[Git][security-tracker-team/security-tracker][master] automatic update

Wed May 25 09:10:23 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f82c04c0 by security tracker role at 2022-05-25T08:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,15 @@
+CVE-2022-27176
+	RESERVED
+CVE-2022-1881
+	RESERVED
+CVE-2022-1880
+	RESERVED
+CVE-2022-1879
+	RESERVED
+CVE-2022-1878
+	RESERVED
+CVE-2022-1877
+	RESERVED
 CVE-2022-31618
 	RESERVED
 CVE-2022-31617
@@ -5288,8 +5300,8 @@ CVE-2022-29712
 	RESERVED
 CVE-2022-29711
 	RESERVED
-CVE-2022-29710
-	RESERVED
+CVE-2022-29710 (A cross-site scripting (XSS) vulnerability in uploadConfirm.php of Lim ...)
+	TODO: check
 CVE-2022-29709
 	RESERVED
 CVE-2022-29708
@@ -6236,16 +6248,16 @@ CVE-2022-29364
 	RESERVED
 CVE-2022-29363 (Phpok v6.1 was discovered to contain a deserialization vulnerability v ...)
 	NOT-FOR-US: qinggan phpok
-CVE-2022-29362
-	RESERVED
-CVE-2022-29361
-	RESERVED
+CVE-2022-29362 (A cross-site scripting (XSS) vulnerability in /navigation/create?Paren ...)
+	TODO: check
+CVE-2022-29361 (Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below ...)
+	TODO: check
 CVE-2022-29360
 	RESERVED
-CVE-2022-29359
-	RESERVED
-CVE-2022-29358
-	RESERVED
+CVE-2022-29359 (A stored cross-site scripting (XSS) vulnerability in /scas/?page=clubs ...)
+	TODO: check
+CVE-2022-29358 (epub2txt2 v2.04 was discovered to contain an integer overflow via the  ...)
+	TODO: check
 CVE-2022-29357
 	RESERVED
 CVE-2022-29356
@@ -6262,8 +6274,8 @@ CVE-2022-29351 (An arbitrary file upload vulnerability in the file upload module
 	NOT-FOR-US: tiddlywiki
 CVE-2022-29350
 	RESERVED
-CVE-2022-29349
-	RESERVED
+CVE-2022-29349 (kkFileView v4.0.0 was discovered to contain a cross-site scripting (XS ...)
+	TODO: check
 CVE-2022-29348
 	RESERVED
 CVE-2022-29347 (An arbitrary file upload vulnerability in Web at rchiv 1.0 allows attacke ...)
@@ -6296,16 +6308,16 @@ CVE-2022-29339 (In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in
 	NOTE: https://github.com/gpac/gpac/issues/2165
 CVE-2022-29338
 	RESERVED
-CVE-2022-29337
-	RESERVED
+CVE-2022-29337 (C-DATA FD702XW-X-R430 v2.1.13_X001 was discovered to contain a command ...)
+	TODO: check
 CVE-2022-29336
 	RESERVED
 CVE-2022-29335
 	RESERVED
-CVE-2022-29334
-	RESERVED
-CVE-2022-29333
-	RESERVED
+CVE-2022-29334 (An issue in H v1.0 allows attackers to bypass authentication via a ses ...)
+	TODO: check
+CVE-2022-29333 (A vulnerability in CyberLink Power Director v14 allows attackers to es ...)
+	TODO: check
 CVE-2022-29332 (D-LINK DIR-825 AC1200 R2 is vulnerable to Directory Traversal. An atta ...)
 	NOT-FOR-US: D-LINK
 CVE-2022-29331
@@ -27666,8 +27678,8 @@ CVE-2022-22499
 	RESERVED
 CVE-2022-22498
 	RESERVED
-CVE-2022-22497
-	RESERVED
+CVE-2022-22497 (IBM Aspera Faspex 4.4.1 and 5.0.0 could allow unauthorized access due  ...)
+	TODO: check
 CVE-2022-22496
 	RESERVED
 CVE-2022-22495 (IBM i 7.3, 7.4, and 7.5 is vulnerable to SQL injection. A remote attac ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f82c04c0822070807cd5448ab1136646bbe7db5c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f82c04c0822070807cd5448ab1136646bbe7db5c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220525/e7aa99fb/attachment.htm>
