[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Jun 4 09:10:26 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fc42f32a by security tracker role at 2022-06-04T08:10:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,41 @@
+CVE-2020-36544
+	RESERVED
+CVE-2020-36543
+	RESERVED
+CVE-2020-36542 (A vulnerability classified as critical has been found in Demokratian.  ...)
+	TODO: check
+CVE-2020-36541 (A vulnerability was found in Demokratian. It has been rated as critica ...)
+	TODO: check
+CVE-2020-36540 (A vulnerability, which was classified as critical, was found in Neetai ...)
+	TODO: check
+CVE-2020-36539 (A vulnerability was found in Lógico y Creativo 1.0 and classified ...)
+	TODO: check
+CVE-2020-36538 (A vulnerability was found in Eatan CMS. It has been declared as critic ...)
+	TODO: check
+CVE-2020-36537 (A vulnerability was found in Everywhere CMS. It has been classified as ...)
+	TODO: check
+CVE-2020-36536 (A vulnerability was found in Brandbugle. It has been rated as critical ...)
+	TODO: check
+CVE-2020-36535 (A vulnerability classified as critical has been found in MINMAX. This  ...)
+	TODO: check
+CVE-2020-36534 (A vulnerability was found in easyii CMS. It has been classified as pro ...)
+	TODO: check
+CVE-2020-36533 (A vulnerability was found in Klapp App and classified as problematic.  ...)
+	TODO: check
+CVE-2020-36532 (A vulnerability has been found in Klapp App and classified as problema ...)
+	TODO: check
+CVE-2020-36531 (A vulnerability, which was classified as critical, has been found in S ...)
+	TODO: check
+CVE-2020-36530 (A vulnerability classified as critical was found in SevOne Network Man ...)
+	TODO: check
+CVE-2020-36529 (A vulnerability classified as critical has been found in SevOne Networ ...)
+	TODO: check
+CVE-2019-25064
+	RESERVED
+CVE-2019-25063 (A vulnerability was found in Sricam IP CCTV Camera. It has been classi ...)
+	TODO: check
+CVE-2019-25062 (A vulnerability was found in Sricam IP CCTV Camera and classified as c ...)
+	TODO: check
 CVE-2022-32287
 	RESERVED
 CVE-2022-32286
@@ -4464,8 +4502,8 @@ CVE-2022-1705
 	RESERVED
 CVE-2022-1704
 	RESERVED
-CVE-2022-1703
-	RESERVED
+CVE-2022-1703 (Improper neutralization of special elements in the SonicWall SSL-VPN S ...)
+	TODO: check
 CVE-2022-1702 (SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier ver ...)
 	NOT-FOR-US: SonicWall
 CVE-2022-1701 (SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier ver ...)
@@ -7132,8 +7170,8 @@ CVE-2022-29786
 	RESERVED
 CVE-2022-29785
 	RESERVED
-CVE-2022-29784
-	RESERVED
+CVE-2022-29784 (PublicCMS V4.0.202204.a and below contains an information leak via the ...)
+	TODO: check
 CVE-2022-29783
 	RESERVED
 CVE-2022-29782
@@ -7144,8 +7182,8 @@ CVE-2022-29780 (Nginx NJS v0.7.2 was discovered to contain a segmentation violat
 	NOT-FOR-US: njs
 CVE-2022-29779 (Nginx NJS v0.7.2 was discovered to contain a segmentation violation in ...)
 	NOT-FOR-US: njs
-CVE-2022-29778
-	RESERVED
+CVE-2022-29778 (** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-890L 1.20b01 allows attacke ...)
+	TODO: check
 CVE-2022-29777 (Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and belo ...)
 	NOT-FOR-US: Onlyoffice Document Server
 CVE-2022-29776 (Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and belo ...)
@@ -7154,14 +7192,14 @@ CVE-2022-29775
 	RESERVED
 CVE-2022-29774
 	RESERVED
-CVE-2022-29773
-	RESERVED
+CVE-2022-29773 (An access control issue in aleksis/core/util/auth_helpers.py: ClientPr ...)
+	TODO: check
 CVE-2022-29772
 	RESERVED
 CVE-2022-29771
 	RESERVED
-CVE-2022-29770
-	RESERVED
+CVE-2022-29770 (XXL-Job v2.3.0 was discovered to contain a stored cross-site scripting ...)
+	TODO: check
 CVE-2022-29769
 	RESERVED
 CVE-2022-29768
@@ -17581,8 +17619,8 @@ CVE-2022-26136
 	RESERVED
 CVE-2022-26135
 	RESERVED
-CVE-2022-26134
-	RESERVED
+CVE-2022-26134 (In affected versions of Confluence Server and Data Center, an OGNL inj ...)
+	TODO: check
 CVE-2022-26133 (SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center ve ...)
 	NOT-FOR-US: Atlassian Bitbucket Data Center
 CVE-2022-26132
@@ -18162,8 +18200,8 @@ CVE-2022-24068
 	RESERVED
 CVE-2022-24066 (The package simple-git before 3.5.0 are vulnerable to Command Injectio ...)
 	NOT-FOR-US: simple-git
-CVE-2022-24065
-	RESERVED
+CVE-2022-24065 (The package cookiecutter before 2.1.1 are vulnerable to Command Inject ...)
+	TODO: check
 CVE-2022-23923 (All versions of package jailed are vulnerable to Sandbox Bypass via an ...)
 	NOT-FOR-US: Node jailed
 CVE-2022-23920
@@ -18248,8 +18286,8 @@ CVE-2022-21129
 	RESERVED
 CVE-2022-21126
 	RESERVED
-CVE-2022-21122
-	RESERVED
+CVE-2022-21122 (The package metacalc before 0.0.2 are vulnerable to Arbitrary Code Exe ...)
+	TODO: check
 CVE-2022-0758 (Rapid7 Nexpose versions 6.6.129 and earlier suffer from a reflected cr ...)
 	NOT-FOR-US: Rapid7 Nexpose
 CVE-2022-0757 (Rapid7 Nexpose versions 6.6.93 and earlier are susceptible to an SQL I ...)
@@ -40876,8 +40914,8 @@ CVE-2021-43273 (An Out-of-bounds Read vulnerability exists in the DGN file readi
 	NOT-FOR-US: Open Design Alliance Drawings SDK
 CVE-2021-43272 (An improper handling of exceptional conditions vulnerability exists in ...)
 	NOT-FOR-US: Open Design Alliance ODA Viewer
-CVE-2021-43271
-	RESERVED
+CVE-2021-43271 (Riverbed AppResponse 11.8.0, 11.8.5, 11.8.5a, 11.9.0, 11.9.0a, 11.10.0 ...)
+	TODO: check
 CVE-2021-43270 (Datalust Seq.App.EmailPlus (aka seq-app-htmlemail) 3.1.0-dev-00148, 3. ...)
 	NOT-FOR-US: Datalust Seq.App.HtmlEmail (aka Seq.App.EmailPlus)
 CVE-2021-43269 (In Code42 app before 8.8.0, eval injection allows an attacker to chang ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc42f32afe810f37308c8eb8cd07dfdea7dfb1ef

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc42f32afe810f37308c8eb8cd07dfdea7dfb1ef
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220604/a12e9d82/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list