[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Oct 7 21:10:32 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2aea3214 by security tracker role at 2022-10-07T20:10:22+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,83 @@
+CVE-2022-42493
+ RESERVED
+CVE-2022-42492
+ RESERVED
+CVE-2022-42491
+ RESERVED
+CVE-2022-42490
+ RESERVED
+CVE-2022-42484
+ RESERVED
+CVE-2022-42483
+ RESERVED
+CVE-2022-42482
+ RESERVED
+CVE-2022-42481
+ RESERVED
+CVE-2022-42478
+ RESERVED
+CVE-2022-42477
+ RESERVED
+CVE-2022-42476
+ RESERVED
+CVE-2022-42475
+ RESERVED
+CVE-2022-42474
+ RESERVED
+CVE-2022-42473
+ RESERVED
+CVE-2022-42472
+ RESERVED
+CVE-2022-42471
+ RESERVED
+CVE-2022-42470
+ RESERVED
+CVE-2022-42469
+ RESERVED
+CVE-2022-41999
+ RESERVED
+CVE-2022-41991
+ RESERVED
+CVE-2022-41988
+ RESERVED
+CVE-2022-41838
+ RESERVED
+CVE-2022-41837
+ RESERVED
+CVE-2022-41632
+ RESERVED
+CVE-2022-41630
+ RESERVED
+CVE-2022-41154
+ RESERVED
+CVE-2022-40222
+ RESERVED
+CVE-2022-38451
+ RESERVED
+CVE-2022-38091
+ RESERVED
+CVE-2022-3429
+ RESERVED
+CVE-2022-3428
+ RESERVED
+CVE-2022-3427
+ RESERVED
+CVE-2022-3426
+ RESERVED
+CVE-2022-3425
+ RESERVED
+CVE-2022-3424
+ RESERVED
+CVE-2022-3423 (Denial of Service in GitHub repository nocodb/nocodb prior to 0.92.0. ...)
+ TODO: check
+CVE-2022-3422 (Account Takeover :: when see the info i can see the hash pass i can cr ...)
+ TODO: check
+CVE-2022-3421
+ RESERVED
+CVE-2022-3420
+ RESERVED
+CVE-2022-3419
+ RESERVED
CVE-2022-42468
RESERVED
CVE-2022-42467
@@ -804,8 +884,8 @@ CVE-2022-42094
RESERVED
CVE-2022-42093
RESERVED
-CVE-2022-42092
- RESERVED
+CVE-2022-42092 (Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'th ...)
+ TODO: check
CVE-2022-42091
RESERVED
CVE-2022-42090
@@ -838,12 +918,12 @@ CVE-2022-42077
RESERVED
CVE-2022-42076
RESERVED
-CVE-2022-42075
- RESERVED
-CVE-2022-42074
- RESERVED
-CVE-2022-42073
- RESERVED
+CVE-2022-42075 (Wedding Planner v1.0 is vulnerable to has arbitrary code execution. ...)
+ TODO: check
+CVE-2022-42074 (Online Diagnostic Lab Management System v1.0 is vulnerable to SQL Inje ...)
+ TODO: check
+CVE-2022-42073 (Online Diagnostic Lab Management System v1.0 is vulnerable to SQL Inje ...)
+ TODO: check
CVE-2022-42072
RESERVED
CVE-2022-42071
@@ -2257,14 +2337,14 @@ CVE-2022-41517 (TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contai
NOT-FOR-US: TOTOLINK
CVE-2022-41516
RESERVED
-CVE-2022-41515
- RESERVED
-CVE-2022-41514
- RESERVED
-CVE-2022-41513
- RESERVED
-CVE-2022-41512
- RESERVED
+CVE-2022-41515 (Open Source SACCO Management System v1.0 was discovered to contain a S ...)
+ TODO: check
+CVE-2022-41514 (Open Source SACCO Management System v1.0 was discovered to contain a S ...)
+ TODO: check
+CVE-2022-41513 (Online Diagnostic Lab Management System v1.0 was discovered to contain ...)
+ TODO: check
+CVE-2022-41512 (An arbitrary file upload vulnerability in the component /php_action/ed ...)
+ TODO: check
CVE-2022-41511
RESERVED
CVE-2022-41510
@@ -2461,8 +2541,8 @@ CVE-2022-41416
RESERVED
CVE-2022-41415
RESERVED
-CVE-2022-41414
- RESERVED
+CVE-2022-41414 (An insecure default in the component auth.login.prompt.enabled of Life ...)
+ TODO: check
CVE-2022-41413
RESERVED
CVE-2022-41412
@@ -2505,8 +2585,8 @@ CVE-2022-41394
RESERVED
CVE-2022-41393
RESERVED
-CVE-2022-41392
- RESERVED
+CVE-2022-41392 (A cross-site scripting (XSS) vulnerability in TotalJS commit 8c2c8909 ...)
+ TODO: check
CVE-2022-41391
RESERVED
CVE-2022-41390
@@ -2531,12 +2611,12 @@ CVE-2022-41381
RESERVED
CVE-2022-41380
RESERVED
-CVE-2022-41379
- RESERVED
-CVE-2022-41378
- RESERVED
-CVE-2022-41377
- RESERVED
+CVE-2022-41379 (An arbitrary file upload vulnerability in the component /leave_system/ ...)
+ TODO: check
+CVE-2022-41378 (Online Pet Shop We App v1.0 was discovered to contain a SQL injection ...)
+ TODO: check
+CVE-2022-41377 (Online Pet Shop We App v1.0 was discovered to contain a SQL injection ...)
+ TODO: check
CVE-2022-41376
RESERVED
CVE-2022-41375
@@ -2825,8 +2905,8 @@ CVE-2022-41293
RESERVED
CVE-2022-41292
RESERVED
-CVE-2022-41291
- RESERVED
+CVE-2022-41291 (IBM InfoSphere Information Server 11.7 does not invalidate session aft ...)
+ TODO: check
CVE-2022-41290
RESERVED
CVE-2022-41289
@@ -3762,8 +3842,8 @@ CVE-2022-40874
RESERVED
CVE-2022-40873
RESERVED
-CVE-2022-40872
- RESERVED
+CVE-2022-40872 (An SQL injection vulnerability issue was discovered in Sourcecodester ...)
+ TODO: check
CVE-2022-40871
RESERVED
CVE-2022-40870
@@ -3836,30 +3916,30 @@ CVE-2022-40837
RESERVED
CVE-2022-40836
RESERVED
-CVE-2022-40835
- RESERVED
-CVE-2022-40834
- RESERVED
-CVE-2022-40833
- RESERVED
-CVE-2022-40832
- RESERVED
-CVE-2022-40831
- RESERVED
-CVE-2022-40830
- RESERVED
-CVE-2022-40829
- RESERVED
-CVE-2022-40828
- RESERVED
-CVE-2022-40827
- RESERVED
-CVE-2022-40826
- RESERVED
-CVE-2022-40825
- RESERVED
-CVE-2022-40824
- RESERVED
+CVE-2022-40835 (B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to ...)
+ TODO: check
+CVE-2022-40834 (B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to ...)
+ TODO: check
+CVE-2022-40833 (B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to ...)
+ TODO: check
+CVE-2022-40832 (B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to ...)
+ TODO: check
+CVE-2022-40831 (B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to ...)
+ TODO: check
+CVE-2022-40830 (B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to ...)
+ TODO: check
+CVE-2022-40829 (B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to ...)
+ TODO: check
+CVE-2022-40828 (B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to ...)
+ TODO: check
+CVE-2022-40827 (B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to ...)
+ TODO: check
+CVE-2022-40826 (B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to ...)
+ TODO: check
+CVE-2022-40825 (B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to ...)
+ TODO: check
+CVE-2022-40824 (B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to ...)
+ TODO: check
CVE-2022-40823
RESERVED
CVE-2022-40822
@@ -5392,6 +5472,7 @@ CVE-2022-3164
CVE-2022-3163
RESERVED
CVE-2022-40188 (Knot Resolver before 5.5.3 allows remote attackers to cause a denial o ...)
+ {DLA-3139-1}
- knot-resolver 5.5.3-1
[bullseye] - knot-resolver <no-dsa> (Minor issue)
NOTE: https://github.com/CZ-NIC/knot-resolver/commit/f6577a20e493c7fbdac124d7544bf1846b084185 (v5.5.3)
@@ -6109,70 +6190,70 @@ CVE-2022-39880
RESERVED
CVE-2022-39879
RESERVED
-CVE-2022-39878
- RESERVED
-CVE-2022-39877
- RESERVED
-CVE-2022-39876
- RESERVED
-CVE-2022-39875
- RESERVED
-CVE-2022-39874
- RESERVED
-CVE-2022-39873
- RESERVED
-CVE-2022-39872
- RESERVED
-CVE-2022-39871
- RESERVED
-CVE-2022-39870
- RESERVED
-CVE-2022-39869
- RESERVED
-CVE-2022-39868
- RESERVED
-CVE-2022-39867
- RESERVED
-CVE-2022-39866
- RESERVED
-CVE-2022-39865
- RESERVED
-CVE-2022-39864
- RESERVED
-CVE-2022-39863
- RESERVED
-CVE-2022-39862
- RESERVED
-CVE-2022-39861
- RESERVED
-CVE-2022-39860
- RESERVED
-CVE-2022-39859
- RESERVED
-CVE-2022-39858
- RESERVED
-CVE-2022-39857
- RESERVED
-CVE-2022-39856
- RESERVED
-CVE-2022-39855
- RESERVED
-CVE-2022-39854
- RESERVED
-CVE-2022-39853
- RESERVED
-CVE-2022-39852
- RESERVED
-CVE-2022-39851
- RESERVED
-CVE-2022-39850
- RESERVED
-CVE-2022-39849
- RESERVED
-CVE-2022-39848
- RESERVED
-CVE-2022-39847
- RESERVED
+CVE-2022-39878 (Improper access control vulnerability in Samsung Checkout prior to ver ...)
+ TODO: check
+CVE-2022-39877 (Improper access control vulnerability in ProfileSharingAccount in Grou ...)
+ TODO: check
+CVE-2022-39876 (Insertion of Sensitive Information into Log in PushRegIdUpdateClient o ...)
+ TODO: check
+CVE-2022-39875 (Improper component protection vulnerability in Samsung Account prior t ...)
+ TODO: check
+CVE-2022-39874 (Sensitive log information leakage vulnerability in Samsung Account pri ...)
+ TODO: check
+CVE-2022-39873 (Improper authorization vulnerability in Samsung Internet prior to vers ...)
+ TODO: check
+CVE-2022-39872 (Improper restriction of broadcasting Intent in ShareLive prior to vers ...)
+ TODO: check
+CVE-2022-39871 (Improper access control vulnerability cloudNotificationManager.java in ...)
+ TODO: check
+CVE-2022-39870 (Improper access control vulnerability in cloudNotificationManager.java ...)
+ TODO: check
+CVE-2022-39869 (Improper access control vulnerability in cloudNotificationManager.java ...)
+ TODO: check
+CVE-2022-39868 (Improper access control vulnerability in GedSamsungAccount.kt SmartThi ...)
+ TODO: check
+CVE-2022-39867 (Improper access control vulnerability in cloudNotificationManager.java ...)
+ TODO: check
+CVE-2022-39866 (Improper access control vulnerability in RegisteredEventMediator.kt Sm ...)
+ TODO: check
+CVE-2022-39865 (Improper access control vulnerability in ContentsSharingActivity.java ...)
+ TODO: check
+CVE-2022-39864 (Improper access control vulnerability in WifiSetupLaunchHelper in Smar ...)
+ TODO: check
+CVE-2022-39863 (Intent redirection vulnerability in Samsung Account prior to version 1 ...)
+ TODO: check
+CVE-2022-39862 (Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Rel ...)
+ TODO: check
+CVE-2022-39861 (Unprotected Receiver in AtBroadcastReceiver in FactoryCamera prior to ...)
+ TODO: check
+CVE-2022-39860 (Improper access control vulnerability in QuickShare prior to version 1 ...)
+ TODO: check
+CVE-2022-39859 (Implicit intent hijacking vulnerability in UPHelper library prior to v ...)
+ TODO: check
+CVE-2022-39858 (Path traversal vulnerability in AtBroadcastReceiver in FactoryCamera p ...)
+ TODO: check
+CVE-2022-39857 (Improper access control vulnerability in CameraTestActivity in Factory ...)
+ TODO: check
+CVE-2022-39856 (Improper access control vulnerability in imsservice application prior ...)
+ TODO: check
+CVE-2022-39855 (Improper access control vulnerability in FACM application prior to SMR ...)
+ TODO: check
+CVE-2022-39854 (Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows un ...)
+ TODO: check
+CVE-2022-39853 (A use after free vulnerability in perf-mgr driver prior to SMR Oct-202 ...)
+ TODO: check
+CVE-2022-39852 (A heap-based overflow vulnerability in makeContactAGIF in libagifencod ...)
+ TODO: check
+CVE-2022-39851 (Improper access control vulnerability in CocktailBarService prior to S ...)
+ TODO: check
+CVE-2022-39850 (Improper access control in mum_container_policy service prior to SMR O ...)
+ TODO: check
+CVE-2022-39849 (Improper access control in knox_vpn_policy service prior to SMR Oct-20 ...)
+ TODO: check
+CVE-2022-39848 (Exposure of sensitive information in AT_Distributor prior to SMR Oct-2 ...)
+ TODO: check
+CVE-2022-39847 (Use after free vulnerability in set_nft_pid and signal_handler functio ...)
+ TODO: check
CVE-2022-39846 (DLL hijacking vulnerability in Smart Switch PC prior to version 4.3.22 ...)
NOT-FOR-US: Samstung
CVE-2022-39845 (Improper validation of integrity check vulnerability in Samsung Kies p ...)
@@ -11502,30 +11583,30 @@ CVE-2022-37898
RESERVED
CVE-2022-37897
RESERVED
-CVE-2022-37896
- RESERVED
-CVE-2022-37895
- RESERVED
-CVE-2022-37894
- RESERVED
-CVE-2022-37893
- RESERVED
-CVE-2022-37892
- RESERVED
-CVE-2022-37891
- RESERVED
-CVE-2022-37890
- RESERVED
-CVE-2022-37889
- RESERVED
+CVE-2022-37896 (A vulnerability in the Aruba InstantOS and ArubaOS 10 web management i ...)
+ TODO: check
+CVE-2022-37895 (An unauthenticated Denial of Service (DoS) vulnerability exists in the ...)
+ TODO: check
+CVE-2022-37894 (An unauthenticated Denial of Service (DoS) vulnerability exists in the ...)
+ TODO: check
+CVE-2022-37893 (An authenticated command injection vulnerability exists in the Aruba I ...)
+ TODO: check
+CVE-2022-37892 (A vulnerability in the Aruba InstantOS and ArubaOS 10 web management i ...)
+ TODO: check
+CVE-2022-37891 (Unauthenticated buffer overflow vulnerabilities exist within the Aruba ...)
+ TODO: check
+CVE-2022-37890 (Unauthenticated buffer overflow vulnerabilities exist within the Aruba ...)
+ TODO: check
+CVE-2022-37889 (There are buffer overflow vulnerabilities in multiple underlying servi ...)
+ TODO: check
CVE-2022-37888 (There are buffer overflow vulnerabilities in multiple underlying servi ...)
NOT-FOR-US: Aruba
-CVE-2022-37887
- RESERVED
-CVE-2022-37886
- RESERVED
-CVE-2022-37885
- RESERVED
+CVE-2022-37887 (There are buffer overflow vulnerabilities in multiple underlying servi ...)
+ TODO: check
+CVE-2022-37886 (There are buffer overflow vulnerabilities in multiple underlying servi ...)
+ TODO: check
+CVE-2022-37885 (There are buffer overflow vulnerabilities in multiple underlying servi ...)
+ TODO: check
CVE-2022-37884 (A vulnerability exists in the ClearPass Policy Manager Guest User Inte ...)
NOT-FOR-US: Aruba
CVE-2022-37883 (Vulnerabilities in the ClearPass Policy Manager web-based management i ...)
@@ -14201,8 +14282,8 @@ CVE-2022-36870 (Pending Intent hijacking vulnerability in MTransferNotificationM
NOT-FOR-US: Samsung
CVE-2022-36869 (Improper access control vulnerability in ContactsDumpActivity of?Conta ...)
NOT-FOR-US: Samsung
-CVE-2022-36868
- RESERVED
+CVE-2022-36868 (Improper restriction of broadcasting Intent in MouseNKeyHidDevice prio ...)
+ TODO: check
CVE-2022-36867 (Improper access control vulnerability in Editor Lite prior to version ...)
NOT-FOR-US: Samsung
CVE-2022-36866 (Improper access control vulnerability in Broadcaster in Group Sharing ...)
@@ -14377,8 +14458,8 @@ CVE-2022-36774 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vul
NOT-FOR-US: IBM
CVE-2022-36773 (IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to an XM ...)
NOT-FOR-US: IBM
-CVE-2022-36772
- RESERVED
+CVE-2022-36772 (IBM InfoSphere Information Server 11.7 could allow an authenticated us ...)
+ TODO: check
CVE-2022-36771 (IBM QRadar User Behavior Analytics could allow an authenticated user t ...)
NOT-FOR-US: IBM
CVE-2022-36770
@@ -18363,8 +18444,8 @@ CVE-2022-35232
RESERVED
CVE-2022-35231
RESERVED
-CVE-2022-33896
- RESERVED
+CVE-2022-33896 (A buffer underflow vulnerability exists in the way Hword of Hancom Off ...)
+ TODO: check
CVE-2022-2325 (The Invitation Based Registrations WordPress plugin through 2.2.84 doe ...)
NOT-FOR-US: WordPress plugin
CVE-2022-2324 (Improperly Implemented Security Check vulnerability in the SonicWall H ...)
@@ -21015,8 +21096,8 @@ CVE-2022-34310
RESERVED
CVE-2022-34309
RESERVED
-CVE-2022-34308
- RESERVED
+CVE-2022-34308 (IBM CICS TX 11.1 could allow a local user to cause a denial of service ...)
+ TODO: check
CVE-2022-34307 (IBM CICS TX 11.1 does not set the secure attribute on authorization to ...)
NOT-FOR-US: IBM
CVE-2022-34306 (IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTTP header in ...)
@@ -25238,16 +25319,16 @@ CVE-2022-32595
RESERVED
CVE-2022-32594
RESERVED
-CVE-2022-32593
- RESERVED
-CVE-2022-32592
- RESERVED
-CVE-2022-32591
- RESERVED
-CVE-2022-32590
- RESERVED
-CVE-2022-32589
- RESERVED
+CVE-2022-32593 (In vowe, there is a possible out of bounds write due to a missing boun ...)
+ TODO: check
+CVE-2022-32592 (In cpu dvfs, there is a possible out of bounds write due to a missing ...)
+ TODO: check
+CVE-2022-32591 (In ril, there is a possible system crash due to an incorrect bounds ch ...)
+ TODO: check
+CVE-2022-32590 (In wlan, there is a possible use after free due to an incorrect status ...)
+ TODO: check
+CVE-2022-32589 (In Wi-Fi driver, there is a possible way to disconnect Wi-Fi due to an ...)
+ TODO: check
CVE-2022-32569
RESERVED
CVE-2022-32568
@@ -29413,6 +29494,7 @@ CVE-2022-1797 (A malformed Class 3 common industrial protocol message with a cac
CVE-2022-31198 (OpenZeppelin Contracts is a library for secure smart contract developm ...)
NOT-FOR-US: OpenZeppelin
CVE-2022-31197 (PostgreSQL JDBC Driver (PgJDBC for short) allows Java programs to conn ...)
+ {DLA-3140-1}
- libpgjava 42.4.1-1 (bug #1016662)
[bullseye] - libpgjava <no-dsa> (Minor issue)
NOTE: https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2
@@ -31150,8 +31232,8 @@ CVE-2022-30615
RESERVED
CVE-2022-30614 (IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to a den ...)
NOT-FOR-US: IBM
-CVE-2022-30613
- RESERVED
+CVE-2022-30613 (IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a ...)
+ TODO: check
CVE-2022-30612
RESERVED
CVE-2022-30611 (IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerab ...)
@@ -43346,16 +43428,16 @@ CVE-2022-0865 (Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers t
NOTE: https://gitlab.com/libtiff/libtiff/-/commit/a1c933dabd0e1c54a412f3f84ae0aa58115c6067
CVE-2022-26476 (A vulnerability has been identified in Spectrum Power 4 (All versions ...)
NOT-FOR-US: Siemens
-CVE-2022-26475
- RESERVED
-CVE-2022-26474
- RESERVED
-CVE-2022-26473
- RESERVED
-CVE-2022-26472
- RESERVED
-CVE-2022-26471
- RESERVED
+CVE-2022-26475 (In wlan, there is a possible out of bounds write due to a missing boun ...)
+ TODO: check
+CVE-2022-26474 (In sensorhub, there is a possible out of bounds write due to an incorr ...)
+ TODO: check
+CVE-2022-26473 (In vdec fmt, there is a possible use after free due to improper lockin ...)
+ TODO: check
+CVE-2022-26472 (In ims, there is a possible escalation of privilege due to a parcel fo ...)
+ TODO: check
+CVE-2022-26471 (In telephony, there is a possible escalation of privilege due to a par ...)
+ TODO: check
CVE-2022-26470 (In aie, there is a possible out of bounds write due to an incorrect bo ...)
NOT-FOR-US: Mediatek
CVE-2022-26469 (In MtkEmail, there is a possible escalation of privilege due to fragme ...)
@@ -43392,8 +43474,8 @@ CVE-2022-26454 (In teei, there is a possible memory corruption due to an integer
NOT-FOR-US: Mediatek
CVE-2022-26453 (In teei, there is a possible memory corruption due to a use after free ...)
NOT-FOR-US: Mediatek
-CVE-2022-26452
- RESERVED
+CVE-2022-26452 (In isp, there is a possible use after free due to improper locking. Th ...)
+ TODO: check
CVE-2022-26451 (In ged, there is a possible use after free due to improper locking. Th ...)
NOT-FOR-US: Mediatek
CVE-2022-26450 (In apusys, there is a possible use after free due to a race condition. ...)
@@ -45337,11 +45419,11 @@ CVE-2022-25799 (An open redirect vulnerability exists in CERT/CC VINCE software
NOT-FOR-US: CERT/CC VINCE
CVE-2022-25798
RESERVED
-CVE-2022-25797 (A Memory Corruption Vulnerability in Autodesk TrueView 2022 and 2021 m ...)
+CVE-2022-25797 (A maliciously crafted PDF file in Autodesk AutoCAD 2022, 2021, 2020, 2 ...)
NOT-FOR-US: Autodesk
CVE-2022-25796 (A Double Free vulnerability allows remote malicious actors to execute ...)
NOT-FOR-US: Autodesk
-CVE-2022-25795 (A maliciously crafted PDF file can be used to dereference for a write ...)
+CVE-2022-25795 (A Memory Corruption Vulnerability in Autodesk TrueView 2022 and 2021 m ...)
NOT-FOR-US: Autodesk
CVE-2022-25794 (An Out-Of-Bounds Read Vulnerability in Autodesk FBX Review version 1.5 ...)
NOT-FOR-US: Autodesk
@@ -56891,8 +56973,8 @@ CVE-2022-22495 (IBM i 7.3, 7.4, and 7.5 is vulnerable to SQL injection. A remote
NOT-FOR-US: IBM
CVE-2022-22494 (IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14 could ...)
NOT-FOR-US: IBM
-CVE-2022-22493
- RESERVED
+CVE-2022-22493 (IBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2 is vulne ...)
+ TODO: check
CVE-2022-22492
RESERVED
CVE-2022-22491
@@ -56917,8 +56999,8 @@ CVE-2022-22482 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0
NOT-FOR-US: IBM
CVE-2022-22481 (IBM Navigator for i 7.2, 7.3, and 7.4 (heritage version) could allow a ...)
NOT-FOR-US: IBM
-CVE-2022-22480
- RESERVED
+CVE-2022-22480 (IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function co ...)
+ TODO: check
CVE-2022-22479 (IBM Spectrum Copy Data Management 2.2.0.0through 2.2.15.0 is vulnerabl ...)
NOT-FOR-US: IBM
CVE-2022-22478 (IBM Spectrum Protect Client 8.1.0.0 through 8.1.14.0 stores user crede ...)
@@ -61032,8 +61114,8 @@ CVE-2022-21938 (Under certain circumstances, a vulnerability in Metasys ADS/ADX/
NOT-FOR-US: Metasys
CVE-2022-21937 (Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 ...)
NOT-FOR-US: Metasys
-CVE-2022-21936
- RESERVED
+CVE-2022-21936 (On Metasys ADX Server version 12.0 running MVE, an Active Directory us ...)
+ TODO: check
CVE-2022-21935 (A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and ...)
NOT-FOR-US: Metasys
CVE-2022-21934 (Under certain circumstances an authenticated user could lock other use ...)
@@ -78417,16 +78499,16 @@ CVE-2021-40168
RESERVED
CVE-2021-40167 (A malicious crafted dwf or .pct file when consumed through DesignRevie ...)
NOT-FOR-US: Autodesk
-CVE-2021-40166
- RESERVED
-CVE-2021-40165
- RESERVED
-CVE-2021-40164
- RESERVED
-CVE-2021-40163
- RESERVED
-CVE-2021-40162
- RESERVED
+CVE-2021-40166 (A maliciously crafted PNG file in Autodesk Image Processing component ...)
+ TODO: check
+CVE-2021-40165 (A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image P ...)
+ TODO: check
+CVE-2021-40164 (A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA ...)
+ TODO: check
+CVE-2021-40163 (A Memory Corruption vulnerability may lead to code execution through m ...)
+ TODO: check
+CVE-2021-40162 (A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image P ...)
+ TODO: check
CVE-2021-40161 (A Memory Corruption vulnerability may lead to code execution through m ...)
NOT-FOR-US: Autodesk
CVE-2021-40160 (PDFTron prior to 9.0.7 version may be forced to read beyond allocated ...)
@@ -168620,8 +168702,8 @@ CVE-2020-15857
RESERVED
CVE-2020-15856
RESERVED
-CVE-2020-15855
- RESERVED
+CVE-2020-15855 (Two cross-site scripting vulnerabilities were fixed in Bodhi 5.6.1. ...)
+ TODO: check
CVE-2020-15854
RESERVED
CVE-2020-15853
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2aea3214e3450a02462c9c0e2c41a5e7a7ecc14d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2aea3214e3450a02462c9c0e2c41a5e7a7ecc14d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221007/c2ffbc75/attachment.htm>
More information about the debian-security-tracker-commits
mailing list