[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Jun 18 09:10:18 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a3f3b49f by security tracker role at 2022-06-18T08:10:10+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,143 @@
+CVE-2022-33959
+	RESERVED
+CVE-2022-33958
+	RESERVED
+CVE-2022-33957
+	RESERVED
+CVE-2022-33956
+	RESERVED
+CVE-2022-33955
+	RESERVED
+CVE-2022-33954
+	RESERVED
+CVE-2022-33953
+	RESERVED
+CVE-2022-33952
+	RESERVED
+CVE-2022-33951
+	RESERVED
+CVE-2022-33950
+	RESERVED
+CVE-2022-33945
+	RESERVED
+CVE-2022-33942
+	RESERVED
+CVE-2022-33902
+	RESERVED
+CVE-2022-33899
+	RESERVED
+CVE-2022-33895
+	RESERVED
+CVE-2022-33894
+	RESERVED
+CVE-2022-33892
+	RESERVED
+CVE-2022-33209
+	RESERVED
+CVE-2022-33200
+	RESERVED
+CVE-2022-33188
+	RESERVED
+CVE-2022-33176
+	RESERVED
+CVE-2022-33143
+	RESERVED
+CVE-2022-33141
+	RESERVED
+CVE-2022-32762
+	RESERVED
+CVE-2022-32584
+	RESERVED
+CVE-2022-32580
+	RESERVED
+CVE-2022-32578
+	RESERVED
+CVE-2022-32571
+	RESERVED
+CVE-2022-32288
+	RESERVED
+CVE-2022-32233
+	RESERVED
+CVE-2022-32231
+	RESERVED
+CVE-2022-31477
+	RESERVED
+CVE-2022-30704
+	RESERVED
+CVE-2022-30691
+	RESERVED
+CVE-2022-30606
+	RESERVED
+CVE-2022-30537
+	RESERVED
+CVE-2022-30297
+	RESERVED
+CVE-2022-29924
+	RESERVED
+CVE-2022-29921
+	RESERVED
+CVE-2022-26084
+	RESERVED
+CVE-2022-2123
+	RESERVED
+CVE-2022-2122
+	RESERVED
+CVE-2022-2121
+	RESERVED
+CVE-2022-2120
+	RESERVED
+CVE-2022-2119
+	RESERVED
+CVE-2022-2118
+	RESERVED
+CVE-2014-125025
+	RESERVED
+CVE-2014-125024
+	RESERVED
+CVE-2014-125023
+	RESERVED
+CVE-2014-125022
+	RESERVED
+CVE-2014-125021
+	RESERVED
+CVE-2014-125020
+	RESERVED
+CVE-2014-125019
+	RESERVED
+CVE-2014-125018
+	RESERVED
+CVE-2014-125017 (A vulnerability classified as critical was found in FFmpeg 2.0. This v ...)
+	TODO: check
+CVE-2014-125016 (A vulnerability was found in FFmpeg 2.0. It has been rated as problema ...)
+	TODO: check
+CVE-2014-125015 (A vulnerability classified as critical has been found in FFmpeg 2.0. A ...)
+	TODO: check
+CVE-2014-125014 (A vulnerability classified as problematic was found in FFmpeg 2.0. Aff ...)
+	TODO: check
+CVE-2014-125013 (A vulnerability was found in FFmpeg 2.0 and classified as problematic. ...)
+	TODO: check
+CVE-2014-125012 (A vulnerability was found in FFmpeg 2.0. It has been classified as pro ...)
+	TODO: check
+CVE-2014-125011 (A vulnerability was found in FFmpeg 2.0. It has been declared as probl ...)
+	TODO: check
+CVE-2014-125010 (A vulnerability was found in FFmpeg 2.0. It has been rated as critical ...)
+	TODO: check
+CVE-2014-125009 (A vulnerability classified as problematic has been found in FFmpeg 2.0 ...)
+	TODO: check
+CVE-2014-125008 (A vulnerability classified as problematic has been found in FFmpeg 2.0 ...)
+	TODO: check
+CVE-2014-125007 (A vulnerability classified as problematic was found in FFmpeg 2.0. Aff ...)
+	TODO: check
+CVE-2014-125006 (A vulnerability, which was classified as problematic, has been found i ...)
+	TODO: check
+CVE-2014-125005 (A vulnerability, which was classified as problematic, was found in FFm ...)
+	TODO: check
+CVE-2014-125004 (A vulnerability has been found in FFmpeg 2.0 and classified as problem ...)
+	TODO: check
+CVE-2014-125003 (A vulnerability was found in FFmpeg 2.0 and classified as problematic. ...)
+	TODO: check
+CVE-2014-125002 (A vulnerability was found in FFmpeg 2.0. It has been classified as pro ...)
+	TODO: check
 CVE-2022-33937
 	RESERVED
 CVE-2022-33936
@@ -4648,8 +4788,8 @@ CVE-2022-31943
 	RESERVED
 CVE-2022-31942
 	RESERVED
-CVE-2022-31941
-	RESERVED
+CVE-2022-31941 (Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection  ...)
+	TODO: check
 CVE-2022-31940
 	RESERVED
 CVE-2022-31939
@@ -4778,14 +4918,14 @@ CVE-2022-31878
 	RESERVED
 CVE-2022-31877
 	RESERVED
-CVE-2022-31876
-	RESERVED
-CVE-2022-31875
-	RESERVED
-CVE-2022-31874
-	RESERVED
-CVE-2022-31873
-	RESERVED
+CVE-2022-31876 (netgear wnap320 router WNAP320_V2.0.3_firmware is vulnerable to Incorr ...)
+	TODO: check
+CVE-2022-31875 (Trendnet IP-110wn camera fw_tv-ip110wn_v2(1.2.2.68) has an xss vulnera ...)
+	TODO: check
+CVE-2022-31874 (ASUS RT-N53 3.0.0.4.376.3754 has a command injection vulnerability in  ...)
+	TODO: check
+CVE-2022-31873 (Trendnet IP-110wn camera fw_tv-ip110wn_v2(1.2.2.68) has an XSS vulnera ...)
+	TODO: check
 CVE-2022-31872
 	RESERVED
 CVE-2022-31871
@@ -7051,8 +7191,8 @@ CVE-2022-31085
 	RESERVED
 CVE-2022-31084
 	RESERVED
-CVE-2022-31083
-	RESERVED
+CVE-2022-31083 (Parse Server is an open source backend that can be deployed to any inf ...)
+	TODO: check
 CVE-2022-31082
 	RESERVED
 CVE-2022-31081
@@ -7288,8 +7428,8 @@ CVE-2022-30978
 	RESERVED
 CVE-2022-30977
 	RESERVED
-CVE-2022-29496
-	RESERVED
+CVE-2022-29496 (A stack-based buffer overflow vulnerability exists in the BlynkConsole ...)
+	TODO: check
 CVE-2022-1796 (Use After Free in GitHub repository vim/vim prior to 8.2.4979. ...)
 	- vim <unfixed> (unimportant)
 	NOTE: https://huntr.dev/bounties/f6739b58-49f9-4056-a843-bf76bbc1253e
@@ -21959,10 +22099,10 @@ CVE-2022-25874
 	RESERVED
 CVE-2022-25873
 	RESERVED
-CVE-2022-25872
-	RESERVED
-CVE-2022-25871
-	RESERVED
+CVE-2022-25872 (All versions of package fast-string-search are vulnerable to Out-of-bo ...)
+	TODO: check
+CVE-2022-25871 (All versions of package querymen are vulnerable to Prototype Pollution ...)
+	TODO: check
 CVE-2022-25869
 	RESERVED
 CVE-2022-25867
@@ -21985,16 +22125,16 @@ CVE-2022-25858
 	RESERVED
 CVE-2022-25857
 	RESERVED
-CVE-2022-25856
-	RESERVED
+CVE-2022-25856 (The package github.com/argoproj/argo-events/sensors/artifacts before 1 ...)
+	TODO: check
 CVE-2022-25855
 	RESERVED
 CVE-2022-25854 (This affects the package @yaireo/tagify before 4.9.8. The package is u ...)
 	NOT-FOR-US: Tagify
 CVE-2022-25853
 	RESERVED
-CVE-2022-25852
-	RESERVED
+CVE-2022-25852 (All versions of package pg-native; all versions of package libpq are v ...)
+	TODO: check
 CVE-2022-25851 (The package jpeg-js before 0.4.4 are vulnerable to Denial of Service ( ...)
 	TODO: check
 CVE-2022-25850 (The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnera ...)
@@ -22073,8 +22213,8 @@ CVE-2022-25349 (All versions of package materialize-css are vulnerable to Cross-
 	TODO: check if affected, CVE reported against the upstream fork
 CVE-2022-25346
 	RESERVED
-CVE-2022-25345
-	RESERVED
+CVE-2022-25345 (All versions of package @discordjs/opus are vulnerable to Denial of Se ...)
+	TODO: check
 CVE-2022-25324 (All versions of package bignum are vulnerable to Denial of Service (Do ...)
 	NOT-FOR-US: justmoon/node-bignum
 CVE-2022-25304
@@ -22161,8 +22301,8 @@ CVE-2022-22984
 	RESERVED
 CVE-2022-22143 (The package convict before 6.2.2 are vulnerable to Prototype Pollution ...)
 	NOT-FOR-US: Node convict
-CVE-2022-22138
-	RESERVED
+CVE-2022-22138 (All versions of package fast-string-search are vulnerable to Denial of ...)
+	TODO: check
 CVE-2022-21811
 	RESERVED
 CVE-2022-21810
@@ -22195,8 +22335,8 @@ CVE-2022-21222
 	RESERVED
 CVE-2022-21221 (The package github.com/valyala/fasthttp before 1.34.0 are vulnerable t ...)
 	NOT-FOR-US: github.com/valyala/fasthttp
-CVE-2022-21213
-	RESERVED
+CVE-2022-21213 (This affects all versions of package mout. The deepFillIn function can ...)
+	TODO: check
 CVE-2022-21211 (This affects all versions of package posix. When invoking the toString ...)
 	TODO: check
 CVE-2022-21208
@@ -28294,8 +28434,8 @@ CVE-2022-23943 (Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Serv
 	NOTE: Fixed by: https://svn.apache.org/r1898772
 CVE-2022-23942 (Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initializ ...)
 	NOT-FOR-US: Apache Doris (different from src:doris)
-CVE-2022-21184
-	RESERVED
+CVE-2022-21184 (An information disclosure vulnerability exists in the License registra ...)
+	TODO: check
 CVE-2022-0368 (Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. ...)
 	{DLA-2947-1}
 	- vim 2:8.2.4659-1
@@ -33050,8 +33190,8 @@ CVE-2022-22710 (Windows Common Log File System Driver Denial of Service Vulnerab
 	NOT-FOR-US: Microsoft
 CVE-2022-22709 (VP9 Video Extensions Remote Code Execution Vulnerability. ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-21806
-	RESERVED
+CVE-2022-21806 (A use-after-free vulnerability exists in the mips_collector appsrv_ser ...)
+	TODO: check
 CVE-2022-0139 (Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0. ...)
 	- radare2 <unfixed>
 	NOTE: https://huntr.dev/bounties/3dcb6f40-45cd-403b-929f-db123fde32c0/
@@ -42846,8 +42986,8 @@ CVE-2022-21505
 	RESERVED
 CVE-2022-21504 (The code in UEK6 U3 was missing an appropiate file descriptor count to ...)
 	TODO: check
-CVE-2022-21503
-	RESERVED
+CVE-2022-21503 (Vulnerability in the Oracle Cloud Infrastructure product of Oracle Clo ...)
+	TODO: check
 CVE-2022-21502
 	RESERVED
 CVE-2022-21501



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3f3b49ff19dd122772726e9e097b4fa677a89b5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3f3b49ff19dd122772726e9e097b4fa677a89b5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220618/8b4e28a7/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list