[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Dec 3 20:10:36 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ed73055e by security tracker role at 2022-12-03T20:10:26+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,21 @@
+CVE-2022-4280 (A vulnerability, which was classified as problematic, has been found i ...)
+ TODO: check
+CVE-2022-4279 (A vulnerability classified as problematic has been found in SourceCode ...)
+ TODO: check
+CVE-2022-4278 (A vulnerability was found in SourceCodester Book Store Management Syst ...)
+ TODO: check
+CVE-2022-4277 (A vulnerability was found in Shaoxing Background Management System. It ...)
+ TODO: check
+CVE-2022-4276 (A vulnerability was found in House Rental System and classified as cri ...)
+ TODO: check
+CVE-2022-4275 (A vulnerability has been found in House Rental System and classified a ...)
+ TODO: check
+CVE-2022-4274 (A vulnerability, which was classified as critical, was found in House ...)
+ TODO: check
+CVE-2022-4273 (A vulnerability, which was classified as critical, has been found in S ...)
+ TODO: check
+CVE-2022-4272 (A vulnerability, which was classified as critical, has been found in F ...)
+ TODO: check
CVE-2022-45124
RESERVED
CVE-2022-45115
@@ -590,51 +608,67 @@ CVE-2022-4197
CVE-2022-4196
RESERVED
CVE-2022-4195 (Insufficient policy enforcement in Safe Browsing in Google Chrome prio ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-4194 (Use after free in Accessibility in Google Chrome prior to 108.0.5359.7 ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-4193 (Insufficient policy enforcement in File System API in Google Chrome pr ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-4192 (Use after free in Live Caption in Google Chrome prior to 108.0.5359.71 ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-4191 (Use after free in Sign-In in Google Chrome prior to 108.0.5359.71 allo ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-4190 (Insufficient data validation in Directory in Google Chrome prior to 10 ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-4189 (Insufficient policy enforcement in DevTools in Google Chrome prior to ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-4188 (Insufficient validation of untrusted input in CORS in Google Chrome on ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-4187 (Insufficient policy enforcement in DevTools in Google Chrome on Window ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-4186 (Insufficient validation of untrusted input in Downloads in Google Chro ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-4185 (Inappropriate implementation in Navigation in Google Chrome on iOS pri ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-4184 (Insufficient policy enforcement in Autofill in Google Chrome prior to ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-4183 (Insufficient policy enforcement in Popup Blocker in Google Chrome prio ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-4182 (Inappropriate implementation in Fenced Frames in Google Chrome prior t ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-4181 (Use after free in Forms in Google Chrome prior to 108.0.5359.71 allowe ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-4180 (Use after free in Mojo in Google Chrome prior to 108.0.5359.71 allowed ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-41795
@@ -642,21 +676,27 @@ CVE-2022-41795
CVE-2022-41793
RESERVED
CVE-2022-4179 (Use after free in Audio in Google Chrome prior to 108.0.5359.71 allowe ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-4178 (Use after free in Mojo in Google Chrome prior to 108.0.5359.71 allowed ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-4177 (Use after free in Extensions in Google Chrome prior to 108.0.5359.71 a ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-4176 (Out of bounds write in Lacros Graphics in Google Chrome on Chrome OS a ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-4175 (Use after free in Camera Capture in Google Chrome prior to 108.0.5359. ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-4174 (Type confusion in V8 in Google Chrome prior to 108.0.5359.71 allowed a ...)
+ {DSA-5293-1}
- chromium 108.0.5359.71-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-4173
@@ -12573,8 +12613,8 @@ CVE-2022-3493 (A vulnerability, which was classified as problematic, has been fo
NOT-FOR-US: SourceCodester Human Resource Management System
CVE-2022-3492 (A vulnerability classified as critical was found in SourceCodester Hum ...)
NOT-FOR-US: SourceCodester Human Resource Management System
-CVE-2022-3491
- RESERVED
+CVE-2022-3491 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...)
+ TODO: check
CVE-2022-3490 (The Checkout Field Editor (Checkout Manager) for WooCommerce WordPress ...)
NOT-FOR-US: WordPress plugin
CVE-2022-3489 (The WP Hide WordPress plugin through 0.0.2 does not have authorisation ...)
@@ -99950,8 +99990,8 @@ CVE-2021-37535 (SAP NetWeaver Application Server Java (JMS Connector Service) -
NOT-FOR-US: SAP
CVE-2021-37534 (app/View/GalaxyClusters/add.ctp in MISP 2.4.146 allows Stored XSS when ...)
NOT-FOR-US: MISP
-CVE-2021-37533
- RESERVED
+CVE-2021-37533 (Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host fr ...)
+ TODO: check
CVE-2021-37532 (SAP Business One version - 10, due to improper input validation, allow ...)
NOT-FOR-US: SAP
CVE-2021-37531 (SAP NetWeaver Knowledge Management XML Forms versions - 7.10, 7.11, 7. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed73055ec57efb57a4cbeca34b3c24d31fdffc91
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed73055ec57efb57a4cbeca34b3c24d31fdffc91
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221203/7590f3fe/attachment.htm>
More information about the debian-security-tracker-commits
mailing list