[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Dec 16 20:10:34 GMT 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
076710f4 by security tracker role at 2022-12-16T20:10:19+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,51 @@
+CVE-2022-4566 (A vulnerability, which was classified as critical, has been found in y ...)
+	TODO: check
+CVE-2022-4565 (A vulnerability classified as problematic was found in Dromara HuTool  ...)
+	TODO: check
+CVE-2022-4564 (A vulnerability classified as problematic has been found in University ...)
+	TODO: check
+CVE-2022-4563 (A vulnerability was found in Freedom of the Press SecureDrop. It has b ...)
+	TODO: check
+CVE-2022-4562
+	RESERVED
+CVE-2022-4561 (A vulnerability classified as problematic has been found in SemanticDr ...)
+	TODO: check
+CVE-2022-4560 (A vulnerability was found in Joget up to 7.0.32. It has been rated as  ...)
+	TODO: check
+CVE-2022-4559 (A vulnerability was found in INEX IPX-Manager up to 6.2.0. It has been ...)
+	TODO: check
+CVE-2022-4558 (A vulnerability was found in Alinto SOGo up to 5.7.1. It has been clas ...)
+	TODO: check
+CVE-2022-4557
+	RESERVED
+CVE-2022-4556 (A vulnerability was found in Alinto SOGo up to 5.7.1 and classified as ...)
+	TODO: check
+CVE-2022-4555 (The WP Shamsi plugin for WordPress is vulnerable to authorization bypa ...)
+	TODO: check
+CVE-2022-4554
+	RESERVED
+CVE-2022-4553
+	RESERVED
+CVE-2022-4552
+	RESERVED
+CVE-2022-4551
+	RESERVED
+CVE-2022-4550
+	RESERVED
+CVE-2022-4549
+	RESERVED
+CVE-2022-4548
+	RESERVED
+CVE-2022-4547
+	RESERVED
+CVE-2022-4546
+	RESERVED
+CVE-2022-4545
+	RESERVED
+CVE-2022-4544
+	RESERVED
+CVE-2022-4543
+	RESERVED
 CVE-2023-0016
 	RESERVED
 CVE-2023-0015
@@ -521,8 +569,8 @@ CVE-2022-47379
 	RESERVED
 CVE-2022-47378
 	RESERVED
-CVE-2022-47377
-	RESERVED
+CVE-2022-47377 (Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 w ...)
+	TODO: check
 CVE-2022-47376
 	RESERVED
 CVE-2022-46330
@@ -1060,18 +1108,23 @@ CVE-2022-44450
 CVE-2022-4441
 	RESERVED
 CVE-2022-4440 (Use after free in Profiles in Google Chrome prior to 108.0.5359.124 al ...)
+	{DSA-5302-1}
 	- chromium 108.0.5359.124-1
 	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2022-4439 (Use after free in Aura in Google Chrome on Windows prior to 108.0.5359 ...)
+	{DSA-5302-1}
 	- chromium 108.0.5359.124-1
 	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2022-4438 (Use after free in Blink Frames in Google Chrome prior to 108.0.5359.12 ...)
+	{DSA-5302-1}
 	- chromium 108.0.5359.124-1
 	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2022-4437 (Use after free in Mojo IPC in Google Chrome prior to 108.0.5359.124 al ...)
+	{DSA-5302-1}
 	- chromium 108.0.5359.124-1
 	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2022-4436 (Use after free in Blink Media in Google Chrome prior to 108.0.5359.124 ...)
+	{DSA-5302-1}
 	- chromium 108.0.5359.124-1
 	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2022-4435
@@ -1820,21 +1873,21 @@ CVE-2022-46883
 	RESERVED
 CVE-2022-46882
 	RESERVED
-	{DSA-5301-1 DLA-3242-1 DLA-3241-1}
+	{DSA-5303-1 DSA-5301-1 DLA-3242-1 DLA-3241-1}
 	- firefox-esr 102.6.0esr-1
 	- thunderbird 1:102.6.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-52/#CVE-2022-46882
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-53/#CVE-2022-46882
 CVE-2022-46881
 	RESERVED
-	{DSA-5301-1 DLA-3242-1 DLA-3241-1}
+	{DSA-5303-1 DSA-5301-1 DLA-3242-1 DLA-3241-1}
 	- firefox-esr 102.6.0esr-1
 	- thunderbird 1:102.6.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-52/#CVE-2022-46881
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-53/#CVE-2022-46881
 CVE-2022-46880
 	RESERVED
-	{DSA-5301-1 DLA-3242-1 DLA-3241-1}
+	{DSA-5303-1 DSA-5301-1 DLA-3242-1 DLA-3241-1}
 	- thunderbird 1:102.6.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-53/#CVE-2022-46880
 CVE-2022-46879
@@ -1843,7 +1896,7 @@ CVE-2022-46879
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-51/#CVE-2022-46879
 CVE-2022-46878
 	RESERVED
-	{DSA-5301-1 DLA-3242-1 DLA-3241-1}
+	{DSA-5303-1 DSA-5301-1 DLA-3242-1 DLA-3241-1}
 	- firefox 108.0-1
 	- firefox-esr 102.6.0esr-1
 	- thunderbird 1:102.6.0-1
@@ -1866,7 +1919,7 @@ CVE-2022-46875
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-53/#CVE-2022-46875
 CVE-2022-46874
 	RESERVED
-	{DSA-5301-1 DLA-3242-1 DLA-3241-1}
+	{DSA-5303-1 DSA-5301-1 DLA-3242-1 DLA-3241-1}
 	- firefox 108.0-1
 	- firefox-esr 102.6.0esr-1
 	- thunderbird 1:102.6.0-1
@@ -1879,7 +1932,7 @@ CVE-2022-46873
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-51/#CVE-2022-46873
 CVE-2022-46872
 	RESERVED
-	{DSA-5301-1 DLA-3242-1 DLA-3241-1}
+	{DSA-5303-1 DSA-5301-1 DLA-3242-1 DLA-3241-1}
 	- firefox 108.0-1
 	- firefox-esr 102.6.0esr-1
 	- thunderbird 1:102.6.0-1
@@ -1890,8 +1943,7 @@ CVE-2022-46871
 	RESERVED
 	- firefox 108.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-51/#CVE-2022-46871
-CVE-2022-46870
-	RESERVED
+CVE-2022-46870 (An Improper Neutralization of Input During Web Page Generation ('Cross ...)
 	NOT-FOR-US: Apache Zeppelin
 CVE-2022-46869
 	RESERVED
@@ -2275,8 +2327,8 @@ CVE-2022-4328
 	RESERVED
 CVE-2022-4327
 	RESERVED
-CVE-2022-4326
-	RESERVED
+CVE-2022-4326 (Improper preservation of permissions vulnerability in Trellix Endpoint ...)
+	TODO: check
 CVE-2022-4325
 	RESERVED
 CVE-2022-4324
@@ -4291,12 +4343,12 @@ CVE-2022-46139
 	RESERVED
 CVE-2022-46138
 	RESERVED
-CVE-2022-46137
-	RESERVED
+CVE-2022-46137 (AeroCMS v0.0.1 is vulnerable to Directory Traversal. The impact is: ob ...)
+	TODO: check
 CVE-2022-46136
 	RESERVED
-CVE-2022-46135
-	RESERVED
+CVE-2022-46135 (In AeroCms v0.0.1, there is an arbitrary file upload vulnerability at  ...)
+	TODO: check
 CVE-2022-46134
 	RESERVED
 CVE-2022-46133
@@ -4347,8 +4399,8 @@ CVE-2022-46111
 	RESERVED
 CVE-2022-46110
 	RESERVED
-CVE-2022-46109
-	RESERVED
+CVE-2022-46109 (Tenda AC15 V15.03.06.23 is vulnerable to Buffer Overflow via function  ...)
+	TODO: check
 CVE-2022-46108
 	RESERVED
 CVE-2022-46107
@@ -5041,8 +5093,8 @@ CVE-2022-45801
 	RESERVED
 CVE-2022-4131
 	RESERVED
-CVE-2022-4130
-	RESERVED
+CVE-2022-4130 (A blind site-to-site request forgery vulnerability was found in Satell ...)
+	TODO: check
 CVE-2022-4129 (A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2T ...)
 	- linux <unfixed>
 	NOTE: https://lore.kernel.org/all/20221114191619.124659-1-jakub@cloudflare.com/t
@@ -5084,8 +5136,8 @@ CVE-2021-46854 (mod_radius in ProFTPD before 1.3.7c allows memory disclosure to
 	NOTE: Fixed by: https://github.com/proftpd/proftpd/commit/e7c0b6e78a81fa97ec41ea6332e5e11b864089b8 (v1.3.7c)
 CVE-2022-45797 (An arbitrary file deletion vulnerability in the Damage Cleanup Engine  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2022-45796
-	RESERVED
+CVE-2022-45796 (Command injection vulnerability in nw_interface.html in SHARP multifun ...)
+	TODO: check
 CVE-2022-45795
 	RESERVED
 CVE-2022-45794
@@ -6382,6 +6434,7 @@ CVE-2022-45415
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-47/#CVE-2022-45415
 CVE-2022-45414
 	RESERVED
+	{DSA-5303-1}
 	- thunderbird 1:102.5.1-1
 	[bullseye] - thunderbird <postponed> (Minor issue, fix along in next ESR update)
 	[buster] - thunderbird <postponed> (Minor issue)
@@ -9992,16 +10045,16 @@ CVE-2022-44504
 	RESERVED
 CVE-2022-44503
 	RESERVED
-CVE-2022-44502
-	RESERVED
+CVE-2022-44502 (Adobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier ...)
+	TODO: check
 CVE-2022-44501
 	RESERVED
-CVE-2022-44500
-	RESERVED
-CVE-2022-44499
-	RESERVED
-CVE-2022-44498
-	RESERVED
+CVE-2022-44500 (Adobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier ...)
+	TODO: check
+CVE-2022-44499 (Adobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier ...)
+	TODO: check
+CVE-2022-44498 (Adobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier ...)
+	TODO: check
 CVE-2022-44497
 	RESERVED
 CVE-2022-44496
@@ -10050,18 +10103,18 @@ CVE-2022-44475
 	RESERVED
 CVE-2022-44474
 	RESERVED
-CVE-2022-44473
-	RESERVED
+CVE-2022-44473 (Adobe Experience Manager version 6.5.14 (and earlier) is affected by a ...)
+	TODO: check
 CVE-2022-44472
 	RESERVED
 CVE-2022-44471
 	RESERVED
 CVE-2022-44470
 	RESERVED
-CVE-2022-44469
-	RESERVED
-CVE-2022-44468
-	RESERVED
+CVE-2022-44469 (Adobe Experience Manager version 6.5.14 (and earlier) is affected by a ...)
+	TODO: check
+CVE-2022-44468 (Adobe Experience Manager version 6.5.14 (and earlier) is affected by a ...)
+	TODO: check
 CVE-2022-44467
 	RESERVED
 CVE-2022-44466
@@ -10072,8 +10125,8 @@ CVE-2022-44464
 	RESERVED
 CVE-2022-44463
 	RESERVED
-CVE-2022-44462
-	RESERVED
+CVE-2022-44462 (Adobe Experience Manager version 6.5.14 (and earlier) is affected by a ...)
+	TODO: check
 CVE-2022-44461
 	RESERVED
 CVE-2022-44460
@@ -14162,8 +14215,8 @@ CVE-2022-41996 (Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion A
 	NOT-FOR-US: WordPress theme
 CVE-2022-41995
 	RESERVED
-CVE-2022-41992
-	RESERVED
+CVE-2022-41992 (A memory corruption vulnerability exists in the VHD File Format parsin ...)
+	TODO: check
 CVE-2022-41990
 	RESERVED
 CVE-2022-41987
@@ -16876,12 +16929,12 @@ CVE-2022-42546
 	RESERVED
 CVE-2022-42545
 	RESERVED
-CVE-2022-42544
-	RESERVED
-CVE-2022-42543
-	RESERVED
-CVE-2022-42542
-	RESERVED
+CVE-2022-42544 (In getView of AddAppNetworksFragment.java, there is a possible way to  ...)
+	TODO: check
+CVE-2022-42543 (In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bou ...)
+	TODO: check
+CVE-2022-42542 (In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible ...)
+	TODO: check
 CVE-2022-42541
 	RESERVED
 CVE-2022-42540
@@ -16894,76 +16947,76 @@ CVE-2022-42537
 	RESERVED
 CVE-2022-42536
 	RESERVED
-CVE-2022-42535
-	RESERVED
-CVE-2022-42534
-	RESERVED
+CVE-2022-42535 (In a query in MmsSmsProvider.java, there is a possible access to restr ...)
+	TODO: check
+CVE-2022-42534 (In trusty_ffa_mem_reclaim of shared-mem-smcall.c, there is a possible  ...)
+	TODO: check
 CVE-2022-42533 (In shared_metadata_init of SharedMetadata.cpp, there is a possible out ...)
 	NOT-FOR-US: Google Pixel
-CVE-2022-42532
-	RESERVED
-CVE-2022-42531
-	RESERVED
-CVE-2022-42530
-	RESERVED
-CVE-2022-42529
-	RESERVED
+CVE-2022-42532 (In Pixel firmware, there is a possible out of bounds read due to a mis ...)
+	TODO: check
+CVE-2022-42531 (In mmu_map_for_fw of gs_ldfw_load.c, there is a possible mitigation by ...)
+	TODO: check
+CVE-2022-42530 (In Pixel firmware, there is a possible out of bounds read due to a mis ...)
+	TODO: check
+CVE-2022-42529 (Product: AndroidVersions: Android kernelAndroid ID: A-235292841Referen ...)
+	TODO: check
 CVE-2022-42528
 	RESERVED
-CVE-2022-42527
-	RESERVED
-CVE-2022-42526
-	RESERVED
-CVE-2022-42525
-	RESERVED
-CVE-2022-42524
-	RESERVED
-CVE-2022-42523
-	RESERVED
-CVE-2022-42522
-	RESERVED
-CVE-2022-42521
-	RESERVED
-CVE-2022-42520
-	RESERVED
-CVE-2022-42519
-	RESERVED
-CVE-2022-42518
-	RESERVED
-CVE-2022-42517
-	RESERVED
-CVE-2022-42516
-	RESERVED
-CVE-2022-42515
-	RESERVED
-CVE-2022-42514
-	RESERVED
-CVE-2022-42513
-	RESERVED
-CVE-2022-42512
-	RESERVED
-CVE-2022-42511
-	RESERVED
-CVE-2022-42510
-	RESERVED
-CVE-2022-42509
-	RESERVED
-CVE-2022-42508
-	RESERVED
-CVE-2022-42507
-	RESERVED
-CVE-2022-42506
-	RESERVED
-CVE-2022-42505
-	RESERVED
-CVE-2022-42504
-	RESERVED
-CVE-2022-42503
-	RESERVED
-CVE-2022-42502
-	RESERVED
-CVE-2022-42501
-	RESERVED
+CVE-2022-42527 (In cd_SsParseMsg of cd_SsCodec.c, there is a possible crash due to a m ...)
+	TODO: check
+CVE-2022-42526 (In ConvertUtf8ToUcs2 of radio_hal_utils.cpp, there is a possible out o ...)
+	TODO: check
+CVE-2022-42525 (In fillSetupDataCallInfo_V1_6 of ril_service_1_6.cpp, there is a possi ...)
+	TODO: check
+CVE-2022-42524 (In sms_GetTpUdlIe of sms_PduCodec.c, there is a possible out of bounds ...)
+	TODO: check
+CVE-2022-42523 (In fillSetupDataCallInfo_V1_6 of ril_service_1_6.cpp, there is a possi ...)
+	TODO: check
+CVE-2022-42522 (In DoSetCarrierConfig of miscservice.cpp, there is a possible out of b ...)
+	TODO: check
+CVE-2022-42521 (In encode of wlandata.cpp, there is a possible out of bounds write due ...)
+	TODO: check
+CVE-2022-42520 (In ServiceInterface::HandleRequest of serviceinterface.cpp, there is a ...)
+	TODO: check
+CVE-2022-42519 (In CdmaBroadcastSmsConfigsRequestData::encode of cdmasmsdata.cpp, ther ...)
+	TODO: check
+CVE-2022-42518 (In BroadcastSmsConfigsRequestData::encode of smsdata.cpp, there is a p ...)
+	TODO: check
+CVE-2022-42517 (In MiscService::DoOemSetTcsFci of miscservice.cpp, there is a possible ...)
+	TODO: check
+CVE-2022-42516 (In ProtocolSimBuilderLegacy::BuildSimGetGbaAuth of protocolsimbuilderl ...)
+	TODO: check
+CVE-2022-42515 (In MiscService::DoOemSetRtpPktlossThreshold of miscservice.cpp, there  ...)
+	TODO: check
+CVE-2022-42514 (In ProtocolImsBuilder::BuildSetConfig of protocolimsbuilder.cpp, there ...)
+	TODO: check
+CVE-2022-42513 (In ProtocolEmbmsBuilder::BuildSetSession of protocolembmsbuilder.cpp,  ...)
+	TODO: check
+CVE-2022-42512 (In VsimOperationDataExt::encode of vsimdata.cpp, there is a possible o ...)
+	TODO: check
+CVE-2022-42511 (In EmbmsSessionData::encode of embmsdata.cpp, there is a possible out  ...)
+	TODO: check
+CVE-2022-42510 (In StringsRequestData::encode of requestdata.cpp, there is a possible  ...)
+	TODO: check
+CVE-2022-42509 (In CallDialReqData::encode of callreqdata.cpp, there is a possible out ...)
+	TODO: check
+CVE-2022-42508 (In ProtocolCallBuilder::BuildSendUssd of protocolcallbuilder.cpp, ther ...)
+	TODO: check
+CVE-2022-42507 (In ProtocolSimBuilder::BuildSimUpdatePb3gEntry of protocolsimbuilder.c ...)
+	TODO: check
+CVE-2022-42506 (In SimUpdatePbEntry::encode of simdata.cpp, there is a possible out of ...)
+	TODO: check
+CVE-2022-42505 (In ProtocolMiscBuilder::BuildSetSignalReportCriteria of protocolmiscbu ...)
+	TODO: check
+CVE-2022-42504 (In CallDialReqData::encodeCallNumber of callreqdata.cpp, there is a po ...)
+	TODO: check
+CVE-2022-42503 (In ProtocolMiscBuilder::BuildSetLinkCapaReportCriteria of protocolmisc ...)
+	TODO: check
+CVE-2022-42502 (In FacilityLock::Parse of simdata.cpp, there is a possible out of boun ...)
+	TODO: check
+CVE-2022-42501 (In HexString2Value of util.cpp, there is a possible out of bounds writ ...)
+	TODO: check
 CVE-2022-42500
 	RESERVED
 CVE-2022-42499
@@ -17290,10 +17343,10 @@ CVE-2022-42369
 	RESERVED
 CVE-2022-42368
 	RESERVED
-CVE-2022-42367
-	RESERVED
-CVE-2022-42366
-	RESERVED
+CVE-2022-42367 (Adobe Experience Manager version 6.5.14 (and earlier) is affected by a ...)
+	TODO: check
+CVE-2022-42366 (Adobe Experience Manager version 6.5.14 (and earlier) is affected by a ...)
+	TODO: check
 CVE-2022-42365
 	RESERVED
 CVE-2022-42364
@@ -17304,8 +17357,8 @@ CVE-2022-42362
 	RESERVED
 CVE-2022-42361
 	RESERVED
-CVE-2022-42360
-	RESERVED
+CVE-2022-42360 (Adobe Experience Manager version 6.5.14 (and earlier) is affected by a ...)
+	TODO: check
 CVE-2022-42359
 	RESERVED
 CVE-2022-42358
@@ -17322,8 +17375,8 @@ CVE-2022-42353
 	RESERVED
 CVE-2022-42352
 	RESERVED
-CVE-2022-42351
-	RESERVED
+CVE-2022-42351 (Adobe Experience Manager version 6.5.14 (and earlier) is affected by a ...)
+	TODO: check
 CVE-2022-42350
 	RESERVED
 CVE-2022-42349
@@ -17338,8 +17391,8 @@ CVE-2022-42345
 	RESERVED
 CVE-2022-42344 (Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) ...)
 	NOT-FOR-US: Adobe
-CVE-2022-42343
-	RESERVED
+CVE-2022-42343 (Adobe Campaign version 7.3.1 (and earlier) and 8.3.9 (and earlier) are ...)
+	TODO: check
 CVE-2022-42342 (Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30 ...)
 	NOT-FOR-US: Adobe
 CVE-2022-42341 (Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and ea ...)
@@ -18354,8 +18407,8 @@ CVE-2022-41973 (multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local us
 	NOTE: https://github.com/opensvc/multipath-tools/commit/994811a29332161ec150f1d9822ff460cfc0f316 (0.9.2)
 	NOTE: The fix for CVE-2022-41973 switches to use /run instead of /dev/shm  which is a backward
 	NOTE: incompatible change (which can be overriden but leaving CVE open).
-CVE-2022-41972
-	RESERVED
+CVE-2022-41972 (Contiki-NG is an open-source, cross-platform operating system for Next ...)
+	TODO: check
 CVE-2022-41971 (Nextcould Talk android is a video and audio conferencing app for Nextc ...)
 	TODO: check
 CVE-2022-41970 (Nextcloud Server is an open source personal cloud server. Prior to ver ...)
@@ -18370,14 +18423,14 @@ CVE-2022-41966
 	RESERVED
 CVE-2022-41965 (Opencast is a free, open-source platform to support the management of  ...)
 	NOT-FOR-US: Opencast
-CVE-2022-41964
-	RESERVED
-CVE-2022-41963
-	RESERVED
-CVE-2022-41962
-	RESERVED
-CVE-2022-41961
-	RESERVED
+CVE-2022-41964 (BigBlueButton is an open source web conferencing system. This vulnerab ...)
+	TODO: check
+CVE-2022-41963 (BigBlueButton is an open source web conferencing system. Versions prio ...)
+	TODO: check
+CVE-2022-41962 (BigBlueButton is an open source web conferencing system. Versions prio ...)
+	TODO: check
+CVE-2022-41961 (BigBlueButton is an open source web conferencing system. Versions prio ...)
+	TODO: check
 CVE-2022-41960 (BigBlueButton is an open source web conferencing system. Versions prio ...)
 	TODO: check
 CVE-2022-41959
@@ -23807,8 +23860,7 @@ CVE-2022-3111 (An issue was discovered in the Linux kernel through 5.16-rc6. fre
 CVE-2022-3110 (An issue was discovered in the Linux kernel through 5.16-rc6. _rtw_ini ...)
 	- linux 5.18.5-1
 	NOTE: https://git.kernel.org/linus/f94b47c6bde624d6c07f43054087607c52054a95 (5.19-rc1)
-CVE-2022-3109
-	RESERVED
+CVE-2022-3109 (An issue was discovered in the FFmpeg through 3.0. vp3_decode_frame in ...)
 	- ffmpeg 7:5.1-1
 	[bullseye] - ffmpeg <postponed> (Minor issue, wait until fixed in 4.3.x)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/656cb0450aeb73b25d7d26980af342b37ac4c568 (n5.1)
@@ -28709,8 +28761,8 @@ CVE-2022-38108 (SolarWinds Platform was susceptible to the Deserialization of Un
 	NOT-FOR-US: SolarWinds
 CVE-2022-38107 (Sensitive information could be displayed when a detailed technical err ...)
 	NOT-FOR-US: SolarWinds
-CVE-2022-38106
-	RESERVED
+CVE-2022-38106 (This vulnerability happens in the web client versions 15.3.0 to Serv-U ...)
+	TODO: check
 CVE-2022-38093 (Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in All in O ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-38070 (Privilege Escalation (subscriber+) vulnerability in Pop-up plugin < ...)
@@ -33564,8 +33616,8 @@ CVE-2022-36225 (EyouCMS V1.5.8-UTF8-SP1 is vulnerable to Cross Site Request Forg
 	NOT-FOR-US: Eyoucms
 CVE-2022-36224 (XunRuiCMS V4.5.6 is vulnerable to Cross Site Request Forgery (CSRF). ...)
 	NOT-FOR-US: XunRuiCMS
-CVE-2022-36223
-	RESERVED
+CVE-2022-36223 (In Emby Server 4.6.7.0, the playlist name field is vulnerable to XSS s ...)
+	TODO: check
 CVE-2022-36222
 	RESERVED
 CVE-2022-36221
@@ -34886,12 +34938,12 @@ CVE-2022-35698 (Adobe Commerce versions 2.4.4-p1 (and earlier) and 2.4.5 (and ea
 	NOT-FOR-US: Adobe
 CVE-2022-35697 (Adobe Experience Manager Core Components version 2.20.6 (and earlier)  ...)
 	NOT-FOR-US: Adobe
-CVE-2022-35696
-	RESERVED
+CVE-2022-35696 (Adobe Experience Manager version 6.5.14 (and earlier) is affected by a ...)
+	TODO: check
 CVE-2022-35695
 	RESERVED
-CVE-2022-35694
-	RESERVED
+CVE-2022-35694 (Adobe Experience Manager version 6.5.14 (and earlier) is affected by a ...)
+	TODO: check
 CVE-2022-35693
 	RESERVED
 CVE-2022-35692 (Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) ...)
@@ -45940,10 +45992,10 @@ CVE-2022-31710
 	RESERVED
 CVE-2022-31709
 	RESERVED
-CVE-2022-31708
-	RESERVED
-CVE-2022-31707
-	RESERVED
+CVE-2022-31708 (vRealize Operations (vROps) contains a broken access control vulnerabi ...)
+	TODO: check
+CVE-2022-31707 (vRealize Operations (vROps) contains a privilege escalation vulnerabil ...)
+	TODO: check
 CVE-2022-31706
 	RESERVED
 CVE-2022-31705 (VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds writ ...)
@@ -58267,11 +58319,11 @@ CVE-2022-27586 (Password recovery vulnerability in SICK SIM1004 Partnumber 10981
 	NOT-FOR-US: SICK SIM1004 Partnumber 1098148
 CVE-2022-27585 (Password recovery vulnerability in SICK SIM1000 FX Partnumber 1097816  ...)
 	NOT-FOR-US: SICK SIM1000 FX Partnumber 1097816 and 1097817
-CVE-2022-27584 (Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 a ...)
+CVE-2022-27584 (Password recovery vulnerability in SICK SIM2000ST Partnumber 1080579 a ...)
 	NOT-FOR-US: SICK SIM2000ST Partnumber 2086502 and 1080579
 CVE-2022-27583 (A remote unprivileged attacker can interact with the configuration int ...)
 	NOT-FOR-US: Flexi-Compact FLX3-CPUC1 or FLX3-CPUC2
-CVE-2022-27582 (Password recovery vulnerability in SICK SICK SIM4000 (PPC) Partnumber  ...)
+CVE-2022-27582 (Password recovery vulnerability in SICK SIM4000 (PPC) Partnumber 10787 ...)
 	NOT-FOR-US: SICK SICK SIM4000 (PPC) Partnumber 1078787
 CVE-2022-27581 (Use of a Broken or Risky Cryptographic Algorithm in SICK RFU61x firmwa ...)
 	TODO: check
@@ -63821,12 +63873,12 @@ CVE-2022-25630 (An authenticated user can embed malicious content with XSS into
 	TODO: check
 CVE-2022-25629 (An authenticated user who has the privilege to add/edit annotations on ...)
 	TODO: check
-CVE-2022-25628
-	RESERVED
-CVE-2022-25627
-	RESERVED
-CVE-2022-25626
-	RESERVED
+CVE-2022-25628 (An authenticated user can perform XML eXternal Entity injection in Man ...)
+	TODO: check
+CVE-2022-25627 (An authenticated administrator who has physical access to the environm ...)
+	TODO: check
+CVE-2022-25626 (An unauthenticated user can access Identity Manager’s management ...)
+	TODO: check
 CVE-2022-25625 (A malicious unauthorized PAM user can access the administration config ...)
 	NOT-FOR-US: Symantec
 CVE-2022-25624
@@ -89263,235 +89315,231 @@ CVE-2021-3887
 	REJECTED
 CVE-2022-20611 (In deletePackageVersionedInternal of DeletePackageHelper.java, there i ...)
 	NOT-FOR-US: Android
-CVE-2022-20610
-	RESERVED
-CVE-2022-20609
-	RESERVED
-CVE-2022-20608
-	RESERVED
-CVE-2022-20607
-	RESERVED
-CVE-2022-20606
-	RESERVED
-CVE-2022-20605
-	RESERVED
-CVE-2022-20604
-	RESERVED
-CVE-2022-20603
-	RESERVED
-CVE-2022-20602
-	RESERVED
-CVE-2022-20601
-	RESERVED
-CVE-2022-20600
-	RESERVED
-CVE-2022-20599
-	RESERVED
-CVE-2022-20598
-	RESERVED
-CVE-2022-20597
-	RESERVED
-CVE-2022-20596
-	RESERVED
-CVE-2022-20595
-	RESERVED
-CVE-2022-20594
-	RESERVED
-CVE-2022-20593
-	RESERVED
-CVE-2022-20592
-	RESERVED
-CVE-2022-20591
-	RESERVED
-CVE-2022-20590
-	RESERVED
-CVE-2022-20589
-	RESERVED
-CVE-2022-20588
-	RESERVED
-CVE-2022-20587
-	RESERVED
-CVE-2022-20586
-	RESERVED
-CVE-2022-20585
-	RESERVED
-CVE-2022-20584
-	RESERVED
-CVE-2022-20583
-	RESERVED
-CVE-2022-20582
-	RESERVED
-CVE-2022-20581
-	RESERVED
-CVE-2022-20580
-	RESERVED
-CVE-2022-20579
-	RESERVED
-CVE-2022-20578
-	RESERVED
-CVE-2022-20577
-	RESERVED
-CVE-2022-20576
-	RESERVED
-CVE-2022-20575
-	RESERVED
-CVE-2022-20574
-	RESERVED
+CVE-2022-20610 (In cellular modem firmware, there is a possible out of bounds read due ...)
+	TODO: check
+CVE-2022-20609 (In Pixel cellular firmware, there is a possible out of bounds read due ...)
+	TODO: check
+CVE-2022-20608 (In Pixel cellular firmware, there is a possible out of bounds read due ...)
+	TODO: check
+CVE-2022-20607 (In the Pixel cellular firmware, there is a possible out of bounds writ ...)
+	TODO: check
+CVE-2022-20606 (In SAEMM_MiningCodecTableWithMsgIE of SAEMM_RadioMessageCodec.c, there ...)
+	TODO: check
+CVE-2022-20605 (In SAECOMM_CopyBufferBytes of SAECOMM_Utility.c, there is a possible o ...)
+	TODO: check
+CVE-2022-20604 (In SAECOMM_SetDcnIdForPlmn of SAECOMM_DbManagement.c, there is a possi ...)
+	TODO: check
+CVE-2022-20603 (In SetDecompContextDb of RohcDeCompContextOfRbId.cpp, there is a possi ...)
+	TODO: check
+CVE-2022-20602 (Product: AndroidVersions: Android kernelAndroid ID: A-211081867Referen ...)
+	TODO: check
+CVE-2022-20601 (Product: AndroidVersions: Android kernelAndroid ID: A-204541506Referen ...)
+	TODO: check
+CVE-2022-20600 (In TBD of TBD, there is a possible out of bounds write due to memory c ...)
+	TODO: check
+CVE-2022-20599 (In Pixel firmware, there is a possible exposure of sensitive memory du ...)
+	TODO: check
+CVE-2022-20598 (In sec_media_protect of media.c, there is a possible EoP due to an int ...)
+	TODO: check
+CVE-2022-20597 (In ppmpu_set of ppmpu.c, there is a possible EoP due to an integer ove ...)
+	TODO: check
+CVE-2022-20596 (In sendChunk of WirelessCharger.cpp, there is a possible out of bounds ...)
+	TODO: check
+CVE-2022-20595 (In getWpcAuthChallengeResponse of WirelessCharger.cpp, there is a poss ...)
+	TODO: check
+CVE-2022-20594 (In updateStart of WirelessCharger.cpp, there is a possible out of boun ...)
+	TODO: check
+CVE-2022-20593 (In pop_descriptor_string of BufferDescriptor.h, there is a possible ou ...)
+	TODO: check
+CVE-2022-20592 (In ppmp_validate_secbuf of drm_fw.c, there is a possible information d ...)
+	TODO: check
+CVE-2022-20591 (In ppmpu_set of ppmpu.c, there is a possible information disclosure du ...)
+	TODO: check
+CVE-2022-20590 (In valid_va_sec_mfc_check of drm_access_control.c, there is a possible ...)
+	TODO: check
+CVE-2022-20589 (In valid_va_secbuf_check of drm_access_control.c, there is a possible  ...)
+	TODO: check
+CVE-2022-20588 (In sysmmu_map of sysmmu.c, there is a possible EoP due to a preconditi ...)
+	TODO: check
+CVE-2022-20587 (In ppmp_validate_wsm of drm_fw.c, there is a possible EoP due to impro ...)
+	TODO: check
+CVE-2022-20586 (In valid_out_of_special_sec_dram_addr of drm_access_control.c, there i ...)
+	TODO: check
+CVE-2022-20585 (In valid_out_of_special_sec_dram_addr of drm_access_control.c, there i ...)
+	TODO: check
+CVE-2022-20584 (In page_number of shared_mem.c, there is a possible code execution in  ...)
+	TODO: check
+CVE-2022-20583 (In ppmp_unprotect_mfcfw_buf of drm_fw.c, there is a possible out of bo ...)
+	TODO: check
+CVE-2022-20582 (In ppmp_unprotect_mfcfw_buf of drm_fw.c, there is a possible out of bo ...)
+	TODO: check
+CVE-2022-20581 (In the Pixel camera driver, there is a possible use after free due to  ...)
+	TODO: check
+CVE-2022-20580 (In ufdt_do_one_fixup of ufdt_overlay.c, there is a possible out of bou ...)
+	TODO: check
+CVE-2022-20579 (In RadioImpl::setCdmaBroadcastConfig of ril_service_legacy.cpp, there  ...)
+	TODO: check
+CVE-2022-20578 (In RadioImpl::setGsmBroadcastConfig of ril_service_legacy.cpp, there i ...)
+	TODO: check
+CVE-2022-20577 (In OemSimAuthRequest::encode of wlandata.cpp, there is a possible out  ...)
+	TODO: check
+CVE-2022-20576 (In externalOnRequest of rilapplication.cpp, there is a possible out of ...)
+	TODO: check
+CVE-2022-20575 (In read_ppmpu_info of drm_fw.c, there is a possible out of bounds read ...)
+	TODO: check
+CVE-2022-20574 (In sec_sysmmu_info of drm_fw.c, there is a possible out of bounds read ...)
+	TODO: check
 CVE-2022-20573
 	RESERVED
-CVE-2022-20572
-	RESERVED
+CVE-2022-20572 (In verity_target of dm-verity-target.c, there is a possible way to mod ...)
 	- linux 5.18.2-1
 	[bullseye] - linux 5.10.120-1
 	[buster] - linux 4.19.249-1
 	NOTE: https://git.kernel.org/linus/4caae58406f8ceb741603eee460d79bacca9b1b5
-CVE-2022-20571
-	RESERVED
-CVE-2022-20570
-	RESERVED
-CVE-2022-20569
-	RESERVED
-CVE-2022-20568
-	RESERVED
+CVE-2022-20571 (In extract_metadata of dm-android-verity.c, there is a possible way to ...)
+	TODO: check
+CVE-2022-20570 (Product: AndroidVersions: Android kernelAndroid ID: A-230660904Referen ...)
+	TODO: check
+CVE-2022-20569 (In thermal_cooling_device_stats_update of thermal_sysfs.c, there is a  ...)
+	TODO: check
+CVE-2022-20568 (In (TBD) of (TBD), there is a possible way to corrupt kernel memory du ...)
 	- linux 5.14.6-1
 	[bullseye] - linux 5.10.120-1
 	[buster] - linux <not-affected> (Vulnerable code introduced later)
-CVE-2022-20567
-	RESERVED
+CVE-2022-20567 (In pppol2tp_create of l2tp_ppp.c, there is a possible use after free d ...)
 	- linux 4.15.11-1
 	NOTE: https://git.kernel.org/linus/d02ba2a6110c530a32926af8ad441111774d2893
-CVE-2022-20566
-	RESERVED
+CVE-2022-20566 (In l2cap_chan_put of l2cap_core, there is a possible use after free du ...)
 	- linux 5.18.16-1
 	[bullseye] - linux 5.10.136-1
 	[buster] - linux 4.19.260-1
 	NOTE: https://git.kernel.org/linus/d0be8347c623e0ac4202a1d4e0373882821f56b0
 CVE-2022-20565
 	RESERVED
-CVE-2022-20564
-	RESERVED
-CVE-2022-20563
-	RESERVED
-CVE-2022-20562
-	RESERVED
-CVE-2022-20561
-	RESERVED
-CVE-2022-20560
-	RESERVED
-CVE-2022-20559
-	RESERVED
-CVE-2022-20558
-	RESERVED
-CVE-2022-20557
-	RESERVED
-CVE-2022-20556
-	RESERVED
-CVE-2022-20555
-	RESERVED
-CVE-2022-20554
-	RESERVED
-CVE-2022-20553
-	RESERVED
-CVE-2022-20552
-	RESERVED
+CVE-2022-20564 (In _ufdt_output_strtab_to_fdt of ufdt_convert.c, there is a possible o ...)
+	TODO: check
+CVE-2022-20563 (In TBD of ufdt_convert, there is a possible out of bounds read due to  ...)
+	TODO: check
+CVE-2022-20562 (In various functions of ap_input_processor.c, there is a possible way  ...)
+	TODO: check
+CVE-2022-20561 (In TBD of aud_hal_tunnel.c, there is a possible memory corruption due  ...)
+	TODO: check
+CVE-2022-20560 (Product: AndroidVersions: Android kernelAndroid ID: A-212623833Referen ...)
+	TODO: check
+CVE-2022-20559 (In revokeOwnPermissionsOnKill of PermissionManager.java, there is a po ...)
+	TODO: check
+CVE-2022-20558 (In registerReceivers of DeviceCapabilityListener.java, there is a poss ...)
+	TODO: check
+CVE-2022-20557 (In MessageQueueBase of MessageQueueBase.h, there is a possible out of  ...)
+	TODO: check
+CVE-2022-20556 (In launchConfigNewNetworkFragment of NetworkProviderSettings.java, the ...)
+	TODO: check
+CVE-2022-20555 (In ufdt_get_node_by_path_len of ufdt_convert.c, there is a possible ou ...)
+	TODO: check
+CVE-2022-20554 (In removeEventHubDevice of InputDevice.cpp, there is a possible OOB re ...)
+	TODO: check
+CVE-2022-20553 (In onCreate of LogAccessDialogActivity.java, there is a possible way t ...)
+	TODO: check
+CVE-2022-20552 (In btif_a2dp_sink_command_ready of btif_a2dp_sink.cc, there is a possi ...)
+	TODO: check
 CVE-2022-20551
 	RESERVED
-CVE-2022-20550
-	RESERVED
-CVE-2022-20549
-	RESERVED
-CVE-2022-20548
-	RESERVED
-CVE-2022-20547
-	RESERVED
-CVE-2022-20546
-	RESERVED
-CVE-2022-20545
-	RESERVED
-CVE-2022-20544
-	RESERVED
-CVE-2022-20543
-	RESERVED
+CVE-2022-20550 (In Multiple Locations, there is a possibility to launch arbitrary prot ...)
+	TODO: check
+CVE-2022-20549 (In authToken2AidlVec of KeyMintUtils.cpp, there is a possible out of b ...)
+	TODO: check
+CVE-2022-20548 (In setParameter of EqualizerEffect.cpp, there is a possible out of bou ...)
+	TODO: check
+CVE-2022-20547 (In multiple functions of AdapterService.java, there is a possible way  ...)
+	TODO: check
+CVE-2022-20546 (In getCurrentConfigImpl of Effect.cpp, there is a possible out of boun ...)
+	TODO: check
+CVE-2022-20545 (In bindArtworkAndColors of MediaControlPanel.java, there is a possible ...)
+	TODO: check
+CVE-2022-20544 (In onOptionsItemSelected of ManageApplications.java, there is a possib ...)
+	TODO: check
+CVE-2022-20543 (In multiple locations, there is a possible display crash loop due to i ...)
+	TODO: check
 CVE-2022-20542
 	RESERVED
-CVE-2022-20541
-	RESERVED
-CVE-2022-20540
-	RESERVED
-CVE-2022-20539
-	RESERVED
-CVE-2022-20538
-	RESERVED
-CVE-2022-20537
-	RESERVED
-CVE-2022-20536
-	RESERVED
-CVE-2022-20535
-	RESERVED
+CVE-2022-20541 (In phNxpNciHal_ioctl of phNxpNciHal.cc, there is a possible out of bou ...)
+	TODO: check
+CVE-2022-20540 (In SurfaceFlinger::doDump of SurfaceFlinger.cpp, there is possible arb ...)
+	TODO: check
+CVE-2022-20539 (In parameterToHal of Effect.cpp, there is a possible out of bounds wri ...)
+	TODO: check
+CVE-2022-20538 (In getSmsRoleHolder of RoleService.java, there is a possible way to de ...)
+	TODO: check
+CVE-2022-20537 (In createDialog of WifiScanModeActivity.java, there is a possible way  ...)
+	TODO: check
+CVE-2022-20536 (In registerBroadcastReceiver of RcsService.java, there is a possible w ...)
+	TODO: check
+CVE-2022-20535 (In registerLocalOnlyHotspotSoftApCallback of WifiManager.java, there i ...)
+	TODO: check
 CVE-2022-20534
 	RESERVED
-CVE-2022-20533
-	RESERVED
+CVE-2022-20533 (In getSlice of WifiSlice.java, there is a possible way to connect a ne ...)
+	TODO: check
 CVE-2022-20532
 	RESERVED
-CVE-2022-20531
-	RESERVED
-CVE-2022-20530
-	RESERVED
-CVE-2022-20529
-	RESERVED
-CVE-2022-20528
-	RESERVED
-CVE-2022-20527
-	RESERVED
-CVE-2022-20526
-	RESERVED
-CVE-2022-20525
-	RESERVED
-CVE-2022-20524
-	RESERVED
-CVE-2022-20523
-	RESERVED
-CVE-2022-20522
-	RESERVED
-CVE-2022-20521
-	RESERVED
-CVE-2022-20520
-	RESERVED
-CVE-2022-20519
-	RESERVED
-CVE-2022-20518
-	RESERVED
-CVE-2022-20517
-	RESERVED
-CVE-2022-20516
-	RESERVED
-CVE-2022-20515
-	RESERVED
-CVE-2022-20514
-	RESERVED
-CVE-2022-20513
-	RESERVED
-CVE-2022-20512
-	RESERVED
-CVE-2022-20511
-	RESERVED
-CVE-2022-20510
-	RESERVED
-CVE-2022-20509
-	RESERVED
-CVE-2022-20508
-	RESERVED
-CVE-2022-20507
-	RESERVED
-CVE-2022-20506
-	RESERVED
-CVE-2022-20505
-	RESERVED
-CVE-2022-20504
-	RESERVED
-CVE-2022-20503
-	RESERVED
+CVE-2022-20531 (In placeCall of TelecomManager.java, there is a possible way to determ ...)
+	TODO: check
+CVE-2022-20530 (In strings.xml, there is a possible permission bypass due to a mislead ...)
+	TODO: check
+CVE-2022-20529 (In multiple locations of WifiDialogActivity.java, there is a possible  ...)
+	TODO: check
+CVE-2022-20528 (In findParam of HevcUtils.cpp there is a possible out of bounds read d ...)
+	TODO: check
+CVE-2022-20527 (In HalCoreCallback of halcore.cc, there is a possible out of bounds re ...)
+	TODO: check
+CVE-2022-20526 (In CanvasContext::draw of CanvasContext.cpp, there is a possible out o ...)
+	TODO: check
+CVE-2022-20525 (In enforceVisualVoicemailPackage of PhoneInterfaceManager.java, there  ...)
+	TODO: check
+CVE-2022-20524 (In compose of Vibrator.cpp, there is a possible arbitrary code executi ...)
+	TODO: check
+CVE-2022-20523 (In IncFs_GetFilledRangesStartingFrom of incfs.cpp, there is a possible ...)
+	TODO: check
+CVE-2022-20522 (In getSlice of ProviderModelSlice.java, there is a missing permission  ...)
+	TODO: check
+CVE-2022-20521 (In sdpu_find_most_specific_service_uuid of sdp_utils.cc, there is a po ...)
+	TODO: check
+CVE-2022-20520 (In onCreate of various files, there is a possible tapjacking/overlay a ...)
+	TODO: check
+CVE-2022-20519 (In onCreate of AddAppNetworksActivity.java, there is a possible way fo ...)
+	TODO: check
+CVE-2022-20518 (In query of MmsSmsProvider.java, there is a possible access to restric ...)
+	TODO: check
+CVE-2022-20517 (In getMessagesByPhoneNumber of MmsSmsProvider.java, there is a possibl ...)
+	TODO: check
+CVE-2022-20516 (In rw_t3t_act_handle_check_ndef_rsp of rw_t3t.cc, there is a possible  ...)
+	TODO: check
+CVE-2022-20515 (In onPreferenceClick of AccountTypePreferenceLoader.java, there is a p ...)
+	TODO: check
+CVE-2022-20514 (In acquireFabricatedOverlayIterator, nextFabricatedOverlayInfos, and r ...)
+	TODO: check
+CVE-2022-20513 (In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds  ...)
+	TODO: check
+CVE-2022-20512 (In navigateUpTo of Task.java, there is a possible way to launch an int ...)
+	TODO: check
+CVE-2022-20511 (In getNearbyAppStreamingPolicy of DevicePolicyManagerService.java, the ...)
+	TODO: check
+CVE-2022-20510 (In getNearbyNotificationStreamingPolicy of DevicePolicyManagerService. ...)
+	TODO: check
+CVE-2022-20509 (In mapGrantorDescr of MessageQueueBase.h, there is a possible out of b ...)
+	TODO: check
+CVE-2022-20508 (In onAttach of ConfigureWifiSettings.java, there is a possible way for ...)
+	TODO: check
+CVE-2022-20507 (In onMulticastListUpdateNotificationReceived of UwbEventManager.java,  ...)
+	TODO: check
+CVE-2022-20506 (In onCreate of WifiDialogActivity.java, there is a missing permission  ...)
+	TODO: check
+CVE-2022-20505 (In openFile of CallLogProvider.java, there is a possible permission by ...)
+	TODO: check
+CVE-2022-20504 (In multiple locations of DreamManagerService.java, there is a missing  ...)
+	TODO: check
+CVE-2022-20503 (In onCreate of WifiDppConfiguratorActivity.java, there is a possible w ...)
+	TODO: check
 CVE-2022-20502 (In GetResolvedMethod of entrypoint_utils-inl.h, there is a possible us ...)
 	NOT-FOR-US: Android
 CVE-2022-20501 (In onCreate of EnableAccountPreferenceActivity.java, there is a possib ...)
@@ -90121,8 +90169,8 @@ CVE-2022-20201 (In getAppSize of InstalldNativeService.cpp, there is a possible
 	NOT-FOR-US: Google Pixel
 CVE-2022-20200 (In updateApState of SoftApManager.java, there is a possible leak of ho ...)
 	NOT-FOR-US: Android
-CVE-2022-20199
-	RESERVED
+CVE-2022-20199 (In multiple locations of NfcService.java, there is a possible disclosu ...)
+	TODO: check
 CVE-2022-20198 (In llcp_dlc_proc_connect_pdu of llcp_dlc.cc, there is a possible out o ...)
 	NOT-FOR-US: Android
 CVE-2022-20197 (In recycle of Parcel.java, there is a possible way to start foreground ...)
@@ -108909,8 +108957,8 @@ CVE-2021-35254 (SolarWinds received a report of a vulnerability related to an in
 	NOT-FOR-US: SolarWinds
 CVE-2021-35253
 	RESERVED
-CVE-2021-35252
-	RESERVED
+CVE-2021-35252 (Common encryption key appears to be used across all deployed instances ...)
+	TODO: check
 CVE-2021-35251 (Sensitive information could be displayed when a detailed technical err ...)
 	NOT-FOR-US: Solarwinds
 CVE-2021-35250 (A researcher reported a Directory Transversal Vulnerability in Serv-U  ...)
@@ -126055,8 +126103,7 @@ CVE-2021-28657 (A carefully crafted or corrupt file may trigger an infinite loop
 	NOTE: https://www.openwall.com/lists/oss-security/2021/03/30/3
 CVE-2021-28656
 	RESERVED
-CVE-2021-28655
-	RESERVED
+CVE-2021-28655 (The improper Input Validation vulnerability in "”Move folder to  ...)
 	NOT-FOR-US: Apache Zeppelin
 CVE-2021-28654
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/076710f48a5e07ee38fb66b28a84a5558fb02dca

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/076710f48a5e07ee38fb66b28a84a5558fb02dca
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221216/eb6aa766/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list