[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5190fd68 by security tracker role at 2022-01-09T08:10:11+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,53 @@
+CVE-2022-22848
+	RESERVED
+CVE-2022-22847
+	RESERVED
+CVE-2022-22846 (The dnslib package through 0.9.16 for Python does not verify that the  ...)
+	TODO: check
+CVE-2022-22845
+	RESERVED
+CVE-2022-22844 (LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c i ...)
+	TODO: check
+CVE-2022-22843
+	RESERVED
+CVE-2022-22842
+	RESERVED
+CVE-2022-22841
+	RESERVED
+CVE-2022-22840
+	RESERVED
+CVE-2022-22839
+	RESERVED
+CVE-2022-22838
+	RESERVED
+CVE-2022-22837
+	RESERVED
+CVE-2022-22836 (CoreFTP Server before 727 allows directory traversal (for file creatio ...)
+	TODO: check
+CVE-2022-22835
+	RESERVED
+CVE-2022-22834
+	RESERVED
+CVE-2022-22833
+	RESERVED
+CVE-2022-22832
+	RESERVED
+CVE-2022-22831
+	RESERVED
+CVE-2022-22830
+	RESERVED
+CVE-2022-22829
+	RESERVED
+CVE-2022-22828
+	RESERVED
+CVE-2021-46166 (Zoho ManageEngine Desktop Central before 10.0.662 allows authenticated ...)
+	TODO: check
+CVE-2021-46165 (Zoho ManageEngine Desktop Central before 10.0.662, during startup, lau ...)
+	TODO: check
+CVE-2021-46164 (Zoho ManageEngine Desktop Central before 10.0.662 allows remote code e ...)
+	TODO: check
+CVE-2021-46163
+	RESERVED
 CVE-2022-0156
 	RESERVED
 CVE-2022-22827 (storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an in ...)
@@ -126781,8 +126831,8 @@ CVE-2020-10139 (Acronis True Image 2021 includes an OpenSSL component that speci
 	NOT-FOR-US: Acronis
 CVE-2020-10138 (Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL comp ...)
 	NOT-FOR-US: Acronis
-CVE-2020-10137
-	RESERVED
+CVE-2020-10137 (Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do n ...)
+	TODO: check
 CVE-2020-10136 (Multiple products that implement the IP Encapsulation within IP standa ...)
 	NOT-FOR-US: Cisco
 CVE-2020-10135 (Legacy pairing and secure-connections pairing authentication in Blueto ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5190fd68ecf881198f018f9df7929f28b20fbbf4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5190fd68ecf881198f018f9df7929f28b20fbbf4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220109/bf396669/attachment.htm>