[Git][security-tracker-team/security-tracker][master] automatic update

Fri Dec 30 20:10:44 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6073ec15 by security tracker role at 2022-12-30T20:10:34+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2022-4863 (Improper Handling of Insufficient Permissions or Privileges in GitHub  ...)
+	TODO: check
+CVE-2022-4862
+	RESERVED
+CVE-2022-4861 (Incorrect implementation in authentication protocol in M-Files Client  ...)
+	TODO: check
+CVE-2022-4860 (A vulnerability was found in KBase Metrics. It has been classified as  ...)
+	TODO: check
+CVE-2022-4859 (A vulnerability, which was classified as problematic, has been found i ...)
+	TODO: check
+CVE-2022-4858 (Insertion of Sensitive Information into Log Files in M-Files Server be ...)
+	TODO: check
+CVE-2022-4857 (A vulnerability was found in Modbus Tools Modbus Poll up to 9.10.0 and ...)
+	TODO: check
+CVE-2022-4856 (A vulnerability has been found in Modbus Tools Modbus Slave up to 7.5. ...)
+	TODO: check
+CVE-2022-4855 (A vulnerability, which was classified as critical, was found in Source ...)
+	TODO: check
+CVE-2022-48196 (Certain NETGEAR devices are affected by a buffer overflow by an unauth ...)
+	TODO: check
+CVE-2020-36638 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Chris92de ...)
+	TODO: check
+CVE-2020-36637 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Chris92de ...)
+	TODO: check
+CVE-2018-25060 (A vulnerability was found in Macaron csrf and classified as problemati ...)
+	TODO: check
+CVE-2018-25059 (A vulnerability was found in pastebinit up to 0.2.2 and classified as  ...)
+	TODO: check
+CVE-2017-20153 (A vulnerability has been found in aerouk imageserve and classified as  ...)
+	TODO: check
+CVE-2017-20152 (A vulnerability, which was classified as problematic, was found in aer ...)
+	TODO: check
+CVE-2017-20151 (A vulnerability classified as problematic was found in iText RUPS. Thi ...)
+	TODO: check
 CVE-2022-48195
 	RESERVED
 CVE-2022-48194 (TP-Link TL-WR902AC devices through V3 0.9.1 allow remote authenticated ...)
@@ -13177,8 +13211,7 @@ CVE-2022-44623 (In JetBrains TeamCity version before 2022.10, Project Viewer cou
 	NOT-FOR-US: JetBrains TeamCity
 CVE-2022-44622 (In JetBrains TeamCity version between 2021.2 and 2022.10 access permis ...)
 	NOT-FOR-US: JetBrains TeamCity
-CVE-2022-44621
-	RESERVED
+CVE-2022-44621 (Diagnosis Controller miss parameter validation, so user may attacked b ...)
 	NOT-FOR-US: Apache Kylin (different from Kylin desktop environment)
 CVE-2022-44618
 	RESERVED
@@ -18198,8 +18231,7 @@ CVE-2022-43398 (A vulnerability has been identified in POWER METER SICAM Q100 (A
 	NOT-FOR-US: Siemens
 CVE-2022-43397 (A vulnerability has been identified in Parasolid V34.0 (All versions & ...)
 	NOT-FOR-US: Siemens
-CVE-2022-43396
-	RESERVED
+CVE-2022-43396 (In the fix for CVE-2022-24697, a blacklist is used to filter user inpu ...)
 	NOT-FOR-US: Apache Kylin (different from Kylin desktop environment)
 CVE-2022-3591 (Use After Free in GitHub repository vim/vim prior to 9.0.0789. ...)
 	- vim 2:9.0.0813-1 (unimportant)
@@ -74649,7 +74681,7 @@ CVE-2022-23549
 	RESERVED
 CVE-2022-23548
 	RESERVED
-CVE-2022-23537
+CVE-2022-23537 (PJSIP is a free and open source multimedia communication library writt ...)
 	- asterisk <unfixed>
 	- ring <unfixed>
 	- pjproject <removed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6073ec153d4c611a32bb07db03648ea90c49be7f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6073ec153d4c611a32bb07db03648ea90c49be7f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221230/67ccc0ce/attachment-0001.htm>
