[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Nov 11 20:10:35 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f221026e by security tracker role at 2022-11-11T20:10:24+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,15 +1,93 @@
-CVE-2022-45146
+CVE-2022-45167
RESERVED
-CVE-2022-45145
+CVE-2022-45166
RESERVED
-CVE-2022-45144
+CVE-2022-45165
+ RESERVED
+CVE-2022-45164
+ RESERVED
+CVE-2022-45163
+ RESERVED
+CVE-2022-45162
+ RESERVED
+CVE-2022-45161
+ RESERVED
+CVE-2022-45160
+ RESERVED
+CVE-2022-45159
+ RESERVED
+CVE-2022-45158
+ RESERVED
+CVE-2022-45157
+ RESERVED
+CVE-2022-45156
RESERVED
-CVE-2022-3941
+CVE-2022-45155
RESERVED
-CVE-2022-3940
+CVE-2022-45154
RESERVED
-CVE-2022-3939
+CVE-2022-45153
RESERVED
+CVE-2022-45152
+ RESERVED
+CVE-2022-45151
+ RESERVED
+CVE-2022-45150
+ RESERVED
+CVE-2022-45149
+ RESERVED
+CVE-2022-45148
+ RESERVED
+CVE-2022-45147
+ RESERVED
+CVE-2022-3959 (A vulnerability, which was classified as problematic, has been found i ...)
+ TODO: check
+CVE-2022-3958
+ RESERVED
+CVE-2022-3957 (A vulnerability classified as problematic was found in GPAC. Affected ...)
+ TODO: check
+CVE-2022-3956 (A vulnerability classified as critical has been found in tsruban HHIMS ...)
+ TODO: check
+CVE-2022-3955 (A vulnerability was found in tholum crm42. It has been rated as critic ...)
+ TODO: check
+CVE-2022-3954
+ RESERVED
+CVE-2022-3953 (A vulnerability was found in Exiv2. It has been classified as problema ...)
+ TODO: check
+CVE-2022-3952 (A vulnerability has been found in ManyDesigns Portofino 5.3.2 and clas ...)
+ TODO: check
+CVE-2022-3951
+ RESERVED
+CVE-2022-3950 (A vulnerability, which was classified as problematic, was found in san ...)
+ TODO: check
+CVE-2022-3949 (A vulnerability, which was classified as problematic, has been found i ...)
+ TODO: check
+CVE-2022-3948 (A vulnerability classified as critical was found in eolinker goku_lite ...)
+ TODO: check
+CVE-2022-3947 (A vulnerability classified as critical has been found in eolinker goku ...)
+ TODO: check
+CVE-2022-3946
+ RESERVED
+CVE-2022-3945 (Improper Restriction of Excessive Authentication Attempts in GitHub re ...)
+ TODO: check
+CVE-2022-3944 (A vulnerability was found in jerryhanjj ERP. It has been declared as c ...)
+ TODO: check
+CVE-2022-3943 (A vulnerability was found in ForU CMS. It has been classified as probl ...)
+ TODO: check
+CVE-2022-3942 (A vulnerability was found in SourceCodester Sanitization Management Sy ...)
+ TODO: check
+CVE-2022-45146
+ RESERVED
+CVE-2022-45145
+ RESERVED
+CVE-2022-45144
+ RESERVED
+CVE-2022-3941 (A vulnerability has been found in Activity Log Plugin and classified a ...)
+ TODO: check
+CVE-2022-3940 (A vulnerability, which was classified as problematic, was found in lan ...)
+ TODO: check
+CVE-2022-3939 (A vulnerability, which was classified as critical, has been found in l ...)
+ TODO: check
CVE-2022-3938
RESERVED
CVE-2022-3937
@@ -8610,8 +8688,8 @@ CVE-2022-3512 (Using warp-cli command "add-trusted-ssid", a user was able to dis
NOT-FOR-US: Cloudflare
CVE-2022-3511
RESERVED
-CVE-2022-3510
- RESERVED
+CVE-2022-3510 (A parsing issue similar to CVE-2022-3171, but with Message-Type Extens ...)
+ TODO: check
CVE-2022-3509 (A parsing issue similar to CVE-2022-3171, but with textformat in proto ...)
[experimental] - protobuf 3.21.7-1
- protobuf <unfixed>
@@ -11077,12 +11155,12 @@ CVE-2022-41908
RESERVED
CVE-2022-41907
RESERVED
-CVE-2022-41906
- RESERVED
+CVE-2022-41906 (OpenSearch Notifications is a notifications plugin for OpenSearch that ...)
+ TODO: check
CVE-2022-41905
RESERVED
-CVE-2022-41904
- RESERVED
+CVE-2022-41904 (Element iOS is an iOS Matrix client provided by Element. It is based o ...)
+ TODO: check
CVE-2022-41903
RESERVED
CVE-2022-41902
@@ -11125,8 +11203,8 @@ CVE-2022-41884
RESERVED
CVE-2022-41883
RESERVED
-CVE-2022-41882
- RESERVED
+CVE-2022-41882 (The Nextcloud Desktop Client is a tool to synchronize files from Nextc ...)
+ TODO: check
CVE-2022-41881
RESERVED
CVE-2022-41880
@@ -11181,8 +11259,8 @@ CVE-2022-41856
RESERVED
CVE-2022-41855
RESERVED
-CVE-2022-41854
- RESERVED
+CVE-2022-41854 (Those using Snakeyaml to parse untrusted YAML files may be vulnerable ...)
+ TODO: check
CVE-2022-41853 (Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb ...)
- hsqldb <unfixed> (bug #1023573)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50212#c7
@@ -11992,8 +12070,8 @@ CVE-2022-40196
RESERVED
CVE-2022-38136
RESERVED
-CVE-2022-38099
- RESERVED
+CVE-2022-38099 (Improper input validation in BIOS firmware for some Intel(R) NUC 11 Co ...)
+ TODO: check
CVE-2022-3328
RESERVED
CVE-2022-3327 (Missing Authentication for Critical Function in GitHub repository ikus ...)
@@ -13964,8 +14042,8 @@ CVE-2022-40752
RESERVED
CVE-2022-40751
RESERVED
-CVE-2022-40750
- RESERVED
+CVE-2022-40750 (IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-s ...)
+ TODO: check
CVE-2022-40749
RESERVED
CVE-2022-40748 (IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scr ...)
@@ -20212,8 +20290,8 @@ CVE-2022-38389
RESERVED
CVE-2022-38388 (IBM Navigator Mobile Android 3.4.1.1 and 3.4.1.2 app could allow a loc ...)
NOT-FOR-US: IBM
-CVE-2022-38387
- RESERVED
+CVE-2022-38387 (IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.2.0 could allo ...)
+ TODO: check
CVE-2022-38386
RESERVED
CVE-2022-38385
@@ -22888,24 +22966,24 @@ CVE-2022-2647 (A vulnerability was found in jeecg-boot. It has been declared as
NOT-FOR-US: Jeecg-boot
CVE-2022-37397 (An issue was discovered in the YugabyteDB 2.6.1 when using LDAP-based ...)
NOT-FOR-US: YugabyteDB
-CVE-2022-37345
- RESERVED
-CVE-2022-37334
- RESERVED
+CVE-2022-37345 (Improper authentication in BIOS firmware[A1] for some Intel(R) NUC Kit ...)
+ TODO: check
+CVE-2022-37334 (Improper initialization in BIOS firmware for some Intel(R) NUC 11 Pro ...)
+ TODO: check
CVE-2022-37327
RESERVED
-CVE-2022-36789
- RESERVED
+CVE-2022-36789 (Improper access control in BIOS firmware for some Intel(R) NUC 10 Perf ...)
+ TODO: check
CVE-2022-36391
RESERVED
CVE-2022-36339
RESERVED
CVE-2022-35400
RESERVED
-CVE-2022-35276
- RESERVED
-CVE-2022-34152
- RESERVED
+CVE-2022-35276 (Improper access control in BIOS firmware for some Intel(R) NUC 8 Compu ...)
+ TODO: check
+CVE-2022-34152 (Improper input validation in BIOS firmware for some Intel(R) NUC Board ...)
+ TODO: check
CVE-2022-32766
RESERVED
CVE-2022-2646 (A vulnerability, which was classified as problematic, was found in Sou ...)
@@ -24165,8 +24243,8 @@ CVE-2022-36393
RESERVED
CVE-2022-36366
RESERVED
-CVE-2022-36349
- RESERVED
+CVE-2022-36349 (Insecure default variable initialization in BIOS firmware for some Int ...)
+ TODO: check
CVE-2022-34653
RESERVED
CVE-2022-33145
@@ -24527,8 +24605,8 @@ CVE-2022-36778 (insert HTML / js code inside input how to get to the vulnerable
NOT-FOR-US: Synel - eHarmony
CVE-2022-36777
RESERVED
-CVE-2022-36776
- RESERVED
+CVE-2022-36776 (IBM Cloud Pak for Security (CP4S) 1.10.0.0 79and 1.10.2.0 is vulnerabl ...)
+ TODO: check
CVE-2022-36775
RESERVED
CVE-2022-36774 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerabl ...)
@@ -25295,18 +25373,18 @@ CVE-2017-20145 (A vulnerability was found in Tecrail Responsive Filemanger up to
NOT-FOR-US: Tecrail Responsive Filemanger
CVE-2017-20144 (A vulnerability has been found in Anvsoft PDFMate PDF Converter Pro 1. ...)
NOT-FOR-US: Anvsoft PDFMate PDF Converter Pro
-CVE-2022-36400
- RESERVED
+CVE-2022-36400 (Path traversal in the installer software for some Intel(r) NUC Kit Wir ...)
+ TODO: check
CVE-2022-36392
RESERVED
-CVE-2022-36384
- RESERVED
+CVE-2022-36384 (Unquoted search path in the installer software for some Intel(r) NUC K ...)
+ TODO: check
CVE-2022-36382
RESERVED
-CVE-2022-36380
- RESERVED
-CVE-2022-36370
- RESERVED
+CVE-2022-36380 (Uncontrolled search path in the installer software for some Intel(r) N ...)
+ TODO: check
+CVE-2022-36370 (Improper authentication in BIOS firmware for some Intel(R) NUC Boards ...)
+ TODO: check
CVE-2022-36283
RESERVED
CVE-2022-34864
@@ -25351,8 +25429,8 @@ CVE-2022-36396
RESERVED
CVE-2022-36395
RESERVED
-CVE-2022-36377
- RESERVED
+CVE-2022-36377 (Incorrect default permissions in the installer software for some Intel ...)
+ TODO: check
CVE-2022-36374
RESERVED
CVE-2022-36287
@@ -25485,8 +25563,8 @@ CVE-2022-2510 (Cross-site Scripting (XSS) vulnerability in "Extension:ExtendedSe
NOT-FOR-US: BlueSpice
CVE-2022-36372
RESERVED
-CVE-2022-36367
- RESERVED
+CVE-2022-36367 (Incorrect default permissions in the Intel(R) Support Android applicat ...)
+ TODO: check
CVE-2022-36364 (Apache Calcite Avatica JDBC driver creates HTTP client instances based ...)
NOT-FOR-US: Apache Calcite
CVE-2022-36298
@@ -31178,8 +31256,8 @@ CVE-2022-34333
RESERVED
CVE-2022-34332
RESERVED
-CVE-2022-34331
- RESERVED
+CVE-2022-34331 (After performing a sequence of Power FW950, FW1010 maintenance operati ...)
+ TODO: check
CVE-2022-34330
RESERVED
CVE-2022-34329
@@ -32108,8 +32186,8 @@ CVE-2022-33982
RESERVED
CVE-2022-33976
RESERVED
-CVE-2022-33973
- RESERVED
+CVE-2022-33973 (Improper access control in the Intel(R) WAPI Security software for Win ...)
+ TODO: check
CVE-2022-33898
RESERVED
CVE-2022-32764
@@ -32246,8 +32324,8 @@ CVE-2022-33950
RESERVED
CVE-2022-33945
RESERVED
-CVE-2022-33942
- RESERVED
+CVE-2022-33942 (Protection mechanism failure in the Intel(R) DCM software before versi ...)
+ TODO: check
CVE-2022-33902
RESERVED
CVE-2022-33899
@@ -32264,8 +32342,8 @@ CVE-2022-33200
RESERVED
CVE-2022-33188
RESERVED
-CVE-2022-33176
- RESERVED
+CVE-2022-33176 (Improper input validation in BIOS firmware for some Intel(R) NUC 11 Pe ...)
+ TODO: check
CVE-2022-33143
RESERVED
CVE-2022-33141
@@ -32290,14 +32368,14 @@ CVE-2022-31477
RESERVED
CVE-2022-30704
RESERVED
-CVE-2022-30691
- RESERVED
+CVE-2022-30691 (Uncontrolled resource consumption in the Intel(R) Support Android appl ...)
+ TODO: check
CVE-2022-30606
RESERVED
CVE-2022-30537
RESERVED
-CVE-2022-30297
- RESERVED
+CVE-2022-30297 (Cross-site scripting in the Intel(R) EMA software before version 1.8.0 ...)
+ TODO: check
CVE-2022-29924
RESERVED
CVE-2022-29921
@@ -35499,8 +35577,8 @@ CVE-2022-32590 (In wlan, there is a possible use after free due to an incorrect
NOT-FOR-US: Mediatek
CVE-2022-32589 (In Wi-Fi driver, there is a possible way to disconnect Wi-Fi due to an ...)
NOT-FOR-US: Mediatek
-CVE-2022-32569
- RESERVED
+CVE-2022-32569 (Improper buffer restrictions in BIOS firmware for some Intel(R) NUC M1 ...)
+ TODO: check
CVE-2022-32568
RESERVED
CVE-2022-32567 (The Appfire Jira Misc Custom Fields (JMCF) app 2.4.6 for Atlassian Jir ...)
@@ -35539,8 +35617,8 @@ CVE-2022-30944 (Insufficiently protected credentials for Intel(R) AMT and Intel(
NOT-FOR-US: Intel
CVE-2022-30601 (Insufficiently protected credentials for Intel(R) AMT and Intel(R) Sta ...)
NOT-FOR-US: Intel
-CVE-2022-30542
- RESERVED
+CVE-2022-30542 (Improper input validation in the firmware for some Intel(R) Server Boa ...)
+ TODO: check
CVE-2022-30539
RESERVED
CVE-2022-29920
@@ -37852,8 +37930,8 @@ CVE-2022-31774 (IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 throug
NOT-FOR-US: IBM
CVE-2022-31773 (IBM DataPower Gateway V10CD, 10.0.1, and 2018.4.1 is vulnerable to cro ...)
NOT-FOR-US: IBM
-CVE-2022-31772
- RESERVED
+CVE-2022-31772 (IBM MQ 8.0, 9.0 LTS, 9.1 CD, 9.1 LTS, 9.2 CD, and 9.2 LTS could allow ...)
+ TODO: check
CVE-2022-31771
RESERVED
CVE-2022-31770 (IBM App Connect Enterprise Certified Container 4.2 could allow a user ...)
@@ -41680,8 +41758,8 @@ CVE-2022-1671 (A NULL pointer dereference flaw was found in rxrpc_preparse_s in
[stretch] - linux <not-affected> (Vulnerable code introduced later)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2083992
NOTE: Fixed by: https://git.kernel.org/linus/ff8376ade4f668130385839cef586a0990f8ef87 (5.18-rc1)
-CVE-2022-30548
- RESERVED
+CVE-2022-30548 (Uncontrolled search path element in the Intel(R) Glorp software may al ...)
+ TODO: check
CVE-2022-30339
RESERVED
CVE-2022-30338
@@ -41690,12 +41768,12 @@ CVE-2022-30296 (Insufficiently protected credentials in the Intel(R) Datacenter
NOT-FOR-US: Intel
CVE-2022-29919
RESERVED
-CVE-2022-29893
- RESERVED
+CVE-2022-29893 (Improper authentication in firmware for Intel(R) AMT before versions 1 ...)
+ TODO: check
CVE-2022-29887
RESERVED
-CVE-2022-29515
- RESERVED
+CVE-2022-29515 (Missing release of memory after effective lifetime in firmware for Int ...)
+ TODO: check
CVE-2022-29508
RESERVED
CVE-2022-29507 (Insufficiently protected credentials in the Intel(R) Team Blue mobile ...)
@@ -44833,18 +44911,18 @@ CVE-2022-29510
RESERVED
CVE-2022-29505 (Due to build misconfiguration in openssl dependency, LINE for Windows ...)
NOT-FOR-US: LINE for Windows
-CVE-2022-29486
- RESERVED
+CVE-2022-29486 (Improper buffer restrictions in the Hyperscan library maintained by In ...)
+ TODO: check
CVE-2022-29469
RESERVED
-CVE-2022-29466
- RESERVED
+CVE-2022-29466 (Improper input validation in firmware for Intel(R) SPS before version ...)
+ TODO: check
CVE-2022-29262
RESERVED
CVE-2022-28858 (Improper buffer restriction in the firmware for some Intel(R) NUC Lapt ...)
NOT-FOR-US: Intel
-CVE-2022-27497
- RESERVED
+CVE-2022-27497 (Null pointer dereference in firmware for Intel(R) AMT before version 1 ...)
+ TODO: check
CVE-2022-27493 (Improper initialization in the firmware for some Intel(R) NUC Laptop K ...)
NOT-FOR-US: Intel
CVE-2022-26424
@@ -47087,38 +47165,38 @@ CVE-2022-28669 (This vulnerability allows remote attackers to execute arbitrary
NOT-FOR-US: Foxit
CVE-2022-28668 (This vulnerability allows remote attackers to execute arbitrary code o ...)
NOT-FOR-US: Sante DICOM Viewer
-CVE-2022-28667
- RESERVED
+CVE-2022-28667 (Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi software be ...)
+ TODO: check
CVE-2022-28665 (A memory corruption vulnerability exists in the httpd unescape functio ...)
NOT-FOR-US: FreshTomato
CVE-2022-28664 (A memory corruption vulnerability exists in the httpd unescape functio ...)
NOT-FOR-US: FreshTomato
-CVE-2022-28611
- RESERVED
-CVE-2022-28126
- RESERVED
+CVE-2022-28611 (Improper input validation in some Intel(R) XMM(TM) 7560 Modem software ...)
+ TODO: check
+CVE-2022-28126 (Improper input validation in some Intel(R) XMM(TM) 7560 Modem software ...)
+ TODO: check
CVE-2022-27879
RESERVED
CVE-2022-27876
RESERVED
-CVE-2022-27874
- RESERVED
-CVE-2022-27639
- RESERVED
-CVE-2022-27638
- RESERVED
+CVE-2022-27874 (Improper authentication in some Intel(R) XMM(TM) 7560 Modem software b ...)
+ TODO: check
+CVE-2022-27639 (Incomplete cleanup in some Intel(R) XMM(TM) 7560 Modem software before ...)
+ TODO: check
+CVE-2022-27638 (Uncontrolled search path element in the Intel(R) Advanced Link Analyze ...)
+ TODO: check
CVE-2022-27631 (A memory corruption vulnerability exists in the httpd unescape functio ...)
NOT-FOR-US: DD-WRT
-CVE-2022-27499
- RESERVED
+CVE-2022-27499 (Premature release of resource during expected lifetime in the Intel(R) ...)
+ TODO: check
CVE-2022-27234
RESERVED
-CVE-2022-27187
- RESERVED
+CVE-2022-27187 (Uncontrolled search path element in the Intel(R) Quartus Prime Standar ...)
+ TODO: check
CVE-2022-27173
RESERVED
-CVE-2022-26845
- RESERVED
+CVE-2022-26845 (Improper authentication in firmware for Intel(R) AMT before versions 1 ...)
+ TODO: check
CVE-2022-26841
RESERVED
CVE-2022-26837
@@ -47127,26 +47205,26 @@ CVE-2022-26833 (An improper authentication vulnerability exists in the REST API
NOT-FOR-US: Open Automation Software
CVE-2022-26515
RESERVED
-CVE-2022-26513
- RESERVED
+CVE-2022-26513 (Out-of-bounds write in some Intel(R) XMM(TM) 7560 Modem software befor ...)
+ TODO: check
CVE-2022-26509
RESERVED
-CVE-2022-26508
- RESERVED
+CVE-2022-26508 (Improper authentication in the Intel(R) SDP Tool before version 3.0.0 ...)
+ TODO: check
CVE-2022-26376 (A memory corruption vulnerability exists in the httpd unescape functio ...)
NOT-FOR-US: Asuswrt
-CVE-2022-26369
- RESERVED
-CVE-2022-26367
- RESERVED
-CVE-2022-26341
- RESERVED
-CVE-2022-26079
- RESERVED
-CVE-2022-26047
- RESERVED
-CVE-2022-26045
- RESERVED
+CVE-2022-26369 (Out-of-bounds read in some Intel(R) XMM(TM) 7560 Modem software before ...)
+ TODO: check
+CVE-2022-26367 (Improper buffer restrictions in some Intel(R) XMM(TM) 7560 Modem softw ...)
+ TODO: check
+CVE-2022-26341 (Insufficiently protected credentials in software in Intel(R) AMT SDK b ...)
+ TODO: check
+CVE-2022-26079 (Improper conditions check in some Intel(R) XMM(TM) 7560 Modem software ...)
+ TODO: check
+CVE-2022-26047 (Improper input validation for some Intel(R) PROSet/Wireless WiFi, Inte ...)
+ TODO: check
+CVE-2022-26045 (Improper buffer restrictions in some Intel(R) XMM(TM) 7560 Modem softw ...)
+ TODO: check
CVE-2022-25868
RESERVED
CVE-2022-1284 (heap-use-after-free in GitHub repository radareorg/radare2 prior to 5. ...)
@@ -50666,8 +50744,8 @@ CVE-2022-27501
RESERVED
CVE-2022-27500 (Incorrect default permissions for the Intel(R) Support Android applica ...)
NOT-FOR-US: Intel
-CVE-2022-27233
- RESERVED
+CVE-2022-27233 (XML injection in the Intel(R) Quartus Prime Pro and Standard edition s ...)
+ TODO: check
CVE-2022-27229
RESERVED
CVE-2022-27183 (The Monitoring Console app configured in Distributed mode allows for a ...)
@@ -50682,8 +50760,8 @@ CVE-2022-26840
RESERVED
CVE-2022-26070 (When handling a mismatched pre-authentication cookie, the application ...)
NOT-FOR-US: Splunk
-CVE-2022-26024
- RESERVED
+CVE-2022-26024 (Improper access control in the Intel(R) NUC HDMI Firmware Update Tool ...)
+ TODO: check
CVE-2022-26017 (Improper access control in the Intel(R) DSA software for before versio ...)
NOT-FOR-US: Intel
CVE-2022-25841 (Uncontrolled search path elements in the Intel(R) Datacenter Group Eve ...)
@@ -54088,10 +54166,10 @@ CVE-2022-26304
RESERVED
CVE-2022-26131 (Power Line Communications PLC4TRUCKS J2497 trailer receivers are susce ...)
NOT-FOR-US: Power Line Communications PLC4TRUCKS J2497 trailer receivers
-CVE-2022-26124
- RESERVED
-CVE-2022-26086
- RESERVED
+CVE-2022-26124 (Improper buffer restrictions in BIOS firmware for some Intel(R) NUC Bo ...)
+ TODO: check
+CVE-2022-26086 (Uncontrolled search path element in the PresentMon software maintained ...)
+ TODO: check
CVE-2022-26083
RESERVED
CVE-2022-26074 (Incomplete cleanup in a firmware subsystem for Intel(R) SPS before ver ...)
@@ -54104,10 +54182,10 @@ CVE-2022-26038
RESERVED
CVE-2022-26037
RESERVED
-CVE-2022-26028
- RESERVED
-CVE-2022-26006
- RESERVED
+CVE-2022-26028 (Uncontrolled search path in the Intel(R) VTune(TM) Profiler software b ...)
+ TODO: check
+CVE-2022-26006 (Improper input validation in the BIOS firmware for some Intel(R) Proce ...)
+ TODO: check
CVE-2022-25999 (Uncontrolled search path element in the Intel(R) Enpirion(R) Digital P ...)
NOT-FOR-US: Intel
CVE-2022-25992
@@ -54116,8 +54194,8 @@ CVE-2022-25966 (Improper access control in the Intel(R) Edge Insights for Indust
NOT-FOR-US: Intel
CVE-2022-25922 (Power Line Communications PLC4TRUCKS J2497 trailer brake controllers i ...)
NOT-FOR-US: Power Line Communications PLC4TRUCKS J2497 trailer brake controllers
-CVE-2022-25917
- RESERVED
+CVE-2022-25917 (Uncaught exception in the firmware for some Intel(R) Server Board M50C ...)
+ TODO: check
CVE-2022-25909
RESERVED
CVE-2022-25870
@@ -56755,8 +56833,8 @@ CVE-2022-22139 (Uncontrolled search path in the Intel(R) XTU software before ver
NOT-FOR-US: Intel
CVE-2022-21225 (Improper neutralization in the Intel(R) Data Center Manager software b ...)
NOT-FOR-US: Intel
-CVE-2022-21198
- RESERVED
+CVE-2022-21198 (Time-of-check time-of-use race condition in the BIOS firmware for some ...)
+ TODO: check
CVE-2022-21183
RESERVED
CVE-2016-20014 (In pam_tacplus.c in pam_tacplus before 1.4.1, pam_sm_acct_mgmt does no ...)
@@ -72562,8 +72640,8 @@ CVE-2022-21812 (Improper access control in the Intel(R) HAXM software before ver
NOT-FOR-US: Intel
CVE-2022-21804
RESERVED
-CVE-2022-21794
- RESERVED
+CVE-2022-21794 (Improper authentication in BIOS firmware for some Intel(R) NUC Boards, ...)
+ TODO: check
CVE-2022-21793 (Insufficient control flow management in the Intel(R) Ethernet 500 Seri ...)
NOT-FOR-US: Intel
CVE-2022-21239
@@ -73756,8 +73834,8 @@ CVE-2021-26258 (Improper access control for the Intel(R) Killer(TM) Control Cent
NOT-FOR-US: Intel
CVE-2021-26257 (Improper buffer restrictions in firmware for some Intel(R) Wireless Bl ...)
NOT-FOR-US: Intel
-CVE-2021-26251
- RESERVED
+CVE-2021-26251 (Improper input validation in the Intel(R) Distribution of OpenVINO(TM) ...)
+ TODO: check
CVE-2021-23223 (Improper initialization for some Intel(R) PROSet/Wireless WiFi and Kil ...)
- firmware-nonfree 20220913-1
[bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
@@ -106122,8 +106200,8 @@ CVE-2021-33166 (Incorrect default permissions for the Intel(R) RXT for Chromeboo
NOT-FOR-US: Intel
CVE-2021-33165
RESERVED
-CVE-2021-33164
- RESERVED
+CVE-2021-33164 (Improper access control in BIOS firmware for some Intel(R) NUCs before ...)
+ TODO: check
CVE-2021-33163
RESERVED
CVE-2021-33162
@@ -106132,8 +106210,8 @@ CVE-2021-33161
RESERVED
CVE-2021-33160
RESERVED
-CVE-2021-33159
- RESERVED
+CVE-2021-33159 (Improper authentication in subsystem for Intel(R) AMT before versions ...)
+ TODO: check
CVE-2021-33158
RESERVED
CVE-2021-33157
@@ -106337,8 +106415,8 @@ CVE-2021-33066
RESERVED
CVE-2021-33065
RESERVED
-CVE-2021-33064
- RESERVED
+CVE-2021-33064 (Uncontrolled search path in the software installer for Intel(R) System ...)
+ TODO: check
CVE-2021-33063 (Uncontrolled search path in the Intel(R) RealSense(TM) D400 Series UWP ...)
NOT-FOR-US: Intel
CVE-2021-33062 (Incorrect default permissions in the software installer for the Intel( ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f221026eeeaef0643a43098ea7a5983db983e1a8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f221026eeeaef0643a43098ea7a5983db983e1a8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221111/3c69a299/attachment.htm>
More information about the debian-security-tracker-commits
mailing list