[Git][security-tracker-team/security-tracker][master] automatic update

Wed Mar 23 08:10:23 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
29d18160 by security tracker role at 2022-03-23T08:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,31 @@
+CVE-2022-27666 (In the Linux kernel before 5.16.15, there is a buffer overflow in ESP  ...)
+	TODO: check
+CVE-2022-27665
+	RESERVED
+CVE-2022-27664
+	RESERVED
+CVE-2022-27663
+	RESERVED
+CVE-2022-27658
+	RESERVED
+CVE-2022-27657
+	RESERVED
+CVE-2022-27656
+	RESERVED
+CVE-2022-27655
+	RESERVED
+CVE-2022-27654
+	RESERVED
+CVE-2022-26518
+	RESERVED
+CVE-2022-26422
+	RESERVED
+CVE-2022-26420
+	RESERVED
+CVE-2022-26075
+	RESERVED
+CVE-2022-1056
+	RESERVED
 CVE-2022-XXXX [Possible man-in-the-middle attack in TLS connection to servers]
 	- weechat 3.4.1-1
 	NOTE: https://weechat.org/doc/security/WSA-2022-1/
@@ -56,6 +84,7 @@ CVE-2022-1045
 CVE-2022-1044
 	RESERVED
 CVE-2022-1043 [Linux Kernel io_uring Use-After-Free Privilege Escalation Vulnerability]
+	RESERVED
 	- linux 5.14.6-1
 	[bullseye] - linux 5.10.70-1
 	[buster] - linux <not-affected> (Vulnerable code not present)
@@ -848,8 +877,8 @@ CVE-2022-1033
 	RESERVED
 CVE-2022-1032
 	RESERVED
-CVE-2022-1031
-	RESERVED
+CVE-2022-1031 (Use After Free in op_is_set_bp in GitHub repository radareorg/radare2  ...)
+	TODO: check
 CVE-2022-27258
 	RESERVED
 CVE-2022-27257
@@ -3720,14 +3749,14 @@ CVE-2022-26191
 	RESERVED
 CVE-2022-26190
 	RESERVED
-CVE-2022-26189
-	RESERVED
-CVE-2022-26188
-	RESERVED
-CVE-2022-26187
-	RESERVED
-CVE-2022-26186
-	RESERVED
+CVE-2022-26189 (TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a com ...)
+	TODO: check
+CVE-2022-26188 (TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a com ...)
+	TODO: check
+CVE-2022-26187 (TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a com ...)
+	TODO: check
+CVE-2022-26186 (TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a com ...)
+	TODO: check
 CVE-2022-26185
 	RESERVED
 CVE-2022-26184 (Poetry v1.1.9 and below was discovered to contain an untrusted search  ...)
@@ -5503,8 +5532,8 @@ CVE-2022-25520
 	RESERVED
 CVE-2022-25519
 	RESERVED
-CVE-2022-25518
-	RESERVED
+CVE-2022-25518 (In CMDBuild from version 3.0 to 3.3.2 payload requests are saved in a  ...)
+	TODO: check
 CVE-2022-25517 (MyBatis plus v3.4.3 was discovered to contain a SQL injection vulnerab ...)
 	TODO: check
 CVE-2022-25516 (stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow  ...)
@@ -51558,8 +51587,8 @@ CVE-2021-33963 (China Mobile An Lianbao WF-1 v1.0.1 router web interface through
 	NOT-FOR-US: China Mobile An Lianbao WF-1 router web interface
 CVE-2021-33962 (China Mobile An Lianbao WF-1 router v1.0.1 is affected by an OS comman ...)
 	NOT-FOR-US: China Mobile An Lianbao WF-1 router
-CVE-2021-33961
-	RESERVED
+CVE-2021-33961 (A Cross Site Scripting (XSS) vulnerabililty exists in enhanced-github  ...)
+	TODO: check
 CVE-2021-33960
 	RESERVED
 CVE-2021-33959



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29d18160fa71c28e3a81f3d6031be83a4ecfdcd5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29d18160fa71c28e3a81f3d6031be83a4ecfdcd5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220323/6d856f6d/attachment.htm>
