[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jul 18 21:10:27 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c17e52ab by security tracker role at 2022-07-18T20:10:18+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2022-36277
+ RESERVED
+CVE-2022-36276
+ RESERVED
+CVE-2022-2460
+ RESERVED
+CVE-2022-2459
+ RESERVED
+CVE-2022-2458
+ RESERVED
+CVE-2022-2457
+ RESERVED
+CVE-2022-2456
+ RESERVED
CVE-2022-36275
RESERVED
CVE-2022-36274
@@ -296,8 +310,8 @@ CVE-2022-2455
RESERVED
CVE-2022-36128
RESERVED
-CVE-2022-36127
- RESERVED
+CVE-2022-36127 (A vulnerability in Apache SkyWalking NodeJS Agent prior to 0.5.1. The ...)
+ TODO: check
CVE-2022-2454
RESERVED
CVE-2022-2453
@@ -326,8 +340,8 @@ CVE-2017-20140
RESERVED
CVE-2017-20139
RESERVED
-CVE-2016-15003
- RESERVED
+CVE-2016-15003 (A vulnerability has been found in FileZilla Client 3.17.0.0 and classi ...)
+ TODO: check
CVE-2015-10003 (A vulnerability, which was classified as problematic, was found in Fil ...)
TODO: check
CVE-2022-36125
@@ -838,10 +852,10 @@ CVE-2022-2446
RESERVED
CVE-2022-2445
RESERVED
-CVE-2022-2444
- RESERVED
-CVE-2022-2443
- RESERVED
+CVE-2022-2444 (The Visualizer: Tables and Charts Manager for WordPress plugin for Wor ...)
+ TODO: check
+CVE-2022-2443 (The FreeMind WP Browser plugin for WordPress is vulnerable to Cross-Si ...)
+ TODO: check
CVE-2022-2442
RESERVED
CVE-2022-2441
@@ -852,12 +866,12 @@ CVE-2022-2439
RESERVED
CVE-2022-2438
RESERVED
-CVE-2022-2437
- RESERVED
+CVE-2022-2437 (The Feed Them Social – for Twitter feed, Youtube and more plugin ...)
+ TODO: check
CVE-2022-2436
RESERVED
-CVE-2022-2435
- RESERVED
+CVE-2022-2435 (The AnyMind Widget plugin for WordPress is vulnerable to Cross-Site Re ...)
+ TODO: check
CVE-2022-2434
RESERVED
CVE-2022-2433
@@ -1200,12 +1214,12 @@ CVE-2022-2402
RESERVED
CVE-2022-2401 (Unrestricted information disclosure of all users in Mattermost version ...)
- mattermost-server <itp> (bug #823556)
-CVE-2022-2400
- RESERVED
+CVE-2022-2400 (External Control of File Name or Path in GitHub repository dompdf/domp ...)
+ TODO: check
CVE-2022-2399
RESERVED
-CVE-2022-35741
- RESERVED
+CVE-2022-35741 (Apache CloudStack version 4.5.0 and later has a SAML 2.0 authenticatio ...)
+ TODO: check
CVE-2022-2398
RESERVED
CVE-2022-2397
@@ -1991,8 +2005,8 @@ CVE-2022-35406 (A URL disclosure issue was discovered in Burp Suite before 2022.
- burpsuite <itp> (bug #832943)
CVE-2022-35405
RESERVED
-CVE-2022-35404
- RESERVED
+CVE-2022-35404 (ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 ...)
+ TODO: check
CVE-2022-35403 (Zoho ManageEngine ServiceDesk Plus before 13008, ServiceDesk Plus MSP ...)
NOT-FOR-US: Zoho ManageEngine
CVE-2022-35402
@@ -3207,14 +3221,14 @@ CVE-2022-2286 (Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. ...
- vim <unfixed> (unimportant)
NOTE: https://huntr.dev/bounties/fe7681fb-2318-436b-8e65-daf66cd597d8/
NOTE: https://github.com/vim/vim/commit/f12129f1714f7d2301935bb21d896609bdac221c (v9.0.0020)
-CVE-2022-34902
- RESERVED
-CVE-2022-34901
- RESERVED
-CVE-2022-34900
- RESERVED
-CVE-2022-34899
- RESERVED
+CVE-2022-34902 (This vulnerability allows local attackers to escalate privileges on af ...)
+ TODO: check
+CVE-2022-34901 (This vulnerability allows local attackers to escalate privileges on af ...)
+ TODO: check
+CVE-2022-34900 (This vulnerability allows local attackers to escalate privileges on af ...)
+ TODO: check
+CVE-2022-34899 (This vulnerability allows local attackers to escalate privileges on af ...)
+ TODO: check
CVE-2022-34898
RESERVED
CVE-2022-34897
@@ -3256,8 +3270,8 @@ CVE-2021-4234 (OpenVPN Access Server 2.10 and prior versions are susceptible to
NOT-FOR-US: OpenVPN Access Server
CVE-2022-34893
RESERVED
-CVE-2022-34892
- RESERVED
+CVE-2022-34892 (This vulnerability allows local attackers to escalate privileges on af ...)
+ TODO: check
CVE-2022-34891 (This vulnerability allows local attackers to escalate privileges on af ...)
TODO: check
CVE-2022-34890 (This vulnerability allows local attackers to disclose sensitive inform ...)
@@ -3892,10 +3906,10 @@ CVE-2022-34660
RESERVED
CVE-2022-2225
RESERVED
-CVE-2022-2224
- RESERVED
-CVE-2022-2223
- RESERVED
+CVE-2022-2224 (The WordPress plugin Gallery for Social Photo is vulnerable to Cross-S ...)
+ TODO: check
+CVE-2022-2223 (The WordPress plugin Image Slider is vulnerable to Cross-Site Request ...)
+ TODO: check
CVE-2022-2222 (The Download Monitor WordPress plugin before 4.5.91 does not ensure th ...)
TODO: check
CVE-2022-2221 (Information Exposure vulnerability in My Account Settings of Devolutio ...)
@@ -6022,8 +6036,8 @@ CVE-2022-33918
RESERVED
CVE-2022-33917
RESERVED
-CVE-2022-2117
- RESERVED
+CVE-2022-2117 (The GiveWP plugin for WordPress is vulnerable to Sensitive Information ...)
+ TODO: check
CVE-2022-2116
RESERVED
CVE-2022-2115
@@ -6075,8 +6089,8 @@ CVE-2022-33903 (Tor 0.4.7.x before 0.4.7.8 allows a denial of service via the we
NOTE: https://gitlab.torproject.org/tpo/core/tor/-/issues/40626
NOTE: https://lists.torproject.org/pipermail/tor-announce/2022-June/000242.html
NOTE: https://github.com/torproject/tor/commit/b0496d40197dd5b4fb7b694c1410082d4e34dda6 (tor-0.4.7.8)
-CVE-2022-33891
- RESERVED
+CVE-2022-33891 (The Apache Spark UI offers the possibility to enable ACLs via the conf ...)
+ TODO: check
CVE-2022-33890
RESERVED
CVE-2022-33889
@@ -6121,8 +6135,8 @@ CVE-2022-28715
RESERVED
CVE-2022-25986
RESERVED
-CVE-2022-2108
- RESERVED
+CVE-2022-2108 (The plugin Wbcom Designs – BuddyPress Group Reviews for WordPres ...)
+ TODO: check
CVE-2022-2107
RESERVED
CVE-2022-2106 (Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficient ...)
@@ -6135,8 +6149,8 @@ CVE-2022-2103 (An attacker with weak credentials could access the TCP port via a
NOT-FOR-US: Secheron
CVE-2022-2102 (Controls limiting uploads to certain file extensions may be bypassed. ...)
NOT-FOR-US: Secheron
-CVE-2022-2101
- RESERVED
+CVE-2022-2101 (The Download Manager plugin for WordPress is vulnerable to Stored Cros ...)
+ TODO: check
CVE-2022-33880
RESERVED
CVE-2022-33879 (The initial fixes in CVE-2022-30126 and CVE-2022-30973 for regexes in ...)
@@ -8700,8 +8714,8 @@ CVE-2022-28703
RESERVED
CVE-2022-27498
RESERVED
-CVE-2022-2039
- RESERVED
+CVE-2022-2039 (The Free Live Chat Support plugin for WordPress is vulnerable to Cross ...)
+ TODO: check
CVE-2022-2038
RESERVED
CVE-2022-2037 (Excessive Attack Surface in GitHub repository tooljet/tooljet prior to ...)
@@ -9311,8 +9325,8 @@ CVE-2022-2003
RESERVED
CVE-2022-2002
RESERVED
-CVE-2022-2001
- RESERVED
+CVE-2022-2001 (The DX Share Selection plugin for WordPress is vulnerable to Cross-Sit ...)
+ TODO: check
CVE-2022-32498
RESERVED
CVE-2022-32497
@@ -9446,8 +9460,8 @@ CVE-2022-32452
RESERVED
CVE-2022-32451
RESERVED
-CVE-2022-32450
- RESERVED
+CVE-2022-32450 (AnyDesk 7.0.9 allows a local user to gain SYSTEM privileges via a symb ...)
+ TODO: check
CVE-2022-32449 (TOTOLINK EX300_V2 V4.0.3c.7484 was discovered to contain a command inj ...)
NOT-FOR-US: TOTOLINK
CVE-2022-32448
@@ -9572,8 +9586,8 @@ CVE-2022-32389 (Isode SWIFT v4.0.2 was discovered to contain hard-coded credenti
NOT-FOR-US: Isode SWIFT (different than src:swift)
CVE-2022-32388
RESERVED
-CVE-2022-32387
- RESERVED
+CVE-2022-32387 (In Kentico before 13.0.66, attackers can achieve Denial of Service via ...)
+ TODO: check
CVE-2022-32386 (Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow vi ...)
NOT-FOR-US: Tenda
CVE-2022-32385 (Tenda AC23 v16.03.07.44 is vulnerable to Stack Overflow that will allo ...)
@@ -9733,6 +9747,7 @@ CVE-2022-32310 (An access control issue in Ingredient Stock Management System v1
CVE-2022-32309
RESERVED
CVE-2022-32308 (Cross Site Scripting (XSS) vulnerability in uBlock Origin extension be ...)
+ {DLA-3062-1}
- ublock-origin 1.42.0+dfsg-1
[bullseye] - ublock-origin 1.42.0+dfsg-1~deb11u1
[buster] - ublock-origin <no-dsa> (Minor issue; pending via buster-pu)
@@ -11336,8 +11351,8 @@ CVE-2022-1914 (The Clean-Contact WordPress plugin through 1.6 does not have CSRF
NOT-FOR-US: WordPress plugin
CVE-2022-1913 (The Add Post URL WordPress plugin through 2.1.0 does not have CSRF che ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-1912
- RESERVED
+CVE-2022-1912 (The Button Widget Smartsoft plugin for WordPress is vulnerable to Cros ...)
+ TODO: check
CVE-2022-1911
RESERVED
CVE-2022-1910 (The Shortcodes and extra features for Phlox WordPress plugin before 2. ...)
@@ -14663,22 +14678,22 @@ CVE-2022-30629
NOTE: https://github.com/golang/go/commit/c15a8e2dbb5ac376a6ed890735341b812d6b965c (go1.17.11)
CVE-2022-30628
RESERVED
-CVE-2022-30627
- RESERVED
-CVE-2022-30626
- RESERVED
-CVE-2022-30625
- RESERVED
-CVE-2022-30624
- RESERVED
-CVE-2022-30623
- RESERVED
+CVE-2022-30627 (This vulnerability affects all of the company's products that also inc ...)
+ TODO: check
+CVE-2022-30626 (Browsing the path: http://ip/wifi_ap_pata_get.cmd, will show in the na ...)
+ TODO: check
+CVE-2022-30625 (Directory listing is a web server function that displays the directory ...)
+ TODO: check
+CVE-2022-30624 (Browsing the admin.html page allows the user to reset the admin passwo ...)
+ TODO: check
+CVE-2022-30623 (The server checks the user's cookie in a non-standard way, and a value ...)
+ TODO: check
CVE-2022-30622 (Disclosure of information - the system allows you to view usernames an ...)
TODO: check
-CVE-2022-30621
- RESERVED
-CVE-2022-30620
- RESERVED
+CVE-2022-30621 (Allows a remote user to read files on the camera's OS "GetFileContent. ...)
+ TODO: check
+CVE-2022-30620 (On Cellinx Camera with guest enabled, attacker with web access can ele ...)
+ TODO: check
CVE-2022-30619 (Editable SQL Queries behind Base64 encoding sending from the Client-Si ...)
NOT-FOR-US: Agile Point
CVE-2022-30618 (An authenticated user with access to the Strapi admin panel can view p ...)
@@ -15695,10 +15710,10 @@ CVE-2022-30304
RESERVED
CVE-2022-30303
RESERVED
-CVE-2022-30302
- RESERVED
-CVE-2022-30301
- RESERVED
+CVE-2022-30302 (Multiple relative path traversal vulnerabilities [CWE-23] in FortiDece ...)
+ TODO: check
+CVE-2022-30301 (A path traversal vulnerability [CWE-22] in FortiAP-U CLI 6.2.0 through ...)
+ TODO: check
CVE-2022-30300
RESERVED
CVE-2022-30299
@@ -16217,8 +16232,8 @@ CVE-2022-1567 (The WP-JS plugin for WordPress contains a script called wp-js.php
NOT-FOR-US: WP-JS plugin for WordPress
CVE-2022-1566 (The Quotes llama WordPress plugin through 0.7 does not sanitise and es ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-1565
- RESERVED
+CVE-2022-1565 (The plugin WP All Import is vulnerable to arbitrary file uploads due t ...)
+ TODO: check
CVE-2022-1564 (The Form Maker by 10Web WordPress plugin before 1.14.12 does not sanit ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1563
@@ -19445,14 +19460,14 @@ CVE-2022-29062
RESERVED
CVE-2022-29061
RESERVED
-CVE-2022-29060
- RESERVED
+CVE-2022-29060 (A use of hard-coded cryptographic key vulnerability [CWE-321] in Forti ...)
+ TODO: check
CVE-2022-29059
RESERVED
CVE-2022-29058
RESERVED
-CVE-2022-29057
- RESERVED
+CVE-2022-29057 (A improper neutralization of input during web page generation ('cross- ...)
+ TODO: check
CVE-2022-29056
RESERVED
CVE-2022-29055
@@ -24012,8 +24027,8 @@ CVE-2022-27485
RESERVED
CVE-2022-27484
RESERVED
-CVE-2022-27483
- RESERVED
+CVE-2022-27483 (A improper neutralization of special elements used in an os command (' ...)
+ TODO: check
CVE-2022-27482
RESERVED
CVE-2022-27481 (A vulnerability has been identified in SCALANCE W1788-1 M12 (All versi ...)
@@ -28074,22 +28089,22 @@ CVE-2022-26122
RESERVED
CVE-2022-26121
RESERVED
-CVE-2022-26120
- RESERVED
+CVE-2022-26120 (Multiple improper neutralization of special elements used in an SQL Co ...)
+ TODO: check
CVE-2022-26119
RESERVED
-CVE-2022-26118
- RESERVED
-CVE-2022-26117
- RESERVED
+CVE-2022-26118 (A privilege chaining vulnerability [CWE-268] in FortiManager and Forti ...)
+ TODO: check
+CVE-2022-26117 (An empty password in configuration file vulnerability [CWE-258] in For ...)
+ TODO: check
CVE-2022-26116 (Multiple improper neutralization of special elements used in SQL comma ...)
NOT-FOR-US: Fortiguard FortiNAC
CVE-2022-26115
RESERVED
CVE-2022-26114
RESERVED
-CVE-2022-26113
- RESERVED
+CVE-2022-26113 (An execution with unnecessary privileges vulnerability [CWE-250] in Fo ...)
+ TODO: check
CVE-2022-26112
RESERVED
CVE-2022-26042 (An OS command injection vulnerability exists in the daretools binary f ...)
@@ -32161,16 +32176,16 @@ CVE-2022-24694 (In Mahara 20.10 before 20.10.4, 21.04 before 21.04.3, and 21.10
- mahara <removed>
CVE-2022-24693 (Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB ...)
NOT-FOR-US: Baicells Nova436Q and Neutrino 430 devices
-CVE-2022-24692
- RESERVED
-CVE-2022-24691
- RESERVED
-CVE-2022-24690
- RESERVED
-CVE-2022-24689
- RESERVED
-CVE-2022-24688
- RESERVED
+CVE-2022-24692 (An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. The n ...)
+ TODO: check
+CVE-2022-24691 (An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. A SQL ...)
+ TODO: check
+CVE-2022-24690 (An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. A Pre ...)
+ TODO: check
+CVE-2022-24689 (An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. It mi ...)
+ TODO: check
+CVE-2022-24688 (An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. The T ...)
+ TODO: check
CVE-2022-24687 (HashiCorp Consul and Consul Enterprise 1.8.0 through 1.9.14, 1.10.7, a ...)
- consul <unfixed> (bug #1006487)
NOTE: https://discuss.hashicorp.com/t/hcsec-2022-05-consul-ingress-gateway-panic-can-shutdown-servers/
@@ -35829,8 +35844,8 @@ CVE-2022-23747
RESERVED
CVE-2022-23746
RESERVED
-CVE-2022-23745
- RESERVED
+CVE-2022-23745 (A potential memory corruption issue was found in Capsule Workspace And ...)
+ TODO: check
CVE-2022-23744 (Check Point Endpoint before version E86.50 failed to protect against s ...)
TODO: check
CVE-2022-23743 (Check Point ZoneAlarm before version 15.8.200.19118 allows a local act ...)
@@ -36526,8 +36541,8 @@ CVE-2022-23440 (A use of hard-coded cryptographic key vulnerability [CWE-321] in
NOT-FOR-US: Fortinet
CVE-2022-23439
RESERVED
-CVE-2022-23438
- RESERVED
+CVE-2022-23438 (An improper neutralization of input during web page generation ('Cross ...)
+ TODO: check
CVE-2022-23437 (There's a vulnerability within the Apache Xerces Java (XercesJ) XML pa ...)
- libxerces2-java <unfixed>
[bullseye] - libxerces2-java <postponed> (revisit when/if fix is complete)
@@ -37862,8 +37877,8 @@ CVE-2022-23144
RESERVED
CVE-2022-23143
RESERVED
-CVE-2022-23142
- RESERVED
+CVE-2022-23142 (ZXEN CG200 has a DoS vulnerability. An attacker could construct and se ...)
+ TODO: check
CVE-2022-23141 (ZXMP M721 has an information leak vulnerability. Since the serial port ...)
TODO: check
CVE-2022-23140
@@ -40450,8 +40465,8 @@ CVE-2022-22447
RESERVED
CVE-2022-22446
RESERVED
-CVE-2022-22445
- RESERVED
+CVE-2022-22445 (An attacker that gains service access to the FSP (POWER9 only) or gain ...)
+ TODO: check
CVE-2022-22444 (IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a local user to exploi ...)
NOT-FOR-US: IBM
CVE-2022-22443 (IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scr ...)
@@ -40736,8 +40751,8 @@ CVE-2022-22306 (An improper certificate validation vulnerability [CWE-295] in Fo
NOT-FOR-US: Fortinet FortiOS
CVE-2022-22305
RESERVED
-CVE-2022-22304
- RESERVED
+CVE-2022-22304 (An improper neutralization of input during web page generation vulnera ...)
+ TODO: check
CVE-2022-22303 (An exposure of sensitive system information to an unauthorized control ...)
NOT-FOR-US: FortiGuard
CVE-2022-22302
@@ -47718,8 +47733,8 @@ CVE-2021-44172
RESERVED
CVE-2021-44171
RESERVED
-CVE-2021-44170
- RESERVED
+CVE-2021-44170 (A stack-based buffer overflow vulnerability [CWE-121] in the command l ...)
+ TODO: check
CVE-2021-44169 (A improper initialization in Fortinet FortiClient (Windows) version 6. ...)
NOT-FOR-US: Fortinet FortiClient
CVE-2021-44168 (A download of code without integrity check vulnerability in the "execu ...)
@@ -53827,8 +53842,8 @@ CVE-2021-42757 (A buffer overflow [CWE-121] in the TFTP client library of FortiO
NOT-FOR-US: FortiGuard
CVE-2021-42756
RESERVED
-CVE-2021-42755
- RESERVED
+CVE-2021-42755 (An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitc ...)
+ TODO: check
CVE-2021-42754 (An improper control of generation of code vulnerability [CWE-94] in Fo ...)
NOT-FOR-US: Fortiguard
CVE-2021-42753 (An improper limitation of a pathname to a restricted directory ('Path ...)
@@ -59523,8 +59538,8 @@ CVE-2021-41033 (In all released versions of Eclipse Equinox, at least until vers
NOT-FOR-US: Eclipse Equinox
CVE-2021-41032 (An improper access control vulnerability [CWE-284] in FortiOS versions ...)
NOT-FOR-US: Fortiguard
-CVE-2021-41031
- RESERVED
+CVE-2021-41031 (A relative path traversal vulnerability [CWE-23] in FortiClient for Wi ...)
+ TODO: check
CVE-2021-41030 (An authentication bypass by capture-replay vulnerability [CWE-294] in ...)
NOT-FOR-US: FortiGuard
CVE-2021-41029 (A improper neutralization of input during web page generation ('cross- ...)
@@ -64893,8 +64908,8 @@ CVE-2021-38870 (IBM Aspera Cloud is vulnerable to stored cross-site scripting. T
NOT-FOR-US: IBM
CVE-2021-38869 (IBM QRadar SIEM 7.3, 7.4, and 7.5 in some situations may not automatic ...)
NOT-FOR-US: IBM
-CVE-2021-38868
- RESERVED
+CVE-2021-38868 (IBM Engineering Requirements Quality Assistant On-Premises (All versio ...)
+ TODO: check
CVE-2021-38867
RESERVED
CVE-2021-38866
@@ -77770,10 +77785,10 @@ CVE-2021-33657 (There is a heap overflow problem in video/SDL_pixels.c in SDL (S
[buster] - libsdl2 <no-dsa> (Minor issue)
[stretch] - libsdl2 <no-dsa> (Minor issue)
NOTE: https://github.com/libsdl-org/SDL/commit/8c91cf7dba5193f5ce12d06db1336515851c9ee9 (release-2.0.20)
-CVE-2021-33656
- RESERVED
-CVE-2021-33655
- RESERVED
+CVE-2021-33656 (When setting font with malicous data by ioctl cmd PIO_FONT,kernel will ...)
+ TODO: check
+CVE-2021-33655 (When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO, ...)
+ TODO: check
CVE-2021-33654 (When performing the initialization operation of the Split operator, if ...)
NOT-FOR-US: Mindspore deep learning
CVE-2021-33653 (When performing the derivation shape operation of the SpaceToBatch ope ...)
@@ -88133,8 +88148,8 @@ CVE-2021-29801 (IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged loca
NOT-FOR-US: IBM
CVE-2021-29800 (IBM Tivoli Netcool/OMNIbus_GUI and IBM Jazz for Service Management 1.1 ...)
NOT-FOR-US: IBM
-CVE-2021-29799
- RESERVED
+CVE-2021-29799 (IBM Engineering Requirements Quality Assistant On-Premises (All versio ...)
+ TODO: check
CVE-2021-29798 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.1.0 i ...)
NOT-FOR-US: IBM
CVE-2021-29797
@@ -88151,12 +88166,12 @@ CVE-2021-29792 (IBM Event Streams 10.0, 10.1, 10.2, and 10.3 could allow a user
NOT-FOR-US: IBM
CVE-2021-29791
RESERVED
-CVE-2021-29790
- RESERVED
+CVE-2021-29790 (IBM Engineering Requirements Quality Assistant On-Premises (All versio ...)
+ TODO: check
CVE-2021-29789
RESERVED
-CVE-2021-29788
- RESERVED
+CVE-2021-29788 (IBM Engineering Requirements Quality Assistant On-Premises (All versio ...)
+ TODO: check
CVE-2021-29787
RESERVED
CVE-2021-29786 (IBM Jazz Team Server products stores user credentials in clear text wh ...)
@@ -106838,8 +106853,8 @@ CVE-2021-22133 (The Elastic APM agent for Go versions before 1.11.0 can leak sen
NOT-FOR-US: Elastic APM agent
CVE-2021-22132 (Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosu ...)
- elasticsearch <removed>
-CVE-2021-22131
- RESERVED
+CVE-2021-22131 (A improper validation of certificate with host mismatch in Fortinet Fo ...)
+ TODO: check
CVE-2021-22130 (A stack-based buffer overflow vulnerability in FortiProxy physical app ...)
NOT-FOR-US: FortiProxy (FortiGuard)
CVE-2021-22129 (Multiple instances of incorrect calculation of buffer size in the Webm ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c17e52ab3e420b8183a5a094ff72eb696373cbe5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c17e52ab3e420b8183a5a094ff72eb696373cbe5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220718/f6714e5d/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list