[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Dec 31 08:10:26 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d327ae85 by security tracker role at 2022-12-31T08:10:11+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2022-4864 (Argument Injection in GitHub repository froxlor/froxlor prior to 2.0.0 ...)
+ TODO: check
+CVE-2017-20155 (A vulnerability was found in Sterc Google Analytics Dashboard for MODX ...)
+ TODO: check
+CVE-2017-20154 (A vulnerability was found in ghostlander Phoenixcoin. It has been clas ...)
+ TODO: check
CVE-2022-4863 (Improper Handling of Insufficient Permissions or Privileges in GitHub ...)
NOT-FOR-US: usememos
CVE-2022-4862
@@ -34,8 +40,8 @@ CVE-2017-20152 (A vulnerability, which was classified as problematic, was found
TODO: check
CVE-2017-20151 (A vulnerability classified as problematic was found in iText RUPS. Thi ...)
NOT-FOR-US: iText RUPS
-CVE-2022-48195
- RESERVED
+CVE-2022-48195 (An issue was discovered in Mellium mellium.im/sasl before 0.3.1. When ...)
+ TODO: check
CVE-2022-48194 (TP-Link TL-WR902AC devices through V3 0.9.1 allow remote authenticated ...)
NOT-FOR-US: TP-Link
CVE-2022-48193
@@ -1397,7 +1403,7 @@ CVE-2022-4661
CVE-2022-4660
RESERVED
CVE-2022-4659
- RESERVED
+ REJECTED
CVE-2022-4658
RESERVED
CVE-2022-4657
@@ -2233,7 +2239,7 @@ CVE-2022-4620
CVE-2022-4619 (The Sidebar Widgets by CodeLights plugin for WordPress is vulnerable t ...)
NOT-FOR-US: Sidebar Widgets by CodeLights plugin for WordPress
CVE-2022-4618
- RESERVED
+ REJECTED
CVE-2022-4617 (Cross-site Scripting (XSS) - Reflected in GitHub repository microweber ...)
NOT-FOR-US: microweber
CVE-2022-47579
@@ -4872,34 +4878,34 @@ CVE-2022-47130
RESERVED
CVE-2022-47129
RESERVED
-CVE-2022-47128
- RESERVED
-CVE-2022-47127
- RESERVED
-CVE-2022-47126
- RESERVED
-CVE-2022-47125
- RESERVED
-CVE-2022-47124
- RESERVED
-CVE-2022-47123
- RESERVED
-CVE-2022-47122
- RESERVED
-CVE-2022-47121
- RESERVED
-CVE-2022-47120
- RESERVED
-CVE-2022-47119
- RESERVED
-CVE-2022-47118
- RESERVED
-CVE-2022-47117
- RESERVED
-CVE-2022-47116
- RESERVED
-CVE-2022-47115
- RESERVED
+CVE-2022-47128 (Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via ...)
+ TODO: check
+CVE-2022-47127 (Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via ...)
+ TODO: check
+CVE-2022-47126 (Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via ...)
+ TODO: check
+CVE-2022-47125 (Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via ...)
+ TODO: check
+CVE-2022-47124 (Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via ...)
+ TODO: check
+CVE-2022-47123 (Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via ...)
+ TODO: check
+CVE-2022-47122 (Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via ...)
+ TODO: check
+CVE-2022-47121 (Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via ...)
+ TODO: check
+CVE-2022-47120 (Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via ...)
+ TODO: check
+CVE-2022-47119 (Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via ...)
+ TODO: check
+CVE-2022-47118 (Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via ...)
+ TODO: check
+CVE-2022-47117 (Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via ...)
+ TODO: check
+CVE-2022-47116 (Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via ...)
+ TODO: check
+CVE-2022-47115 (Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via ...)
+ TODO: check
CVE-2022-47114
RESERVED
CVE-2022-47113
@@ -5912,7 +5918,7 @@ CVE-2022-46751
CVE-2022-4340
RESERVED
CVE-2022-4339
- RESERVED
+ REJECTED
CVE-2022-4338 [Integer Underflow in Organization Specific TLV]
RESERVED
- openvswitch <unfixed> (bug #1027273)
@@ -5934,7 +5940,7 @@ CVE-2022-4336 (In BAOTA linux panel there exists a stored xss vulnerability atta
CVE-2022-4335
RESERVED
CVE-2022-4334
- RESERVED
+ REJECTED
CVE-2022-4333
RESERVED
CVE-2022-4332
@@ -6138,14 +6144,17 @@ CVE-2022-46702 (The issue was addressed with improved memory handling. This issu
CVE-2022-46701 (The issue was addressed with improved bounds checks. This issue is fix ...)
NOT-FOR-US: Apple
CVE-2022-46700 (A memory corruption issue was addressed with improved input validation ...)
+ {DSA-5309-1 DSA-5308-1}
- webkit2gtk 2.38.3-1
- wpewebkit 2.38.3-1
NOTE: https://webkitgtk.org/security/WSA-2022-0011.html
CVE-2022-46699 (A memory corruption issue was addressed with improved state management ...)
+ {DSA-5309-1 DSA-5308-1}
- webkit2gtk 2.38.3-1
- wpewebkit 2.38.3-1
NOTE: https://webkitgtk.org/security/WSA-2022-0011.html
CVE-2022-46698 (A logic issue was addressed with improved checks. This issue is fixed ...)
+ {DSA-5309-1 DSA-5308-1}
- webkit2gtk 2.38.3-1
- wpewebkit 2.38.3-1
NOTE: https://webkitgtk.org/security/WSA-2022-0011.html
@@ -6160,6 +6169,7 @@ CVE-2022-46694 (An out-of-bounds write issue was addressed with improved input v
CVE-2022-46693 (An out-of-bounds write issue was addressed with improved input validat ...)
NOT-FOR-US: Apple
CVE-2022-46692 (A logic issue was addressed with improved state management. This issue ...)
+ {DSA-5309-1 DSA-5308-1}
- webkit2gtk 2.38.3-1
- wpewebkit 2.38.3-1
NOTE: https://webkitgtk.org/security/WSA-2022-0011.html
@@ -6250,23 +6260,23 @@ CVE-2022-42700
CVE-2022-46674
RESERVED
CVE-2022-46673
- RESERVED
+ REJECTED
CVE-2022-46672
- RESERVED
+ REJECTED
CVE-2022-46671
- RESERVED
+ REJECTED
CVE-2022-46670 (Rockwell Automation was made aware of a vulnerability by a security re ...)
NOT-FOR-US: Rockwell Automation
CVE-2022-46669
- RESERVED
+ REJECTED
CVE-2022-46668
- RESERVED
+ REJECTED
CVE-2022-46667
- RESERVED
+ REJECTED
CVE-2022-46666
- RESERVED
+ REJECTED
CVE-2022-46665
- RESERVED
+ REJECTED
CVE-2022-46664 (A vulnerability has been identified in Mendix Workflow Commons (All ve ...)
NOT-FOR-US: Siemens
CVE-2022-46662 (Roxio Creator LJB starts another program with an unquoted file path. S ...)
@@ -6421,50 +6431,50 @@ CVE-2022-46603
RESERVED
CVE-2022-46602
RESERVED
-CVE-2022-46601
- RESERVED
-CVE-2022-46600
- RESERVED
-CVE-2022-46599
- RESERVED
-CVE-2022-46598
- RESERVED
-CVE-2022-46597
- RESERVED
-CVE-2022-46596
- RESERVED
+CVE-2022-46601 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow v ...)
+ TODO: check
+CVE-2022-46600 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow v ...)
+ TODO: check
+CVE-2022-46599 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow v ...)
+ TODO: check
+CVE-2022-46598 (TRENDnet TEW755AP 1.13B01 was discovered to contain a command injectio ...)
+ TODO: check
+CVE-2022-46597 (TRENDnet TEW755AP 1.13B01 was discovered to contain a command injectio ...)
+ TODO: check
+CVE-2022-46596 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow v ...)
+ TODO: check
CVE-2022-46595
RESERVED
-CVE-2022-46594
- RESERVED
-CVE-2022-46593
- RESERVED
-CVE-2022-46592
- RESERVED
-CVE-2022-46591
- RESERVED
-CVE-2022-46590
- RESERVED
-CVE-2022-46589
- RESERVED
-CVE-2022-46588
- RESERVED
+CVE-2022-46594 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow v ...)
+ TODO: check
+CVE-2022-46593 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow v ...)
+ TODO: check
+CVE-2022-46592 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow v ...)
+ TODO: check
+CVE-2022-46591 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow v ...)
+ TODO: check
+CVE-2022-46590 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow v ...)
+ TODO: check
+CVE-2022-46589 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow v ...)
+ TODO: check
+CVE-2022-46588 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow v ...)
+ TODO: check
CVE-2022-46587
RESERVED
-CVE-2022-46586
- RESERVED
-CVE-2022-46585
- RESERVED
-CVE-2022-46584
- RESERVED
-CVE-2022-46583
- RESERVED
-CVE-2022-46582
- RESERVED
-CVE-2022-46581
- RESERVED
-CVE-2022-46580
- RESERVED
+CVE-2022-46586 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow v ...)
+ TODO: check
+CVE-2022-46585 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow v ...)
+ TODO: check
+CVE-2022-46584 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow v ...)
+ TODO: check
+CVE-2022-46583 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow v ...)
+ TODO: check
+CVE-2022-46582 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow v ...)
+ TODO: check
+CVE-2022-46581 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow v ...)
+ TODO: check
+CVE-2022-46580 (TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow v ...)
+ TODO: check
CVE-2022-46579
RESERVED
CVE-2022-46578
@@ -7855,7 +7865,7 @@ CVE-2022-46171 (Tauri is a framework for building binaries for all major desktop
CVE-2022-46170 (CodeIgniter is a PHP full-stack web framework. When an application use ...)
- codeigniter <itp> (bug #471583)
CVE-2022-46169 (Cacti is an open source platform which provides a robust and extensibl ...)
- {DSA-5298-1}
+ {DSA-5298-1 DLA-3252-1}
- cacti 1.2.22+ds1-3 (bug #1025648)
NOTE: Fixed by: https://github.com/Cacti/cacti/commit/7f0e16312dd5ce20f93744ef8b9c3b0f1ece2216
NOTE: Fixup for 1.2.x with PHP < 7.0: https://github.com/Cacti/cacti/commit/a8d59e8fa5f0054aa9c6981b1cbe30ef0e2a0ec9
@@ -7948,7 +7958,7 @@ CVE-2022-4170 (The rxvt-unicode package is vulnerable to a remote code execution
CVE-2022-4169 (The Theme and plugin translation for Polylang is vulnerable to authori ...)
NOT-FOR-US: Polylang
CVE-2022-4168
- RESERVED
+ REJECTED
CVE-2022-4167
RESERVED
CVE-2022-4166 (The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery ...)
@@ -11108,7 +11118,7 @@ CVE-2022-3907 (The Clerk WordPress plugin before 4.0.0 is affected by time-based
CVE-2022-3906 (The Easy Form Builder WordPress plugin before 3.4.0 does not sanitise ...)
NOT-FOR-US: WordPress plugin
CVE-2022-3905
- RESERVED
+ REJECTED
CVE-2022-3904
RESERVED
CVE-2022-3903 (An incorrect read request flaw was found in the Infrared Transceiver U ...)
@@ -13801,7 +13811,7 @@ CVE-2022-3780 (Database connections on deleted users could stay active on MySQL
CVE-2022-3779
RESERVED
CVE-2022-3778
- RESERVED
+ REJECTED
CVE-2022-3777
RESERVED
CVE-2022-3776 (The Restaurant Menu – Food Ordering System – Table Reserva ...)
@@ -16699,11 +16709,11 @@ CVE-2022-43945 (The Linux kernel NFSD implementation prior to versions 5.19.17 a
- linux 6.0.3-1
NOTE: Merge: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f90497a16e434c2211c66e3de8e77b17868382b8
CVE-2022-43944
- RESERVED
+ REJECTED
CVE-2022-43943
- RESERVED
+ REJECTED
CVE-2022-43942
- RESERVED
+ REJECTED
CVE-2022-43941
RESERVED
CVE-2022-43940
@@ -17121,7 +17131,7 @@ CVE-2022-3694 (The Syncee WordPress plugin before 1.0.10 leaks the administrator
CVE-2022-3693
RESERVED
CVE-2022-3692
- RESERVED
+ REJECTED
CVE-2022-3691 (The DeepL Pro API translation plugin WordPress plugin before 1.7.5 dis ...)
NOT-FOR-US: WordPress plugin
CVE-2022-3690 (The Popup Maker WordPress plugin before 1.16.11 does not sanitise and ...)
@@ -19837,6 +19847,7 @@ CVE-2022-3459
CVE-2022-3458 (A vulnerability has been found in SourceCodester Human Resource Manage ...)
NOT-FOR-US: SourceCodester
CVE-2022-42867 (A use after free issue was addressed with improved memory management. ...)
+ {DSA-5309-1 DSA-5308-1}
- webkit2gtk 2.38.3-1
- wpewebkit 2.38.3-1
NOTE: https://webkitgtk.org/security/WSA-2022-0011.html
@@ -19864,6 +19875,7 @@ CVE-2022-42858
CVE-2022-42857
RESERVED
CVE-2022-42856 (A type confusion issue was addressed with improved state handling. Thi ...)
+ {DSA-5309-1 DSA-5308-1}
- webkit2gtk 2.38.3-1
- wpewebkit 2.38.3-1
NOTE: https://webkitgtk.org/security/WSA-2022-0011.html
@@ -19874,6 +19886,7 @@ CVE-2022-42854 (The issue was addressed with improved memory handling. This issu
CVE-2022-42853 (An access issue was addressed with improved access restrictions. This ...)
NOT-FOR-US: Apple
CVE-2022-42852 (The issue was addressed with improved memory handling. This issue is f ...)
+ {DSA-5309-1 DSA-5308-1}
- webkit2gtk 2.38.3-1
- wpewebkit 2.38.3-1
NOTE: https://webkitgtk.org/security/WSA-2022-0011.html
@@ -20117,17 +20130,17 @@ CVE-2022-42744 (CandidATS version 3.0.0 allows an external attacker to perform C
CVE-2022-42743 (deep-parse-json version 1.0.2 allows an external attacker to edit or a ...)
NOT-FOR-US: deep-parse-json Nodejs module
CVE-2022-42742
- RESERVED
+ REJECTED
CVE-2022-42741
- RESERVED
+ REJECTED
CVE-2022-42740
- RESERVED
+ REJECTED
CVE-2022-42739
- RESERVED
+ REJECTED
CVE-2022-42738
- RESERVED
+ REJECTED
CVE-2022-42737
- RESERVED
+ REJECTED
CVE-2022-42736
RESERVED
CVE-2022-41797 (Improper authorization in handler for custom URL scheme vulnerability ...)
@@ -21304,20 +21317,19 @@ CVE-2022-42272
RESERVED
CVE-2022-42271
RESERVED
-CVE-2022-42270
- RESERVED
-CVE-2022-42269
- RESERVED
+CVE-2022-42270 (NVIDIA distributions of Linux contain a vulnerability in nvdla_emu_tas ...)
+ TODO: check
+CVE-2022-42269 (NVIDIA Trusted OS contains a vulnerability in an SMC call handler, whe ...)
+ TODO: check
CVE-2022-42268
RESERVED
-CVE-2022-42267
- RESERVED
-CVE-2022-42266
- RESERVED
-CVE-2022-42265
- RESERVED
-CVE-2022-42264
- RESERVED
+CVE-2022-42267 (NVIDIA GPU Display Driver for Windows contains a vulnerability where a ...)
+ TODO: check
+CVE-2022-42266 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the ...)
+ TODO: check
+CVE-2022-42265 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
+ TODO: check
+CVE-2022-42264 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
[bullseye] - nvidia-graphics-drivers 470.161.03-1
[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -21332,8 +21344,7 @@ CVE-2022-42264
- nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
[bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
- nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-42263
- RESERVED
+CVE-2022-42263 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
[bullseye] - nvidia-graphics-drivers 470.161.03-1
[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -21348,8 +21359,7 @@ CVE-2022-42263
- nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
[bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
- nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-42262
- RESERVED
+CVE-2022-42262 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manag ...)
- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
[bullseye] - nvidia-graphics-drivers 470.161.03-1
[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -21364,8 +21374,7 @@ CVE-2022-42262
- nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
[bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
- nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-42261
- RESERVED
+CVE-2022-42261 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manag ...)
- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
[bullseye] - nvidia-graphics-drivers 470.161.03-1
[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -21380,8 +21389,7 @@ CVE-2022-42261
- nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
[bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
- nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-42260
- RESERVED
+CVE-2022-42260 (NVIDIA vGPU Display Driver for Linux guest contains a vulnerability in ...)
- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
[bullseye] - nvidia-graphics-drivers 470.161.03-1
[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -21396,8 +21404,7 @@ CVE-2022-42260
- nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
[bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
- nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-42259
- RESERVED
+CVE-2022-42259 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
[bullseye] - nvidia-graphics-drivers 470.161.03-1
[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -21417,8 +21424,7 @@ CVE-2022-42259
- nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
[bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
- nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-42258
- RESERVED
+CVE-2022-42258 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
[bullseye] - nvidia-graphics-drivers 470.161.03-1
[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -21438,8 +21444,7 @@ CVE-2022-42258
- nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
[bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
- nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-42257
- RESERVED
+CVE-2022-42257 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
[bullseye] - nvidia-graphics-drivers 470.161.03-1
[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -21459,8 +21464,7 @@ CVE-2022-42257
- nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
[bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
- nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-42256
- RESERVED
+CVE-2022-42256 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
[bullseye] - nvidia-graphics-drivers 470.161.03-1
[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -21475,8 +21479,7 @@ CVE-2022-42256
- nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
[bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
- nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-42255
- RESERVED
+CVE-2022-42255 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
[bullseye] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
- nvidia-graphics-drivers-tesla 510.108.03-1 (bug #1025287)
@@ -21488,8 +21491,7 @@ CVE-2022-42255
- nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
[bullseye] - nvidia-graphics-drivers-tesla-470 <no-dsa> (Non-free not supported)
- nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-42254
- RESERVED
+CVE-2022-42254 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
[bullseye] - nvidia-graphics-drivers 470.161.03-1
[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -22400,11 +22402,11 @@ CVE-2022-41858
[buster] - linux 4.19.249-1
NOTE: https://git.kernel.org/linus/ec4eb8a86ade4d22633e1da2a7d85a846b7d1798 (5.18-rc2)
CVE-2022-41857
- RESERVED
+ REJECTED
CVE-2022-41856
- RESERVED
+ REJECTED
CVE-2022-41855
- RESERVED
+ REJECTED
CVE-2022-41854 (Those using Snakeyaml to parse untrusted YAML files may be vulnerable ...)
- snakeyaml <unfixed>
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355
@@ -29186,7 +29188,7 @@ CVE-2022-39188 (An issue was discovered in include/asm-generic/tlb.h in the Linu
NOTE: https://lore.kernel.org/stable/CAG48ez3SEqOPcPCYGHVZv4iqEApujD5VtM3Re-tCKLDEFdEdbg@mail.gmail.com/
NOTE: https://git.kernel.org/linus/b67fbebd4cf980aecbcc750e1462128bffe8ae15
CVE-2022-39159
- RESERVED
+ REJECTED
CVE-2022-39158 (A vulnerability has been identified in RUGGEDCOM ROS RMC30 V4.X (All v ...)
NOT-FOR-US: Siemens
CVE-2022-39157 (A vulnerability has been identified in Parasolid V34.0 (All versions & ...)
@@ -36649,7 +36651,7 @@ CVE-2022-2532 (The Feed Them Social WordPress plugin before 3.0.1 does not sanit
CVE-2022-2531 (An issue has been discovered in GitLab EE affecting all versions start ...)
- gitlab <not-affected> (Specific to EE)
CVE-2022-2530
- RESERVED
+ REJECTED
CVE-2022-2529 (sflow decode package does not employ sufficient packet sanitisation wh ...)
NOT-FOR-US: goflow
CVE-2022-2528 (In affected versions of Octopus Deploy it is possible to upload a pack ...)
@@ -39530,9 +39532,9 @@ CVE-2022-2351 (The Post SMTP Mailer/Email Log WordPress plugin before 2.1.4 does
CVE-2022-2350 (The Disable User Login WordPress plugin through 1.0.1 does not have au ...)
NOT-FOR-US: WordPress plugin
CVE-2022-2349
- RESERVED
+ REJECTED
CVE-2022-2348
- RESERVED
+ REJECTED
CVE-2022-2347 (There exists an unchecked length field in UBoot. The U-Boot DFU implem ...)
[experimental] - u-boot 2023.01~rc2+dfsg-1
- u-boot <unfixed> (bug #1014959)
@@ -41613,18 +41615,16 @@ CVE-2022-34686 (Azure RTOS GUIX Studio Information Disclosure Vulnerability. Thi
NOT-FOR-US: Microsoft
CVE-2022-34685 (Azure RTOS GUIX Studio Information Disclosure Vulnerability. This CVE ...)
NOT-FOR-US: Microsoft
-CVE-2022-34684
- RESERVED
+CVE-2022-34684 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
[bullseye] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
- nvidia-graphics-drivers-tesla 510.108.03-1 (bug #1025287)
- nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
[bullseye] - nvidia-graphics-drivers-tesla-470 <no-dsa> (Non-free not supported)
- nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-34683
- RESERVED
-CVE-2022-34682
- RESERVED
+CVE-2022-34683 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the ...)
+ TODO: check
+CVE-2022-34682 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
[bullseye] - nvidia-graphics-drivers 470.161.03-1
[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -41639,10 +41639,9 @@ CVE-2022-34682
- nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
[bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
- nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-34681
- RESERVED
-CVE-2022-34680
- RESERVED
+CVE-2022-34681 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the ...)
+ TODO: check
+CVE-2022-34680 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
[bullseye] - nvidia-graphics-drivers 470.161.03-1
[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -41662,8 +41661,7 @@ CVE-2022-34680
- nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
[bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
- nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-34679
- RESERVED
+CVE-2022-34679 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
[bullseye] - nvidia-graphics-drivers 470.161.03-1
[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -41678,10 +41676,9 @@ CVE-2022-34679
- nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
[bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
- nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-34678
- RESERVED
-CVE-2022-34677
- RESERVED
+CVE-2022-34678 (NVIDIA GPU Display Driver for Windows and Linux contains a vulnerabili ...)
+ TODO: check
+CVE-2022-34677 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
[bullseye] - nvidia-graphics-drivers 470.161.03-1
[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -41701,10 +41698,9 @@ CVE-2022-34677
- nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
[bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
- nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-34676
- RESERVED
-CVE-2022-34675
- RESERVED
+CVE-2022-34676 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
+ TODO: check
+CVE-2022-34675 (NVIDIA Display Driver for Linux contains a vulnerability in the Virtua ...)
- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
[bullseye] - nvidia-graphics-drivers 470.161.03-1
[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -41724,8 +41720,7 @@ CVE-2022-34675
- nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
[bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
- nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-34674
- RESERVED
+CVE-2022-34674 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
[bullseye] - nvidia-graphics-drivers 470.161.03-1
[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -41745,14 +41740,13 @@ CVE-2022-34674
- nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
[bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
- nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-34673
- RESERVED
-CVE-2022-34672
- RESERVED
-CVE-2022-34671
- RESERVED
-CVE-2022-34670
- RESERVED
+CVE-2022-34673 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
+ TODO: check
+CVE-2022-34672 (NVIDIA Control Panel for Windows contains a vulnerability where an una ...)
+ TODO: check
+CVE-2022-34671 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the ...)
+ TODO: check
+CVE-2022-34670 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
[bullseye] - nvidia-graphics-drivers 470.161.03-1
[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -41772,8 +41766,8 @@ CVE-2022-34670
- nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)
[bullseye] - nvidia-graphics-drivers-tesla-470 470.161.03-1~deb11u1
- nvidia-graphics-drivers-tesla-510 510.108.03-1 (bug #1025286)
-CVE-2022-34669
- RESERVED
+CVE-2022-34669 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the ...)
+ TODO: check
CVE-2022-34668 (NVFLARE, versions prior to 2.1.4, contains a vulnerability that deseri ...)
NOT-FOR-US: NVFLARE
CVE-2022-34667 (NVIDIA CUDA Toolkit SDK contains a stack-based buffer overflow vulnera ...)
@@ -67515,7 +67509,7 @@ CVE-2022-21238 (A cross-site scripting (xss) vulnerability exists in the info.js
CVE-2022-21209 (The affected product is vulnerable to an out-of-bounds read while proc ...)
NOT-FOR-US: FATEK Automation
CVE-2022-0730 (Under certain ldap conditions, Cacti authentication can be bypassed wi ...)
- {DSA-5298-1 DLA-2965-1}
+ {DSA-5298-1 DLA-3252-1 DLA-2965-1}
- cacti 1.2.20+ds1-1 (bug #1008693)
NOTE: https://github.com/Cacti/cacti/issues/4562
NOTE: https://github.com/Cacti/cacti/commit/1386bdbf7f845a32e24ac9415f3ebb7932e77fe7 (1.2.x)
@@ -81414,9 +81408,9 @@ CVE-2022-22202 (An Improper Handling of Exceptional Conditions vulnerability on
CVE-2022-22201 (An Improper Validation of Specified Index, Position, or Offset in Inpu ...)
NOT-FOR-US: Juniper
CVE-2022-22200
- RESERVED
+ REJECTED
CVE-2022-22199
- RESERVED
+ REJECTED
NOT-FOR-US: Juniper
CVE-2022-22198 (An Access of Uninitialized Pointer vulnerability in the SIP ALG of Jun ...)
NOT-FOR-US: Juniper
@@ -81485,7 +81479,7 @@ CVE-2022-22167 (A traffic classification vulnerability in Juniper Networks Junos
CVE-2022-22166 (An Improper Validation of Specified Quantity in Input vulnerability in ...)
NOT-FOR-US: Juniper
CVE-2022-22165
- RESERVED
+ REJECTED
CVE-2022-22164 (An Improper Initialization vulnerability in Juniper Networks Junos OS ...)
NOT-FOR-US: Juniper
CVE-2022-22163 (An Improper Input Validation vulnerability in the Juniper DHCP daemon ...)
@@ -81499,7 +81493,7 @@ CVE-2022-22160 (An Unchecked Error Condition vulnerability in the subscriber man
CVE-2022-22159 (A vulnerability in the NETISR network queue functionality of Juniper N ...)
NOT-FOR-US: Juniper
CVE-2022-22158
- RESERVED
+ REJECTED
CVE-2022-22157 (A traffic classification vulnerability in Juniper Networks Junos OS on ...)
NOT-FOR-US: Juniper
CVE-2022-22156 (An Improper Certificate Validation weakness in the Juniper Networks Ju ...)
@@ -114126,9 +114120,9 @@ CVE-2021-34610 (A remote arbitrary command execution vulnerability was discovere
CVE-2021-34609 (A remote SQL injection vulnerability was discovered in Aruba ClearPass ...)
NOT-FOR-US: Aruba
CVE-2021-34608
- RESERVED
+ REJECTED
CVE-2021-34607
- RESERVED
+ REJECTED
CVE-2021-34606 (A vulnerability exists in XINJE XD/E Series PLC Program Tool in versio ...)
NOT-FOR-US: XINJE PLC Program Tool
CVE-2021-34605 (A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to v ...)
@@ -114136,7 +114130,7 @@ CVE-2021-34605 (A zip slip vulnerability in XINJE XD/E Series PLC Program Tool u
CVE-2021-34604
REJECTED
CVE-2021-34603
- RESERVED
+ REJECTED
CVE-2021-34602 (In Bender/ebee Charge Controllers in multiple versions are prone to Co ...)
NOT-FOR-US: Bender/ebee Charge Controllers
CVE-2021-34601 (In Bender/ebee Charge Controllers in multiple versions are prone to Ha ...)
@@ -132307,7 +132301,7 @@ CVE-2021-27651 (In versions 8.2.1 through 8.5.2 of Pega Infinity, the password r
CVE-2021-3415
RESERVED
CVE-2021-27650
- RESERVED
+ REJECTED
CVE-2021-27649 (Use after free vulnerability in file transfer protocol component in Sy ...)
NOT-FOR-US: Synology
CVE-2021-27648 (Externally controlled reference to a resource in another sphere in qua ...)
@@ -134864,7 +134858,7 @@ CVE-2021-26570 (The Baseboard Management Controller (BMC) firmware in HPE Apollo
CVE-2021-26569 (Race Condition within a Thread vulnerability in iscsi_snapshot_comm_co ...)
NOT-FOR-US: Synology
CVE-2021-26568
- RESERVED
+ REJECTED
CVE-2021-26567 (Stack-based buffer overflow vulnerability in frontend/main.c in faad2 ...)
NOT-FOR-US: Synology
CVE-2021-26566 (Insertion of sensitive information into sent data vulnerability in syn ...)
@@ -140223,7 +140217,7 @@ CVE-2021-24419 (The WP YouTube Lyte WordPress plugin before 1.7.16 did not sanit
CVE-2021-24418 (The Smooth Scroll Page Up/Down Buttons WordPress plugin through 1.4 do ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24417
- RESERVED
+ REJECTED
CVE-2021-24416 (The StreamCast – Radio Player for WordPress plugin before 2.1.1 ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24415 (The Polo Video Gallery – Best wordpress video gallery plugin Wor ...)
@@ -143058,13 +143052,13 @@ CVE-2021-23238
CVE-2021-23237
RESERVED
CVE-2021-3105
- RESERVED
+ REJECTED
CVE-2021-3104
- RESERVED
+ REJECTED
CVE-2021-3103
- RESERVED
+ REJECTED
CVE-2021-3102
- RESERVED
+ REJECTED
CVE-2021-3101 (Hotdog, prior to v1.0.1, did not mimic the capabilities or the SELinux ...)
NOT-FOR-US: Amazon Web Services hotpatch
CVE-2021-3100 (The Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch ...)
@@ -143072,19 +143066,19 @@ CVE-2021-3100 (The Apache Log4j hotpatch package before log4j-cve-2021-44228-hot
CVE-2021-3099
RESERVED
CVE-2021-3098
- RESERVED
+ REJECTED
CVE-2021-3097
- RESERVED
+ REJECTED
CVE-2021-3096
- RESERVED
+ REJECTED
CVE-2021-3095
REJECTED
CVE-2021-3094
- RESERVED
+ REJECTED
CVE-2021-3093
- RESERVED
+ REJECTED
CVE-2021-3092
- RESERVED
+ REJECTED
CVE-2021-3091
RESERVED
CVE-2021-3090
@@ -143246,139 +143240,139 @@ CVE-2021-23124 (An issue was discovered in Joomla! 3.9.0 through 3.9.23. The lac
CVE-2021-23123 (An issue was discovered in Joomla! 3.0.0 through 3.9.23. The lack of A ...)
NOT-FOR-US: Joomla!
CVE-2021-23122
- RESERVED
+ REJECTED
CVE-2021-23121
- RESERVED
+ REJECTED
CVE-2021-23120
- RESERVED
+ REJECTED
CVE-2021-23119
- RESERVED
+ REJECTED
CVE-2021-23118
- RESERVED
+ REJECTED
CVE-2021-23117
- RESERVED
+ REJECTED
CVE-2021-23116
- RESERVED
+ REJECTED
CVE-2021-23115
- RESERVED
+ REJECTED
CVE-2021-23114
- RESERVED
+ REJECTED
CVE-2021-23113
- RESERVED
+ REJECTED
CVE-2021-23112
- RESERVED
+ REJECTED
CVE-2021-23111
- RESERVED
+ REJECTED
CVE-2021-23110
- RESERVED
+ REJECTED
CVE-2021-23109
- RESERVED
+ REJECTED
CVE-2021-23108
- RESERVED
+ REJECTED
CVE-2021-23107
- RESERVED
+ REJECTED
CVE-2021-23106
- RESERVED
+ REJECTED
CVE-2021-23105
- RESERVED
+ REJECTED
CVE-2021-23104
- RESERVED
+ REJECTED
CVE-2021-23103
- RESERVED
+ REJECTED
CVE-2021-23102
- RESERVED
+ REJECTED
CVE-2021-23101
- RESERVED
+ REJECTED
CVE-2021-23100
- RESERVED
+ REJECTED
CVE-2021-23099
- RESERVED
+ REJECTED
CVE-2021-23098
- RESERVED
+ REJECTED
CVE-2021-23097
- RESERVED
+ REJECTED
CVE-2021-23096
- RESERVED
+ REJECTED
CVE-2021-23095
- RESERVED
+ REJECTED
CVE-2021-23094
- RESERVED
+ REJECTED
CVE-2021-23093
- RESERVED
+ REJECTED
CVE-2021-23092
- RESERVED
+ REJECTED
CVE-2021-23091
- RESERVED
+ REJECTED
CVE-2021-23090
- RESERVED
+ REJECTED
CVE-2021-23089
- RESERVED
+ REJECTED
CVE-2021-23088
- RESERVED
+ REJECTED
CVE-2021-23087
- RESERVED
+ REJECTED
CVE-2021-23086
- RESERVED
+ REJECTED
CVE-2021-23085
- RESERVED
+ REJECTED
CVE-2021-23084
- RESERVED
+ REJECTED
CVE-2021-23083
- RESERVED
+ REJECTED
CVE-2021-23082
- RESERVED
+ REJECTED
CVE-2021-23081
- RESERVED
+ REJECTED
CVE-2021-23080
- RESERVED
+ REJECTED
CVE-2021-23079
- RESERVED
+ REJECTED
CVE-2021-23078
- RESERVED
+ REJECTED
CVE-2021-23077
- RESERVED
+ REJECTED
CVE-2021-23076
- RESERVED
+ REJECTED
CVE-2021-23075
- RESERVED
+ REJECTED
CVE-2021-23074
- RESERVED
+ REJECTED
CVE-2021-23073
- RESERVED
+ REJECTED
CVE-2021-23072
- RESERVED
+ REJECTED
CVE-2021-23071
- RESERVED
+ REJECTED
CVE-2021-23070
- RESERVED
+ REJECTED
CVE-2021-23069
- RESERVED
+ REJECTED
CVE-2021-23068
- RESERVED
+ REJECTED
CVE-2021-23067
- RESERVED
+ REJECTED
CVE-2021-23066
- RESERVED
+ REJECTED
CVE-2021-23065
- RESERVED
+ REJECTED
CVE-2021-23064
- RESERVED
+ REJECTED
CVE-2021-23063
- RESERVED
+ REJECTED
CVE-2021-23062
- RESERVED
+ REJECTED
CVE-2021-23061
- RESERVED
+ REJECTED
CVE-2021-23060
- RESERVED
+ REJECTED
CVE-2021-23059
- RESERVED
+ REJECTED
CVE-2021-23058
- RESERVED
+ REJECTED
CVE-2021-23057
- RESERVED
+ REJECTED
CVE-2021-23056
- RESERVED
+ REJECTED
CVE-2021-23055 (On version 2.x before 2.0.3 and 1.x before 1.12.3, the command line re ...)
NOT-FOR-US: Kubernetes ingress-nginx component
CVE-2021-23054 (On version 16.x before 16.1.0, 15.1.x before 15.1.4, 14.1.x before 14. ...)
@@ -168869,6 +168863,7 @@ CVE-2020-25708 (A divide by zero issue was found to occur in libvncserver-0.9.12
CVE-2020-25707
REJECTED
CVE-2020-25706 (A cross-site scripting (XSS) vulnerability exists in templates_import. ...)
+ {DLA-3252-1}
- cacti 1.2.14+ds1-1
[stretch] - cacti <not-affected> (Vulnerable code introduced in 1.0.0)
NOTE: https://github.com/Cacti/cacti/issues/3723
@@ -174717,7 +174712,7 @@ CVE-2020-23228
CVE-2020-23227
RESERVED
CVE-2020-23226 (Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1. ...)
- {DLA-2965-1}
+ {DLA-3252-1 DLA-2965-1}
- cacti 1.2.13+ds1-1
NOTE: https://github.com/Cacti/cacti/issues/3549
NOTE: https://github.com/Cacti/cacti/commit/8d5fbc48debddc91a66b5aed877060566c6b6232 (1.2.13)
@@ -199624,129 +199619,129 @@ CVE-2020-12594 (A privilege escalation flaw allows a malicious, authenticated, p
CVE-2020-12593 (Symantec Endpoint Detection & Response, prior to 4.5, may be susce ...)
NOT-FOR-US: Symantec
CVE-2020-12592
- RESERVED
+ REJECTED
CVE-2020-12591
- RESERVED
+ REJECTED
CVE-2020-12590
- RESERVED
+ REJECTED
CVE-2020-12589
- RESERVED
+ REJECTED
CVE-2020-12588
- RESERVED
+ REJECTED
CVE-2020-12587
- RESERVED
+ REJECTED
CVE-2020-12586
- RESERVED
+ REJECTED
CVE-2020-12585
- RESERVED
+ REJECTED
CVE-2020-12584
- RESERVED
+ REJECTED
CVE-2020-12583
- RESERVED
+ REJECTED
CVE-2020-12582
- RESERVED
+ REJECTED
CVE-2020-12581
- RESERVED
+ REJECTED
CVE-2020-12580
- RESERVED
+ REJECTED
CVE-2020-12579
- RESERVED
+ REJECTED
CVE-2020-12578
- RESERVED
+ REJECTED
CVE-2020-12577
- RESERVED
+ REJECTED
CVE-2020-12576
- RESERVED
+ REJECTED
CVE-2020-12575
- RESERVED
+ REJECTED
CVE-2020-12574
- RESERVED
+ REJECTED
CVE-2020-12573
- RESERVED
+ REJECTED
CVE-2020-12572
- RESERVED
+ REJECTED
CVE-2020-12571
- RESERVED
+ REJECTED
CVE-2020-12570
- RESERVED
+ REJECTED
CVE-2020-12569
- RESERVED
+ REJECTED
CVE-2020-12568
- RESERVED
+ REJECTED
CVE-2020-12567
- RESERVED
+ REJECTED
CVE-2020-12566
- RESERVED
+ REJECTED
CVE-2020-12565
- RESERVED
+ REJECTED
CVE-2020-12564
- RESERVED
+ REJECTED
CVE-2020-12563
- RESERVED
+ REJECTED
CVE-2020-12562
- RESERVED
+ REJECTED
CVE-2020-12561
- RESERVED
+ REJECTED
CVE-2020-12560
- RESERVED
+ REJECTED
CVE-2020-12559
- RESERVED
+ REJECTED
CVE-2020-12558
- RESERVED
+ REJECTED
CVE-2020-12557
- RESERVED
+ REJECTED
CVE-2020-12556
- RESERVED
+ REJECTED
CVE-2020-12555
- RESERVED
+ REJECTED
CVE-2020-12554
- RESERVED
+ REJECTED
CVE-2020-12553
- RESERVED
+ REJECTED
CVE-2020-12552
- RESERVED
+ REJECTED
CVE-2020-12551
- RESERVED
+ REJECTED
CVE-2020-12550
- RESERVED
+ REJECTED
CVE-2020-12549
- RESERVED
+ REJECTED
CVE-2020-12548
- RESERVED
+ REJECTED
CVE-2020-12547
- RESERVED
+ REJECTED
CVE-2020-12546
- RESERVED
+ REJECTED
CVE-2020-12545
- RESERVED
+ REJECTED
CVE-2020-12544
- RESERVED
+ REJECTED
CVE-2020-12543
- RESERVED
+ REJECTED
CVE-2020-12542
- RESERVED
+ REJECTED
CVE-2020-12541
- RESERVED
+ REJECTED
CVE-2020-12540
- RESERVED
+ REJECTED
CVE-2020-12539
- RESERVED
+ REJECTED
CVE-2020-12538
- RESERVED
+ REJECTED
CVE-2020-12537
- RESERVED
+ REJECTED
CVE-2020-12536
- RESERVED
+ REJECTED
CVE-2020-12535
- RESERVED
+ REJECTED
CVE-2020-12534
- RESERVED
+ REJECTED
CVE-2020-12533
- RESERVED
+ REJECTED
CVE-2020-12532
- RESERVED
+ REJECTED
CVE-2020-12531
- RESERVED
+ REJECTED
CVE-2020-12530 (An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT ...)
NOT-FOR-US: MB connect software
CVE-2020-12529 (An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT ...)
@@ -199768,7 +199763,7 @@ CVE-2020-12522 (The reported vulnerability allows an attacker who has network ac
CVE-2020-12521 (On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS ...)
NOT-FOR-US: Phoenix Contact PLCnext Control Devices
CVE-2020-12520
- RESERVED
+ REJECTED
CVE-2020-12519 (On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS ...)
NOT-FOR-US: Phoenix Contact PLCnext Control Devices
CVE-2020-12518 (On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS ...)
@@ -199778,7 +199773,7 @@ CVE-2020-12517 (On Phoenix Contact PLCnext Control Devices versions before 2021.
CVE-2020-12516 (Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88 ...)
NOT-FOR-US: WAGO
CVE-2020-12515
- RESERVED
+ REJECTED
CVE-2020-12514 (Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is pr ...)
NOT-FOR-US: Pepperl+Fuchs Comtrol IO-Link Master
CVE-2020-12513 (Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is pr ...)
@@ -210834,6 +210829,7 @@ CVE-2017-18641 (In LXC 2.0, many template scripts download code over cleartext H
NOTE: Some of the templates were switched to fetch the pacakges over HTTPS, cf.
NOTE: https://github.com/lxc/lxc/pull/1371 for the lxc-fedora template.
CVE-2020-8813 (graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute a ...)
+ {DLA-3252-1}
- cacti 1.2.10+ds1-1 (bug #951832)
[stretch] - cacti <not-affected> (Vulnerable code not present)
[jessie] - cacti <not-affected> (Vulnerable code not present)
@@ -228806,53 +228802,53 @@ CVE-2020-2076 (SICK Package Analytics software up to and including version V04.0
CVE-2020-2075 (Platform mechanism AutoIP allows remote attackers to reboot the device ...)
NOT-FOR-US: SICK
CVE-2020-2074
- RESERVED
+ REJECTED
CVE-2020-2073
- RESERVED
+ REJECTED
CVE-2020-2072
- RESERVED
+ REJECTED
CVE-2020-2071
- RESERVED
+ REJECTED
CVE-2020-2070
RESERVED
CVE-2020-2069
- RESERVED
+ REJECTED
CVE-2020-2068
- RESERVED
+ REJECTED
CVE-2020-2067
- RESERVED
+ REJECTED
CVE-2020-2066
RESERVED
CVE-2020-2065
- RESERVED
+ REJECTED
CVE-2020-2064
- RESERVED
+ REJECTED
CVE-2020-2063
RESERVED
CVE-2020-2062
- RESERVED
+ REJECTED
CVE-2020-2061
- RESERVED
+ REJECTED
CVE-2020-2060
RESERVED
CVE-2020-2059
- RESERVED
+ REJECTED
CVE-2020-2058
- RESERVED
+ REJECTED
CVE-2020-2057
- RESERVED
+ REJECTED
CVE-2020-2056
- RESERVED
+ REJECTED
CVE-2020-2055
RESERVED
CVE-2020-2054
- RESERVED
+ REJECTED
CVE-2020-2053
- RESERVED
+ REJECTED
CVE-2020-2052
- RESERVED
+ REJECTED
CVE-2020-2051
- RESERVED
+ REJECTED
CVE-2020-2050 (An authentication bypass vulnerability exists in the GlobalProtect SSL ...)
NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2049 (A local privilege escalation vulnerability exists in Palo Alto Network ...)
@@ -228860,11 +228856,11 @@ CVE-2020-2049 (A local privilege escalation vulnerability exists in Palo Alto Ne
CVE-2020-2048 (An information exposure through log file vulnerability exists where th ...)
NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2047
- RESERVED
+ REJECTED
CVE-2020-2046
- RESERVED
+ REJECTED
CVE-2020-2045
- RESERVED
+ REJECTED
CVE-2020-2044 (An information exposure through log file vulnerability where an admini ...)
NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2043 (An information exposure through log file vulnerability where sensitive ...)
@@ -239031,17 +239027,17 @@ CVE-2019-17445 (An issue was discovered in Eracent EDA, EPA, EPM, EUA, FLW, and
CVE-2019-17444 (Jfrog Artifactory uses default passwords (such as "password") for admi ...)
NOT-FOR-US: JFrog Artifactory
CVE-2019-17443
- RESERVED
+ REJECTED
CVE-2019-17442
- RESERVED
+ REJECTED
CVE-2019-17441
- RESERVED
+ REJECTED
CVE-2019-17440 (Improper restriction of communications to Log Forwarding Card (LFC) on ...)
NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2019-17439
- RESERVED
+ REJECTED
CVE-2019-17438
- RESERVED
+ REJECTED
CVE-2019-17437 (An improper authentication check in Palo Alto Networks PAN-OS may allo ...)
NOT-FOR-US: PAN-OS
CVE-2019-17436 (A Local Privilege Escalation vulnerability exists in GlobalProtect Age ...)
@@ -256901,7 +256897,7 @@ CVE-2019-11826 (Relative path traversal vulnerability in SYNO.PhotoTeam.Upload.I
CVE-2019-11825 (Cross-site scripting (XSS) vulnerability in Event Editor in Synology C ...)
NOT-FOR-US: Synology
CVE-2019-11824
- RESERVED
+ REJECTED
CVE-2019-11823 (CRLF injection vulnerability in Network Center in Synology Router Mana ...)
NOT-FOR-US: Synology
CVE-2019-11822 (Relative path traversal vulnerability in SYNO.PhotoStation.File in Syn ...)
@@ -360918,7 +360914,7 @@ CVE-2017-12075 (Command injection vulnerability in EZ-Internet in Synology DiskS
CVE-2017-12074 (Directory traversal vulnerability in the SYNO.DNSServer.Zone.MasterZon ...)
NOT-FOR-US: Synology
CVE-2017-12073
- RESERVED
+ REJECTED
CVE-2017-12072 (Cross-site scripting (XSS) vulnerability in PixlrEditorHandler.php in ...)
NOT-FOR-US: Synology
CVE-2017-12071 (Server-side request forgery (SSRF) vulnerability in file_upload.php in ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d327ae851eb8c9d22aa5df42c8506eea1c30e0a5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d327ae851eb8c9d22aa5df42c8506eea1c30e0a5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221231/ac21441e/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list