[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Oct 19 09:10:42 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b679747d by security tracker role at 2022-10-19T08:10:33+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,85 @@
+CVE-2022-43435
+ RESERVED
+CVE-2022-43434
+ RESERVED
+CVE-2022-43433
+ RESERVED
+CVE-2022-43432
+ RESERVED
+CVE-2022-43431
+ RESERVED
+CVE-2022-43430
+ RESERVED
+CVE-2022-43429
+ RESERVED
+CVE-2022-43428
+ RESERVED
+CVE-2022-43427
+ RESERVED
+CVE-2022-43426
+ RESERVED
+CVE-2022-43425
+ RESERVED
+CVE-2022-43424
+ RESERVED
+CVE-2022-43423
+ RESERVED
+CVE-2022-43422
+ RESERVED
+CVE-2022-43421
+ RESERVED
+CVE-2022-43420
+ RESERVED
+CVE-2022-43419
+ RESERVED
+CVE-2022-43418
+ RESERVED
+CVE-2022-43417
+ RESERVED
+CVE-2022-43416
+ RESERVED
+CVE-2022-43415
+ RESERVED
+CVE-2022-43414
+ RESERVED
+CVE-2022-43413
+ RESERVED
+CVE-2022-43412
+ RESERVED
+CVE-2022-43411
+ RESERVED
+CVE-2022-43410
+ RESERVED
+CVE-2022-43409
+ RESERVED
+CVE-2022-43408
+ RESERVED
+CVE-2022-43407
+ RESERVED
+CVE-2022-43406
+ RESERVED
+CVE-2022-43405
+ RESERVED
+CVE-2022-43404
+ RESERVED
+CVE-2022-43403
+ RESERVED
+CVE-2022-43402
+ RESERVED
+CVE-2022-43401
+ RESERVED
+CVE-2022-43400
+ RESERVED
+CVE-2022-3596
+ RESERVED
+CVE-2022-3595 (A vulnerability was found in Linux Kernel. It has been rated as proble ...)
+ TODO: check
+CVE-2022-3594 (A vulnerability was found in Linux Kernel. It has been declared as pro ...)
+ TODO: check
+CVE-2022-3593 (A vulnerability was found in Linux Kernel. It has been classified as p ...)
+ TODO: check
+CVE-2022-3592
+ RESERVED
CVE-2022-43399
RESERVED
CVE-2022-43398
@@ -2910,8 +2992,8 @@ CVE-2022-42220
RESERVED
CVE-2022-42219
RESERVED
-CVE-2022-42218
- RESERVED
+CVE-2022-42218 (Open Source SACCO Management System v1.0 vulnerable to SQL Injection v ...)
+ TODO: check
CVE-2022-42217
RESERVED
CVE-2022-42216
@@ -2970,8 +3052,8 @@ CVE-2022-42190
RESERVED
CVE-2022-42189
RESERVED
-CVE-2022-42188
- RESERVED
+CVE-2022-42188 (In Lavalite 9.0.0, the XSRF-TOKEN cookie is vulnerable to path travers ...)
+ TODO: check
CVE-2022-42187
RESERVED
CVE-2022-42186
@@ -3112,18 +3194,18 @@ CVE-2022-42119
RESERVED
CVE-2022-42118
RESERVED
-CVE-2022-42117
- RESERVED
-CVE-2022-42116
- RESERVED
-CVE-2022-42115
- RESERVED
-CVE-2022-42114
- RESERVED
-CVE-2022-42113
- RESERVED
-CVE-2022-42112
- RESERVED
+CVE-2022-42117 (A Cross-site scripting (XSS) vulnerability in the Frontend Taglib modu ...)
+ TODO: check
+CVE-2022-42116 (A Cross-site scripting (XSS) vulnerability in the Frontend Editor modu ...)
+ TODO: check
+CVE-2022-42115 (Cross-site scripting (XSS) vulnerability in the Object module's edit o ...)
+ TODO: check
+CVE-2022-42114 (A Cross-site scripting (XSS) vulnerability in the Role module's edit r ...)
+ TODO: check
+CVE-2022-42113 (A Cross-site scripting (XSS) vulnerability in Document Library module ...)
+ TODO: check
+CVE-2022-42112 (A Cross-site scripting (XSS) vulnerability in the Portal Search module ...)
+ TODO: check
CVE-2022-42111
RESERVED
CVE-2022-42110
@@ -4660,8 +4742,8 @@ CVE-2022-41502
RESERVED
CVE-2022-41501
RESERVED
-CVE-2022-41500
- RESERVED
+CVE-2022-41500 (EyouCMS V1.5.9 was discovered to contain multiple Cross-Site Request F ...)
+ TODO: check
CVE-2022-41499
RESERVED
CVE-2022-41498 (Billing System Project v1.0 was discovered to contain a SQL injection ...)
@@ -7163,7 +7245,7 @@ CVE-2022-40471
RESERVED
CVE-2022-40470
RESERVED
-CVE-2022-40469 (iKuai8 v3.6.7 was discovered to contain an authenticated remote code e ...)
+CVE-2022-40469 (iKuai OS v3.6.7 was discovered to contain an authenticated remote code ...)
NOT-FOR-US: iKuai8
CVE-2022-40468 (Potential leak of left-over heap data if custom error page templates c ...)
- tinyproxy 1.11.1-2 (bug #1021015)
@@ -9502,30 +9584,30 @@ CVE-2022-39430
RESERVED
CVE-2022-39429
RESERVED
-CVE-2022-39428
- RESERVED
-CVE-2022-39427
- RESERVED
-CVE-2022-39426
- RESERVED
-CVE-2022-39425
- RESERVED
-CVE-2022-39424
- RESERVED
-CVE-2022-39423
- RESERVED
-CVE-2022-39422
- RESERVED
-CVE-2022-39421
- RESERVED
-CVE-2022-39420
- RESERVED
-CVE-2022-39419
- RESERVED
+CVE-2022-39428 (Vulnerability in the Oracle Web Applications Desktop Integrator produc ...)
+ TODO: check
+CVE-2022-39427 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2022-39426 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2022-39425 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2022-39424 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2022-39423 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2022-39422 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2022-39421 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2022-39420 (Vulnerability in the Oracle Transportation Management product of Oracl ...)
+ TODO: check
+CVE-2022-39419 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
+ TODO: check
CVE-2022-39418
RESERVED
-CVE-2022-39417
- RESERVED
+CVE-2022-39417 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
CVE-2022-39416
RESERVED
CVE-2022-39415
@@ -9534,34 +9616,34 @@ CVE-2022-39414
RESERVED
CVE-2022-39413
RESERVED
-CVE-2022-39412
- RESERVED
-CVE-2022-39411
- RESERVED
-CVE-2022-39410
- RESERVED
-CVE-2022-39409
- RESERVED
-CVE-2022-39408
- RESERVED
-CVE-2022-39407
- RESERVED
-CVE-2022-39406
- RESERVED
-CVE-2022-39405
- RESERVED
-CVE-2022-39404
- RESERVED
-CVE-2022-39403
- RESERVED
-CVE-2022-39402
- RESERVED
-CVE-2022-39401
- RESERVED
-CVE-2022-39400
- RESERVED
-CVE-2022-39399
- RESERVED
+CVE-2022-39412 (Vulnerability in the Oracle Access Manager product of Oracle Fusion Mi ...)
+ TODO: check
+CVE-2022-39411 (Vulnerability in the Oracle Transportation Management product of Oracl ...)
+ TODO: check
+CVE-2022-39410 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-39409 (Vulnerability in the Oracle Transportation Management product of Oracl ...)
+ TODO: check
+CVE-2022-39408 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-39407 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2022-39406 (Vulnerability in the PeopleSoft Enterprise Common Components product o ...)
+ TODO: check
+CVE-2022-39405 (Vulnerability in the Oracle Access Manager product of Oracle Fusion Mi ...)
+ TODO: check
+CVE-2022-39404 (Vulnerability in the MySQL Installer product of Oracle MySQL (componen ...)
+ TODO: check
+CVE-2022-39403 (Vulnerability in the MySQL Shell product of Oracle MySQL (component: S ...)
+ TODO: check
+CVE-2022-39402 (Vulnerability in the MySQL Shell product of Oracle MySQL (component: S ...)
+ TODO: check
+CVE-2022-39401 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2022-39400 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-39399 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
+ TODO: check
CVE-2022-39398
RESERVED
CVE-2022-39397
@@ -10032,8 +10114,7 @@ CVE-2022-39200 (Dendrite is a Matrix homeserver written in Go. In affected versi
NOT-FOR-US: Dendrite
CVE-2022-39199
RESERVED
-CVE-2022-39198
- RESERVED
+CVE-2022-39198 (A deserialization vulnerability existed in dubbo hessian-lite 3.2.12 a ...)
NOT-FOR-US: Apache Dubbo
CVE-2022-3099 (Use After Free in GitHub repository vim/vim prior to 9.0.0360. ...)
- vim 2:9.0.0626-1 (bug #1019590)
@@ -10855,8 +10936,8 @@ CVE-2022-38903
RESERVED
CVE-2022-38902 (A Cross-site scripting (XSS) vulnerability in the Blog module - add ne ...)
NOT-FOR-US: Liferay
-CVE-2022-38901
- RESERVED
+CVE-2022-38901 (A Cross-site scripting (XSS) vulnerability in the Document and Media m ...)
+ TODO: check
CVE-2022-38900
RESERVED
CVE-2022-38899
@@ -68321,116 +68402,116 @@ CVE-2021-3962 (A flaw was found in ImageMagick where it did not properly sanitiz
- imagemagick <not-affected> (Specific to 7.x)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/4446
NOTE: https://github.com/ImageMagick/ImageMagick/commit/82775af03bbb10a0a1d0e15c0156c75673b4525e
-CVE-2022-21641
- RESERVED
-CVE-2022-21640
- RESERVED
-CVE-2022-21639
- RESERVED
-CVE-2022-21638
- RESERVED
-CVE-2022-21637
- RESERVED
-CVE-2022-21636
- RESERVED
-CVE-2022-21635
- RESERVED
-CVE-2022-21634
- RESERVED
-CVE-2022-21633
- RESERVED
-CVE-2022-21632
- RESERVED
-CVE-2022-21631
- RESERVED
-CVE-2022-21630
- RESERVED
-CVE-2022-21629
- RESERVED
-CVE-2022-21628
- RESERVED
-CVE-2022-21627
- RESERVED
-CVE-2022-21626
- RESERVED
-CVE-2022-21625
- RESERVED
-CVE-2022-21624
- RESERVED
-CVE-2022-21623
- RESERVED
-CVE-2022-21622
- RESERVED
-CVE-2022-21621
- RESERVED
-CVE-2022-21620
- RESERVED
-CVE-2022-21619
- RESERVED
-CVE-2022-21618
- RESERVED
-CVE-2022-21617
- RESERVED
-CVE-2022-21616
- RESERVED
-CVE-2022-21615
- RESERVED
-CVE-2022-21614
- RESERVED
-CVE-2022-21613
- RESERVED
-CVE-2022-21612
- RESERVED
-CVE-2022-21611
- RESERVED
-CVE-2022-21610
- RESERVED
-CVE-2022-21609
- RESERVED
-CVE-2022-21608
- RESERVED
-CVE-2022-21607
- RESERVED
-CVE-2022-21606
- RESERVED
-CVE-2022-21605
- RESERVED
-CVE-2022-21604
- RESERVED
-CVE-2022-21603
- RESERVED
-CVE-2022-21602
- RESERVED
-CVE-2022-21601
- RESERVED
-CVE-2022-21600
- RESERVED
-CVE-2022-21599
- RESERVED
-CVE-2022-21598
- RESERVED
-CVE-2022-21597
- RESERVED
-CVE-2022-21596
- RESERVED
-CVE-2022-21595
- RESERVED
-CVE-2022-21594
- RESERVED
-CVE-2022-21593
- RESERVED
-CVE-2022-21592
- RESERVED
-CVE-2022-21591
- RESERVED
-CVE-2022-21590
- RESERVED
-CVE-2022-21589
- RESERVED
+CVE-2022-21641 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21640 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21639 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2022-21638 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21637 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21636 (Vulnerability in the Oracle Applications Framework product of Oracle E ...)
+ TODO: check
+CVE-2022-21635 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21634 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
+ TODO: check
+CVE-2022-21633 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21632 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21631 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
+ TODO: check
+CVE-2022-21630 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
+ TODO: check
+CVE-2022-21629 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
+ TODO: check
+CVE-2022-21628 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
+ TODO: check
+CVE-2022-21627 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2022-21626 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
+ TODO: check
+CVE-2022-21625 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21624 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
+ TODO: check
+CVE-2022-21623 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2022-21622 (Vulnerability in the Oracle SOA Suite product of Oracle Fusion Middlew ...)
+ TODO: check
+CVE-2022-21621 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2022-21620 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
+ TODO: check
+CVE-2022-21619 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
+ TODO: check
+CVE-2022-21618 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
+ TODO: check
+CVE-2022-21617 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21616 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2022-21615 (Vulnerability in the Oracle Enterprise Data Quality product of Oracle ...)
+ TODO: check
+CVE-2022-21614 (Vulnerability in the Oracle Enterprise Data Quality product of Oracle ...)
+ TODO: check
+CVE-2022-21613 (Vulnerability in the Oracle Enterprise Data Quality product of Oracle ...)
+ TODO: check
+CVE-2022-21612 (Vulnerability in the Oracle Enterprise Data Quality product of Oracle ...)
+ TODO: check
+CVE-2022-21611 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21610 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2022-21609 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+ TODO: check
+CVE-2022-21608 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21607 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21606 (Vulnerability in the Oracle Services for Microsoft Transaction Server ...)
+ TODO: check
+CVE-2022-21605 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21604 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21603 (Vulnerability in the Oracle Database - Sharding component of Oracle Da ...)
+ TODO: check
+CVE-2022-21602 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2022-21601 (Vulnerability in the Oracle Communications Billing and Revenue Managem ...)
+ TODO: check
+CVE-2022-21600 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21599 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21598 (Vulnerability in the Siebel Core - DB Deployment and Configuration pro ...)
+ TODO: check
+CVE-2022-21597 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
+ TODO: check
+CVE-2022-21596 (Vulnerability in the Oracle Database - Advanced Queuing component of O ...)
+ TODO: check
+CVE-2022-21595 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21594 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21593 (Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middl ...)
+ TODO: check
+CVE-2022-21592 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
+CVE-2022-21591 (Vulnerability in the Oracle Transportation Management product of Oracl ...)
+ TODO: check
+CVE-2022-21590 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
+ TODO: check
+CVE-2022-21589 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
CVE-2022-21588
RESERVED
-CVE-2022-21587
- RESERVED
+CVE-2022-21587 (Vulnerability in the Oracle Web Applications Desktop Integrator produc ...)
+ TODO: check
CVE-2022-21586 (Vulnerability in the Oracle Banking Trade Finance product of Oracle Fi ...)
NOT-FOR-US: Oracle
CVE-2022-21585 (Vulnerability in the Oracle Banking Trade Finance product of Oracle Fi ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b679747da71b8b894175598fdf8a09238a9dd86e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b679747da71b8b894175598fdf8a09238a9dd86e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221019/37968d4e/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list