[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Oct 7 09:10:46 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9dc26baf by security tracker role at 2022-10-07T08:10:26+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,49 @@
+CVE-2022-42468
+ RESERVED
+CVE-2022-42467
+ RESERVED
+CVE-2022-42466
+ RESERVED
+CVE-2022-42458
+ RESERVED
+CVE-2022-42001
+ RESERVED
+CVE-2022-42000
+ RESERVED
+CVE-2022-41986
+ RESERVED
+CVE-2022-41814
+ RESERVED
+CVE-2022-41796
+ RESERVED
+CVE-2022-41789
+ RESERVED
+CVE-2022-41611
+ RESERVED
+CVE-2022-3418
+ RESERVED
+CVE-2022-3417
+ RESERVED
+CVE-2022-3416
+ RESERVED
+CVE-2022-3415
+ RESERVED
+CVE-2022-3414 (A vulnerability was found in SourceCodester Web-Based Student Clearanc ...)
+ TODO: check
+CVE-2022-3413
+ RESERVED
+CVE-2022-3412
+ RESERVED
+CVE-2022-3411
+ RESERVED
+CVE-2022-3410
+ RESERVED
+CVE-2022-3409
+ RESERVED
+CVE-2022-3408
+ RESERVED
+CVE-2022-3407
+ RESERVED
CVE-2022-42457 (Generex CS141 before 2.08 allows remote command execution by administr ...)
NOT-FOR-US: Generex CS141
CVE-2022-42456
@@ -1722,8 +1768,7 @@ CVE-2022-41674
RESERVED
CVE-2022-41673
RESERVED
-CVE-2022-41672
- RESERVED
+CVE-2022-41672 (In Apache Airflow, prior to version 2.4.1, deactivating a user wouldn' ...)
- airflow <itp> (bug #819700)
CVE-2022-41671
RESERVED
@@ -4683,8 +4728,8 @@ CVE-2022-40496
RESERVED
CVE-2022-40495
RESERVED
-CVE-2022-40494
- RESERVED
+CVE-2022-40494 (NPS before v0.26.10 was discovered to contain an authentication bypass ...)
+ TODO: check
CVE-2022-40493
RESERVED
CVE-2022-40492
@@ -7349,8 +7394,8 @@ CVE-2022-39286
RESERVED
CVE-2022-39285
RESERVED
-CVE-2022-39284
- RESERVED
+CVE-2022-39284 (CodeIgniter is a PHP full-stack web framework. In versions prior to 4. ...)
+ TODO: check
CVE-2022-39283
RESERVED
CVE-2022-39282
@@ -7359,8 +7404,8 @@ CVE-2022-39281
RESERVED
CVE-2022-39280 (dparse is a parser for Python dependency files. dparse in versions bef ...)
TODO: check
-CVE-2022-39279
- RESERVED
+CVE-2022-39279 (discourse-chat is a plugin for the Discourse message board which adds ...)
+ TODO: check
CVE-2022-39278
RESERVED
CVE-2022-39277
@@ -9262,16 +9307,14 @@ CVE-2022-2931
NOTE: https://about.gitlab.com/releases/2022/08/30/critical-security-release-gitlab-15-3-2-released/
CVE-2022-2930 (Unverified Password Change in GitHub repository octoprint/octoprint pr ...)
- octoprint <itp> (bug #718591)
-CVE-2022-2929 [DHCP memory leak]
- RESERVED
+CVE-2022-2929 (In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 ...)
{DSA-5251-1}
- isc-dhcp <unfixed> (bug #1021320)
NOTE: https://www.openwall.com/lists/oss-security/2022/10/05/1
NOTE: https://downloads.isc.org/isc/dhcp/4.4.3-P1/patches/
NOTE: https://downloads.isc.org/isc/dhcp/4.1-ESV-R16-P2/patches/
NOTE: https://kb.isc.org/docs/cve-2022-2929
-CVE-2022-2928 [An option refcount overflow exists in dhcpd]
- RESERVED
+CVE-2022-2928 (In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P ...)
{DSA-5251-1}
- isc-dhcp <unfixed> (bug #1021320)
NOTE: https://www.openwall.com/lists/oss-security/2022/10/05/1
@@ -39594,8 +39637,8 @@ CVE-2022-27811 (GNOME OCRFeeder before 0.8.4 allows OS command injection via she
NOTE: https://gitlab.gnome.org/GNOME/ocrfeeder/-/merge_requests/13
NOTE: https://gitlab.gnome.org/GNOME/ocrfeeder/-/commit/9209bce8afaf6fde19cdac7f5eaea1b744c3e79e (0.8.5)
NOTE: https://gitlab.gnome.org/GNOME/ocrfeeder/-/commit/afea0e722f1d14eaf14bf0e5ebb444d3271ff1ef (0.8.5)
-CVE-2022-27810
- RESERVED
+CVE-2022-27810 (It was possible to trigger an infinite recursion condition in the erro ...)
+ TODO: check
CVE-2022-27809
RESERVED
CVE-2022-27802 (Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (a ...)
@@ -44038,12 +44081,12 @@ CVE-2022-26240 (The default privileges for the running service Normand Message B
NOT-FOR-US: Beckman Coulter Remisol Advance
CVE-2022-26239 (The default privileges for the running service Normand License Manager ...)
NOT-FOR-US: Beckman Coulter Remisol Advance
-CVE-2022-26238
- RESERVED
+CVE-2022-26238 (The default privileges for the running service Normand Service Manager ...)
+ TODO: check
CVE-2022-26237 (The default privileges for the running service Normand Viewer Service ...)
NOT-FOR-US: Beckman Coulter Remisol Advance
-CVE-2022-26236
- RESERVED
+CVE-2022-26236 (The default privileges for the running service Normand Remisol Advance ...)
+ TODO: check
CVE-2022-26235 (A vulnerability was discovered in the Remisol Advance v2.0.12.1 and be ...)
NOT-FOR-US: Beckman Coulter Remisol Advance
CVE-2022-26234
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dc26baf0165e2dd1e06072182422f1674867716
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dc26baf0165e2dd1e06072182422f1674867716
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221007/6bfad730/attachment.htm>
More information about the debian-security-tracker-commits
mailing list