[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Nov 16 08:10:29 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
589281fb by security tracker role at 2022-11-16T08:10:19+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2022-43468
+ RESERVED
+CVE-2022-41783
+ RESERVED
+CVE-2022-4010
+ RESERVED
+CVE-2022-4009
+ RESERVED
+CVE-2022-4008
+ RESERVED
+CVE-2022-4007
+ RESERVED
+CVE-2022-4006 (A vulnerability, which was classified as problematic, has been found i ...)
+ TODO: check
+CVE-2022-4005
+ RESERVED
+CVE-2022-4004
+ RESERVED
+CVE-2021-4241 (A vulnerability, which was classified as problematic, was found in php ...)
+ TODO: check
+CVE-2021-4240 (A vulnerability, which was classified as problematic, was found in php ...)
+ TODO: check
CVE-2022-45442
RESERVED
CVE-2022-45441
@@ -394,52 +416,52 @@ CVE-2022-45403
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/#CVE-2022-45403
CVE-2022-45402 (In Apache Airflow versions prior to 2.4.3, there was an open redirect ...)
- airflow <itp> (bug #819700)
-CVE-2022-45401
- RESERVED
-CVE-2022-45400
- RESERVED
-CVE-2022-45399
- RESERVED
-CVE-2022-45398
- RESERVED
-CVE-2022-45397
- RESERVED
-CVE-2022-45396
- RESERVED
-CVE-2022-45395
- RESERVED
-CVE-2022-45394
- RESERVED
-CVE-2022-45393
- RESERVED
-CVE-2022-45392
- RESERVED
-CVE-2022-45391
- RESERVED
-CVE-2022-45390
- RESERVED
-CVE-2022-45389
- RESERVED
-CVE-2022-45388
- RESERVED
-CVE-2022-45387
- RESERVED
-CVE-2022-45386
- RESERVED
-CVE-2022-45385
- RESERVED
-CVE-2022-45384
- RESERVED
-CVE-2022-45383
- RESERVED
-CVE-2022-45382
- RESERVED
-CVE-2022-45381
- RESERVED
-CVE-2022-45380
- RESERVED
-CVE-2022-45379
- RESERVED
+CVE-2022-45401 (Jenkins Associated Files Plugin 0.2.1 and earlier does not escape name ...)
+ TODO: check
+CVE-2022-45400 (Jenkins JAPEX Plugin 1.7 and earlier does not configure its XML parser ...)
+ TODO: check
+CVE-2022-45399 (A missing permission check in Jenkins Cluster Statistics Plugin 0.4.6 ...)
+ TODO: check
+CVE-2022-45398 (A cross-site request forgery (CSRF) vulnerability in Jenkins Cluster S ...)
+ TODO: check
+CVE-2022-45397 (Jenkins OSF Builder Suite : : XML Linter Plugin 1.0.2 and earlier does ...)
+ TODO: check
+CVE-2022-45396 (Jenkins SourceMonitor Plugin 0.2 and earlier does not configure its XM ...)
+ TODO: check
+CVE-2022-45395 (Jenkins CCCC Plugin 0.6 and earlier does not configure its XML parser ...)
+ TODO: check
+CVE-2022-45394 (A missing permission check in Jenkins Delete log Plugin 1.0 and earlie ...)
+ TODO: check
+CVE-2022-45393 (A cross-site request forgery (CSRF) vulnerability in Jenkins Delete lo ...)
+ TODO: check
+CVE-2022-45392 (Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 and e ...)
+ TODO: check
+CVE-2022-45391 (Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 and e ...)
+ TODO: check
+CVE-2022-45390 (A missing permission check in Jenkins loader.io Plugin 1.0.1 and earli ...)
+ TODO: check
+CVE-2022-45389 (A missing permission check in Jenkins XP-Dev Plugin 1.0 and earlier al ...)
+ TODO: check
+CVE-2022-45388 (Jenkins Config Rotator Plugin 2.0.1 and earlier does not restrict a fi ...)
+ TODO: check
+CVE-2022-45387 (Jenkins BART Plugin 1.0.3 and earlier does not escape the parsed conte ...)
+ TODO: check
+CVE-2022-45386 (Jenkins Violations Plugin 0.7.11 and earlier does not configure its XM ...)
+ TODO: check
+CVE-2022-45385 (A missing permission check in Jenkins CloudBees Docker Hub/Registry No ...)
+ TODO: check
+CVE-2022-45384 (Jenkins Reverse Proxy Auth Plugin 1.7.3 and earlier stores the LDAP ma ...)
+ TODO: check
+CVE-2022-45383 (An incorrect permission check in Jenkins Support Core Plugin 1206.v140 ...)
+ TODO: check
+CVE-2022-45382 (Jenkins Naginator Plugin 1.18.1 and earlier does not escape display na ...)
+ TODO: check
+CVE-2022-45381 (Jenkins Pipeline Utility Steps Plugin 2.13.1 and earlier does not rest ...)
+ TODO: check
+CVE-2022-45380 (Jenkins JUnit Plugin 1159.v0b_396e1e07dd and earlier converts HTTP(S) ...)
+ TODO: check
+CVE-2022-45379 (Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fde and earlier store ...)
+ TODO: check
CVE-2022-45378 (** UNSUPPORTED WHEN ASSIGNED ** In the default configuration of Apache ...)
NOT-FOR-US: Apache SOAP
CVE-2022-45377
@@ -1136,8 +1158,8 @@ CVE-2022-41659
RESERVED
CVE-2022-3921
RESERVED
-CVE-2022-3920
- RESERVED
+CVE-2022-3920 (HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do not filt ...)
+ TODO: check
CVE-2022-45108
RESERVED
CVE-2022-45107
@@ -8658,8 +8680,8 @@ CVE-2022-43280 (wasm-interp v1.0.29 was discovered to contain an out-of-bounds r
- wabt <unfixed> (unimportant)
NOTE: https://github.com/WebAssembly/wabt/issues/1982
NOTE: Crash in CLI tool, no security impact
-CVE-2022-43279
- RESERVED
+CVE-2022-43279 (LimeSurvey v5.4.4 was discovered to contain a SQL injection vulnerabil ...)
+ TODO: check
CVE-2022-43278 (Canteen Management System v1.0 was discovered to contain a SQL injecti ...)
NOT-FOR-US: Canteen Management System
CVE-2022-43277 (Canteen Management System v1.0 was discovered to contain an arbitrary ...)
@@ -8686,8 +8708,8 @@ CVE-2022-43267
RESERVED
CVE-2022-43266
RESERVED
-CVE-2022-43265
- RESERVED
+CVE-2022-43265 (An arbitrary file upload vulnerability in the component /pages/save_us ...)
+ TODO: check
CVE-2022-43264
RESERVED
CVE-2022-43263
@@ -10090,8 +10112,8 @@ CVE-2022-42787 (Multiple W&T products of the Comserver Series use a small nu
NOT-FOR-US: Wiesemann & Theis GmbH products
CVE-2022-42786 (Multiple W&T Products of the ComServer Series are prone to an XSS ...)
NOT-FOR-US: Wiesemann & Theis GmbH products
-CVE-2022-42785
- RESERVED
+CVE-2022-42785 (Multiple W&T products of the ComServer Series are prone to an auth ...)
+ TODO: check
CVE-2022-42784
RESERVED
CVE-2022-3457 (Origin Validation Error in GitHub repository ikus060/rdiffweb prior to ...)
@@ -12112,12 +12134,12 @@ CVE-2022-41920
RESERVED
CVE-2022-41919
RESERVED
-CVE-2022-41918
- RESERVED
-CVE-2022-41917
- RESERVED
-CVE-2022-41916
- RESERVED
+CVE-2022-41918 (OpenSearch is a community-driven, open source fork of Elasticsearch an ...)
+ TODO: check
+CVE-2022-41917 (OpenSearch is a community-driven, open source fork of Elasticsearch an ...)
+ TODO: check
+CVE-2022-41916 (Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ...)
+ TODO: check
CVE-2022-41915
RESERVED
CVE-2022-41914
@@ -12299,8 +12321,8 @@ CVE-2022-3379 (Horner Automation's Cscape version 9.90 SP7 and prior does not pr
NOT-FOR-US: Horner Automation's Cscape
CVE-2022-3378 (Horner Automation's Cscape version 9.90 SP 7 and prior does not proper ...)
NOT-FOR-US: Horner Automation's Cscape
-CVE-2022-3377
- RESERVED
+CVE-2022-3377 (Horner Automation's Cscape version 9.90 SP 6 and prior does not proper ...)
+ TODO: check
CVE-2022-3376 (Weak Password Requirements in GitHub repository ikus060/rdiffweb prior ...)
- rdiffweb <itp> (bug #969974)
CVE-2022-3375
@@ -15021,8 +15043,8 @@ CVE-2022-3234 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to
NOTE: https://github.com/vim/vim/commit/c249913edc35c0e666d783bfc21595cf9f7d9e0d (v9.0.0483)
CVE-2022-40754 (In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in t ...)
- airflow <itp> (bug #819700)
-CVE-2022-40753
- RESERVED
+CVE-2022-40753 (IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scr ...)
+ TODO: check
CVE-2022-40752
RESERVED
CVE-2022-40751
@@ -16497,7 +16519,7 @@ CVE-2022-40162
CVE-2022-40161 (** DISPUTED ** This record was originally reported by the oss-fuzz pro ...)
- libcommons-jxpath-java <unfixed>
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47097
-CVE-2022-40160 (Those using JXPath to interpret XPath may be vulnerable to Denial of S ...)
+CVE-2022-40160 (** DISPUTED ** This record was originally reported by the oss-fuzz pro ...)
- libcommons-jxpath-java <unfixed>
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47053
CVE-2022-40159 (** DISPUTED ** This record was originally reported by the oss-fuzz pro ...)
@@ -20405,8 +20427,8 @@ CVE-2022-2948
RESERVED
CVE-2022-2947
RESERVED
-CVE-2022-38666
- RESERVED
+CVE-2022-38666 (Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.146 and e ...)
+ TODO: check
CVE-2022-38665 (Jenkins CollabNet Plugins Plugin 2.0.8 and earlier stores a RabbitMQ p ...)
NOT-FOR-US: Jenkins CollabNet Plugins Plugin
CVE-2022-38664 (Jenkins Job Configuration History Plugin 1165.v8cc9fd1f4597 and earlie ...)
@@ -21290,8 +21312,8 @@ CVE-2022-38387 (IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.2.0 coul
NOT-FOR-US: IBM
CVE-2022-38386
RESERVED
-CVE-2022-38385
- RESERVED
+CVE-2022-38385 (IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.2.0 could allo ...)
+ TODO: check
CVE-2022-38384
RESERVED
CVE-2022-38383
@@ -21866,8 +21888,8 @@ CVE-2022-38203
RESERVED
CVE-2022-38202
RESERVED
-CVE-2022-38201
- RESERVED
+CVE-2022-38201 (An unvalidated redirect vulnerability exists in Esri Portal for ArcGIS ...)
+ TODO: check
CVE-2022-38200 (A cross site scripting vulnerability exists in some map service config ...)
NOT-FOR-US: ArcGIS Server
CVE-2022-38199 (A remote file download issue can occur in some capabilities of Esri Ar ...)
@@ -22064,7 +22086,7 @@ CVE-2022-38165
RESERVED
CVE-2022-38164 (WithSecure through 2022-08-10 allows attackers to cause a denial of se ...)
NOT-FOR-US: WithSecure
-CVE-2022-38163 (WithSecure through 2022-08-10 allows attackers to cause a denial of se ...)
+CVE-2022-38163 (A Drag and Drop spoof vulnerability was discovered in F-Secure SAFE Br ...)
NOT-FOR-US: WithSecure
CVE-2022-38162 (Reflected cross-site scripting (XSS) vulnerabilities in WithSecure thr ...)
NOT-FOR-US: WithSecure
@@ -32670,8 +32692,8 @@ CVE-2022-34171 (In Jenkins 2.321 through 2.355 (both inclusive) and LTS 2.332.1
- jenkins <removed>
CVE-2022-34170 (In Jenkins 2.320 through 2.355 (both inclusive) and LTS 2.332.1 throug ...)
- jenkins <removed>
-CVE-2022-2166
- RESERVED
+CVE-2022-2166 (Improper Restriction of Excessive Authentication Attempts in GitHub re ...)
+ TODO: check
CVE-2022-34169 (The Apache Xalan Java XSLT library is vulnerable to an integer truncat ...)
{DSA-5256-1 DSA-5192-1 DSA-5188-1 DLA-3155-1}
- openjdk-8 8u342-b07-1
@@ -42151,16 +42173,16 @@ CVE-2022-30774 (DMA attacks on the parameter buffer used by the PnpSmm driver co
TODO: check
CVE-2022-30773 (DMA attacks on the parameter buffer used by the IhisiSmm driver could ...)
TODO: check
-CVE-2022-30772
- RESERVED
-CVE-2022-30771
- RESERVED
+CVE-2022-30772 (Manipulation of the input address in PnpSmm function 0x52 could be use ...)
+ TODO: check
+CVE-2022-30771 (Initialization function in PnpSmm could lead to SMRAM corruption when ...)
+ TODO: check
CVE-2022-30770 (Terminalfour versions 8.3.7, 8.3.x versions prior to version 8.3.8 and ...)
NOT-FOR-US: Terminalfour
-CVE-2022-30769
- RESERVED
-CVE-2022-30768
- RESERVED
+CVE-2022-30769 (Session fixation exists in ZoneMinder through 1.36.12 as an attacker c ...)
+ TODO: check
+CVE-2022-30768 (A Stored Cross Site Scripting (XSS) issue in ZoneMinder 1.36.12 allows ...)
+ TODO: check
CVE-2022-30767 (nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and throu ...)
[experimental] - u-boot 2022.07~rc4+dfsg-1
- u-boot 2022.07+dfsg-1 (bug #1014471)
@@ -43612,8 +43634,8 @@ CVE-2022-30285 (In Quest KACE Systems Management Appliance (SMA) through 12.0, a
NOT-FOR-US: Quest KACE System Management Appliance
CVE-2022-30284 (** DISPUTED ** In the python-libnmap package through 0.7.2 for Python, ...)
NOTE: Bogus python-libnmap issue
-CVE-2022-30283
- RESERVED
+CVE-2022-30283 (In UsbCoreDxe, tampering with the contents of the USB working buffer u ...)
+ TODO: check
CVE-2022-30282
RESERVED
CVE-2022-30281
@@ -46521,16 +46543,16 @@ CVE-2022-29281 (Notable before 1.9.0-beta.8 doesn't effectively prevent the open
NOT-FOR-US: Notable
CVE-2022-29280
REJECTED
-CVE-2022-29279
- RESERVED
-CVE-2022-29278
- RESERVED
-CVE-2022-29277
- RESERVED
-CVE-2022-29276
- RESERVED
-CVE-2022-29275
- RESERVED
+CVE-2022-29279 (Use of a untrusted pointer allows tampering with SMRAM and OS memory i ...)
+ TODO: check
+CVE-2022-29278 (Incorrect pointer checks within the NvmExpressDxe driver can allow tam ...)
+ TODO: check
+CVE-2022-29277 (Incorrect pointer checks within the the FwBlockServiceSmm driver can a ...)
+ TODO: check
+CVE-2022-29276 (SMI functions in AhciBusDxe use untrusted inputs leading to corruption ...)
+ TODO: check
+CVE-2022-29275 (In UsbCoreDxe, untrusted input may allow SMRAM or OS memory tampering ...)
+ TODO: check
CVE-2022-29274
RESERVED
CVE-2022-29273
@@ -50714,8 +50736,8 @@ CVE-2022-27897
RESERVED
CVE-2022-27896 (Information Exposure Through Log Files vulnerability discovered in Fou ...)
TODO: check
-CVE-2022-27895
- RESERVED
+CVE-2022-27895 (Information Exposure Through Log Files vulnerability discovered in Fou ...)
+ TODO: check
CVE-2022-27894 (The Foundry Blobster service was found to have a cross-site scripting ...)
NOT-FOR-US: Foundry Blobster service
CVE-2022-27893 (The Foundry Magritte plugin osisoft-pi-web-connector versions 0.15.0 - ...)
@@ -59185,8 +59207,8 @@ CVE-2022-24944
RESERVED
CVE-2022-24943
RESERVED
-CVE-2022-24942
- RESERVED
+CVE-2022-24942 (Heap based buffer overflow in HTTP Server functionality in Micrium uC- ...)
+ TODO: check
CVE-2022-24941
RESERVED
CVE-2022-24940
@@ -79946,72 +79968,72 @@ CVE-2022-20952
RESERVED
CVE-2022-20951 (A vulnerability in the web-based management interface of Cisco BroadWo ...)
NOT-FOR-US: Cisco
-CVE-2022-20950
- RESERVED
-CVE-2022-20949
- RESERVED
+CVE-2022-20950 (A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepo ...)
+ TODO: check
+CVE-2022-20949 (A vulnerability in the management web server of Cisco Firepower Threat ...)
+ TODO: check
CVE-2022-20948
RESERVED
-CVE-2022-20947
- RESERVED
-CVE-2022-20946
- RESERVED
+CVE-2022-20947 (A vulnerability in dynamic access policies (DAP) functionality of Cisc ...)
+ TODO: check
+CVE-2022-20946 (A vulnerability in the generic routing encapsulation (GRE) tunnel deca ...)
+ TODO: check
CVE-2022-20945 (A vulnerability in the 802.11 association frame validation of Cisco Ca ...)
NOT-FOR-US: Cisco
CVE-2022-20944 (A vulnerability in the software image verification functionality of Ci ...)
NOT-FOR-US: Cisco
-CVE-2022-20943
- RESERVED
+CVE-2022-20943 (Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) ...)
+ TODO: check
CVE-2022-20942 (A vulnerability in the web-based management interface of Cisco Email S ...)
NOT-FOR-US: Cisco
-CVE-2022-20941
- RESERVED
-CVE-2022-20940
- RESERVED
+CVE-2022-20941 (A vulnerability in the web-based management interface of Cisco Firepow ...)
+ TODO: check
+CVE-2022-20940 (A vulnerability in the TLS handler of Cisco Firepower Threat Defense ( ...)
+ TODO: check
CVE-2022-20939
RESERVED
-CVE-2022-20938
- RESERVED
+CVE-2022-20938 (A vulnerability in the module import function of the administrative in ...)
+ TODO: check
CVE-2022-20937 (A vulnerability in a feature that monitors RADIUS requests on Cisco Id ...)
NOT-FOR-US: Cisco
-CVE-2022-20936
- RESERVED
-CVE-2022-20935
- RESERVED
-CVE-2022-20934
- RESERVED
+CVE-2022-20936 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2022-20935 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2022-20934 (A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Sof ...)
+ TODO: check
CVE-2022-20933 (A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX ...)
NOT-FOR-US: Cisco
-CVE-2022-20932
- RESERVED
+CVE-2022-20932 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
CVE-2022-20931
RESERVED
CVE-2022-20930 (A vulnerability in the CLI of Cisco SD-WAN Software could allow an aut ...)
NOT-FOR-US: Cisco
CVE-2022-20929
RESERVED
-CVE-2022-20928
- RESERVED
-CVE-2022-20927
- RESERVED
-CVE-2022-20926
- RESERVED
-CVE-2022-20925
- RESERVED
-CVE-2022-20924
- RESERVED
+CVE-2022-20928 (A vulnerability in the authentication and authorization flows for VPN ...)
+ TODO: check
+CVE-2022-20927 (A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appli ...)
+ TODO: check
+CVE-2022-20926 (A vulnerability in the web management interface of the Cisco Firepower ...)
+ TODO: check
+CVE-2022-20925 (A vulnerability in the web management interface of the Cisco Firepower ...)
+ TODO: check
+CVE-2022-20924 (A vulnerability in the Simple Network Management Protocol (SNMP) featu ...)
+ TODO: check
CVE-2022-20923 (A vulnerability in the IPSec VPN Server authentication functionality o ...)
NOT-FOR-US: Cisco
-CVE-2022-20922
- RESERVED
+CVE-2022-20922 (Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) ...)
+ TODO: check
CVE-2022-20921 (A vulnerability in the API implementation of Cisco ACI Multi-Site Orch ...)
NOT-FOR-US: Cisco
CVE-2022-20920 (A vulnerability in the SSH implementation of Cisco IOS Software and Ci ...)
NOT-FOR-US: Cisco
CVE-2022-20919 (A vulnerability in the processing of malformed Common Industrial Proto ...)
NOT-FOR-US: Cisco
-CVE-2022-20918
- RESERVED
+CVE-2022-20918 (A vulnerability in the Simple Network Management Protocol (SNMP) acces ...)
+ TODO: check
CVE-2022-20917
RESERVED
CVE-2022-20916 (A vulnerability in the web-based management interface of Cisco IoT Con ...)
@@ -80036,8 +80058,8 @@ CVE-2022-20907 (Multiple vulnerabilities in Cisco Nexus Dashboard could allow an
NOT-FOR-US: Cisco
CVE-2022-20906 (Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authe ...)
NOT-FOR-US: Cisco
-CVE-2022-20905
- RESERVED
+CVE-2022-20905 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
CVE-2022-20904 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
NOT-FOR-US: Cisco
CVE-2022-20903 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
@@ -80102,8 +80124,8 @@ CVE-2022-20874 (Multiple vulnerabilities in the web-based management interface o
NOT-FOR-US: Cisco
CVE-2022-20873 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
NOT-FOR-US: Cisco
-CVE-2022-20872
- RESERVED
+CVE-2022-20872 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
CVE-2022-20871
RESERVED
CVE-2022-20870 (A vulnerability in the egress MPLS packet processing function of Cisco ...)
@@ -80138,8 +80160,8 @@ CVE-2022-20856 (A vulnerability in the processing of Control and Provisioning of
NOT-FOR-US: Cisco
CVE-2022-20855 (A vulnerability in the self-healing functionality of Cisco IOS XE Soft ...)
NOT-FOR-US: Cisco
-CVE-2022-20854
- RESERVED
+CVE-2022-20854 (A vulnerability in the processing of SSH connections of Cisco Firepowe ...)
+ TODO: check
CVE-2022-20853
RESERVED
CVE-2022-20852 (Multiple vulnerabilities in the web interface of Cisco Webex Meetings ...)
@@ -80160,32 +80182,32 @@ CVE-2022-20845
RESERVED
CVE-2022-20844 (A vulnerability in authentication mechanism of Cisco Software-Defined ...)
NOT-FOR-US: Cisco
-CVE-2022-20843
- RESERVED
+CVE-2022-20843 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
CVE-2022-20842 (Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, ...)
NOT-FOR-US: Cisco
CVE-2022-20841 (Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, ...)
NOT-FOR-US: Cisco
-CVE-2022-20840
- RESERVED
-CVE-2022-20839
- RESERVED
-CVE-2022-20838
- RESERVED
+CVE-2022-20840 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2022-20839 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2022-20838 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
CVE-2022-20837 (A vulnerability in the DNS application layer gateway (ALG) functionali ...)
NOT-FOR-US: Cisco
-CVE-2022-20836
- RESERVED
-CVE-2022-20835
- RESERVED
-CVE-2022-20834
- RESERVED
-CVE-2022-20833
- RESERVED
-CVE-2022-20832
- RESERVED
-CVE-2022-20831
- RESERVED
+CVE-2022-20836 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2022-20835 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2022-20834 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2022-20833 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2022-20832 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2022-20831 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
CVE-2022-20830 (A vulnerability in authentication mechanism of Cisco Software-Defined ...)
NOT-FOR-US: Cisco
CVE-2022-20829 (A vulnerability in the packaging of Cisco Adaptive Security Device Man ...)
@@ -80194,8 +80216,8 @@ CVE-2022-20828 (A vulnerability in the CLI parser of Cisco FirePOWER Software fo
NOT-FOR-US: Cisco
CVE-2022-20827 (Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, ...)
NOT-FOR-US: Cisco
-CVE-2022-20826
- RESERVED
+CVE-2022-20826 (A vulnerability in the secure boot implementation of Cisco Secure Fire ...)
+ TODO: check
CVE-2022-20825 (A vulnerability in the web-based management interface of Cisco Small B ...)
NOT-FOR-US: Cisco
CVE-2022-20824 (A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS ...)
@@ -189183,10 +189205,10 @@ CVE-2020-12510 (The default installation path of the TwinCAT XAR 3.1 software in
NOT-FOR-US: Beckhoff
CVE-2020-12509 (In s::can moni::tools in versions below 4.2 an unauthenticated attacke ...)
NOT-FOR-US: s::can moni::tools
-CVE-2020-12508
- RESERVED
-CVE-2020-12507
- RESERVED
+CVE-2020-12508 (In s::can moni::tools in versions below 4.2 an unauthenticated attacke ...)
+ TODO: check
+CVE-2020-12507 (In s::can moni::tools before version 4.2 an authenticated attacker cou ...)
+ TODO: check
CVE-2020-12506 (Improper Authentication vulnerability in WAGO 750-8XX series with FW v ...)
NOT-FOR-US: WAGO
CVE-2020-12505 (Improper Authentication vulnerability in WAGO 750-8XX series with FW v ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/589281fbf92c68bfc24bc94f3dfd86e0138739d5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/589281fbf92c68bfc24bc94f3dfd86e0138739d5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221116/f5b812b2/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list