[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Dec 7 08:10:25 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
aaf75a49 by security tracker role at 2022-12-07T08:10:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,279 @@
+CVE-2023-21673
+ RESERVED
+CVE-2023-21672
+ RESERVED
+CVE-2023-21671
+ RESERVED
+CVE-2023-21670
+ RESERVED
+CVE-2023-21669
+ RESERVED
+CVE-2023-21668
+ RESERVED
+CVE-2023-21667
+ RESERVED
+CVE-2023-21666
+ RESERVED
+CVE-2023-21665
+ RESERVED
+CVE-2023-21664
+ RESERVED
+CVE-2023-21663
+ RESERVED
+CVE-2023-21662
+ RESERVED
+CVE-2023-21661
+ RESERVED
+CVE-2023-21660
+ RESERVED
+CVE-2023-21659
+ RESERVED
+CVE-2023-21658
+ RESERVED
+CVE-2023-21657
+ RESERVED
+CVE-2023-21656
+ RESERVED
+CVE-2023-21655
+ RESERVED
+CVE-2023-21654
+ RESERVED
+CVE-2023-21653
+ RESERVED
+CVE-2023-21652
+ RESERVED
+CVE-2023-21651
+ RESERVED
+CVE-2023-21650
+ RESERVED
+CVE-2023-21649
+ RESERVED
+CVE-2023-21648
+ RESERVED
+CVE-2023-21647
+ RESERVED
+CVE-2023-21646
+ RESERVED
+CVE-2023-21645
+ RESERVED
+CVE-2023-21644
+ RESERVED
+CVE-2023-21643
+ RESERVED
+CVE-2023-21642
+ RESERVED
+CVE-2023-21641
+ RESERVED
+CVE-2023-21640
+ RESERVED
+CVE-2023-21639
+ RESERVED
+CVE-2023-21638
+ RESERVED
+CVE-2023-21637
+ RESERVED
+CVE-2023-21636
+ RESERVED
+CVE-2023-21635
+ RESERVED
+CVE-2023-21634
+ RESERVED
+CVE-2023-21633
+ RESERVED
+CVE-2023-21632
+ RESERVED
+CVE-2023-21631
+ RESERVED
+CVE-2023-21630
+ RESERVED
+CVE-2023-21629
+ RESERVED
+CVE-2023-21628
+ RESERVED
+CVE-2023-21627
+ RESERVED
+CVE-2023-21626
+ RESERVED
+CVE-2023-21625
+ RESERVED
+CVE-2023-21624
+ RESERVED
+CVE-2022-46750
+ RESERVED
+CVE-2022-46749
+ RESERVED
+CVE-2022-46748
+ RESERVED
+CVE-2022-46747
+ RESERVED
+CVE-2022-46746
+ RESERVED
+CVE-2022-46745
+ RESERVED
+CVE-2022-46744
+ RESERVED
+CVE-2022-46743
+ RESERVED
+CVE-2022-46742
+ RESERVED
+CVE-2022-46741
+ RESERVED
+CVE-2022-46740
+ RESERVED
+CVE-2022-46728
+ RESERVED
+CVE-2022-46727
+ RESERVED
+CVE-2022-46726
+ RESERVED
+CVE-2022-46725
+ RESERVED
+CVE-2022-46724
+ RESERVED
+CVE-2022-46723
+ RESERVED
+CVE-2022-46722
+ RESERVED
+CVE-2022-46721
+ RESERVED
+CVE-2022-46720
+ RESERVED
+CVE-2022-46719
+ RESERVED
+CVE-2022-46718
+ RESERVED
+CVE-2022-46717
+ RESERVED
+CVE-2022-46716
+ RESERVED
+CVE-2022-46715
+ RESERVED
+CVE-2022-46714
+ RESERVED
+CVE-2022-46713
+ RESERVED
+CVE-2022-46712
+ RESERVED
+CVE-2022-46711
+ RESERVED
+CVE-2022-46710
+ RESERVED
+CVE-2022-46709
+ RESERVED
+CVE-2022-46708
+ RESERVED
+CVE-2022-46707
+ RESERVED
+CVE-2022-46706
+ RESERVED
+CVE-2022-46705
+ RESERVED
+CVE-2022-46704
+ RESERVED
+CVE-2022-46703
+ RESERVED
+CVE-2022-46702
+ RESERVED
+CVE-2022-46701
+ RESERVED
+CVE-2022-46700
+ RESERVED
+CVE-2022-46699
+ RESERVED
+CVE-2022-46698
+ RESERVED
+CVE-2022-46697
+ RESERVED
+CVE-2022-46696
+ RESERVED
+CVE-2022-46695
+ RESERVED
+CVE-2022-46694
+ RESERVED
+CVE-2022-46693
+ RESERVED
+CVE-2022-46692
+ RESERVED
+CVE-2022-46691
+ RESERVED
+CVE-2022-46690
+ RESERVED
+CVE-2022-46689
+ RESERVED
+CVE-2022-46688
+ RESERVED
+CVE-2022-46687
+ RESERVED
+CVE-2022-46686
+ RESERVED
+CVE-2022-46685
+ RESERVED
+CVE-2022-46684
+ RESERVED
+CVE-2022-46683
+ RESERVED
+CVE-2022-46682
+ RESERVED
+CVE-2022-46681
+ RESERVED
+CVE-2022-46680
+ RESERVED
+CVE-2022-46679
+ RESERVED
+CVE-2022-46678
+ RESERVED
+CVE-2022-46677
+ RESERVED
+CVE-2022-46676
+ RESERVED
+CVE-2022-46675
+ RESERVED
+CVE-2022-46656
+ RESERVED
+CVE-2022-46645
+ RESERVED
+CVE-2022-46279
+ RESERVED
+CVE-2022-45112
+ RESERVED
+CVE-2022-44607
+ RESERVED
+CVE-2022-44449
+ RESERVED
+CVE-2022-43502
+ RESERVED
+CVE-2022-43498
+ RESERVED
+CVE-2022-43474
+ RESERVED
+CVE-2022-4322 (A vulnerability, which was classified as critical, was found in maku-b ...)
+ TODO: check
+CVE-2022-4321
+ RESERVED
+CVE-2022-4320
+ RESERVED
+CVE-2022-4319
+ RESERVED
+CVE-2022-4318
+ RESERVED
+CVE-2022-4317
+ RESERVED
+CVE-2022-4316
+ RESERVED
+CVE-2022-4315
+ RESERVED
+CVE-2022-4314 (Improper Privilege Management in GitHub repository ikus060/rdiffweb pr ...)
+ TODO: check
+CVE-2022-4313
+ RESERVED
+CVE-2022-4312
+ RESERVED
+CVE-2022-4311
+ RESERVED
+CVE-2022-42879
+ RESERVED
+CVE-2022-42700
+ RESERVED
CVE-2022-46674
RESERVED
CVE-2022-46673
@@ -1106,10 +1382,10 @@ CVE-2022-46335
RESERVED
CVE-2022-46334
RESERVED
-CVE-2022-46333
- RESERVED
-CVE-2022-46332
- RESERVED
+CVE-2022-46333 (The admin user interface in Proofpoint Enterprise Protection (PPS/PoD) ...)
+ TODO: check
+CVE-2022-46332 (The Admin Smart Search feature in Proofpoint Enterprise Protection (PP ...)
+ TODO: check
CVE-2022-46328
RESERVED
CVE-2022-46327
@@ -1635,12 +1911,12 @@ CVE-2022-46141
RESERVED
CVE-2022-46140
RESERVED
-CVE-2022-44620
- RESERVED
-CVE-2022-44606
- RESERVED
-CVE-2022-43464
- RESERVED
+CVE-2022-44620 (Improper authentication vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1 ...)
+ TODO: check
+CVE-2022-44606 (OS command injection vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 ...)
+ TODO: check
+CVE-2022-43464 (Hidden functionality vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 ...)
+ TODO: check
CVE-2022-4171
RESERVED
CVE-2022-4170
@@ -2144,14 +2420,14 @@ CVE-2022-45920
CVE-2022-45919 (An issue was discovered in the Linux kernel through 6.0.10. In drivers ...)
- linux <unfixed>
NOTE: https://lore.kernel.org/linux-media/20221121063308.GA33821%40ubuntu/T/#u
-CVE-2022-45918
- RESERVED
-CVE-2022-45917
- RESERVED
-CVE-2022-45916
- RESERVED
-CVE-2022-45915
- RESERVED
+CVE-2022-45918 (ILIAS before 7.16 allows External Control of File Name or Path. ...)
+ TODO: check
+CVE-2022-45917 (ILIAS before 7.16 has an Open Redirect. ...)
+ TODO: check
+CVE-2022-45916 (ILIAS before 7.16 allows XSS. ...)
+ TODO: check
+CVE-2022-45915 (ILIAS before 7.16 allows OS Command Injection. ...)
+ TODO: check
CVE-2022-45914 (The ESL (Electronic Shelf Label) protocol, as implemented by (for exam ...)
NOT-FOR-US: ESL (Electronic Shelf Label) protocol
CVE-2022-45913
@@ -2352,8 +2628,8 @@ CVE-2022-45850
RESERVED
CVE-2022-45849
RESERVED
-CVE-2022-45848
- RESERVED
+CVE-2022-45848 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Contest Gal ...)
+ TODO: check
CVE-2022-45847
RESERVED
CVE-2022-45846
@@ -2382,16 +2658,16 @@ CVE-2022-45835
RESERVED
CVE-2022-45834
RESERVED
-CVE-2022-45833
- RESERVED
+CVE-2022-45833 (Auth. Path Traversal vulnerability in Easy WP SMTP plugin <= 1.5.1 ...)
+ TODO: check
CVE-2022-45832
RESERVED
CVE-2022-45831
RESERVED
CVE-2022-45830
RESERVED
-CVE-2022-45829
- RESERVED
+CVE-2022-45829 (Auth. Path Traversal vulnerability in Easy WP SMTP plugin <= 1.5.1 ...)
+ TODO: check
CVE-2022-45828
RESERVED
CVE-2022-45827
@@ -2416,8 +2692,8 @@ CVE-2022-45818
RESERVED
CVE-2022-45817
RESERVED
-CVE-2022-45816
- RESERVED
+CVE-2022-45816 (Auth. Stored Cross-Site Scripting (XSS) vulnerability in GD bbPress At ...)
+ TODO: check
CVE-2022-45815
RESERVED
CVE-2022-45814
@@ -3191,8 +3467,8 @@ CVE-2022-4093 (SQL injection attacks can result in unauthorized access to sensit
- dolibarr <removed>
CVE-2022-4092
RESERVED
-CVE-2022-44608
- RESERVED
+CVE-2022-44608 (Uncontrolled resource consumption vulnerability in Cybozu Remote Servi ...)
+ TODO: check
CVE-2022-4091 (A vulnerability was found in SourceCodester Canteen Management System. ...)
NOT-FOR-US: SourceCodester Canteen Management System
CVE-2022-4090 (A vulnerability was found in rickxy Stock Management System and classi ...)
@@ -3447,10 +3723,10 @@ CVE-2022-4012 (A vulnerability classified as critical has been found in Hospital
NOT-FOR-US: Hospital Management Center
CVE-2022-4011 (A vulnerability was found in Simple History Plugin. It has been rated ...)
NOT-FOR-US: Simple History Plugin
-CVE-2022-43468
- RESERVED
-CVE-2022-41783
- RESERVED
+CVE-2022-43468 (External initialization of trusted variables or data stores vulnerabil ...)
+ TODO: check
+CVE-2022-41783 (tdpServer of TP-Link RE300 V1 improperly processes its input, which ma ...)
+ TODO: check
CVE-2022-4010
RESERVED
CVE-2022-4009
@@ -3530,12 +3806,12 @@ CVE-2022-45423
RESERVED
CVE-2022-45422 (When LG SmartShare is installed, local privilege escalation is possibl ...)
NOT-FOR-US: LG
-CVE-2022-45122
- RESERVED
-CVE-2022-45113
- RESERVED
-CVE-2022-43660
- RESERVED
+CVE-2022-45122 (Cross-site scripting vulnerability in Movable Type Movable Type 7 r.53 ...)
+ TODO: check
+CVE-2022-45113 (Improper validation of syntactic correctness of input vulnerability ex ...)
+ TODO: check
+CVE-2022-43660 (Improper neutralization of Server-Side Includes (SSW) within a web pag ...)
+ TODO: check
CVE-2022-3995 (The TeraWallet plugin for WordPress is vulnerable to Insecure Direct O ...)
NOT-FOR-US: TeraWallet plugin for WordPress
CVE-2022-3994
@@ -3969,8 +4245,8 @@ CVE-2022-45361
RESERVED
CVE-2022-45360
RESERVED
-CVE-2022-45359
- RESERVED
+CVE-2022-45359 (Unauth. Arbitrary File Upload vulnerability in YITH WooCommerce Gift C ...)
+ TODO: check
CVE-2022-45358
RESERVED
CVE-2022-45357
@@ -4325,8 +4601,8 @@ CVE-2022-3981
RESERVED
CVE-2022-3980 (An XML External Entity (XEE) vulnerability allows server-side request ...)
NOT-FOR-US: Sophos
-CVE-2022-37406
- RESERVED
+CVE-2022-37406 (Cross-site scripting vulnerability in Aficio SP 4210N firmware version ...)
+ TODO: check
CVE-2022-45199 (Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL. ...)
- pillow <unfixed> (bug #1024512)
[bullseye] - pillow <not-affected> (Vulnerable code not present, introduced in 9.2.0)
@@ -4585,8 +4861,8 @@ CVE-2022-45136 (** UNSUPPORTED WHEN ASSIGNED ** Apache Jena SDB 3.17.0 and earli
TODO: check correctness/details if src:apache-jena affected
CVE-2022-45135
RESERVED
-CVE-2022-43668
- RESERVED
+CVE-2022-43668 (Typora versions prior to 1.4.4 fails to properly neutralize JavaScript ...)
+ TODO: check
CVE-2022-3932
RESERVED
CVE-2022-3931
@@ -4965,10 +5241,10 @@ CVE-2022-45028
RESERVED
CVE-2022-45027
RESERVED
-CVE-2022-45026
- RESERVED
-CVE-2022-45025
- RESERVED
+CVE-2022-45026 (An issue in Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode an ...)
+ TODO: check
+CVE-2022-45025 (Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode and Atom was d ...)
+ TODO: check
CVE-2022-45024
RESERVED
CVE-2022-45023
@@ -4997,12 +5273,12 @@ CVE-2022-45012 (A cross-site scripting (XSS) vulnerability in the Modify Page mo
NOT-FOR-US: WBCE CMS
CVE-2022-45011
RESERVED
-CVE-2022-45010
- RESERVED
-CVE-2022-45009
- RESERVED
-CVE-2022-45008
- RESERVED
+CVE-2022-45010 (Simple Phone Book/Directory Web App v1.0 was discovered to contain a S ...)
+ TODO: check
+CVE-2022-45009 (Online Leave Management System v1.0 was discovered to contain an arbit ...)
+ TODO: check
+CVE-2022-45008 (Online Leave Management System v1.0 was discovered to contain a stored ...)
+ TODO: check
CVE-2022-45007
RESERVED
CVE-2022-45006
@@ -5133,8 +5409,8 @@ CVE-2022-44944 (Rukovoditel v3.2.1 was discovered to contain a stored cross-site
NOT-FOR-US: Rukovoditel
CVE-2022-44943
RESERVED
-CVE-2022-44942
- RESERVED
+CVE-2022-44942 (Casdoor before v1.126.1 was discovered to contain an arbitrary file de ...)
+ TODO: check
CVE-2022-44941
RESERVED
CVE-2022-44940
@@ -5217,8 +5493,8 @@ CVE-2022-44902
RESERVED
CVE-2022-44901
RESERVED
-CVE-2022-44900
- RESERVED
+CVE-2022-44900 (A directory traversal vulnerability in the SevenZipFile.extractall() f ...)
+ TODO: check
CVE-2022-44899
RESERVED
CVE-2022-44898
@@ -5319,8 +5595,8 @@ CVE-2022-44851
RESERVED
CVE-2022-44850
RESERVED
-CVE-2022-44849
- RESERVED
+CVE-2022-44849 (A Cross-Site Request Forgery (CSRF) in the Administrator List of MetIn ...)
+ TODO: check
CVE-2022-44848
RESERVED
CVE-2022-44847
@@ -8141,8 +8417,8 @@ CVE-2022-44155
RESERVED
CVE-2022-44154
RESERVED
-CVE-2022-44153
- RESERVED
+CVE-2022-44153 (Rapid Software LLC Rapid SCADA 5.8.4 is vulnerable to Cross Site Scrip ...)
+ TODO: check
CVE-2022-44152
RESERVED
CVE-2022-44151 (Simple Inventory Management System v1.0 is vulnerable to SQL Injection ...)
@@ -8393,8 +8669,8 @@ CVE-2022-44032 (An issue was discovered in the Linux kernel through 6.0.6. drive
NOTE: https://lore.kernel.org/lkml/20220919040701.GA302806@ubuntu/
CVE-2022-44031
RESERVED
-CVE-2022-44030
- RESERVED
+CVE-2022-44030 (Redmine 5.x before 5.0.4 allows downloading of file attachments of any ...)
+ TODO: check
CVE-2022-44029
RESERVED
CVE-2022-44028
@@ -11036,12 +11312,12 @@ CVE-2022-43671 (Zoho ManageEngine Password Manager Pro before 12122, PAM360 befo
NOT-FOR-US: Zoho ManageEngine
CVE-2022-43670 (An improper neutralization of input during web page generation ('Cross ...)
NOT-FOR-US: Apache Sling
-CVE-2022-43667
- RESERVED
-CVE-2022-43509
- RESERVED
-CVE-2022-43508
- RESERVED
+CVE-2022-43667 (Stack-based buffer overflow vulnerability exists in CX-Programmer v.9. ...)
+ TODO: check
+CVE-2022-43509 (Out-of-bounds write vulnerability exists in CX-Programmer v.9.77 and e ...)
+ TODO: check
+CVE-2022-43508 (Use-after free vulnerability exists in CX-Programmer v.9.77 and earlie ...)
+ TODO: check
CVE-2022-43504 (Improper authentication vulnerability in WordPress versions prior to 6 ...)
TODO: check
CVE-2022-43500 (Cross-site scripting vulnerability in WordPress versions prior to 6.0. ...)
@@ -11056,10 +11332,10 @@ CVE-2022-43470 (Cross-site request forgery (CSRF) vulnerability in +F FS040U sof
NOT-FOR-US: +F software
CVE-2022-43442 (Plaintext storage of a password vulnerability exists in +F FS040U soft ...)
NOT-FOR-US: +F software
-CVE-2022-42486
- RESERVED
-CVE-2022-41994
- RESERVED
+CVE-2022-42486 (Stored cross-site scripting vulnerability in User group management of ...)
+ TODO: check
+CVE-2022-41994 (Stored cross-site scripting vulnerability in Permission Settings of ba ...)
+ TODO: check
CVE-2022-41830 (Stored cross-site scripting vulnerability in Kyocera Document Solution ...)
NOT-FOR-US: Kyocera Document Solutions
CVE-2022-41807 (Missing authorization vulnerability exists in Kyocera Document Solutio ...)
@@ -11512,8 +11788,8 @@ CVE-2022-43437
RESERVED
CVE-2022-43436
RESERVED
-CVE-2022-42888
- RESERVED
+CVE-2022-42888 (Unauth. Privilege Escalation vulnerability in ARMember premium plugin ...)
+ TODO: check
CVE-2022-42884
RESERVED
CVE-2022-42883 (Sensitive Information Disclosure vulnerability discovered by Quiz And ...)
@@ -11522,8 +11798,8 @@ CVE-2022-42882
RESERVED
CVE-2022-42880
RESERVED
-CVE-2022-42699
- RESERVED
+CVE-2022-42699 (Auth. Remote Code Execution vulnerability in Easy WP SMTP plugin <= ...)
+ TODO: check
CVE-2022-42698 (Unauth. Arbitrary File Upload vulnerability in WordPress Api2Cart Brid ...)
NOT-FOR-US: WordPress plugin
CVE-2022-42497 (Arbitrary Code Execution vulnerability in Api2Cart Bridge Connector pl ...)
@@ -11630,8 +11906,7 @@ CVE-2022-3645
RESERVED
CVE-2022-3644 (The collection remote for pulp_ansible stores tokens in plaintext inst ...)
NOT-FOR-US: Pulp (Red Hat)
-CVE-2022-3643
- RESERVED
+CVE-2022-3643 (Guests can trigger NIC interface reset/abort/crash via netback It is p ...)
- linux <unfixed>
NOTE: https://xenbits.xen.org/xsa/advisory-423.html
NOTE: https://git.kernel.org/linus/ad7f402ae4f466647c3a669b8a6f3e5d4271c84a
@@ -14735,13 +15010,11 @@ CVE-2022-42331
RESERVED
CVE-2022-42330
RESERVED
-CVE-2022-42329
- RESERVED
+CVE-2022-42329 (Guests can trigger deadlock in Linux netback driver T[his CNA informat ...)
- linux <unfixed>
NOTE: https://xenbits.xen.org/xsa/advisory-424.html
NOTE: https://git.kernel.org/linus/74e7e1efdad45580cc3839f2a155174cf158f9b5
-CVE-2022-42328
- RESERVED
+CVE-2022-42328 (Guests can trigger deadlock in Linux netback driver T[his CNA informat ...)
- linux <unfixed>
NOTE: https://xenbits.xen.org/xsa/advisory-424.html
NOTE: https://git.kernel.org/linus/74e7e1efdad45580cc3839f2a155174cf158f9b5
@@ -15862,8 +16135,8 @@ CVE-2022-41912 (The crewjam/saml go library prior to version 0.4.9 is vulnerable
NOTE: https://github.com/crewjam/saml/commit/aee3fb1edeeaf1088fcb458727e0fd863d277f8b (v0.4.9)
CVE-2022-41911 (TensorFlow is an open source platform for machine learning. When print ...)
- tensorflow <itp> (bug #804612)
-CVE-2022-41910
- RESERVED
+CVE-2022-41910 (TensorFlow is an open source platform for machine learning. The functi ...)
+ TODO: check
CVE-2022-41909 (TensorFlow is an open source platform for machine learning. An input ` ...)
- tensorflow <itp> (bug #804612)
CVE-2022-41908 (TensorFlow is an open source platform for machine learning. An input ` ...)
@@ -15878,8 +16151,8 @@ CVE-2022-41904 (Element iOS is an iOS Matrix client provided by Element. It is b
NOT-FOR-US: Element iOS
CVE-2022-41903
RESERVED
-CVE-2022-41902
- RESERVED
+CVE-2022-41902 (TensorFlow is an open source platform for machine learning. The functi ...)
+ TODO: check
CVE-2022-41901 (TensorFlow is an open source platform for machine learning. An input ` ...)
- tensorflow <itp> (bug #804612)
CVE-2022-41900 (TensorFlow is an open source platform for machine learning. The securi ...)
@@ -16012,8 +16285,8 @@ CVE-2022-41813 (In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1
NOT-FOR-US: F5 BIG-IP
CVE-2022-41806 (In versions 16.1.x before 16.1.3.2 and 15.1.x before 15.1.5.1, when BI ...)
NOT-FOR-US: F5 BIG-IP
-CVE-2022-41800
- RESERVED
+CVE-2022-41800 (In all versions of BIG-IP, when running in Appliance mode, an authenti ...)
+ TODO: check
CVE-2022-41787 (In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15. ...)
NOT-FOR-US: F5 BIG-IP
CVE-2022-41780 (In F5OS-A version 1.x before 1.1.0 and F5OS-C version 1.x before 1.4.0 ...)
@@ -16026,8 +16299,8 @@ CVE-2022-41691 (When a BIG-IP Advanced WAF/ASM security policy is configured on
NOT-FOR-US: F5 BIG-IP
CVE-2022-41624 (In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.2, 15. ...)
NOT-FOR-US: F5 BIG-IP
-CVE-2022-41622
- RESERVED
+CVE-2022-41622 (In all versions, BIG-IP and BIG-IQ are vulnerable to cross-site reques ...)
+ TODO: check
CVE-2022-41617 (In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x bef ...)
NOT-FOR-US: F5 BIG-IP
CVE-2022-36795 (In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15. ...)
@@ -17434,7 +17707,7 @@ CVE-2022-3282 (The Drag and Drop Multiple File Upload WordPress plugin before 1.
CVE-2022-41326 (The web conferencing component of Mitel MiCollab through 9.6.0.13 coul ...)
NOT-FOR-US: Mitel
CVE-2022-41325 (An integer overflow in the VNC module in VideoLAN VLC Media Player thr ...)
- {DLA-3216-1}
+ {DSA-5297-1 DLA-3216-1}
- vlc 3.0.18-1
NOTE: https://www.videolan.org/security/sb-vlc3018.html
NOTE: https://code.videolan.org/videolan/vlc/-/issues/27335
@@ -68366,8 +68639,8 @@ CVE-2022-23477
RESERVED
CVE-2022-23476
RESERVED
-CVE-2022-23475
- RESERVED
+CVE-2022-23475 (daloRADIUS is an open source RADIUS web management application. daloRa ...)
+ TODO: check
CVE-2022-23474
RESERVED
CVE-2022-23473
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aaf75a49b809e073661ecf9962858bc34abde784
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aaf75a49b809e073661ecf9962858bc34abde784
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221207/1395ddec/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list