[Git][security-tracker-team/security-tracker][master] automatic update

Sun Mar 6 08:10:23 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
177613fe by security tracker role at 2022-03-06T08:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,6 +1,52 @@
+CVE-2022-26507
+	RESERVED
+CVE-2022-26506
+	RESERVED
+CVE-2022-26505 (A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 a ...)
+	TODO: check
+CVE-2022-26504
+	RESERVED
+CVE-2022-26503
+	RESERVED
+CVE-2022-26502
+	RESERVED
+CVE-2022-26501
+	RESERVED
+CVE-2022-26500
+	RESERVED
+CVE-2022-26499
+	RESERVED
+CVE-2022-26498
+	RESERVED
+CVE-2022-26497
+	RESERVED
+CVE-2022-26496 (In nbd-server in nbd before 3.24, there is a stack-based buffer overfl ...)
+	TODO: check
+CVE-2022-26495 (In nbd-server in nbd before 3.24, there is an integer overflow with a  ...)
+	TODO: check
+CVE-2022-26494
+	RESERVED
+CVE-2022-26493
+	RESERVED
+CVE-2022-26492
+	RESERVED
+CVE-2022-26491
+	RESERVED
+CVE-2022-26489
+	RESERVED
+CVE-2022-26488
+	RESERVED
+CVE-2022-26487 (Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through ...)
+	TODO: check
+CVE-2021-46704 (In GenieACS 1.2.x before 1.2.8, the UI interface API is vulnerable to  ...)
+	TODO: check
+CVE-2021-46703 (** UNSUPPORTED WHEN ASSIGNED ** In the IsolatedRazorEngine component o ...)
+	TODO: check
+CVE-2020-36517
+	RESERVED
 CVE-2022-0868
 	RESERVED
-CVE-2022-26490
+CVE-2022-26490 (st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in t ...)
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linux/4fbcc1a4cb20fe26ad0225679c536c80f1648221 (5.17-rc1)
 CVE-2022-26486
@@ -276,8 +322,8 @@ CVE-2022-0847
 	RESERVED
 CVE-2022-0846
 	RESERVED
-CVE-2022-0845
-	RESERVED
+CVE-2022-0845 (Code Injection in GitHub repository pytorchlightning/pytorch-lightning ...)
+	TODO: check
 CVE-2022-26387
 	RESERVED
 CVE-2022-26386
@@ -3760,7 +3806,7 @@ CVE-2022-25091
 	RESERVED
 CVE-2022-25090
 	RESERVED
-CVE-2022-25089 (Printix Secure Cloud Print Management 1.3.1035.0 incorrectly uses Priv ...)
+CVE-2022-25089 (Printix Secure Cloud Print Management through 1.3.1106.0 incorrectly u ...)
 	NOT-FOR-US: Printix Secure Cloud Print Management
 CVE-2022-25088
 	RESERVED
@@ -4215,8 +4261,7 @@ CVE-2022-24923 (Improper access control vulnerability in Samsung SearchWidget pr
 	NOT-FOR-US: Samsung
 CVE-2022-24922
 	RESERVED
-CVE-2022-24921
-	RESERVED
+CVE-2022-24921 (regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows st ...)
 	- golang-1.18 <unfixed>
 	- golang-1.17 1.17.8-1
 	- golang-1.15 <removed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/177613fe51b515831c43c21ec42e297162309154

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/177613fe51b515831c43c21ec42e297162309154
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220306/ad3ea121/attachment.htm>
