[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jul 26 09:10:31 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
02f4beb7 by security tracker role at 2022-07-26T08:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2022-36767
+ RESERVED
+CVE-2022-36766
+ RESERVED
+CVE-2022-36765
+ RESERVED
+CVE-2022-36764
+ RESERVED
+CVE-2022-36763
+ RESERVED
+CVE-2022-36762
+ RESERVED
+CVE-2022-36761
+ RESERVED
CVE-2022-36760
RESERVED
CVE-2022-36759
@@ -798,8 +812,8 @@ CVE-2022-36379
RESERVED
CVE-2022-36378
RESERVED
-CVE-2022-36375
- RESERVED
+CVE-2022-36375 (Authenticated (high role user) WordPress Options Change vulnerability ...)
+ TODO: check
CVE-2022-36371
RESERVED
CVE-2022-36357
@@ -1107,8 +1121,8 @@ CVE-2022-36301
RESERVED
CVE-2022-36300
RESERVED
-CVE-2022-30706
- RESERVED
+CVE-2022-30706 (Open redirect vulnerability in Booked versions prior to 3.3 allows a r ...)
+ TODO: check
CVE-2022-2476 (A null pointer dereference bug was found in wavpack-5.4.0 The results ...)
- wavpack <unfixed> (bug #1015790)
[bullseye] - wavpack <no-dsa> (Minor issue)
@@ -2115,16 +2129,16 @@ CVE-2022-2416
RESERVED
CVE-2022-2415
RESERVED
-CVE-2022-35873
- RESERVED
-CVE-2022-35872
- RESERVED
-CVE-2022-35871
- RESERVED
-CVE-2022-35870
- RESERVED
-CVE-2022-35869
- RESERVED
+CVE-2022-35873 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-35872 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-35871 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-35870 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-35869 (This vulnerability allows remote attackers to bypass authentication on ...)
+ TODO: check
CVE-2022-35868
RESERVED
CVE-2022-35867
@@ -2614,10 +2628,10 @@ CVE-2022-35650 (The vulnerability was found in Moodle, occurs due to input valid
- moodle <removed>
CVE-2022-35649 (The vulnerability was found in Moodle, occurs due to improper input va ...)
- moodle <removed>
-CVE-2022-33977
- RESERVED
-CVE-2022-31471
- RESERVED
+CVE-2022-33977 (untangle is a python library to convert XML data to python objects. un ...)
+ TODO: check
+CVE-2022-31471 (untangle is a python library to convert XML data to python objects. un ...)
+ TODO: check
CVE-2022-2393 (A flaw was found in pki-core, which could allow a user to get a certif ...)
- dogtag-pki <undetermined>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2101046
@@ -3861,8 +3875,8 @@ CVE-2022-35133
RESERVED
CVE-2022-35132
RESERVED
-CVE-2022-35131
- RESERVED
+CVE-2022-35131 (Joplin v2.8.8 allows attackers to execute arbitrary commands via a cra ...)
+ TODO: check
CVE-2022-35130
RESERVED
CVE-2022-35129
@@ -4191,8 +4205,8 @@ CVE-2022-34968
RESERVED
CVE-2022-34967
RESERVED
-CVE-2022-34966
- RESERVED
+CVE-2022-34966 (OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered ...)
+ TODO: check
CVE-2022-34965 (OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered ...)
NOT-FOR-US: OpenTeknik
CVE-2022-34964 (OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered ...)
@@ -4387,10 +4401,10 @@ CVE-2022-34909
RESERVED
CVE-2022-34908
RESERVED
-CVE-2022-34907
- RESERVED
-CVE-2022-34906
- RESERVED
+CVE-2022-34907 (An authentication bypass vulnerability exists in FileWave before 14.6. ...)
+ TODO: check
+CVE-2022-34906 (A hard-coded cryptographic key is used in FileWave before 14.6.3 and 1 ...)
+ TODO: check
CVE-2022-34905
RESERVED
CVE-2022-34904
@@ -4854,8 +4868,8 @@ CVE-2022-34751
RESERVED
CVE-2022-34750 (An issue was discovered in MediaWiki through 1.38.1. The lemma length ...)
NOT-FOR-US: MediaWiki extension WikiBase
-CVE-2022-34749
- RESERVED
+CVE-2022-34749 (In mistune through 2.0.2, support of inline markup is implemented by u ...)
+ TODO: check
CVE-2022-34748 (A vulnerability has been identified in Simcenter Femap (All versions & ...)
NOT-FOR-US: Siemens
CVE-2022-34747
@@ -5342,22 +5356,22 @@ CVE-2022-34579
RESERVED
CVE-2022-34578
RESERVED
-CVE-2022-34577
- RESERVED
-CVE-2022-34576
- RESERVED
-CVE-2022-34575
- RESERVED
-CVE-2022-34574
- RESERVED
-CVE-2022-34573
- RESERVED
-CVE-2022-34572
- RESERVED
-CVE-2022-34571
- RESERVED
-CVE-2022-34570
- RESERVED
+CVE-2022-34577 (A vulnerability in adm.cgi of WAVLINK WN535 G3 M35G3R.V5030.180927 all ...)
+ TODO: check
+CVE-2022-34576 (A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN535 G3 M ...)
+ TODO: check
+CVE-2022-34575 (An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD ...)
+ TODO: check
+CVE-2022-34574 (An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD ...)
+ TODO: check
+CVE-2022-34573 (An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD ...)
+ TODO: check
+CVE-2022-34572 (An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD ...)
+ TODO: check
+CVE-2022-34571 (An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD ...)
+ TODO: check
+CVE-2022-34570 (WAVLINK WN579 X3 M79X3.V5030.191012/M79X3.V5030.191012 contains an inf ...)
+ TODO: check
CVE-2022-34569
RESERVED
CVE-2022-34568
@@ -24955,10 +24969,10 @@ CVE-2022-1043 [Linux Kernel io_uring Use-After-Free Privilege Escalation Vulnera
[stretch] - linux <not-affected> (Vulnerable code not present)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1997328
NOTE: https://git.kernel.org/linus/a30f895ad3239f45012e860d4f94c1a388b36d14 (5.14-rc7)
-CVE-2022-1042
- RESERVED
-CVE-2022-1041
- RESERVED
+CVE-2022-1042 (In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerabili ...)
+ TODO: check
+CVE-2022-1041 (In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerabili ...)
+ TODO: check
CVE-2022-27635
RESERVED
CVE-2022-27626
@@ -39566,10 +39580,10 @@ CVE-2022-23002
RESERVED
CVE-2022-23001
RESERVED
-CVE-2022-23000
- RESERVED
-CVE-2022-22999
- RESERVED
+CVE-2022-23000 (The Western Digital My Cloud Web App [https://os5.mycloud.com/] uses a ...)
+ TODO: check
+CVE-2022-22999 (Western Digital My Cloud devices are vulnerable to a cross side script ...)
+ TODO: check
CVE-2022-22998 (Implemented protections on AWS credentials that were not properly prot ...)
NOT-FOR-US: Western Digital
CVE-2022-22997 (Addressed a remote code execution vulnerability by resolving a command ...)
@@ -40946,8 +40960,8 @@ CVE-2022-22688 (Improper neutralization of special elements used in a command ('
NOT-FOR-US: Synology DiskStation Manager
CVE-2022-22687 (Buffer copy without checking size of input ('Classic Buffer Overflow') ...)
NOT-FOR-US: Synology DiskStation Manager
-CVE-2022-22686
- RESERVED
+CVE-2022-22686 (Cross-Site Request Forgery (CSRF) vulnerability in webapi component in ...)
+ TODO: check
CVE-2022-22685
RESERVED
CVE-2022-22684
@@ -89673,8 +89687,8 @@ CVE-2020-36292
RESERVED
CVE-2020-36291
RESERVED
-CVE-2020-36290
- RESERVED
+CVE-2020-36290 (The Livesearch macro in Confluence Server and Data Center before versi ...)
+ TODO: check
CVE-2020-36289 (Affected versions of Atlassian Jira Server and Data Center allow an un ...)
NOT-FOR-US: Atlassian
CVE-2020-36288 (The issue navigation and search view in Jira Server and Data Center be ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02f4beb71d57dc930405ca49a17257620adb1bd2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02f4beb71d57dc930405ca49a17257620adb1bd2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220726/197b41a8/attachment.htm>
More information about the debian-security-tracker-commits
mailing list