[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jan 4 08:10:27 GMT 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1f4aed64 by security tracker role at 2022-01-04T08:10:11+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,447 @@
+CVE-2022-22526
+	RESERVED
+CVE-2022-22525
+	RESERVED
+CVE-2022-22524
+	RESERVED
+CVE-2022-22523
+	RESERVED
+CVE-2022-22522
+	RESERVED
+CVE-2022-22521
+	RESERVED
+CVE-2022-22520
+	RESERVED
+CVE-2022-22519
+	RESERVED
+CVE-2022-22518
+	RESERVED
+CVE-2022-22517
+	RESERVED
+CVE-2022-22516
+	RESERVED
+CVE-2022-22515
+	RESERVED
+CVE-2022-22514
+	RESERVED
+CVE-2022-22513
+	RESERVED
+CVE-2022-22512
+	RESERVED
+CVE-2022-22511
+	RESERVED
+CVE-2022-22510
+	RESERVED
+CVE-2022-22509
+	RESERVED
+CVE-2022-22508
+	RESERVED
+CVE-2022-22507
+	RESERVED
+CVE-2022-22506
+	RESERVED
+CVE-2022-22505
+	RESERVED
+CVE-2022-22504
+	RESERVED
+CVE-2022-22503
+	RESERVED
+CVE-2022-22502
+	RESERVED
+CVE-2022-22501
+	RESERVED
+CVE-2022-22500
+	RESERVED
+CVE-2022-22499
+	RESERVED
+CVE-2022-22498
+	RESERVED
+CVE-2022-22497
+	RESERVED
+CVE-2022-22496
+	RESERVED
+CVE-2022-22495
+	RESERVED
+CVE-2022-22494
+	RESERVED
+CVE-2022-22493
+	RESERVED
+CVE-2022-22492
+	RESERVED
+CVE-2022-22491
+	RESERVED
+CVE-2022-22490
+	RESERVED
+CVE-2022-22489
+	RESERVED
+CVE-2022-22488
+	RESERVED
+CVE-2022-22487
+	RESERVED
+CVE-2022-22486
+	RESERVED
+CVE-2022-22485
+	RESERVED
+CVE-2022-22484
+	RESERVED
+CVE-2022-22483
+	RESERVED
+CVE-2022-22482
+	RESERVED
+CVE-2022-22481
+	RESERVED
+CVE-2022-22480
+	RESERVED
+CVE-2022-22479
+	RESERVED
+CVE-2022-22478
+	RESERVED
+CVE-2022-22477
+	RESERVED
+CVE-2022-22476
+	RESERVED
+CVE-2022-22475
+	RESERVED
+CVE-2022-22474
+	RESERVED
+CVE-2022-22473
+	RESERVED
+CVE-2022-22472
+	RESERVED
+CVE-2022-22471
+	RESERVED
+CVE-2022-22470
+	RESERVED
+CVE-2022-22469
+	RESERVED
+CVE-2022-22468
+	RESERVED
+CVE-2022-22467
+	RESERVED
+CVE-2022-22466
+	RESERVED
+CVE-2022-22465
+	RESERVED
+CVE-2022-22464
+	RESERVED
+CVE-2022-22463
+	RESERVED
+CVE-2022-22462
+	RESERVED
+CVE-2022-22461
+	RESERVED
+CVE-2022-22460
+	RESERVED
+CVE-2022-22459
+	RESERVED
+CVE-2022-22458
+	RESERVED
+CVE-2022-22457
+	RESERVED
+CVE-2022-22456
+	RESERVED
+CVE-2022-22455
+	RESERVED
+CVE-2022-22454
+	RESERVED
+CVE-2022-22453
+	RESERVED
+CVE-2022-22452
+	RESERVED
+CVE-2022-22451
+	RESERVED
+CVE-2022-22450
+	RESERVED
+CVE-2022-22449
+	RESERVED
+CVE-2022-22448
+	RESERVED
+CVE-2022-22447
+	RESERVED
+CVE-2022-22446
+	RESERVED
+CVE-2022-22445
+	RESERVED
+CVE-2022-22444
+	RESERVED
+CVE-2022-22443
+	RESERVED
+CVE-2022-22442
+	RESERVED
+CVE-2022-22441
+	RESERVED
+CVE-2022-22440
+	RESERVED
+CVE-2022-22439
+	RESERVED
+CVE-2022-22438
+	RESERVED
+CVE-2022-22437
+	RESERVED
+CVE-2022-22436
+	RESERVED
+CVE-2022-22435
+	RESERVED
+CVE-2022-22434
+	RESERVED
+CVE-2022-22433
+	RESERVED
+CVE-2022-22432
+	RESERVED
+CVE-2022-22431
+	RESERVED
+CVE-2022-22430
+	RESERVED
+CVE-2022-22429
+	RESERVED
+CVE-2022-22428
+	RESERVED
+CVE-2022-22427
+	RESERVED
+CVE-2022-22426
+	RESERVED
+CVE-2022-22425
+	RESERVED
+CVE-2022-22424
+	RESERVED
+CVE-2022-22423
+	RESERVED
+CVE-2022-22422
+	RESERVED
+CVE-2022-22421
+	RESERVED
+CVE-2022-22420
+	RESERVED
+CVE-2022-22419
+	RESERVED
+CVE-2022-22418
+	RESERVED
+CVE-2022-22417
+	RESERVED
+CVE-2022-22416
+	RESERVED
+CVE-2022-22415
+	RESERVED
+CVE-2022-22414
+	RESERVED
+CVE-2022-22413
+	RESERVED
+CVE-2022-22412
+	RESERVED
+CVE-2022-22411
+	RESERVED
+CVE-2022-22410
+	RESERVED
+CVE-2022-22409
+	RESERVED
+CVE-2022-22408
+	RESERVED
+CVE-2022-22407
+	RESERVED
+CVE-2022-22406
+	RESERVED
+CVE-2022-22405
+	RESERVED
+CVE-2022-22404
+	RESERVED
+CVE-2022-22403
+	RESERVED
+CVE-2022-22402
+	RESERVED
+CVE-2022-22401
+	RESERVED
+CVE-2022-22400
+	RESERVED
+CVE-2022-22399
+	RESERVED
+CVE-2022-22398
+	RESERVED
+CVE-2022-22397
+	RESERVED
+CVE-2022-22396
+	RESERVED
+CVE-2022-22395
+	RESERVED
+CVE-2022-22394
+	RESERVED
+CVE-2022-22393
+	RESERVED
+CVE-2022-22392
+	RESERVED
+CVE-2022-22391
+	RESERVED
+CVE-2022-22390
+	RESERVED
+CVE-2022-22389
+	RESERVED
+CVE-2022-22388
+	RESERVED
+CVE-2022-22387
+	RESERVED
+CVE-2022-22386
+	RESERVED
+CVE-2022-22385
+	RESERVED
+CVE-2022-22384
+	RESERVED
+CVE-2022-22383
+	RESERVED
+CVE-2022-22382
+	RESERVED
+CVE-2022-22381
+	RESERVED
+CVE-2022-22380
+	RESERVED
+CVE-2022-22379
+	RESERVED
+CVE-2022-22378
+	RESERVED
+CVE-2022-22377
+	RESERVED
+CVE-2022-22376
+	RESERVED
+CVE-2022-22375
+	RESERVED
+CVE-2022-22374
+	RESERVED
+CVE-2022-22373
+	RESERVED
+CVE-2022-22372
+	RESERVED
+CVE-2022-22371
+	RESERVED
+CVE-2022-22370
+	RESERVED
+CVE-2022-22369
+	RESERVED
+CVE-2022-22368
+	RESERVED
+CVE-2022-22367
+	RESERVED
+CVE-2022-22366
+	RESERVED
+CVE-2022-22365
+	RESERVED
+CVE-2022-22364
+	RESERVED
+CVE-2022-22363
+	RESERVED
+CVE-2022-22362
+	RESERVED
+CVE-2022-22361
+	RESERVED
+CVE-2022-22360
+	RESERVED
+CVE-2022-22359
+	RESERVED
+CVE-2022-22358
+	RESERVED
+CVE-2022-22357
+	RESERVED
+CVE-2022-22356
+	RESERVED
+CVE-2022-22355
+	RESERVED
+CVE-2022-22354
+	RESERVED
+CVE-2022-22353
+	RESERVED
+CVE-2022-22352
+	RESERVED
+CVE-2022-22351
+	RESERVED
+CVE-2022-22350
+	RESERVED
+CVE-2022-22349
+	RESERVED
+CVE-2022-22348
+	RESERVED
+CVE-2022-22347
+	RESERVED
+CVE-2022-22346
+	RESERVED
+CVE-2022-22345
+	RESERVED
+CVE-2022-22344
+	RESERVED
+CVE-2022-22343
+	RESERVED
+CVE-2022-22342
+	RESERVED
+CVE-2022-22341
+	RESERVED
+CVE-2022-22340
+	RESERVED
+CVE-2022-22339
+	RESERVED
+CVE-2022-22338
+	RESERVED
+CVE-2022-22337
+	RESERVED
+CVE-2022-22336
+	RESERVED
+CVE-2022-22335
+	RESERVED
+CVE-2022-22334
+	RESERVED
+CVE-2022-22333
+	RESERVED
+CVE-2022-22332
+	RESERVED
+CVE-2022-22331
+	RESERVED
+CVE-2022-22330
+	RESERVED
+CVE-2022-22329
+	RESERVED
+CVE-2022-22328
+	RESERVED
+CVE-2022-22327
+	RESERVED
+CVE-2022-22326
+	RESERVED
+CVE-2022-22325
+	RESERVED
+CVE-2022-22324
+	RESERVED
+CVE-2022-22323
+	RESERVED
+CVE-2022-22322
+	RESERVED
+CVE-2022-22321
+	RESERVED
+CVE-2022-22320
+	RESERVED
+CVE-2022-22319
+	RESERVED
+CVE-2022-22318
+	RESERVED
+CVE-2022-22317
+	RESERVED
+CVE-2022-22316
+	RESERVED
+CVE-2022-22315
+	RESERVED
+CVE-2022-22314
+	RESERVED
+CVE-2022-22313
+	RESERVED
+CVE-2022-22312
+	RESERVED
+CVE-2022-22311
+	RESERVED
+CVE-2022-22310
+	RESERVED
+CVE-2022-22309
+	RESERVED
+CVE-2022-22308
+	RESERVED
+CVE-2022-22307
+	RESERVED
+CVE-2022-0087
+	RESERVED
+CVE-2021-46130
+	RESERVED
 CVE-2022-22306
 	RESERVED
 CVE-2022-22305
@@ -331,8 +775,8 @@ CVE-2021-XXXX [XSS vulnerability via HTML messages with malicious CSS content]
 	NOTE: https://github.com/roundcube/roundcubemail/commit/b2400a4b592e3094b6c84e6000d512f99ae0eed8 (1.4.13)
 	NOTE: https://roundcube.net/news/2021/12/30/update-1.5.2-released
 	NOTE: https://roundcube.net/news/2021/12/30/security-update-1.4.13-released
-CVE-2022-0083
-	RESERVED
+CVE-2022-0083 (livehelperchat is vulnerable to Generation of Error Message Containing ...)
+	TODO: check
 CVE-2022-0082
 	RESERVED
 CVE-2022-22293 (admin/limits.php in Dolibarr 7.0.2 allows HTML injection, as demonstra ...)
@@ -1026,8 +1470,8 @@ CVE-2021-45831
 	RESERVED
 CVE-2021-45830
 	RESERVED
-CVE-2021-45829
-	RESERVED
+CVE-2021-45829 (HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denia ...)
+	TODO: check
 CVE-2021-45828
 	RESERVED
 CVE-2021-45827
@@ -1050,7 +1494,8 @@ CVE-2021-45819
 	RESERVED
 CVE-2021-45818 (SAFARI Montage 8.7.32 is affected by a CRLF injection vulnerability wh ...)
 	NOT-FOR-US: SAFARI Montage
-CVE-2021-45817 (Web Viewer for Hanwha DVR version 2.17 is affected by a Cross Site Scr ...)
+CVE-2021-45817
+	REJECTED
 	NOT-FOR-US: Web Viewer for Hanwha DVR
 CVE-2021-45816
 	RESERVED
@@ -7128,8 +7573,8 @@ CVE-2021-43944
 	RESERVED
 CVE-2021-43943
 	RESERVED
-CVE-2021-43942
-	RESERVED
+CVE-2021-43942 (Affected versions of Atlassian Jira Server and Data Center allow remot ...)
+	TODO: check
 CVE-2021-43941
 	RESERVED
 CVE-2021-43940
@@ -19800,56 +20245,56 @@ CVE-2021-39992
 	RESERVED
 CVE-2021-39991
 	RESERVED
-CVE-2021-39990
-	RESERVED
-CVE-2021-39989
-	RESERVED
-CVE-2021-39988
-	RESERVED
-CVE-2021-39987
-	RESERVED
+CVE-2021-39990 (The screen lock module has a Stack-based Buffer Overflow vulnerability ...)
+	TODO: check
+CVE-2021-39989 (The HwNearbyMain module has a Exposure of Sensitive Information to an  ...)
+	TODO: check
+CVE-2021-39988 (The HwNearbyMain module has a NULL Pointer Dereference vulnerability.S ...)
+	TODO: check
+CVE-2021-39987 (The HwNearbyMain module has a Data Processing Errors vulnerability.Suc ...)
+	TODO: check
 CVE-2021-39986
 	RESERVED
-CVE-2021-39985
-	RESERVED
-CVE-2021-39984
-	RESERVED
-CVE-2021-39983
-	RESERVED
-CVE-2021-39982
-	RESERVED
-CVE-2021-39981
-	RESERVED
-CVE-2021-39980
-	RESERVED
-CVE-2021-39979
-	RESERVED
-CVE-2021-39978
-	RESERVED
-CVE-2021-39977
-	RESERVED
+CVE-2021-39985 (The HwNearbyMain module has a Improper Validation of Array Index vulne ...)
+	TODO: check
+CVE-2021-39984 (Huawei idap module has a Out-of-bounds Read vulnerability.Successful e ...)
+	TODO: check
+CVE-2021-39983 (The HwNearbyMain module has a Data Processing Errors vulnerability.Suc ...)
+	TODO: check
+CVE-2021-39982 (Phone Manager application has a Improper Privilege Management vulnerab ...)
+	TODO: check
+CVE-2021-39981 (Chang Lian application has a vulnerability which can be maliciously ex ...)
+	TODO: check
+CVE-2021-39980 (Telephony application has a Exposure of Sensitive Information to an Un ...)
+	TODO: check
+CVE-2021-39979 (HHEE system has a Code Injection vulnerability.Successful exploitation ...)
+	TODO: check
+CVE-2021-39978 (Telephony application has a SQL Injection vulnerability.Successful exp ...)
+	TODO: check
+CVE-2021-39977 (The HwNearbyMain module has a NULL Pointer Dereference vulnerability.S ...)
+	TODO: check
 CVE-2021-39976 (There is a privilege escalation vulnerability in CloudEngine 5800 V200 ...)
 	NOT-FOR-US: Huawei
-CVE-2021-39975
-	RESERVED
-CVE-2021-39974
-	RESERVED
-CVE-2021-39973
-	RESERVED
-CVE-2021-39972
-	RESERVED
-CVE-2021-39971
-	RESERVED
-CVE-2021-39970
-	RESERVED
-CVE-2021-39969
-	RESERVED
-CVE-2021-39968
-	RESERVED
-CVE-2021-39967
-	RESERVED
-CVE-2021-39966
-	RESERVED
+CVE-2021-39975 (Hilinksvc has a Data Processing Errors vulnerability.Successful exploi ...)
+	TODO: check
+CVE-2021-39974 (There is an Out-of-bounds read in Smartphones.Successful exploitation  ...)
+	TODO: check
+CVE-2021-39973 (There is a Null pointer dereference in Smartphones.Successful exploita ...)
+	TODO: check
+CVE-2021-39972 (MyHuawei-App has a Exposure of Sensitive Information to an Unauthorize ...)
+	TODO: check
+CVE-2021-39971 (Password vault has a External Control of System or Configuration Setti ...)
+	TODO: check
+CVE-2021-39970 (HwPCAssistant has a Improper Input Validation vulnerability.Successful ...)
+	TODO: check
+CVE-2021-39969 (There is an Unauthorized file access vulnerability in Smartphones.Succ ...)
+	TODO: check
+CVE-2021-39968 (Changlian Blocklist has a Business Logic Errors vulnerability .Success ...)
+	TODO: check
+CVE-2021-39967 (There is a Vulnerability of obtaining broadcast information improperly ...)
+	TODO: check
+CVE-2021-39966 (There is an Uninitialized AOD driver structure in Smartphones.Successf ...)
+	TODO: check
 CVE-2021-39965
 	RESERVED
 CVE-2021-39964
@@ -23154,8 +23599,8 @@ CVE-2021-38578
 	RESERVED
 CVE-2021-38577
 	RESERVED
-CVE-2021-38576
-	RESERVED
+CVE-2021-38576 (A BIOS bug in firmware for a particular PC model leaves the Platform a ...)
+	TODO: check
 CVE-2021-38575 (NetworkPkg/IScsiDxe has remotely exploitable buffer overflows. ...)
 	- edk2 2021.08-1
 	[bullseye] - edk2 <no-dsa> (Minor issue)
@@ -26821,56 +27266,56 @@ CVE-2021-37136 (The Bzip2 decompression decoder function doesn't allow setting s
 	NOTE: Fixed by: https://github.com/netty/netty/commit/41d3d61a61608f2223bb364955ab2045dd5e4020 (netty-4.1.68.Final)
 CVE-2021-37135
 	RESERVED
-CVE-2021-37134
-	RESERVED
-CVE-2021-37133
-	RESERVED
-CVE-2021-37132
-	RESERVED
+CVE-2021-37134 (Location-related APIs exists a Race Condition vulnerability.Successful ...)
+	TODO: check
+CVE-2021-37133 (There is an Unauthorized file access vulnerability in Smartphones.Succ ...)
+	TODO: check
+CVE-2021-37132 (PackageManagerService has a Permissions, Privileges, and Access Contro ...)
+	TODO: check
 CVE-2021-37131 (There is a CSV injection vulnerability in ManageOne, iManager NetEco a ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37130 (There is a path traversal vulnerability in Huawei FusionCube 6.0.2.The ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37129 (There is an out of bounds write vulnerability in some Huawei products. ...)
 	NOT-FOR-US: Huawei
-CVE-2021-37128
-	RESERVED
+CVE-2021-37128 (HwPCAssistant has a Path Traversal vulnerability .Successful exploitat ...)
+	TODO: check
 CVE-2021-37127 (There is a signature management vulnerability in some huawei products. ...)
 	NOT-FOR-US: Huawei
-CVE-2021-37126
-	RESERVED
-CVE-2021-37125
-	RESERVED
+CVE-2021-37126 (Arbitrary file has a Exposure of Sensitive Information to an Unauthori ...)
+	TODO: check
+CVE-2021-37125 (Arbitrary file has a Exposure of Sensitive Information to an Unauthori ...)
+	TODO: check
 CVE-2021-37124 (There is a path traversal vulnerability in Huawei PC product. Because  ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37123 (There is an improper authentication vulnerability in Hero-CT060 before ...)
 	NOT-FOR-US: Hero-CT060
 CVE-2021-37122 (There is a use-after-free (UAF) vulnerability in Huawei products. An a ...)
 	NOT-FOR-US: Huawei
-CVE-2021-37121
-	RESERVED
-CVE-2021-37120
-	RESERVED
-CVE-2021-37119
-	RESERVED
-CVE-2021-37118
-	RESERVED
-CVE-2021-37117
-	RESERVED
-CVE-2021-37116
-	RESERVED
+CVE-2021-37121 (There is a Configuration defects in Smartphone.Successful exploitation ...)
+	TODO: check
+CVE-2021-37120 (There is a Double free vulnerability in Smartphone.Successful exploita ...)
+	TODO: check
+CVE-2021-37119 (There is a Service logic vulnerability in Smartphone.Successful exploi ...)
+	TODO: check
+CVE-2021-37118 (The HwNearbyMain module has a Improper Handling of Exceptional Conditi ...)
+	TODO: check
+CVE-2021-37117 (There is a Service logic vulnerability in Smartphone.Successful exploi ...)
+	TODO: check
+CVE-2021-37116 (PCManager has a Weaknesses Introduced During Design vulnerability .Suc ...)
+	TODO: check
 CVE-2021-37115
 	RESERVED
-CVE-2021-37114
-	RESERVED
-CVE-2021-37113
-	RESERVED
-CVE-2021-37112
-	RESERVED
-CVE-2021-37111
-	RESERVED
-CVE-2021-37110
-	RESERVED
+CVE-2021-37114 (There is an Out-of-bounds read vulnerability in Smartphone.Successful  ...)
+	TODO: check
+CVE-2021-37113 (There is a Privilege escalation vulnerability with the file system com ...)
+	TODO: check
+CVE-2021-37112 (Hisuite module has a External Control of System or Configuration Setti ...)
+	TODO: check
+CVE-2021-37111 (There is a Memory leakage vulnerability in Smartphone.Successful explo ...)
+	TODO: check
+CVE-2021-37110 (There is a Timing design defects in Smartphone.Successful exploitation ...)
+	TODO: check
 CVE-2021-37109
 	RESERVED
 CVE-2021-37108
@@ -26893,8 +27338,8 @@ CVE-2021-37100 (There is a Improper Authentication vulnerability in Huawei Smart
 	NOT-FOR-US: Huawei
 CVE-2021-37099 (There is a Path Traversal vulnerability in Huawei Smartphone.Successfu ...)
 	NOT-FOR-US: Huawei
-CVE-2021-37098
-	RESERVED
+CVE-2021-37098 (Hilinksvc service exists a Data Processing Errors vulnerability .Succe ...)
+	TODO: check
 CVE-2021-37097 (There is a Code Injection vulnerability in Huawei Smartphone.Successfu ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37096 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...)
@@ -60588,7 +61033,7 @@ CVE-2021-23465
 	RESERVED
 CVE-2021-23464
 	RESERVED
-CVE-2021-23463 (The package com.h2database:h2 from 0 and before 2.0.202 are vulnerable ...)
+CVE-2021-23463 (The package com.h2database:h2 from 1.4.198 and before 2.0.202 are vuln ...)
 	TODO: check
 CVE-2021-23462
 	RESERVED
@@ -68454,16 +68899,16 @@ CVE-2021-20874 (Incorrect permission assignment for critical resource vulnerabil
 	NOT-FOR-US: GroupSession
 CVE-2021-20873 (Yappli is an application development platform which provides the funct ...)
 	TODO: check
-CVE-2021-20872
-	RESERVED
-CVE-2021-20871
-	RESERVED
-CVE-2021-20870
-	RESERVED
-CVE-2021-20869
-	RESERVED
-CVE-2021-20868
-	RESERVED
+CVE-2021-20872 (Protection mechanism failure vulnerability in KONICA MINOLTA bizhub se ...)
+	TODO: check
+CVE-2021-20871 (Exposure of sensitive information to an unauthorized actor vulnerabili ...)
+	TODO: check
+CVE-2021-20870 (Improper handling of exceptional conditions vulnerability in KONICA MI ...)
+	TODO: check
+CVE-2021-20869 (Exposure of sensitive information to an unauthorized actor vulnerabili ...)
+	TODO: check
+CVE-2021-20868 (Incorrect authorization vulnerability in KONICA MINOLTA bizhub series  ...)
+	TODO: check
 CVE-2021-20867 (Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fiel ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-20866 (Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fiel ...)
@@ -70374,10 +70819,10 @@ CVE-2021-20150 (Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses
 	NOT-FOR-US: Trendnet
 CVE-2021-20149 (Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient ac ...)
 	NOT-FOR-US: Trendnet
-CVE-2021-20148
-	RESERVED
-CVE-2021-20147
-	RESERVED
+CVE-2021-20148 (ManageEngine ADSelfService Plus below build 6116 stores the password p ...)
+	TODO: check
+CVE-2021-20147 (ManageEngine ADSelfService Plus below build 6116 contains an observabl ...)
+	TODO: check
 CVE-2021-20146 (An unprotected ssh private key exists on the Gryphon devices which cou ...)
 	NOT-FOR-US: Gryphon Tower routers
 CVE-2021-20145 (Gryphon Tower routers contain an unprotected openvpn configuration fil ...)
@@ -92877,8 +93322,8 @@ CVE-2020-23028
 	RESERVED
 CVE-2020-23027
 	RESERVED
-CVE-2020-23026
-	RESERVED
+CVE-2020-23026 (A NULL pointer dereference in the main() function dhry_1.c of dhryston ...)
+	TODO: check
 CVE-2020-23025
 	RESERVED
 CVE-2020-23024
@@ -229445,7 +229890,7 @@ CVE-2018-11691 (Emerson DeltaV Smart Switch Command Center application, availabl
 	NOT-FOR-US: Emerson devices
 CVE-2018-11690 (The Balbooa Gridbox extension version 2.4.0 and previous versions for  ...)
 	NOT-FOR-US: Balbooa Gridbox extension for Joomla!
-CVE-2018-11689 (Smart Viewer in Samsung Web Viewer for Samsung DVR is vulnerable to cr ...)
+CVE-2018-11689 (Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer  ...)
 	NOT-FOR-US: Smart Viewer in Samsung Web Viewer for Samsung DVR
 CVE-2018-11688 (Ignite Realtime Openfire before 3.9.2 is vulnerable to cross-site scri ...)
 	NOT-FOR-US: Ignite Realtime Openfire



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1f4aed649d415fae957fb0abf23607a46b902cdc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1f4aed649d415fae957fb0abf23607a46b902cdc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220104/e47dfb3f/attachment.htm>


More information about the debian-security-tracker-commits mailing list