[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jul 14 09:10:26 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
965f4a0d by security tracker role at 2022-07-14T08:10:14+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,255 @@
+CVE-2022-35863
+ RESERVED
+CVE-2022-35862
+ RESERVED
+CVE-2022-35861
+ RESERVED
+CVE-2022-35860
+ RESERVED
+CVE-2022-35859
+ RESERVED
+CVE-2022-35858
+ RESERVED
+CVE-2022-35857 (kvf-admin through 2022-02-12 allows remote attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-35856
+ RESERVED
+CVE-2022-35855
+ RESERVED
+CVE-2022-35854
+ RESERVED
+CVE-2022-35853
+ RESERVED
+CVE-2022-35852
+ RESERVED
+CVE-2022-35851
+ RESERVED
+CVE-2022-35850
+ RESERVED
+CVE-2022-35849
+ RESERVED
+CVE-2022-35848
+ RESERVED
+CVE-2022-35847
+ RESERVED
+CVE-2022-35846
+ RESERVED
+CVE-2022-35845
+ RESERVED
+CVE-2022-35844
+ RESERVED
+CVE-2022-35843
+ RESERVED
+CVE-2022-35842
+ RESERVED
+CVE-2022-35841
+ RESERVED
+CVE-2022-35840
+ RESERVED
+CVE-2022-35839
+ RESERVED
+CVE-2022-35838
+ RESERVED
+CVE-2022-35837
+ RESERVED
+CVE-2022-35836
+ RESERVED
+CVE-2022-35835
+ RESERVED
+CVE-2022-35834
+ RESERVED
+CVE-2022-35833
+ RESERVED
+CVE-2022-35832
+ RESERVED
+CVE-2022-35831
+ RESERVED
+CVE-2022-35830
+ RESERVED
+CVE-2022-35829
+ RESERVED
+CVE-2022-35828
+ RESERVED
+CVE-2022-35827
+ RESERVED
+CVE-2022-35826
+ RESERVED
+CVE-2022-35825
+ RESERVED
+CVE-2022-35824
+ RESERVED
+CVE-2022-35823
+ RESERVED
+CVE-2022-35822
+ RESERVED
+CVE-2022-35821
+ RESERVED
+CVE-2022-35820
+ RESERVED
+CVE-2022-35819
+ RESERVED
+CVE-2022-35818
+ RESERVED
+CVE-2022-35817
+ RESERVED
+CVE-2022-35816
+ RESERVED
+CVE-2022-35815
+ RESERVED
+CVE-2022-35814
+ RESERVED
+CVE-2022-35813
+ RESERVED
+CVE-2022-35812
+ RESERVED
+CVE-2022-35811
+ RESERVED
+CVE-2022-35810
+ RESERVED
+CVE-2022-35809
+ RESERVED
+CVE-2022-35808
+ RESERVED
+CVE-2022-35807
+ RESERVED
+CVE-2022-35806
+ RESERVED
+CVE-2022-35805
+ RESERVED
+CVE-2022-35804
+ RESERVED
+CVE-2022-35803
+ RESERVED
+CVE-2022-35802
+ RESERVED
+CVE-2022-35801
+ RESERVED
+CVE-2022-35800
+ RESERVED
+CVE-2022-35799
+ RESERVED
+CVE-2022-35798
+ RESERVED
+CVE-2022-35797
+ RESERVED
+CVE-2022-35796
+ RESERVED
+CVE-2022-35795
+ RESERVED
+CVE-2022-35794
+ RESERVED
+CVE-2022-35793
+ RESERVED
+CVE-2022-35792
+ RESERVED
+CVE-2022-35791
+ RESERVED
+CVE-2022-35790
+ RESERVED
+CVE-2022-35789
+ RESERVED
+CVE-2022-35788
+ RESERVED
+CVE-2022-35787
+ RESERVED
+CVE-2022-35786
+ RESERVED
+CVE-2022-35785
+ RESERVED
+CVE-2022-35784
+ RESERVED
+CVE-2022-35783
+ RESERVED
+CVE-2022-35782
+ RESERVED
+CVE-2022-35781
+ RESERVED
+CVE-2022-35780
+ RESERVED
+CVE-2022-35779
+ RESERVED
+CVE-2022-35778
+ RESERVED
+CVE-2022-35777
+ RESERVED
+CVE-2022-35776
+ RESERVED
+CVE-2022-35775
+ RESERVED
+CVE-2022-35774
+ RESERVED
+CVE-2022-35773
+ RESERVED
+CVE-2022-35772
+ RESERVED
+CVE-2022-35771
+ RESERVED
+CVE-2022-35770
+ RESERVED
+CVE-2022-35769
+ RESERVED
+CVE-2022-35768
+ RESERVED
+CVE-2022-35767
+ RESERVED
+CVE-2022-35766
+ RESERVED
+CVE-2022-35765
+ RESERVED
+CVE-2022-35764
+ RESERVED
+CVE-2022-35763
+ RESERVED
+CVE-2022-35762
+ RESERVED
+CVE-2022-35761
+ RESERVED
+CVE-2022-35760
+ RESERVED
+CVE-2022-35759
+ RESERVED
+CVE-2022-35758
+ RESERVED
+CVE-2022-35757
+ RESERVED
+CVE-2022-35756
+ RESERVED
+CVE-2022-35755
+ RESERVED
+CVE-2022-35754
+ RESERVED
+CVE-2022-35753
+ RESERVED
+CVE-2022-35752
+ RESERVED
+CVE-2022-35751
+ RESERVED
+CVE-2022-35750
+ RESERVED
+CVE-2022-35749
+ RESERVED
+CVE-2022-35748
+ RESERVED
+CVE-2022-35747
+ RESERVED
+CVE-2022-35746
+ RESERVED
+CVE-2022-35745
+ RESERVED
+CVE-2022-35744
+ RESERVED
+CVE-2022-35743
+ RESERVED
+CVE-2022-35742
+ RESERVED
+CVE-2022-2402
+ RESERVED
+CVE-2022-2401
+ RESERVED
+CVE-2022-2400
+ RESERVED
+CVE-2022-2399
+ RESERVED
CVE-2022-35741
RESERVED
CVE-2022-2398
@@ -268,8 +520,7 @@ CVE-2022-2382
RESERVED
CVE-2022-2381
RESERVED
-CVE-2022-2380 [video: fbdev: sm712fb: Fix crash in smtcfb_read()]
- RESERVED
+CVE-2022-2380 (The Linux kernel was found vulnerable out of bounds memory access in t ...)
- linux 5.17.3-1
[bullseye] - linux 5.10.113-1
[buster] - linux 4.19.249-1
@@ -2389,32 +2640,32 @@ CVE-2022-2247
RESERVED
CVE-2022-2246
REJECTED
-CVE-2022-34765
- RESERVED
-CVE-2022-34764
- RESERVED
-CVE-2022-34763
- RESERVED
-CVE-2022-34762
- RESERVED
-CVE-2022-34761
- RESERVED
-CVE-2022-34760
- RESERVED
-CVE-2022-34759
- RESERVED
-CVE-2022-34758
- RESERVED
-CVE-2022-34757
- RESERVED
-CVE-2022-34756
- RESERVED
+CVE-2022-34765 (A CWE-73: External Control of File Name or Path vulnerability exists t ...)
+ TODO: check
+CVE-2022-34764 (A CWE-119: Improper Restriction of Operations within the Bounds of a M ...)
+ TODO: check
+CVE-2022-34763 (A CWE-345: Insufficient Verification of Data Authenticity vulnerabilit ...)
+ TODO: check
+CVE-2022-34762 (A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ...)
+ TODO: check
+CVE-2022-34761 (A CWE-476: NULL Pointer Dereference vulnerability exists that could ca ...)
+ TODO: check
+CVE-2022-34760 (A CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vuln ...)
+ TODO: check
+CVE-2022-34759 (A CWE-787: Out-of-bounds Write vulnerability exists that could cause a ...)
+ TODO: check
+CVE-2022-34758 (A CWE-20: Improper Input Validation vulnerability exists that could ca ...)
+ TODO: check
+CVE-2022-34757 (A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerabil ...)
+ TODO: check
+CVE-2022-34756 (A CWE-120: Buffer Copy without Checking Size of Input vulnerability ex ...)
+ TODO: check
CVE-2022-34755
RESERVED
-CVE-2022-34754
- RESERVED
-CVE-2022-34753
- RESERVED
+CVE-2022-34754 (A CWE-269: Improper Privilege Management vulnerability exists that cou ...)
+ TODO: check
+CVE-2022-34753 (A CWE-78: Improper Neutralization of Special Elements used in an OS Co ...)
+ TODO: check
CVE-2022-34752
RESERVED
CVE-2022-34751
@@ -2488,8 +2739,8 @@ CVE-2017-20131
RESERVED
CVE-2017-20130
RESERVED
-CVE-2017-20129
- RESERVED
+CVE-2017-20129 (A vulnerability was found in LogoStore. It has been classified as crit ...)
+ TODO: check
CVE-2017-20128 (A vulnerability has been found in KB Messages PHP Script 1.0 and class ...)
NOT-FOR-US: KB Messages PHP Script
CVE-2017-20127 (A vulnerability was found in KB Login Authentication Script 1.1 and cl ...)
@@ -8516,8 +8767,8 @@ CVE-2022-32310 (An access control issue in Ingredient Stock Management System v1
NOT-FOR-US: Ingredient Stock Management System
CVE-2022-32309
RESERVED
-CVE-2022-32308
- RESERVED
+CVE-2022-32308 (Cross Site Scripting (XSS) vulnerability in uBlock Origin extension be ...)
+ TODO: check
CVE-2022-32307
RESERVED
CVE-2022-32306
@@ -9225,14 +9476,14 @@ CVE-2022-32119
RESERVED
CVE-2022-32118
RESERVED
-CVE-2022-32117
- RESERVED
+CVE-2022-32117 (Jerryscript v2.4.0 was discovered to contain a stack buffer overflow v ...)
+ TODO: check
CVE-2022-32116
RESERVED
CVE-2022-32115 (An issue in the isSVG() function of Known v1.2.2+2020061101 allows att ...)
TODO: check
-CVE-2022-32114
- RESERVED
+CVE-2022-32114 (An unrestricted file upload vulnerability in the Add New Assets functi ...)
+ TODO: check
CVE-2022-32113
RESERVED
CVE-2022-32112
@@ -11906,8 +12157,8 @@ CVE-2022-31147
RESERVED
CVE-2022-31146
RESERVED
-CVE-2022-31145
- RESERVED
+CVE-2022-31145 (FlyteAdmin is the control plane for Flyte responsible for managing ent ...)
+ TODO: check
CVE-2022-31144
RESERVED
CVE-2022-31143
@@ -37091,8 +37342,8 @@ CVE-2021-4204 [eBPF Improper Input Validation Vulnerability]
NOTE: https://www.openwall.com/lists/oss-security/2022/01/11/4
CVE-2022-22983
RESERVED
-CVE-2022-22982
- RESERVED
+CVE-2022-22982 (The vCenter Server contains a server-side request forgery (SSRF) vulne ...)
+ TODO: check
CVE-2022-22981
RESERVED
CVE-2022-22980 (A Spring Data MongoDB application is vulnerable to SpEL Injection when ...)
@@ -53915,68 +54166,52 @@ CVE-2022-20240
RESERVED
CVE-2022-20239
RESERVED
-CVE-2022-20238
- RESERVED
+CVE-2022-20238 ('remap_pfn_range' here may map out of size kernel memory (for example, ...)
NOT-FOR-US: Unisoc
CVE-2022-20237
RESERVED
-CVE-2022-20236
- RESERVED
+CVE-2022-20236 (A drm driver have oob problem, could cause the system crash or EOPProd ...)
NOT-FOR-US: Unisoc
CVE-2022-20235
RESERVED
-CVE-2022-20234
- RESERVED
+CVE-2022-20234 (In Car Settings app, the NotificationAccessConfirmationActivity is exp ...)
+ TODO: check
CVE-2022-20233 (In param_find_digests_internal and related functions of the Titan-M so ...)
NOT-FOR-US: Google Pixel
CVE-2022-20232
RESERVED
CVE-2022-20231
RESERVED
-CVE-2022-20230
- RESERVED
+CVE-2022-20230 (In choosePrivateKeyAlias of KeyChain.java, there is a possible access ...)
NOT-FOR-US: Android
-CVE-2022-20229
- RESERVED
+CVE-2022-20229 (In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there i ...)
NOT-FOR-US: Android
-CVE-2022-20228
- RESERVED
+CVE-2022-20228 (In various functions of C2DmaBufAllocator.cpp, there is a possible mem ...)
NOT-FOR-US: Android
-CVE-2022-20227
- RESERVED
+CVE-2022-20227 (In USB driver, there is a possible out of bounds read due to a heap bu ...)
NOTE: https://source.android.com/security/bulletin/2022-07-01
NOTE: Possibly a duplicate of CVE-2021-39685 and CVE-2022-25375, contacted Android Security Team
-CVE-2022-20226
- RESERVED
+CVE-2022-20226 (In finishDrawingWindow of WindowManagerService.java, there is a possib ...)
NOT-FOR-US: Android
-CVE-2022-20225
- RESERVED
+CVE-2022-20225 (In getSubscriptionProperty of SubscriptionController.java, there is a ...)
NOT-FOR-US: Android
-CVE-2022-20224
- RESERVED
+CVE-2022-20224 (In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bou ...)
NOT-FOR-US: Android
-CVE-2022-20223
- RESERVED
+CVE-2022-20223 (In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, th ...)
NOT-FOR-US: Android
-CVE-2022-20222
- RESERVED
+CVE-2022-20222 (In read_attr_value of gatt_db.cc, there is a possible out of bounds wr ...)
NOT-FOR-US: Android
-CVE-2022-20221
- RESERVED
+CVE-2022-20221 (In avrc_ctrl_pars_vendor_cmd of avrc_pars_ct.cc, there is a possible o ...)
NOT-FOR-US: Android
-CVE-2022-20220
- RESERVED
+CVE-2022-20220 (In openFile of CallLogProvider.java, there is a possible permission by ...)
NOT-FOR-US: Android
-CVE-2022-20219
- RESERVED
+CVE-2022-20219 (In multiple functions of StorageManagerService.java and UserManagerSer ...)
NOT-FOR-US: Android
-CVE-2022-20218
- RESERVED
-CVE-2022-20217
- RESERVED
+CVE-2022-20218 (In PermissionController, there is a possible way to get and retain per ...)
+ TODO: check
+CVE-2022-20217 (There is a unauthorized broadcast in the SprdContactsProvider. A third ...)
NOT-FOR-US: Unisoc
-CVE-2022-20216
- RESERVED
+CVE-2022-20216 (android exported is used to set third-party app access permissions, an ...)
NOT-FOR-US: Unisoc
CVE-2022-20215
RESERVED
@@ -53984,8 +54219,8 @@ CVE-2022-20214
RESERVED
CVE-2022-20213
RESERVED
-CVE-2022-20212
- RESERVED
+CVE-2022-20212 (In wifi.RequestToggleWifiActivity of AndroidManifest.xml, there is a p ...)
+ TODO: check
CVE-2022-20211
RESERVED
CVE-2022-20210 (The UE and the EMM communicate with each other using NAS messages. Whe ...)
@@ -137257,8 +137492,8 @@ CVE-2020-21969
RESERVED
CVE-2020-21968
RESERVED
-CVE-2020-21967
- RESERVED
+CVE-2020-21967 (File upload vulnerability in the Catalog feature in Prestashop 1.7.6.7 ...)
+ TODO: check
CVE-2020-21966
RESERVED
CVE-2020-21965
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/965f4a0d1214fcc6cfbf63a0d32892b66376d1e6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/965f4a0d1214fcc6cfbf63a0d32892b66376d1e6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220714/b2bb39cd/attachment.htm>
More information about the debian-security-tracker-commits
mailing list