[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Dec 17 08:10:21 GMT 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7ea84aa4 by security tracker role at 2022-12-17T08:10:11+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,171 @@
+CVE-2023-21823
+	RESERVED
+CVE-2023-21822
+	RESERVED
+CVE-2023-21821
+	RESERVED
+CVE-2023-21820
+	RESERVED
+CVE-2023-21819
+	RESERVED
+CVE-2023-21818
+	RESERVED
+CVE-2023-21817
+	RESERVED
+CVE-2023-21816
+	RESERVED
+CVE-2023-21815
+	RESERVED
+CVE-2023-21814
+	RESERVED
+CVE-2023-21813
+	RESERVED
+CVE-2023-21812
+	RESERVED
+CVE-2023-21811
+	RESERVED
+CVE-2023-21810
+	RESERVED
+CVE-2023-21809
+	RESERVED
+CVE-2023-21808
+	RESERVED
+CVE-2023-21807
+	RESERVED
+CVE-2023-21806
+	RESERVED
+CVE-2023-21805
+	RESERVED
+CVE-2023-21804
+	RESERVED
+CVE-2023-21803
+	RESERVED
+CVE-2023-21802
+	RESERVED
+CVE-2023-21801
+	RESERVED
+CVE-2023-21800
+	RESERVED
+CVE-2023-21799
+	RESERVED
+CVE-2023-21798
+	RESERVED
+CVE-2023-21797
+	RESERVED
+CVE-2023-21796
+	RESERVED
+CVE-2023-21795
+	RESERVED
+CVE-2023-21794
+	RESERVED
+CVE-2023-21793
+	RESERVED
+CVE-2023-21792
+	RESERVED
+CVE-2023-21791
+	RESERVED
+CVE-2023-21790
+	RESERVED
+CVE-2023-21789
+	RESERVED
+CVE-2023-21788
+	RESERVED
+CVE-2023-21787
+	RESERVED
+CVE-2023-21786
+	RESERVED
+CVE-2023-21785
+	RESERVED
+CVE-2023-21784
+	RESERVED
+CVE-2023-21783
+	RESERVED
+CVE-2023-21782
+	RESERVED
+CVE-2023-21781
+	RESERVED
+CVE-2023-21780
+	RESERVED
+CVE-2023-21779
+	RESERVED
+CVE-2023-21778
+	RESERVED
+CVE-2023-21777
+	RESERVED
+CVE-2023-21776
+	RESERVED
+CVE-2023-21775
+	RESERVED
+CVE-2023-21774
+	RESERVED
+CVE-2022-4580
+	RESERVED
+CVE-2022-4579
+	RESERVED
+CVE-2022-4578
+	RESERVED
+CVE-2022-4577
+	RESERVED
+CVE-2022-4576
+	RESERVED
+CVE-2022-4575
+	RESERVED
+CVE-2022-4574
+	RESERVED
+CVE-2022-4573
+	RESERVED
+CVE-2022-4572 (A vulnerability, which was classified as problematic, has been found i ...)
+	TODO: check
+CVE-2022-4571
+	RESERVED
+CVE-2022-4570
+	RESERVED
+CVE-2022-4569
+	RESERVED
+CVE-2022-4568
+	RESERVED
+CVE-2022-4567 (Improper Access Control in GitHub repository openemr/openemr prior to  ...)
+	TODO: check
+CVE-2021-46866
+	RESERVED
+CVE-2021-46865
+	RESERVED
+CVE-2021-46864
+	RESERVED
+CVE-2021-46863
+	RESERVED
+CVE-2021-46862
+	RESERVED
+CVE-2021-46861
+	RESERVED
+CVE-2021-46860
+	RESERVED
+CVE-2021-46859
+	RESERVED
+CVE-2021-46858
+	RESERVED
+CVE-2021-46857
+	RESERVED
+CVE-2020-36616
+	RESERVED
+CVE-2020-36615
+	RESERVED
+CVE-2020-36614
+	RESERVED
+CVE-2020-36613
+	RESERVED
+CVE-2020-36612
+	RESERVED
+CVE-2019-25083
+	RESERVED
+CVE-2019-25082
+	RESERVED
+CVE-2019-25081
+	RESERVED
+CVE-2019-25080
+	RESERVED
+CVE-2019-25079
+	RESERVED
 CVE-2022-4566 (A vulnerability, which was classified as critical, has been found in y ...)
 	NOT-FOR-US: RuoYi
 CVE-2022-4565 (A vulnerability classified as problematic was found in Dromara HuTool  ...)
@@ -1062,12 +1230,12 @@ CVE-2022-47212 (Microsoft Office Graphics Remote Code Execution Vulnerability. T
 	NOT-FOR-US: Microsoft
 CVE-2022-47211 (Microsoft Office Graphics Remote Code Execution Vulnerability. This CV ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-47210
-	RESERVED
-CVE-2022-47209
-	RESERVED
-CVE-2022-47208
-	RESERVED
+CVE-2022-47210 (The default console presented to users over telnet (when enabled) is r ...)
+	TODO: check
+CVE-2022-47209 (A support user exists on the device and appears to be a backdoor for T ...)
+	TODO: check
+CVE-2022-47208 (The “puhttpsniff” service, which runs by default, is susce ...)
+	TODO: check
 CVE-2022-47207
 	RESERVED
 CVE-2022-47206
@@ -2627,8 +2795,8 @@ CVE-2022-46672
 	RESERVED
 CVE-2022-46671
 	RESERVED
-CVE-2022-46670
-	RESERVED
+CVE-2022-46670 (Rockwell Automation was made aware of a vulnerability by a security re ...)
+	TODO: check
 CVE-2022-46669
 	RESERVED
 CVE-2022-46668
@@ -8203,18 +8371,18 @@ CVE-2022-44757
 	RESERVED
 CVE-2022-44756
 	RESERVED
-CVE-2022-44755
-	RESERVED
-CVE-2022-44754
-	RESERVED
-CVE-2022-44753
-	RESERVED
-CVE-2022-44752
-	RESERVED
-CVE-2022-44751
-	RESERVED
-CVE-2022-44750
-	RESERVED
+CVE-2022-44755 (IBM Notes is susceptible to a stack based buffer overflow vulnerabilit ...)
+	TODO: check
+CVE-2022-44754 (IBM Domino is susceptible to a stack based buffer overflow vulnerabili ...)
+	TODO: check
+CVE-2022-44753 (IBM Notes is susceptible to a stack based buffer overflow vulnerabilit ...)
+	TODO: check
+CVE-2022-44752 (IBM Domino is susceptible to a stack based buffer overflow vulnerabili ...)
+	TODO: check
+CVE-2022-44751 (IBM Notes is susceptible to a stack based buffer overflow vulnerabilit ...)
+	TODO: check
+CVE-2022-44750 (IBM Domino is susceptible to a stack based buffer overflow vulnerabili ...)
+	TODO: check
 CVE-2022-44747 (Local privilege escalation due to improper soft link handling. The fol ...)
 	NOT-FOR-US: Acronis
 CVE-2022-44746 (Sensitive information disclosure due to insecure folder permissions. T ...)
@@ -22873,8 +23041,8 @@ CVE-2022-36295
 	RESERVED
 CVE-2022-3167 (Improper Restriction of Rendered UI Layers or Frames in GitHub reposit ...)
 	- rdiffweb <itp> (bug #969974)
-CVE-2022-3166
-	RESERVED
+CVE-2022-3166 (Rockwell Automation was made aware that the webservers of the Microlog ...)
+	TODO: check
 CVE-2022-3165 (An integer underflow issue was found in the QEMU VNC server while proc ...)
 	- qemu 1:7.2+dfsg-1 (bug #1021019)
 	[bullseye] - qemu <not-affected> (Vulnerable code introduced later)
@@ -22930,8 +23098,8 @@ CVE-2022-3159
 	RESERVED
 CVE-2022-3158 (Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, ...)
 	NOT-FOR-US: Rockwell Automation
-CVE-2022-3157
-	RESERVED
+CVE-2022-3157 (A vulnerability exists in the Rockwell Automation controllers that all ...)
+	TODO: check
 CVE-2022-3156
 	RESERVED
 CVE-2022-40175
@@ -26576,8 +26744,8 @@ CVE-2022-38758
 	RESERVED
 CVE-2022-38757
 	RESERVED
-CVE-2022-38756
-	RESERVED
+CVE-2022-38756 (A vulnerability has been identified in Micro Focus GroupWise Web in ve ...)
+	TODO: check
 CVE-2022-38755 (A vulnerability has been identified in Micro Focus Filr in versions pr ...)
 	NOT-FOR-US: Micro Focus
 CVE-2022-38754 (A potential vulnerability has been identified in Micro Focus Operation ...)
@@ -26819,8 +26987,8 @@ CVE-2022-2968
 	RESERVED
 CVE-2022-2967
 	RESERVED
-CVE-2022-2966
-	RESERVED
+CVE-2022-2966 (Out-of-bounds Read vulnerability in Delta Electronics DOPSoft.This iss ...)
+	TODO: check
 CVE-2022-2965 (Improper Restriction of Rendered UI Layers or Frames in GitHub reposit ...)
 	NOT-FOR-US: NotrinosERP
 CVE-2022-2964 (A flaw was found in the Linux kernel’s driver for the ASIX AX881 ...)
@@ -29400,8 +29568,8 @@ CVE-2022-37834
 	RESERVED
 CVE-2022-37833
 	RESERVED
-CVE-2022-37832
-	RESERVED
+CVE-2022-37832 (Mutiny 7.2.0-10788 suffers from Hardcoded root password. ...)
+	TODO: check
 CVE-2022-37831
 	RESERVED
 CVE-2022-37830
@@ -61203,14 +61371,14 @@ CVE-2022-26584
 	RESERVED
 CVE-2022-26583
 	RESERVED
-CVE-2022-26582
-	RESERVED
-CVE-2022-26581
-	RESERVED
-CVE-2022-26580
-	RESERVED
-CVE-2022-26579
-	RESERVED
+CVE-2022-26582 (The systool_server in PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.0 ...)
+	TODO: check
+CVE-2022-26581 (The ADB daemon in PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20 ...)
+	TODO: check
+CVE-2022-26580 (PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 was discove ...)
+	TODO: check
+CVE-2022-26579 (PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 allows root ...)
+	TODO: check
 CVE-2022-26578
 	RESERVED
 CVE-2022-26577
@@ -71005,10 +71173,10 @@ CVE-2022-23533
 	RESERVED
 CVE-2022-23532
 	RESERVED
-CVE-2022-23531
-	RESERVED
-CVE-2022-23530
-	RESERVED
+CVE-2022-23531 (GuardDog is a CLI tool to identify malicious PyPI packages. Versions p ...)
+	TODO: check
+CVE-2022-23530 (GuardDog is a CLI tool to identify malicious PyPI packages. Versions p ...)
+	TODO: check
 CVE-2022-23529
 	RESERVED
 CVE-2022-23528
@@ -71103,12 +71271,12 @@ CVE-2022-23492 (go-libp2p is the offical libp2p implementation in the Go program
 	TODO: check
 CVE-2022-23491 (Certifi is a curated collection of Root Certificates for validating th ...)
 	TODO: check
-CVE-2022-23490
-	RESERVED
+CVE-2022-23490 (BigBlueButton is an open source web conferencing system. Versions prio ...)
+	TODO: check
 CVE-2022-23489
 	RESERVED
-CVE-2022-23488
-	RESERVED
+CVE-2022-23488 (BigBlueButton is an open source web conferencing system. Versions prio ...)
+	TODO: check
 CVE-2022-23487 (js-libp2p is the official javascript Implementation of libp2p networki ...)
 	TODO: check
 CVE-2022-23486 (libp2p-rust is the official rust language Implementation of the libp2p ...)
@@ -89630,7 +89798,8 @@ CVE-2022-20465 (In dismiss and related functions of KeyguardHostViewController.j
 	NOT-FOR-US: Android
 CVE-2022-20464 (In various functions of ap_input_processor.c, there is a possible way  ...)
 	NOT-FOR-US: Android
-CVE-2022-20463 (In factoryReset of WifiServiceImpl, there is a possible way to preserv ...)
+CVE-2022-20463
+	REJECTED
 	NOT-FOR-US: Android
 CVE-2022-20462 (In phNxpNciHal_write_unlocked of phNxpNciHal.cc, there is a possible o ...)
 	NOT-FOR-US: Android
@@ -101437,8 +101606,8 @@ CVE-2021-38243
 	RESERVED
 CVE-2021-38242
 	RESERVED
-CVE-2021-38241
-	RESERVED
+CVE-2021-38241 (Deserialization issue discovered in Ruoyi before 4.6.1 allows remote a ...)
+	TODO: check
 CVE-2021-38240
 	RESERVED
 CVE-2021-38239
@@ -118169,8 +118338,8 @@ CVE-2021-31652
 	RESERVED
 CVE-2021-31651
 	RESERVED
-CVE-2021-31650
-	RESERVED
+CVE-2021-31650 (A SQL injection vulnerability in Sourcecodester Online Grading System  ...)
+	TODO: check
 CVE-2021-31649 (In applications using jfinal 4.9.08 and below, there is a deserializat ...)
 	NOT-FOR-US: jfinal
 CVE-2021-31648



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ea84aa4cf8da511544b5a4e6d8a927e1b639a98

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ea84aa4cf8da511544b5a4e6d8a927e1b639a98
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221217/d6741ad9/attachment.htm>

More information about the debian-security-tracker-commits mailing list