[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jun 17 21:10:29 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2b115413 by security tracker role at 2022-06-17T20:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,63 @@
+CVE-2022-33937
+ RESERVED
+CVE-2022-33936
+ RESERVED
+CVE-2022-33935
+ RESERVED
+CVE-2022-33934
+ RESERVED
+CVE-2022-33933
+ RESERVED
+CVE-2022-33932
+ RESERVED
+CVE-2022-33931
+ RESERVED
+CVE-2022-33930
+ RESERVED
+CVE-2022-33929
+ RESERVED
+CVE-2022-33928
+ RESERVED
+CVE-2022-33927
+ RESERVED
+CVE-2022-33926
+ RESERVED
+CVE-2022-33925
+ RESERVED
+CVE-2022-33924
+ RESERVED
+CVE-2022-33923
+ RESERVED
+CVE-2022-33922
+ RESERVED
+CVE-2022-33921
+ RESERVED
+CVE-2022-33920
+ RESERVED
+CVE-2022-33919
+ RESERVED
+CVE-2022-33918
+ RESERVED
+CVE-2022-33917
+ RESERVED
+CVE-2022-2117
+ RESERVED
+CVE-2022-2116
+ RESERVED
+CVE-2022-2115
+ RESERVED
+CVE-2022-2114
+ RESERVED
+CVE-2022-2113 (Cross-site Scripting (XSS) - Stored in GitHub repository inventree/inv ...)
+ TODO: check
+CVE-2022-2112 (Improper Neutralization of Formula Elements in a CSV File in GitHub re ...)
+ TODO: check
+CVE-2022-2111 (Unrestricted Upload of File with Dangerous Type in GitHub repository i ...)
+ TODO: check
+CVE-2022-2110
+ RESERVED
+CVE-2022-2109
+ RESERVED
CVE-2022-33916
RESERVED
CVE-2022-33915 (Versions of the Amazon AWS Apache Log4j hotpatch package before log4j- ...)
@@ -118,12 +178,12 @@ CVE-2022-2099
RESERVED
CVE-2022-2098 (Weak Password Requirements in GitHub repository kromitgmbh/titra prior ...)
TODO: check
-CVE-2020-36549
- RESERVED
-CVE-2020-36548
- RESERVED
-CVE-2020-36547
- RESERVED
+CVE-2020-36549 (A vulnerability classified as critical was found in GE Voluson S8. Aff ...)
+ TODO: check
+CVE-2020-36548 (A vulnerability classified as problematic has been found in GE Voluson ...)
+ TODO: check
+CVE-2020-36547 (A vulnerability was found in GE Voluson S8. It has been rated as criti ...)
+ TODO: check
CVE-2022-33868
RESERVED
CVE-2022-33867
@@ -3309,12 +3369,12 @@ CVE-2022-32446
RESERVED
CVE-2022-32445
RESERVED
-CVE-2022-32444
- RESERVED
+CVE-2022-32444 (An issue was discovered in u5cms verion 8.3.5 There is a URL redirecti ...)
+ TODO: check
CVE-2022-32443
RESERVED
-CVE-2022-32442
- RESERVED
+CVE-2022-32442 (u5cms version 8.3.5 is vulnerable to Cross Site Scripting (XSS). When ...)
+ TODO: check
CVE-2022-32441
RESERVED
CVE-2022-32440
@@ -3760,8 +3820,8 @@ CVE-2022-32278 (XFCE 4.16 allows attackers to execute arbitrary code because xdg
NOTE: https://gitlab.xfce.org/xfce/exo/-/commit/c71c04ff5882b2866a0d8506fb460d4ef796de9f (exo-4.16.4)
CVE-2022-32277
RESERVED
-CVE-2022-32276
- RESERVED
+CVE-2022-32276 (** DISPUTED ** Grafana 8.4.3 allows unauthenticated access via (for ex ...)
+ TODO: check
CVE-2022-32275 (Grafana 8.4.3 allows reading files via (for example) a /dashboard/snap ...)
- grafana <removed>
CVE-2022-31472
@@ -5009,8 +5069,8 @@ CVE-2022-31786
RESERVED
CVE-2022-31785
RESERVED
-CVE-2022-31784
- RESERVED
+CVE-2022-31784 (A vulnerability in the management interface of MiVoice Business throug ...)
+ TODO: check
CVE-2022-31783 (Liblouis 3.21.0 has an out-of-bounds write in compileRule in compileTr ...)
- liblouis 3.22.0-1 (bug #1011984)
[bullseye] - liblouis <no-dsa> (Minor issue)
@@ -6321,12 +6381,12 @@ CVE-2022-31359
RESERVED
CVE-2022-31358
RESERVED
-CVE-2022-31357
- RESERVED
-CVE-2022-31356
- RESERVED
-CVE-2022-31355
- RESERVED
+CVE-2022-31357 (Online Ordering System v2.3.2 was discovered to contain a SQL injectio ...)
+ TODO: check
+CVE-2022-31356 (Online Ordering System v2.3.2 was discovered to contain a SQL injectio ...)
+ TODO: check
+CVE-2022-31355 (Online Ordering System v2.3.2 was discovered to contain a SQL injectio ...)
+ TODO: check
CVE-2022-31354 (Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via ...)
NOT-FOR-US: Online Car Wash Booking System
CVE-2022-31353 (Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via ...)
@@ -6443,8 +6503,8 @@ CVE-2022-31298 (A cross-site scripting vulnerability in the ads comment section
NOT-FOR-US: Haraj
CVE-2022-31297
RESERVED
-CVE-2022-31296
- RESERVED
+CVE-2022-31296 (Online Discussion Forum Site 1 was discovered to contain a blind SQL i ...)
+ TODO: check
CVE-2022-31295 (An issue in the delete_post() function of Online Discussion Forum Site ...)
NOT-FOR-US: Online Discussion Forum Site
CVE-2022-31294 (An issue in the save_users() function of Online Discussion Forum Site ...)
@@ -6635,8 +6695,8 @@ CVE-2022-1807
RESERVED
CVE-2022-1806 (Cross-site Scripting (XSS) - Reflected in GitHub repository rtxteam/rt ...)
NOT-FOR-US: RTX
-CVE-2022-31246
- RESERVED
+CVE-2022-31246 (paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the ...)
+ TODO: check
CVE-2022-31245 (mailcow before 2022-05d allows a remote authenticated user to inject O ...)
NOT-FOR-US: mailcow
CVE-2022-31244
@@ -8343,8 +8403,8 @@ CVE-2022-30609
RESERVED
CVE-2022-30608
RESERVED
-CVE-2022-30607
- RESERVED
+CVE-2022-30607 (IBM Robotic Process Automation 20.10.0, 20.12.5, 21.0.0, 21.0.1, and 2 ...)
+ TODO: check
CVE-2022-30546 (Out-of-bounds read vulnerability exists in the simulator module contai ...)
NOT-FOR-US: Fuji Electric V-SFT
CVE-2022-30538 (Out-of-bounds write vulnerability exists in the simulator module conta ...)
@@ -8991,8 +9051,8 @@ CVE-2022-30424
RESERVED
CVE-2022-30423 (Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execu ...)
NOT-FOR-US: Merchandise Online Store
-CVE-2022-30422
- RESERVED
+CVE-2022-30422 (Proietti Tech srl Planet Time Enterprise 4.2.0.1,4.2.0.0,4.1.0.0,4.0.0 ...)
+ TODO: check
CVE-2022-30421
RESERVED
CVE-2022-30420
@@ -33735,8 +33795,8 @@ CVE-2022-22487
RESERVED
CVE-2022-22486
RESERVED
-CVE-2022-22485
- RESERVED
+CVE-2022-22485 (In some cases, an unsuccessful attempt to log into IBM Spectrum Protec ...)
+ TODO: check
CVE-2022-22484 (IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a ...)
NOT-FOR-US: IBM
CVE-2022-22483
@@ -38335,12 +38395,12 @@ CVE-2021-45028
RESERVED
CVE-2021-45027
RESERVED
-CVE-2021-45026
- RESERVED
-CVE-2021-45025
- RESERVED
-CVE-2021-45024
- RESERVED
+CVE-2021-45026 (ASG technologies ASG-Zena Cross Platform Server Enterprise Edition 4.2 ...)
+ TODO: check
+CVE-2021-45025 (ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform ...)
+ TODO: check
+CVE-2021-45024 (ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform ...)
+ TODO: check
CVE-2021-45023
RESERVED
CVE-2021-45022
@@ -51633,8 +51693,8 @@ CVE-2021-41492 (Multiple SQL Injection vulnerabilities exist in Sourcecodester S
NOT-FOR-US: Sourcecodester
CVE-2021-41491
RESERVED
-CVE-2021-41490
- RESERVED
+CVE-2021-41490 (Memory leaks in LazyPRM.cpp of OMPL v1.5.0 can cause unexpected behavi ...)
+ TODO: check
CVE-2021-41489
RESERVED
CVE-2021-41488
@@ -51809,8 +51869,8 @@ CVE-2021-41410
RESERVED
CVE-2021-41409
RESERVED
-CVE-2021-41408
- RESERVED
+CVE-2021-41408 (VoIPmonitor WEB GUI up to version 24.61 is affected by SQL injection t ...)
+ TODO: check
CVE-2021-41407
RESERVED
CVE-2021-41406
@@ -53090,8 +53150,8 @@ CVE-2021-40905 (The web management console of CheckMK Enterprise Edition (versio
NOT-FOR-US: CheckMK Enterprise Edition
CVE-2021-40904 (The web management console of CheckMK Raw Edition (versions 1.5.0 to 1 ...)
- check-mk <removed>
-CVE-2021-40903
- RESERVED
+CVE-2021-40903 (A vulnerability in Antminer Monitor 0.50.0 exists because of backdoor ...)
+ TODO: check
CVE-2021-40902 (flatCore-CMS version 2.0.8 is affected by Cross Site Scripting (XSS) i ...)
TODO: check
CVE-2021-40901
@@ -209977,22 +210037,22 @@ CVE-2019-12360 (A stack-based buffer over-read exists in FoFiTrueType::dumpStrin
NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/bf4aae25a244b1033a2479b9a8f633224f7d5de5 (poppler-0.32.0)
NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=85243
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1136620
-CVE-2019-12359
- RESERVED
-CVE-2019-12358
- RESERVED
-CVE-2019-12357
- RESERVED
-CVE-2019-12356
- RESERVED
-CVE-2019-12355
- RESERVED
-CVE-2019-12354
- RESERVED
-CVE-2019-12353
- RESERVED
-CVE-2019-12352
- RESERVED
+CVE-2019-12359 (An issue was discovered in zzcms 2019. There is a SQL injection Vulner ...)
+ TODO: check
+CVE-2019-12358 (An issue was discovered in zzcms 2019. There is a SQL injection Vulner ...)
+ TODO: check
+CVE-2019-12357 (An issue was discovered in zzcms 2019. There is a SQL injection Vulner ...)
+ TODO: check
+CVE-2019-12356 (An issue was discovered in zzcms 2019. There is a SQL injection Vulner ...)
+ TODO: check
+CVE-2019-12355 (An issue was discovered in zzcms 2019. There is a SQL injection Vulner ...)
+ TODO: check
+CVE-2019-12354 (An issue was discovered in zzcms 2019. There is a SQL injection Vulner ...)
+ TODO: check
+CVE-2019-12353 (An issue was discovered in zzcms 2019. There is a SQL injection Vulner ...)
+ TODO: check
+CVE-2019-12352 (An issue was discovered in zzcms 2019. There is a SQL injection Vulner ...)
+ TODO: check
CVE-2019-12351 (An issue was discovered in zzcms 2019. SQL Injection exists in dl/dl_p ...)
NOT-FOR-US: zzcms
CVE-2019-12350 (An issue was discovered in zzcms 2019. SQL Injection exists in dl/dl_d ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b1154133d9e4eea9698d8f96c9c8668009fdccb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b1154133d9e4eea9698d8f96c9c8668009fdccb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220617/3e9c2493/attachment.htm>
More information about the debian-security-tracker-commits
mailing list