[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Mar 4 20:10:29 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e1c1a017 by security tracker role at 2022-03-04T20:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,183 @@
+CVE-2022-26476
+ RESERVED
+CVE-2022-26475
+ RESERVED
+CVE-2022-26474
+ RESERVED
+CVE-2022-26473
+ RESERVED
+CVE-2022-26472
+ RESERVED
+CVE-2022-26471
+ RESERVED
+CVE-2022-26470
+ RESERVED
+CVE-2022-26469
+ RESERVED
+CVE-2022-26468
+ RESERVED
+CVE-2022-26467
+ RESERVED
+CVE-2022-26466
+ RESERVED
+CVE-2022-26465
+ RESERVED
+CVE-2022-26464
+ RESERVED
+CVE-2022-26463
+ RESERVED
+CVE-2022-26462
+ RESERVED
+CVE-2022-26461
+ RESERVED
+CVE-2022-26460
+ RESERVED
+CVE-2022-26459
+ RESERVED
+CVE-2022-26458
+ RESERVED
+CVE-2022-26457
+ RESERVED
+CVE-2022-26456
+ RESERVED
+CVE-2022-26455
+ RESERVED
+CVE-2022-26454
+ RESERVED
+CVE-2022-26453
+ RESERVED
+CVE-2022-26452
+ RESERVED
+CVE-2022-26451
+ RESERVED
+CVE-2022-26450
+ RESERVED
+CVE-2022-26449
+ RESERVED
+CVE-2022-26448
+ RESERVED
+CVE-2022-26447
+ RESERVED
+CVE-2022-26446
+ RESERVED
+CVE-2022-26445
+ RESERVED
+CVE-2022-26444
+ RESERVED
+CVE-2022-26443
+ RESERVED
+CVE-2022-26442
+ RESERVED
+CVE-2022-26441
+ RESERVED
+CVE-2022-26440
+ RESERVED
+CVE-2022-26439
+ RESERVED
+CVE-2022-26438
+ RESERVED
+CVE-2022-26437
+ RESERVED
+CVE-2022-26436
+ RESERVED
+CVE-2022-26435
+ RESERVED
+CVE-2022-26434
+ RESERVED
+CVE-2022-26433
+ RESERVED
+CVE-2022-26432
+ RESERVED
+CVE-2022-26431
+ RESERVED
+CVE-2022-26430
+ RESERVED
+CVE-2022-26429
+ RESERVED
+CVE-2022-26428
+ RESERVED
+CVE-2022-26427
+ RESERVED
+CVE-2022-26426
+ RESERVED
+CVE-2022-26418
+ RESERVED
+CVE-2022-26416
+ RESERVED
+CVE-2022-26414
+ RESERVED
+CVE-2022-26413
+ RESERVED
+CVE-2022-26348
+ RESERVED
+CVE-2022-26347
+ RESERVED
+CVE-2022-26339
+ RESERVED
+CVE-2022-26123
+ RESERVED
+CVE-2022-26087
+ RESERVED
+CVE-2022-26078
+ RESERVED
+CVE-2022-26058
+ RESERVED
+CVE-2022-26055
+ RESERVED
+CVE-2022-26053
+ RESERVED
+CVE-2022-26039
+ RESERVED
+CVE-2022-26031
+ RESERVED
+CVE-2022-26027
+ RESERVED
+CVE-2022-25997
+ RESERVED
+CVE-2022-25968
+ RESERVED
+CVE-2022-25957
+ RESERVED
+CVE-2022-25920
+ RESERVED
+CVE-2022-25889
+ RESERVED
+CVE-2022-21224
+ RESERVED
+CVE-2022-0864
+ RESERVED
+CVE-2022-0863
+ RESERVED
+CVE-2022-0862
+ RESERVED
+CVE-2022-0861
+ RESERVED
+CVE-2022-0860
+ RESERVED
+CVE-2022-0859
+ RESERVED
+CVE-2022-0858
+ RESERVED
+CVE-2022-0857
+ RESERVED
+CVE-2022-0856
+ RESERVED
+CVE-2022-0855
+ RESERVED
+CVE-2022-0854
+ RESERVED
+CVE-2022-0853
+ RESERVED
+CVE-2022-0852
+ RESERVED
+CVE-2022-0851
+ RESERVED
+CVE-2022-0850
+ RESERVED
+CVE-2022-0849
+ RESERVED
+CVE-2022-0848 (OS Command Injection in GitHub repository part-db/part-db prior to 0.5 ...)
+ TODO: check
CVE-2022-26412
RESERVED
CVE-2022-26411
@@ -86,14 +266,14 @@ CVE-2022-0843
RESERVED
CVE-2022-0842
RESERVED
-CVE-2022-0841 (OS Command Injection in GitHub repository ljharb/npm-lockfile prior to ...)
+CVE-2022-0841 (OS Command Injection in GitHub repository ljharb/npm-lockfile in v2.0. ...)
NOT-FOR-US: ljharb/npm-lockfile
CVE-2022-0840
RESERVED
-CVE-2022-0839
- RESERVED
-CVE-2022-0838
- RESERVED
+CVE-2022-0839 (Improper Restriction of XML External Entity Reference in GitHub reposi ...)
+ TODO: check
+CVE-2022-0838 (Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/h ...)
+ TODO: check
CVE-2022-0837
RESERVED
CVE-2022-0836
@@ -130,10 +310,10 @@ CVE-2022-0834
RESERVED
CVE-2022-0833
RESERVED
-CVE-2022-0832
- RESERVED
-CVE-2022-0831
- RESERVED
+CVE-2022-0832 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimco ...)
+ TODO: check
+CVE-2022-0831 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimco ...)
+ TODO: check
CVE-2022-0830
RESERVED
CVE-2022-0829 (Improper Authorization in GitHub repository webmin/webmin prior to 1.9 ...)
@@ -488,8 +668,8 @@ CVE-2022-26203
RESERVED
CVE-2022-26202
RESERVED
-CVE-2022-26201
- RESERVED
+CVE-2022-26201 (Victor CMS v1.0 was discovered to contain a SQL injection vulnerabilit ...)
+ TODO: check
CVE-2022-26200
RESERVED
CVE-2022-26199
@@ -1437,8 +1617,8 @@ CVE-2022-0754
RESERVED
CVE-2022-0753 (Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/h ...)
NOT-FOR-US: Hestia Control Panel
-CVE-2022-0752
- RESERVED
+CVE-2022-0752 (Cross-site Scripting (XSS) - Generic in GitHub repository hestiacp/hes ...)
+ TODO: check
CVE-2022-0751
RESERVED
[experimental] - gitlab 14.6.5+ds1-1
@@ -8895,8 +9075,8 @@ CVE-2022-0275
RESERVED
CVE-2022-23398
RESERVED
-CVE-2022-23397
- RESERVED
+CVE-2022-23397 (The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to ...)
+ TODO: check
CVE-2022-23396
RESERVED
CVE-2022-23395 (jQuery Cookie 1.4.1 is affected by prototype pollution, which can lead ...)
@@ -9033,10 +9213,10 @@ CVE-2022-23330 (A remote code execution (RCE) vulnerability in HelloWorldAddonCo
NOT-FOR-US: jpress
CVE-2022-23329 (A vulnerability in ${"freemarker.template.utility.Execute"?new() of UJ ...)
NOT-FOR-US: UJCMS Jspxcms
-CVE-2022-23328
- RESERVED
-CVE-2022-23327
- RESERVED
+CVE-2022-23328 (A design flaw in all versions of Go-Ethereum allows an attacker node t ...)
+ TODO: check
+CVE-2022-23327 (A design flaw in Go-Ethereum 1.10.12 and older versions allows an atta ...)
+ TODO: check
CVE-2022-23326
RESERVED
CVE-2022-23325
@@ -9105,10 +9285,10 @@ CVE-2021-46396
RESERVED
CVE-2021-46395
RESERVED
-CVE-2021-46394
- RESERVED
-CVE-2021-46393
- RESERVED
+CVE-2021-46394 (There is a stack buffer overflow vulnerability in the formSetPPTPServe ...)
+ TODO: check
+CVE-2021-46393 (There is a stack buffer overflow vulnerability in the formSetPPTPServe ...)
+ TODO: check
CVE-2021-46392
RESERVED
CVE-2021-46391
@@ -9135,10 +9315,10 @@ CVE-2021-46381
RESERVED
CVE-2021-46380
RESERVED
-CVE-2021-46379
- RESERVED
-CVE-2021-46378
- RESERVED
+CVE-2021-46379 (DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access contro ...)
+ TODO: check
+CVE-2021-46378 (DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access contro ...)
+ TODO: check
CVE-2021-46377 (There is a front-end sql injection vulnerability in cszcms 1.2.9 via c ...)
NOT-FOR-US: cszcms
CVE-2021-46376
@@ -18925,8 +19105,8 @@ CVE-2021-44323
RESERVED
CVE-2021-44322
RESERVED
-CVE-2021-44321
- RESERVED
+CVE-2021-44321 (Mini-Inventory-and-Sales-Management-System is affected by Cross Site R ...)
+ TODO: check
CVE-2021-44320
RESERVED
CVE-2021-44319
@@ -22782,10 +22962,10 @@ CVE-2021-43395
RESERVED
CVE-2021-43394 (Unisys OS 2200 Messaging Integration Services (NTSI) 7R3B IC3 and IC4, ...)
NOT-FOR-US: Unisys
-CVE-2021-43393
- RESERVED
-CVE-2021-43392
- RESERVED
+CVE-2021-43393 (STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes ...)
+ TODO: check
+CVE-2021-43392 (STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes ...)
+ TODO: check
CVE-2021-43396 (** DISPUTED ** In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka ...)
- glibc 2.32-5 (unimportant; bug #998622)
[buster] - glibc <not-affected> (Vulnerable code not present)
@@ -117016,14 +117196,14 @@ CVE-2020-18329
RESERVED
CVE-2020-18328
RESERVED
-CVE-2020-18327
- RESERVED
-CVE-2020-18326
- RESERVED
-CVE-2020-18325
- RESERVED
-CVE-2020-18324
- RESERVED
+CVE-2020-18327 (Cross Site Scripting (XSS) vulnerability exists in Alfresco Alfresco C ...)
+ TODO: check
+CVE-2020-18326 (Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants ...)
+ TODO: check
+CVE-2020-18325 (Multilple Cross Site Scripting (XSS) vulnerability exists in Intellian ...)
+ TODO: check
+CVE-2020-18324 (Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.1 v ...)
+ TODO: check
CVE-2020-18323
RESERVED
CVE-2020-18322
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1c1a01707d3ad7e6383cd34f1699d8bdec8681d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1c1a01707d3ad7e6383cd34f1699d8bdec8681d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220304/a5155d2e/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list