndroidVersions: Android kernelAndroid ID: A-211683760Referen ...)
NOT-FOR-US: Google Pixel
CVE-2022-20178 (In ioctl_dpm_qos_update and ioctl_event_control_set of (TBD), there is ...)
@@ -95128,9 +95128,9 @@ CVE-2021-29120
CVE-2021-29119
RESERVED
CVE-2021-29118 (An out-of-bounds read vulnerability exists when parsing a specially cr ...)
- TODO: check
+ NOT-FOR-US: Esri ArcReader
CVE-2021-29117 (A use-after-free vulnerability when parsing a specially crafted file i ...)
- TODO: check
+ NOT-FOR-US: Esri ArcReader
CVE-2021-29116 (A stored Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Serve ...)
NOT-FOR-US: Esri ArcGIS Server
CVE-2021-29115 (An information disclosure vulnerability in the ArcGIS Service Director ...)
@@ -95140,7 +95140,7 @@ CVE-2021-29114 (A SQL injection vulnerability in feature services provided by Es
CVE-2021-29113 (A remote file inclusion vulnerability in the ArcGIS Server help docume ...)
NOT-FOR-US: ArcGIS Server
CVE-2021-29112 (An out-of-bounds read vulnerability exists when parsing a specially cr ...)
- TODO: check
+ NOT-FOR-US: Esri ArcReader
CVE-2021-29111
RESERVED
CVE-2021-29110 (Stored cross-site scripting (XSS) issue in Esri Portal for ArcGIS may ...)
@@ -111721,7 +111721,7 @@ CVE-2021-22291
CVE-2021-22290
RESERVED
CVE-2021-22289 (Improper Input Validation vulnerability in the project upload mechanis ...)
- TODO: check
+ NOT-FOR-US: B&R Automation Studio
CVE-2021-22288 (Improper Input Validation vulnerability in the ABB SPIET800 and PNI800 ...)
NOT-FOR-US: ABB
CVE-2021-22287
@@ -126718,7 +126718,7 @@ CVE-2021-0977 (In phNxpNHal_DtaUpdate of phNxpNciHal_dta.cc, there is a possible
CVE-2021-0976 (In toBARK of floor0.c, there is a possible out of bounds read due to a ...)
NOT-FOR-US: Android
CVE-2021-0975 (In USB Manager, there is a possible way to determine whether an app is ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-0974
RESERVED
CVE-2021-0973 (In isFileUri of UriUtil.java, there is a possible way to bypass ignori ...)
@@ -127228,9 +127228,9 @@ CVE-2021-0737
CVE-2021-0736
RESERVED
CVE-2021-0735 (In PackageManager, there is a possible way to get information about in ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-0734 (In Settings, there is a possible way to determine whether an app is in ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-0733
RESERVED
CVE-2021-0732
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23ee41d00621d256720fb46ecd816281688a54c8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23ee41d00621d256720fb46ecd816281688a54c8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220813/66a06a09/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list