[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jun 23 21:10:27 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ca0562fa by security tracker role at 2022-06-23T20:10:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,55 @@
+CVE-2022-34362
+	RESERVED
+CVE-2022-34361
+	RESERVED
+CVE-2022-34360
+	RESERVED
+CVE-2022-34359
+	RESERVED
+CVE-2022-34358
+	RESERVED
+CVE-2022-34357
+	RESERVED
+CVE-2022-34356
+	RESERVED
+CVE-2022-34355
+	RESERVED
+CVE-2022-34354
+	RESERVED
+CVE-2022-34353
+	RESERVED
+CVE-2022-34352
+	RESERVED
+CVE-2022-34351
+	RESERVED
+CVE-2022-34350
+	RESERVED
+CVE-2022-34349
+	RESERVED
+CVE-2022-34348
+	RESERVED
+CVE-2022-2190
+	RESERVED
+CVE-2022-2189
+	RESERVED
+CVE-2022-2188
+	RESERVED
+CVE-2022-2187
+	RESERVED
+CVE-2022-2186
+	RESERVED
+CVE-2017-20097
+	RESERVED
+CVE-2017-20096
+	RESERVED
+CVE-2017-20095
+	RESERVED
+CVE-2017-20094
+	RESERVED
+CVE-2017-20093
+	RESERVED
+CVE-2017-20092
+	RESERVED
 CVE-2022-34343
 	RESERVED
 CVE-2022-34342
@@ -42,8 +94,8 @@ CVE-2022-2182
 	RESERVED
 CVE-2022-2181
 	RESERVED
-CVE-2021-46824
-	RESERVED
+CVE-2021-46824 (Cross Site Scripting (XSS) vulnerability in sourcecodester School File ...)
+	TODO: check
 CVE-2022-34327
 	RESERVED
 CVE-2022-34326
@@ -88,8 +140,7 @@ CVE-2022-34307
 	RESERVED
 CVE-2022-34306
 	RESERVED
-CVE-2022-34305 [XSS in examples web application]
-	RESERVED
+CVE-2022-34305 (In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 ...)
 	- tomcat9 <unfixed> (unimportant)
 	- tomcat8 <removed> (unimportant)
 	NOTE: https://lists.apache.org/thread/k04zk0nq6w57m72w5gb0r6z9ryhmvr4k
@@ -181,8 +232,8 @@ CVE-2022-2177
 	RESERVED
 CVE-2022-2176
 	RESERVED
-CVE-2022-2175
-	RESERVED
+CVE-2022-2175 (Buffer Over-read in GitHub repository vim/vim prior to 8.2. ...)
+	TODO: check
 CVE-2022-2174 (Cross-site Scripting (XSS) - Reflected in GitHub repository microweber ...)
 	NOT-FOR-US: microweber
 CVE-2022-2173
@@ -818,12 +869,12 @@ CVE-2022-34015
 	RESERVED
 CVE-2022-34014
 	RESERVED
-CVE-2022-34013
-	RESERVED
-CVE-2022-34012
-	RESERVED
-CVE-2022-34011
-	RESERVED
+CVE-2022-34013 (OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery ...)
+	TODO: check
+CVE-2022-34012 (Insecure permissions in OneBlog v2.3.4 allows low-level administrators ...)
+	TODO: check
+CVE-2022-34011 (OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery ...)
+	TODO: check
 CVE-2022-34010
 	RESERVED
 CVE-2022-34009
@@ -2927,10 +2978,10 @@ CVE-2022-33116
 	RESERVED
 CVE-2022-33115
 	RESERVED
-CVE-2022-33114
-	RESERVED
-CVE-2022-33113
-	RESERVED
+CVE-2022-33114 (Jfinal CMS v5.1.0 was discovered to contain a SQL injection vulnerabil ...)
+	TODO: check
+CVE-2022-33113 (Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or ...)
+	TODO: check
 CVE-2022-33112
 	RESERVED
 CVE-2022-33111
@@ -20696,12 +20747,12 @@ CVE-2022-26866 (Dell PowerStore Versions before v2.1.1.0. contains a Stored Cros
 	NOT-FOR-US: Dell
 CVE-2022-26865 (Dell Support Assist OS Recovery versions before 5.5.2 contain an Authe ...)
 	NOT-FOR-US: Dell SupportAssist
-CVE-2022-26864
-	RESERVED
-CVE-2022-26863
-	RESERVED
-CVE-2022-26862
-	RESERVED
+CVE-2022-26864 (Prior Dell BIOS versions contain an Input Validation vulnerability. A  ...)
+	TODO: check
+CVE-2022-26863 (Prior Dell BIOS versions contain an Input Validation vulnerability. A  ...)
+	TODO: check
+CVE-2022-26862 (Prior Dell BIOS versions contain an Input Validation vulnerability. A  ...)
+	TODO: check
 CVE-2022-26861
 	RESERVED
 CVE-2022-26860
@@ -54376,12 +54427,12 @@ CVE-2021-40958
 	RESERVED
 CVE-2021-40957
 	RESERVED
-CVE-2021-40956
-	RESERVED
-CVE-2021-40955
-	RESERVED
-CVE-2021-40954
-	RESERVED
+CVE-2021-40956 (LaiKetui v3.5.0 has SQL injection in the background through the menu m ...)
+	TODO: check
+CVE-2021-40955 (SQL injection exists in LaiKetui v3.5.0 the background administrator l ...)
+	TODO: check
+CVE-2021-40954 (Laiketui 3.5.0 is affected by an arbitrary file upload vulnerability t ...)
+	TODO: check
 CVE-2021-40953
 	RESERVED
 CVE-2021-40952
@@ -84650,8 +84701,8 @@ CVE-2021-29057
 	RESERVED
 CVE-2021-29056 (Cross Site Scripting (XSS) vulnerability exists in Pixelimity 1.0 via  ...)
 	NOT-FOR-US: Pixelimity
-CVE-2021-29055
-	RESERVED
+CVE-2021-29055 (Cross Site Scripting (XSS) vulnerability in sourcecodester School File ...)
+	TODO: check
 CVE-2021-29054 (Certain Papoo products are affected by: Cross Site Request Forgery (CS ...)
 	NOT-FOR-US: Papoo
 CVE-2021-29053 (Multiple SQL injection vulnerabilities in Liferay Portal 7.3.5 and Lif ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ca0562fa5ac677a6601edbf752b21326aaa22a34

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ca0562fa5ac677a6601edbf752b21326aaa22a34
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220623/325556d3/attachment.htm>

More information about the debian-security-tracker-commits mailing list