[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Aug 25 09:10:24 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
80fe4f5c by security tracker role at 2022-08-25T08:10:14+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,43 @@
+CVE-2022-38744
+	RESERVED
+CVE-2022-38743
+	RESERVED
+CVE-2022-38742
+	RESERVED
+CVE-2022-38741
+	RESERVED
+CVE-2022-38740
+	RESERVED
+CVE-2022-38739
+	RESERVED
+CVE-2022-38738
+	RESERVED
+CVE-2022-38737
+	RESERVED
+CVE-2022-38736
+	RESERVED
+CVE-2022-38735
+	RESERVED
+CVE-2022-38734
+	RESERVED
+CVE-2022-38733
+	RESERVED
+CVE-2022-38732
+	RESERVED
+CVE-2022-38731
+	RESERVED
+CVE-2022-2985
+	RESERVED
+CVE-2022-2984
+	RESERVED
+CVE-2022-2983
+	RESERVED
+CVE-2022-2982
+	RESERVED
+CVE-2022-2981
+	RESERVED
+CVE-2022-2980
+	RESERVED
 CVE-2022-2979
 	RESERVED
 CVE-2022-2978 (A flaw use after free in the Linux kernel NILFS file system was found  ...)
@@ -5162,8 +5202,8 @@ CVE-2022-36806
 	RESERVED
 CVE-2022-36805
 	RESERVED
-CVE-2022-36804
-	RESERVED
+CVE-2022-36804 (Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7 ...)
+	TODO: check
 CVE-2022-36803
 	RESERVED
 CVE-2022-36802
@@ -9712,8 +9752,8 @@ CVE-2022-34962 (OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was disc
 	NOT-FOR-US: OpenTeknik
 CVE-2022-34961 (OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered ...)
 	NOT-FOR-US: OpenTeknik
-CVE-2022-34960
-	RESERVED
+CVE-2022-34960 (The container package in MikroTik RouterOS 7.4beta4 allows an attacker ...)
+	TODO: check
 CVE-2022-34959
 	RESERVED
 CVE-2022-34958
@@ -15149,10 +15189,10 @@ CVE-2022-32896
 	RESERVED
 CVE-2022-32895
 	RESERVED
-CVE-2022-32894
-	RESERVED
-CVE-2022-32893
-	RESERVED
+CVE-2022-32894 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+	TODO: check
+CVE-2022-32893 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+	TODO: check
 CVE-2022-32892
 	RESERVED
 CVE-2022-32891
@@ -15223,8 +15263,8 @@ CVE-2022-32859
 	RESERVED
 CVE-2022-32858
 	RESERVED
-CVE-2022-32857
-	RESERVED
+CVE-2022-32857 (This issue was addressed by using HTTPS when sending information over  ...)
+	TODO: check
 CVE-2022-32856
 	RESERVED
 CVE-2022-32855
@@ -15257,20 +15297,20 @@ CVE-2022-32842
 	RESERVED
 CVE-2022-32841
 	RESERVED
-CVE-2022-32840
-	RESERVED
-CVE-2022-32839
-	RESERVED
-CVE-2022-32838
-	RESERVED
-CVE-2022-32837
-	RESERVED
+CVE-2022-32840 (This issue was addressed with improved checks. This issue is fixed in  ...)
+	TODO: check
+CVE-2022-32839 (The issue was addressed with improved bounds checks. This issue is fix ...)
+	TODO: check
+CVE-2022-32838 (A logic issue was addressed with improved state management. This issue ...)
+	TODO: check
+CVE-2022-32837 (This issue was addressed with improved checks. This issue is fixed in  ...)
+	TODO: check
 CVE-2022-32836
 	RESERVED
 CVE-2022-32835
 	RESERVED
-CVE-2022-32834
-	RESERVED
+CVE-2022-32834 (An access issue was addressed with improvements to the sandbox. This i ...)
+	TODO: check
 CVE-2022-32833
 	RESERVED
 CVE-2022-32832
@@ -15315,14 +15355,14 @@ CVE-2022-32815
 	RESERVED
 CVE-2022-32814
 	RESERVED
-CVE-2022-32813
-	RESERVED
-CVE-2022-32812
-	RESERVED
-CVE-2022-32811
-	RESERVED
-CVE-2022-32810
-	RESERVED
+CVE-2022-32813 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
+CVE-2022-32812 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
+CVE-2022-32811 (A memory corruption vulnerability was addressed with improved locking. ...)
+	TODO: check
+CVE-2022-32810 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
 CVE-2022-32809
 	RESERVED
 CVE-2022-32808
@@ -15355,8 +15395,8 @@ CVE-2022-32795
 	RESERVED
 CVE-2022-32794
 	RESERVED
-CVE-2022-32793
-	RESERVED
+CVE-2022-32793 (Multiple out-of-bounds write issues were addressed with improved bound ...)
+	TODO: check
 CVE-2022-32792 [An out-of-bounds write issue was addressed with improved input validation]
 	RESERVED
 	{DSA-5211-1 DSA-5210-1 DLA-3073-1}
@@ -16316,8 +16356,8 @@ CVE-2022-32429 (An authentication-bypass issue in the component http://MYDEVICEI
 	NOT-FOR-US: Mega System Technologies Inc MSNSwitch
 CVE-2022-32428
 	RESERVED
-CVE-2022-32427
-	RESERVED
+CVE-2022-32427 (PrinterLogic Windows Client through 25.0.0.676 allows attackers to exe ...)
+	TODO: check
 CVE-2022-32426
 	RESERVED
 CVE-2022-32425 (The login function of Mealie v1.0.0beta-2 allows attackers to enumerat ...)
@@ -18540,7 +18580,7 @@ CVE-2022-31678
 CVE-2022-31677
 	RESERVED
 CVE-2022-31676 (VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege es ...)
-	{DSA-5215-1}
+	{DSA-5215-1 DLA-3081-1}
 	- open-vm-tools 2:12.1.0-1 (bug #1018012)
 	NOTE: Fixed by: https://github.com/vmware/open-vm-tools/commit/70a74758bfe0042c27f15ce590fb21a2bc54d745 (stable-12.1.0)
 	NOTE: https://github.com/vmware/open-vm-tools/blob/CVE-2022-31676.patch/1205-Properly-check-authorization-on-incoming-guestOps-re.patch
@@ -97542,7 +97582,7 @@ CVE-2021-28863
 	RESERVED
 CVE-2021-28862
 	RESERVED
-CVE-2021-28861 (Python 3.x through 3.10 has an open redirection vulnerability in lib/h ...)
+CVE-2021-28861 (** DISPUTED ** Python 3.x through 3.10 has an open redirection vulnera ...)
 	TODO: check
 CVE-2021-28860 (In Node.js mixme, prior to v0.5.1, an attacker can add or alter proper ...)
 	NOT-FOR-US: Node mixme
@@ -272362,10 +272402,10 @@ CVE-2018-14521 (An issue was discovered in aubio 0.4.6. A SEGV signal can occur
 	[stretch] - aubio <no-dsa> (Minor issue)
 	[jessie] - aubio <no-dsa> (Minor issue)
 	NOTE: https://github.com/aubio/aubio/issues/187
-CVE-2018-14520
-	RESERVED
-CVE-2018-14519
-	RESERVED
+CVE-2018-14520 (An issue was discovered in Kirby 2.5.12. The application allows malici ...)
+	TODO: check
+CVE-2018-14519 (An issue was discovered in Kirby 2.5.12. The delete page functionality ...)
+	TODO: check
 CVE-2018-14518
 	RESERVED
 CVE-2018-14517 (SeaCMS 6.61 has two XSS issues in the admin_config.php file via certai ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80fe4f5cce84faa5a9f78aa22cd77bac3e35b9de

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80fe4f5cce84faa5a9f78aa22cd77bac3e35b9de
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220825/881f2008/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list