[Git][security-tracker-team/security-tracker][master] automatic update

Sat Dec 24 08:10:21 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8ed68f02 by security tracker role at 2022-12-24T08:10:11+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2022-47946 (An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A  ...)
+	TODO: check
+CVE-2022-47945 (ThinkPHP Framework before 6.0.14 allows local file inclusion via the l ...)
+	TODO: check
+CVE-2022-47944
+	RESERVED
+CVE-2022-4724 (Improper Access Control in GitHub repository ikus060/rdiffweb prior to ...)
+	TODO: check
+CVE-2022-4723 (Allocation of Resources Without Limits or Throttling in GitHub reposit ...)
+	TODO: check
+CVE-2022-4722 (Authentication Bypass by Primary Weakness in GitHub repository ikus060 ...)
+	TODO: check
+CVE-2022-4721 (Failure to Sanitize Special Elements into a Different Plane (Special E ...)
+	TODO: check
+CVE-2022-4720 (Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5. ...)
+	TODO: check
+CVE-2022-4719 (Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2 ...)
+	TODO: check
+CVE-2022-4718
+	RESERVED
+CVE-2022-4717
+	RESERVED
+CVE-2022-4716
+	RESERVED
+CVE-2022-4715
+	RESERVED
+CVE-2022-4714
+	RESERVED
+CVE-2022-4713
+	RESERVED
+CVE-2022-4712
+	RESERVED
+CVE-2022-4711
+	RESERVED
 CVE-2022-47937
 	RESERVED
 CVE-2022-47936
@@ -913,8 +947,8 @@ CVE-2022-47635 (Wildix WMS 6 before 6.02.20221216, WMS 5 before 5.04.20221214, a
 	NOT-FOR-US: Wildix CMS
 CVE-2022-47634
 	RESERVED
-CVE-2022-47633
-	RESERVED
+CVE-2022-47633 (An image signature validation bypass vulnerability in Kyverno 1.8.3 an ...)
+	TODO: check
 CVE-2022-47632
 	RESERVED
 CVE-2022-47631
@@ -6597,8 +6631,8 @@ CVE-2022-46177
 	RESERVED
 CVE-2022-46176
 	RESERVED
-CVE-2022-46175
-	RESERVED
+CVE-2022-46175 (JSON5 is an extension to the popular JSON file format that aims to be  ...)
+	TODO: check
 CVE-2022-46174
 	RESERVED
 CVE-2022-46173
@@ -15638,8 +15672,8 @@ CVE-2022-43862
 	RESERVED
 CVE-2022-43861
 	RESERVED
-CVE-2022-43860
-	RESERVED
+CVE-2022-43860 (IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated use ...)
+	TODO: check
 CVE-2022-43859 (IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated use ...)
 	NOT-FOR-US: IBM
 CVE-2022-43858 (IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated use ...)
@@ -15660,10 +15694,10 @@ CVE-2022-43851
 	RESERVED
 CVE-2022-43850
 	RESERVED
-CVE-2022-43849
-	RESERVED
-CVE-2022-43848
-	RESERVED
+CVE-2022-43849 (IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local  ...)
+	TODO: check
+CVE-2022-43848 (IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local ...)
+	TODO: check
 CVE-2022-43847
 	RESERVED
 CVE-2022-43846
@@ -22720,8 +22754,8 @@ CVE-2022-41292
 	RESERVED
 CVE-2022-41291 (IBM InfoSphere Information Server 11.7 does not invalidate session aft ...)
 	NOT-FOR-US: IBM
-CVE-2022-41290
-	RESERVED
+CVE-2022-41290 (IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local ...)
+	TODO: check
 CVE-2022-41289
 	RESERVED
 CVE-2022-41288 (A vulnerability has been identified in JT2Go (All versions), Teamcente ...)
@@ -25772,8 +25806,8 @@ CVE-2022-40013
 	RESERVED
 CVE-2022-40012
 	RESERVED
-CVE-2022-40011
-	RESERVED
+CVE-2022-40011 (Cross Site Scripting (XSS) vulnerability in typora through 1.38 allows ...)
+	TODO: check
 CVE-2022-40010
 	RESERVED
 CVE-2022-40009 (SWFTools commit 772e55a was discovered to contain a heap-use-after-fre ...)
@@ -27837,8 +27871,8 @@ CVE-2022-39166 (IBM Security Guardium 11.4 could allow a privileged user to obta
 	NOT-FOR-US: IBM
 CVE-2022-39165 (IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local  ...)
 	NOT-FOR-US: IBM
-CVE-2022-39164
-	RESERVED
+CVE-2022-39164 (IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local  ...)
+	TODO: check
 CVE-2022-39163
 	RESERVED
 CVE-2022-39162
@@ -58737,10 +58771,10 @@ CVE-2022-28231 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.30
 	NOT-FOR-US: Adobe
 CVE-2022-28230 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
 	NOT-FOR-US: Adobe
-CVE-2022-28229
-	RESERVED
-CVE-2022-28228
-	RESERVED
+CVE-2022-28229 (The hash functionality in userver before 42059b6319661583b3080cab9b595 ...)
+	TODO: check
+CVE-2022-28228 (Out-of-bounds read was discovered in YDB server. An attacker could con ...)
+	TODO: check
 CVE-2022-28227
 	RESERVED
 CVE-2022-28226 (Local privilege vulnerability in Yandex Browser for Windows prior to 2 ...)
@@ -72449,8 +72483,8 @@ CVE-2022-23856 (An issue was discovered in Saviynt Enterprise Identity Cloud (EI
 	NOT-FOR-US: Saviynt Enterprise Identity Cloud (EIC)
 CVE-2022-23855 (An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 ...)
 	NOT-FOR-US: Saviynt Enterprise Identity Cloud (EIC)
-CVE-2022-23854
-	RESERVED
+CVE-2022-23854 (AVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerabl ...)
+	TODO: check
 CVE-2022-23853 (The LSP (Language Server Protocol) plugin in KDE Kate before 21.12.2 a ...)
 	- kate 4:21.12.2-1
 	[bullseye] - kate <no-dsa> (Minor issue)
@@ -77504,8 +77538,8 @@ CVE-2022-22451
 	RESERVED
 CVE-2022-22450 (IBM Security Verify Identity Manager 10.0 could allow a privileged use ...)
 	NOT-FOR-US: IBM
-CVE-2022-22449
-	RESERVED
+CVE-2022-22449 (IBM Security Verify Governance, Identity Manager 10.01 could allow a r ...)
+	TODO: check
 CVE-2022-22448
 	RESERVED
 CVE-2022-22447



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8ed68f026418e224e1b8fd31fa6861d5742a883f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8ed68f026418e224e1b8fd31fa6861d5742a883f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221224/44b1e493/attachment.htm>
