[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Dec 26 20:10:35 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
564b1d94 by security tracker role at 2022-12-26T20:10:26+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2022-47908
+ RESERVED
+CVE-2022-4744
+ RESERVED
+CVE-2022-4743
+ RESERVED
+CVE-2022-4742 (A vulnerability, which was classified as critical, has been found in j ...)
+ TODO: check
+CVE-2022-47317
+ RESERVED
+CVE-2022-46360
+ RESERVED
+CVE-2022-43448
+ RESERVED
+CVE-2022-41645
+ RESERVED
CVE-2022-4741 (A vulnerability was found in docconv up to 1.2.0 and classified as pro ...)
TODO: check
CVE-2022-4740 (A vulnerability, which was classified as problematic, has been found i ...)
@@ -5879,12 +5895,12 @@ CVE-2022-4270 (Incorrect privilege assignment issue in M-Files Web in M-Files We
CVE-2022-4269 (A flaw was found in the Linux kernel Traffic Control (TC) subsystem. U ...)
- linux <unfixed>
NOTE: https://lore.kernel.org/netdev/33dc43f587ec1388ba456b4915c75f02a8aae226.1663945716.git.dcaratti@redhat.com/
-CVE-2022-4268
- RESERVED
-CVE-2022-4267
- RESERVED
-CVE-2022-4266
- RESERVED
+CVE-2022-4268 (The Plugin Logic WordPress plugin through 1.0.7 does not sanitise and ...)
+ TODO: check
+CVE-2022-4267 (The Bulk Delete Users by Email WordPress plugin through 1.2 does not s ...)
+ TODO: check
+CVE-2022-4266 (The Bulk Delete Users by Email WordPress plugin through 1.2 does not h ...)
+ TODO: check
CVE-2022-4265
RESERVED
CVE-2022-4264 (Incorrect Privilege Assignment in M-Files Web (Classic) in M-Files bef ...)
@@ -6144,10 +6160,10 @@ CVE-2022-4245
RESERVED
CVE-2022-4244
RESERVED
-CVE-2022-4243
- RESERVED
-CVE-2022-4242
- RESERVED
+CVE-2022-4243 (The ImageInject WordPress plugin through TODO does not sanitise and es ...)
+ TODO: check
+CVE-2022-4242 (The WP Google Review Slider WordPress plugin before 11.6 does not sani ...)
+ TODO: check
CVE-2022-4241
RESERVED
CVE-2022-4240
@@ -6182,8 +6198,8 @@ CVE-2022-46346 (A vulnerability has been identified in Parasolid V33.1 (All vers
NOT-FOR-US: Siemens
CVE-2022-46345 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
NOT-FOR-US: Siemens
-CVE-2022-4239
- RESERVED
+CVE-2022-4239 (The Workreap WordPress theme before 2.6.4 does not verify that an addo ...)
+ TODO: check
CVE-2022-4238
RESERVED
CVE-2022-4237
@@ -6206,10 +6222,10 @@ CVE-2022-4229 (A vulnerability classified as critical was found in SourceCodeste
NOT-FOR-US: SourceCodester Book Store Management System
CVE-2022-4228 (A vulnerability classified as problematic has been found in SourceCode ...)
NOT-FOR-US: SourceCodester Book Store Management System
-CVE-2022-4227
- RESERVED
-CVE-2022-4226
- RESERVED
+CVE-2022-4227 (The Booster for WooCommerce WordPress plugin before 5.6.3, Booster Plu ...)
+ TODO: check
+CVE-2022-4226 (The Simple Basic Contact Form WordPress plugin before 20221201 does no ...)
+ TODO: check
CVE-2022-4225
RESERVED
CVE-2021-4242 (A vulnerability was found in Sapido BR270n, BRC76n, GR297 and RB1732 a ...)
@@ -6444,8 +6460,8 @@ CVE-2022-4199
RESERVED
CVE-2022-4198
RESERVED
-CVE-2022-4197
- RESERVED
+CVE-2022-4197 (The Sliderby10Web WordPress plugin before 1.2.53 does not sanitise and ...)
+ TODO: check
CVE-2022-4196
RESERVED
CVE-2022-4195 (Insufficient policy enforcement in Safe Browsing in Google Chrome prio ...)
@@ -6843,40 +6859,40 @@ CVE-2022-4168
RESERVED
CVE-2022-4167
RESERVED
-CVE-2022-4166
- RESERVED
-CVE-2022-4165
- RESERVED
-CVE-2022-4164
- RESERVED
-CVE-2022-4163
- RESERVED
-CVE-2022-4162
- RESERVED
-CVE-2022-4161
- RESERVED
-CVE-2022-4160
- RESERVED
-CVE-2022-4159
- RESERVED
-CVE-2022-4158
- RESERVED
-CVE-2022-4157
- RESERVED
-CVE-2022-4156
- RESERVED
-CVE-2022-4155
- RESERVED
-CVE-2022-4154
- RESERVED
-CVE-2022-4153
- RESERVED
-CVE-2022-4152
- RESERVED
-CVE-2022-4151
- RESERVED
-CVE-2022-4150
- RESERVED
+CVE-2022-4166 (The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery ...)
+ TODO: check
+CVE-2022-4165 (The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery ...)
+ TODO: check
+CVE-2022-4164 (The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery ...)
+ TODO: check
+CVE-2022-4163 (The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery ...)
+ TODO: check
+CVE-2022-4162 (The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery ...)
+ TODO: check
+CVE-2022-4161 (The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery ...)
+ TODO: check
+CVE-2022-4160 (The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery ...)
+ TODO: check
+CVE-2022-4159 (The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery ...)
+ TODO: check
+CVE-2022-4158 (The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery ...)
+ TODO: check
+CVE-2022-4157 (The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery ...)
+ TODO: check
+CVE-2022-4156 (The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery ...)
+ TODO: check
+CVE-2022-4155 (The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery ...)
+ TODO: check
+CVE-2022-4154 (The Contest Gallery Pro WordPress plugin before 19.1.5 does not escape ...)
+ TODO: check
+CVE-2022-4153 (The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery ...)
+ TODO: check
+CVE-2022-4152 (The Contest Gallery WordPress plugin before 19.1.5, Contest Gallery Pr ...)
+ TODO: check
+CVE-2022-4151 (The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery ...)
+ TODO: check
+CVE-2022-4150 (The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery ...)
+ TODO: check
CVE-2022-4149
RESERVED
CVE-2022-4148
@@ -7713,14 +7729,14 @@ CVE-2022-4121 [Null pointer dereference in mailimap_mailbox_data_status_free in
- libetpan <unfixed> (bug #1025120)
[bullseye] - libetpan <no-dsa> (Minor issue)
NOTE: https://github.com/dinhvh/libetpan/issues/420
-CVE-2022-4120
- RESERVED
+CVE-2022-4120 (The Stop Spammers Security | Block Spam Users, Comments, Forms WordPre ...)
+ TODO: check
CVE-2022-4119
RESERVED
CVE-2022-4118
RESERVED
-CVE-2022-4117
- RESERVED
+CVE-2022-4117 (The IWS WordPress plugin through 1.0 does not properly escape a parame ...)
+ TODO: check
CVE-2022-4116 (A vulnerability was found in quarkus. This security flaw happens in De ...)
NOT-FOR-US: Quarkus
CVE-2022-4115
@@ -7744,8 +7760,8 @@ CVE-2022-4112 (The Quizlord WordPress plugin through 2.0 does not sanitise and e
NOT-FOR-US: WordPress plugin
CVE-2022-4111 (Unrestricted file size limit can lead to DoS in tooljet/tooljet <1. ...)
NOT-FOR-US: ToolJet
-CVE-2022-4110
- RESERVED
+CVE-2022-4110 (The Eventify™ WordPress plugin through 2.1 does not sanitise and ...)
+ TODO: check
CVE-2022-4109
RESERVED
CVE-2022-4108 (The Wholesale Market for WooCommerce WordPress plugin before 1.0.8 doe ...)
@@ -8540,8 +8556,8 @@ CVE-2022-4049
RESERVED
CVE-2022-4048
RESERVED
-CVE-2022-4047
- RESERVED
+CVE-2022-4047 (The Return Refund and Exchange For WooCommerce WordPress plugin before ...)
+ TODO: check
CVE-2022-4046
RESERVED
CVE-2022-4045 (A denial-of-service vulnerability in the Mattermost allows an authenti ...)
@@ -8550,8 +8566,8 @@ CVE-2022-4044 (A denial-of-service vulnerability in Mattermost allows an authent
- mattermost-server <itp> (bug #823556)
CVE-2022-4043
RESERVED
-CVE-2022-4042
- RESERVED
+CVE-2022-4042 (The Paytium: Mollie payment forms & donations WordPress plugin thr ...)
+ TODO: check
CVE-2022-4041
RESERVED
CVE-2022-4040
@@ -12132,8 +12148,8 @@ CVE-2022-3842
CVE-2022-3841
RESERVED
NOT-FOR-US: Red Hat Advanced Cluster Management for Kubernetes (RHACM)
-CVE-2022-3840
- RESERVED
+CVE-2022-3840 (The Login for Google Apps WordPress plugin before 3.4.5 does not sanit ...)
+ TODO: check
CVE-2022-3839 (The Analytics for WP WordPress plugin through 1.5.1 does not sanitise ...)
NOT-FOR-US: WordPress plugin
CVE-2022-3838 (The WPUpper Share Buttons WordPress plugin through 3.42 does not sanit ...)
@@ -12142,8 +12158,8 @@ CVE-2022-3837 (The Uji Countdown WordPress plugin through 2.2 does not sanitise
NOT-FOR-US: WordPress plugin
CVE-2022-3836
RESERVED
-CVE-2022-3835
- RESERVED
+CVE-2022-3835 (The Kwayy HTML Sitemap WordPress plugin before 4.0 does not sanitise a ...)
+ TODO: check
CVE-2022-3834 (The Google Forms WordPress plugin through 0.95 does not sanitise and e ...)
NOT-FOR-US: WordPress plugin
CVE-2022-3833 (The Fancier Author Box by ThematoSoup WordPress plugin through 1.4 doe ...)
@@ -137973,8 +137989,8 @@ CVE-2021-24944 (The Custom Dashboard & Login Page WordPress plugin before 7.
NOT-FOR-US: WordPress plugin
CVE-2021-24943 (The Registrations for the Events Calendar WordPress plugin before 2.7. ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24942
- RESERVED
+CVE-2021-24942 (The Menu Item Visibility Control WordPress plugin through 0.5 doesn't ...)
+ TODO: check
CVE-2021-24941 (The Popups, Welcome Bar, Optins and Lead Generation Plugin WordPress p ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24940 (The Persian Woocommerce WordPress plugin through 5.8.0 does not escape ...)
@@ -199853,12 +199869,12 @@ CVE-2020-12071 (Anchor 0.12.7 allows admins to cause XSS via crafted post conten
NOT-FOR-US: Anchor
CVE-2020-12070 (The Advanced Woo Search plugin version through 1.99 for Wordpress suff ...)
NOT-FOR-US: Advanced Woo Search plugin for WordPress
-CVE-2020-12069
- RESERVED
+CVE-2020-12069 (In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Devel ...)
+ TODO: check
CVE-2020-12068 (An issue was discovered in CODESYS Development System before 3.5.16.0. ...)
NOT-FOR-US: CODESYS
-CVE-2020-12067
- RESERVED
+CVE-2020-12067 (In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Devel ...)
+ TODO: check
CVE-2020-12066 (CServer::SendMsg in engine/server/server.cpp in Teeworlds 0.7.x before ...)
{DSA-4763-1}
- teeworlds 0.7.5-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/564b1d94af55f467abccdea09908200677c2d446
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/564b1d94af55f467abccdea09908200677c2d446
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221226/8fbef427/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list