[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Feb 4 08:10:25 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c274b800 by security tracker role at 2022-02-04T08:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,49 @@
+CVE-2022-24407
+ RESERVED
+CVE-2022-24406
+ RESERVED
+CVE-2022-24405
+ RESERVED
+CVE-2022-24404
+ RESERVED
+CVE-2022-24403
+ RESERVED
+CVE-2022-24402
+ RESERVED
+CVE-2022-24401
+ RESERVED
+CVE-2022-24400
+ RESERVED
+CVE-2022-24382
+ RESERVED
+CVE-2022-24379
+ RESERVED
+CVE-2022-24297
+ RESERVED
+CVE-2022-23917
+ RESERVED
+CVE-2022-23914
+ RESERVED
+CVE-2022-22730
+ RESERVED
+CVE-2022-21807
+ RESERVED
+CVE-2022-21795
+ RESERVED
+CVE-2022-21233
+ RESERVED
+CVE-2022-21128
+ RESERVED
+CVE-2022-0492
+ RESERVED
+CVE-2022-0491
+ RESERVED
+CVE-2022-0490
+ RESERVED
+CVE-2022-0489
+ RESERVED
+CVE-2022-0488
+ RESERVED
CVE-2022-24399
RESERVED
CVE-2022-24398
@@ -33,6 +79,7 @@ CVE-2022-24384
CVE-2022-21241
RESERVED
CVE-2022-0487 [Use after free in moxart_remove]
+ RESERVED
- linux <unfixed>
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1194516
NOTE: https://lore.kernel.org/all/20220114075934.302464-1-gregkh@linuxfoundation.org/
@@ -705,68 +752,68 @@ CVE-2022-24174
RESERVED
CVE-2022-24173
RESERVED
-CVE-2022-24172
- RESERVED
-CVE-2022-24171
- RESERVED
-CVE-2022-24170
- RESERVED
-CVE-2022-24169
- RESERVED
-CVE-2022-24168
- RESERVED
-CVE-2022-24167
- RESERVED
-CVE-2022-24166
- RESERVED
-CVE-2022-24165
- RESERVED
-CVE-2022-24164
- RESERVED
-CVE-2022-24163
- RESERVED
-CVE-2022-24162
- RESERVED
-CVE-2022-24161
- RESERVED
-CVE-2022-24160
- RESERVED
-CVE-2022-24159
- RESERVED
-CVE-2022-24158
- RESERVED
-CVE-2022-24157
- RESERVED
-CVE-2022-24156
- RESERVED
-CVE-2022-24155
- RESERVED
-CVE-2022-24154
- RESERVED
-CVE-2022-24153
- RESERVED
-CVE-2022-24152
- RESERVED
-CVE-2022-24151
- RESERVED
-CVE-2022-24150
- RESERVED
-CVE-2022-24149
- RESERVED
-CVE-2022-24148
- RESERVED
-CVE-2022-24147
- RESERVED
-CVE-2022-24146
- RESERVED
-CVE-2022-24145
- RESERVED
-CVE-2022-24144
- RESERVED
-CVE-2022-24143
- RESERVED
-CVE-2022-24142
- RESERVED
+CVE-2022-24172 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+ TODO: check
+CVE-2022-24171 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+ TODO: check
+CVE-2022-24170 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+ TODO: check
+CVE-2022-24169 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+ TODO: check
+CVE-2022-24168 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+ TODO: check
+CVE-2022-24167 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+ TODO: check
+CVE-2022-24166 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+ TODO: check
+CVE-2022-24165 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+ TODO: check
+CVE-2022-24164 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+ TODO: check
+CVE-2022-24163 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+ TODO: check
+CVE-2022-24162 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+ TODO: check
+CVE-2022-24161 (Tenda AX3 v16.03.12.10_CN was discovered to contain a heap overflow in ...)
+ TODO: check
+CVE-2022-24160 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+ TODO: check
+CVE-2022-24159 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+ TODO: check
+CVE-2022-24158 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+ TODO: check
+CVE-2022-24157 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+ TODO: check
+CVE-2022-24156 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+ TODO: check
+CVE-2022-24155 (Tenda AX3 v16.03.12.10_CN was discovered to contain a heap overflow in ...)
+ TODO: check
+CVE-2022-24154 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+ TODO: check
+CVE-2022-24153 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+ TODO: check
+CVE-2022-24152 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+ TODO: check
+CVE-2022-24151 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+ TODO: check
+CVE-2022-24150 (Tenda AX3 v16.03.12.10_CN was discovered to contain a command injectio ...)
+ TODO: check
+CVE-2022-24149 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+ TODO: check
+CVE-2022-24148 (Tenda AX3 v16.03.12.10_CN was discovered to contain a command injectio ...)
+ TODO: check
+CVE-2022-24147 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+ TODO: check
+CVE-2022-24146 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+ TODO: check
+CVE-2022-24145 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+ TODO: check
+CVE-2022-24144 (Tenda AX3 v16.03.12.10_CN was discovered to contain a command injectio ...)
+ TODO: check
+CVE-2022-24143 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+ TODO: check
+CVE-2022-24142 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+ TODO: check
CVE-2022-24141
RESERVED
CVE-2022-24140
@@ -2030,18 +2077,18 @@ CVE-2021-46459 (Victor CMS v1.0 was discovered to contain multiple SQL injection
NOT-FOR-US: Victor CMS
CVE-2021-46458 (Victor CMS v1.0 was discovered to contain a SQL injection vulnerabilit ...)
NOT-FOR-US: Victor CMS
-CVE-2021-46457
- RESERVED
-CVE-2021-46456
- RESERVED
-CVE-2021-46455
- RESERVED
-CVE-2021-46454
- RESERVED
-CVE-2021-46453
- RESERVED
-CVE-2021-46452
- RESERVED
+CVE-2021-46457 (D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a co ...)
+ TODO: check
+CVE-2021-46456 (D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a co ...)
+ TODO: check
+CVE-2021-46455 (D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a co ...)
+ TODO: check
+CVE-2021-46454 (D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a co ...)
+ TODO: check
+CVE-2021-46453 (D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a co ...)
+ TODO: check
+CVE-2021-46452 (D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a co ...)
+ TODO: check
CVE-2021-46451 (An SQL Injection vulnerabilty exists in Sourcecodester Online Project ...)
NOT-FOR-US: Sourcecodester
CVE-2021-46450
@@ -5297,22 +5344,22 @@ CVE-2021-46234 (A NULL pointer dereference vulnerability exists in GPAC v1.1.0 v
[buster] - gpac <ignored> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/2023
NOTE: https://github.com/gpac/gpac/commit/70c6f6f832dccff814a19a74d87b97b3d68a4af5
-CVE-2021-46233
- RESERVED
-CVE-2021-46232
- RESERVED
-CVE-2021-46231
- RESERVED
-CVE-2021-46230
- RESERVED
-CVE-2021-46229
- RESERVED
-CVE-2021-46228
- RESERVED
-CVE-2021-46227
- RESERVED
-CVE-2021-46226
- RESERVED
+CVE-2021-46233 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...)
+ TODO: check
+CVE-2021-46232 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...)
+ TODO: check
+CVE-2021-46231 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...)
+ TODO: check
+CVE-2021-46230 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...)
+ TODO: check
+CVE-2021-46229 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...)
+ TODO: check
+CVE-2021-46228 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...)
+ TODO: check
+CVE-2021-46227 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...)
+ TODO: check
+CVE-2021-46226 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...)
+ TODO: check
CVE-2021-46225 (A buffer overflow in the GmfOpenMesh() function of libMeshb v7.61 allo ...)
NOT-FOR-US: libMeshb
CVE-2021-46224
@@ -7421,32 +7468,32 @@ CVE-2021-46000
RESERVED
CVE-2021-45999
RESERVED
-CVE-2021-45998
- RESERVED
-CVE-2021-45997
- RESERVED
-CVE-2021-45996
- RESERVED
-CVE-2021-45995
- RESERVED
-CVE-2021-45994
- RESERVED
-CVE-2021-45993
- RESERVED
-CVE-2021-45992
- RESERVED
-CVE-2021-45991
- RESERVED
-CVE-2021-45990
- RESERVED
-CVE-2021-45989
- RESERVED
-CVE-2021-45988
- RESERVED
-CVE-2021-45987
- RESERVED
-CVE-2021-45986
- RESERVED
+CVE-2021-45998 (D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered to co ...)
+ TODO: check
+CVE-2021-45997 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+ TODO: check
+CVE-2021-45996 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+ TODO: check
+CVE-2021-45995 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+ TODO: check
+CVE-2021-45994 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+ TODO: check
+CVE-2021-45993 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+ TODO: check
+CVE-2021-45992 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+ TODO: check
+CVE-2021-45991 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+ TODO: check
+CVE-2021-45990 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+ TODO: check
+CVE-2021-45989 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+ TODO: check
+CVE-2021-45988 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+ TODO: check
+CVE-2021-45987 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+ TODO: check
+CVE-2021-45986 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+ TODO: check
CVE-2021-45985
RESERVED
CVE-2021-4197 [cgroup: Use open-time creds and namespace for migration perm checks]
@@ -8374,26 +8421,26 @@ CVE-2021-45744 (A Stored Cross Site Scripting (XSS) vulnerability exists in blud
NOT-FOR-US: Bludit
CVE-2021-45743
RESERVED
-CVE-2021-45742
- RESERVED
-CVE-2021-45741
- RESERVED
-CVE-2021-45740
- RESERVED
-CVE-2021-45739
- RESERVED
-CVE-2021-45738
- RESERVED
-CVE-2021-45737
- RESERVED
-CVE-2021-45736
- RESERVED
-CVE-2021-45735
- RESERVED
-CVE-2021-45734
- RESERVED
-CVE-2021-45733
- RESERVED
+CVE-2021-45742 (TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a comm ...)
+ TODO: check
+CVE-2021-45741 (TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a sta ...)
+ TODO: check
+CVE-2021-45740 (TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stac ...)
+ TODO: check
+CVE-2021-45739 (TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stac ...)
+ TODO: check
+CVE-2021-45738 (TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a com ...)
+ TODO: check
+CVE-2021-45737 (TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stac ...)
+ TODO: check
+CVE-2021-45736 (TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a sta ...)
+ TODO: check
+CVE-2021-45735 (TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to use the HTTP ...)
+ TODO: check
+CVE-2021-45734 (TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a sta ...)
+ TODO: check
+CVE-2021-45733 (TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a com ...)
+ TODO: check
CVE-2021-4180
RESERVED
- tripleo-heat-templates <removed>
@@ -9996,8 +10043,8 @@ CVE-2021-45270
RESERVED
CVE-2021-45269
RESERVED
-CVE-2021-45268
- RESERVED
+CVE-2021-45268 (A Cross Site Request Forgery (CSRF) vulnerability exists in Backdrop C ...)
+ TODO: check
CVE-2021-45267 (An invalid memory address dereference vulnerability exists in gpac 1.1 ...)
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1965
@@ -11477,12 +11524,12 @@ CVE-2021-44884
RESERVED
CVE-2021-44883
RESERVED
-CVE-2021-44882
- RESERVED
-CVE-2021-44881
- RESERVED
-CVE-2021-44880
- RESERVED
+CVE-2021-44882 (D-Link device DIR_878_FW1.30B08_Hotfix_02 was discovered to contain a ...)
+ TODO: check
+CVE-2021-44881 (D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered to co ...)
+ TODO: check
+CVE-2021-44880 (D-Link devices DIR_878 DIR_878_FW1.30B08_Hotfix_02 and DIR_882 DIR_882 ...)
+ TODO: check
CVE-2021-44879
RESERVED
CVE-2021-44878 (Pac4j v5.1 and earlier allows (by default) clients to accept and succe ...)
@@ -13347,10 +13394,10 @@ CVE-2021-44249 (Online Motorcycle (Bike) Rental System 1.0 is vulnerable to a Bl
NOT-FOR-US: Online Motorcycle (Bike) Rental System
CVE-2021-44248
RESERVED
-CVE-2021-44247
- RESERVED
-CVE-2021-44246
- RESERVED
+CVE-2021-44247 (Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B201 ...)
+ TODO: check
+CVE-2021-44246 (Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B201 ...)
+ TODO: check
CVE-2021-44245 (An SQL Injection vulnerability exists in Courcecodester COVID 19 Testi ...)
NOT-FOR-US: Sourcecodester COVID 19 Testing Management System (CTMS)
CVE-2021-44244 (An SQL Injection vulnerabiity exists in Sourcecodester Logistic Hub Pa ...)
@@ -107784,12 +107831,14 @@ CVE-2020-19863
CVE-2020-19862
RESERVED
CVE-2020-19861 (When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt ...)
+ {DLA-2910-1}
- ldns <unfixed>
[bullseye] - ldns <no-dsa> (Minor issue)
[buster] - ldns <no-dsa> (Minor issue)
NOTE: https://github.com/NLnetLabs/ldns/issues/51
NOTE: https://github.com/NLnetLabs/ldns/commit/136ec420437041fe13f344a2053e774f9050cc38 (1.8.0-rc.1)
CVE-2020-19860 (When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_ ...)
+ {DLA-2910-1}
- ldns <unfixed>
[bullseye] - ldns <no-dsa> (Minor issue)
[buster] - ldns <no-dsa> (Minor issue)
@@ -271976,13 +272025,14 @@ CVE-2017-1000235 (I, Librarian version <=4.6 & 4.7 is vulnerable to OS Co
CVE-2017-1000234 (I, Librarian version <=4.6 & 4.7 is vulnerable to Directory Enu ...)
- i-librarian <itp> (bug #649291)
CVE-2017-1000232 (A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecifi ...)
+ {DLA-2910-1}
- ldns 1.7.0-4 (bug #882014)
[jessie] - ldns <no-dsa> (Minor issue)
[wheezy] - ldns <not-affected> (Vulnerable code not present)
NOTE: https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=1257
NOTE: https://github.com/NLnetLabs/ldns/commit/3bdeed02505c9bbacb3b64a97ddcb1de967153b7
CVE-2017-1000231 (A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified ...)
- {DLA-1182-1}
+ {DLA-2910-1 DLA-1182-1}
- ldns 1.7.0-4 (bug #882015)
[jessie] - ldns <no-dsa> (Minor issue)
NOTE: https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=1256
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c274b8005a82ead0c8f982c2f7ab1ed1a81f6218
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c274b8005a82ead0c8f982c2f7ab1ed1a81f6218
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220204/639efd05/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list