[Git][security-tracker-team/security-tracker][master] automatic update

Sun Nov 27 08:10:23 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
57088072 by security tracker role at 2022-11-27T08:10:12+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,53 @@
+CVE-2022-45934 (An issue was discovered in the Linux kernel through 6.0.10. l2cap_conf ...)
+	TODO: check
+CVE-2022-45933 (KubeView through 0.1.31 allows attackers to obtain control of a Kubern ...)
+	TODO: check
+CVE-2022-45932 (A SQL injection issue was discovered in AAA in OpenDaylight (ODL) befo ...)
+	TODO: check
+CVE-2022-45931 (A SQL injection issue was discovered in AAA in OpenDaylight (ODL) befo ...)
+	TODO: check
+CVE-2022-45930 (A SQL injection issue was discovered in AAA in OpenDaylight (ODL) befo ...)
+	TODO: check
+CVE-2022-45929
+	RESERVED
+CVE-2022-45928
+	RESERVED
+CVE-2022-45927
+	RESERVED
+CVE-2022-45926
+	RESERVED
+CVE-2022-45925
+	RESERVED
+CVE-2022-45924
+	RESERVED
+CVE-2022-45923
+	RESERVED
+CVE-2022-45922
+	RESERVED
+CVE-2022-45921
+	RESERVED
+CVE-2022-45920
+	RESERVED
+CVE-2022-45919 (An issue was discovered in the Linux kernel through 6.0.10. In drivers ...)
+	TODO: check
+CVE-2022-45918
+	RESERVED
+CVE-2022-45917
+	RESERVED
+CVE-2022-45916
+	RESERVED
+CVE-2022-45915
+	RESERVED
+CVE-2022-45914 (The ESL (Electronic Shelf Label) protocol, as implemented by (for exam ...)
+	TODO: check
+CVE-2022-45913
+	RESERVED
+CVE-2022-45912
+	RESERVED
+CVE-2022-45911
+	RESERVED
+CVE-2022-4145
+	RESERVED
 CVE-2022-45910
 	RESERVED
 CVE-2022-45909 (drachtio-server 0.8.18 has a heap-based buffer over-read via a long Re ...)
@@ -8732,8 +8782,7 @@ CVE-2022-43707 (MyBB 1.8.31 has a Cross-site scripting (XSS) vulnerability in th
 	NOT-FOR-US: MyBB
 CVE-2022-43706
 	RESERVED
-CVE-2022-43705 [malicious OCSP responder could forge OCSP responses]
-	RESERVED
+CVE-2022-43705 (In Botan before 2.19.3, it is possible to forge OCSP responses due to  ...)
 	- botan 2.19.3+dfsg-1
 	[bullseye] - botan <no-dsa> (Minor issue)
 	[buster] - botan <no-dsa> (Minor issue)
@@ -23439,7 +23488,7 @@ CVE-2022-38168 (Broken Access Control in User Authentication in Avaya Scopia Pat
 	NOT-FOR-US: Avaya Scopia Pathfinder
 CVE-2022-38167 (The Nintex Workflow plugin 5.2.2.30 for SharePoint allows XSS. ...)
 	NOT-FOR-US: Nintex Workflow plugin for SharePoint
-CVE-2022-38166 (In F‑Secure Endpoint Protection for Windows and macOS before cha ...)
+CVE-2022-38166 (In F-Secure Endpoint Protection for Windows and macOS before channel w ...)
 	NOT-FOR-US: F-Secure
 CVE-2022-38165 (Arbitrary file write in F-Secure Policy Manager through 2022-08-10 all ...)
 	NOT-FOR-US: WithSecure
@@ -60381,8 +60430,8 @@ CVE-2022-25001
 	RESERVED
 CVE-2022-25000
 	RESERVED
-CVE-2022-24999
-	RESERVED
+CVE-2022-24999 (qs before 6.10.3, as used in Express before 4.17.3 and other products, ...)
+	TODO: check
 CVE-2022-24998
 	RESERVED
 CVE-2022-24997



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/570880726c9ef97ab796c8b5360b17a436f0d3ba

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/570880726c9ef97ab796c8b5360b17a436f0d3ba
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221127/d5d23911/attachment-0001.htm>
