[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Sep 9 09:10:26 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
57788dbe by security tracker role at 2022-09-09T08:10:16+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,149 @@
+CVE-2022-40307 (An issue was discovered in the Linux kernel through 5.19.8. drivers/fi ...)
+ TODO: check
+CVE-2022-40306
+ RESERVED
+CVE-2022-40305 (A Server-Side Request Forgery issue in Canto Cumulus through 11.1.3 al ...)
+ TODO: check
+CVE-2022-40304
+ RESERVED
+CVE-2022-40303
+ RESERVED
+CVE-2022-40302
+ RESERVED
+CVE-2022-40301
+ RESERVED
+CVE-2022-40300
+ RESERVED
+CVE-2022-40299 (In Singular before 4.3.1, a predictable /tmp pathname is used (e.g., b ...)
+ TODO: check
+CVE-2022-40298
+ RESERVED
+CVE-2022-40297 (UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be use ...)
+ TODO: check
+CVE-2022-40296
+ RESERVED
+CVE-2022-40295
+ RESERVED
+CVE-2022-40294
+ RESERVED
+CVE-2022-40293
+ RESERVED
+CVE-2022-40292
+ RESERVED
+CVE-2022-40291
+ RESERVED
+CVE-2022-40290
+ RESERVED
+CVE-2022-40289
+ RESERVED
+CVE-2022-40288
+ RESERVED
+CVE-2022-40287
+ RESERVED
+CVE-2022-40286
+ RESERVED
+CVE-2022-40285
+ RESERVED
+CVE-2022-40284
+ RESERVED
+CVE-2022-40283
+ RESERVED
+CVE-2022-40282
+ RESERVED
+CVE-2022-40281 (An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PR ...)
+ TODO: check
+CVE-2022-40280 (An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PR ...)
+ TODO: check
+CVE-2022-40279 (An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PR ...)
+ TODO: check
+CVE-2022-40278 (An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PR ...)
+ TODO: check
+CVE-2022-40277
+ RESERVED
+CVE-2022-40276
+ RESERVED
+CVE-2022-40275
+ RESERVED
+CVE-2022-40274
+ RESERVED
+CVE-2022-40273
+ RESERVED
+CVE-2022-40272
+ RESERVED
+CVE-2022-40271
+ RESERVED
+CVE-2022-40270
+ RESERVED
+CVE-2022-40269
+ RESERVED
+CVE-2022-40268
+ RESERVED
+CVE-2022-40267
+ RESERVED
+CVE-2022-40266
+ RESERVED
+CVE-2022-40265
+ RESERVED
+CVE-2022-40264
+ RESERVED
+CVE-2022-40263
+ RESERVED
+CVE-2022-40262
+ RESERVED
+CVE-2022-40261
+ RESERVED
+CVE-2022-40260
+ RESERVED
+CVE-2022-40259
+ RESERVED
+CVE-2022-40258
+ RESERVED
+CVE-2022-40257
+ RESERVED
+CVE-2022-40256
+ RESERVED
+CVE-2022-40255
+ RESERVED
+CVE-2022-40254
+ RESERVED
+CVE-2022-40253
+ RESERVED
+CVE-2022-40252
+ RESERVED
+CVE-2022-40251
+ RESERVED
+CVE-2022-40250
+ RESERVED
+CVE-2022-40249
+ RESERVED
+CVE-2022-40248
+ RESERVED
+CVE-2022-40247
+ RESERVED
+CVE-2022-40246
+ RESERVED
+CVE-2022-40245
+ RESERVED
+CVE-2022-40244
+ RESERVED
+CVE-2022-40243
+ RESERVED
+CVE-2022-40242
+ RESERVED
+CVE-2022-40241
+ RESERVED
+CVE-2022-40240
+ RESERVED
+CVE-2022-40239
+ RESERVED
+CVE-2022-40238
+ RESERVED
+CVE-2022-3169
+ RESERVED
+CVE-2022-3168
+ RESERVED
+CVE-2019-25076 (The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.1 ...)
+ TODO: check
CVE-2022-40237
RESERVED
CVE-2022-40236
@@ -86,8 +232,8 @@ CVE-2022-36299
RESERVED
CVE-2022-36295
RESERVED
-CVE-2022-3167
- RESERVED
+CVE-2022-3167 (Improper Restriction of Rendered UI Layers or Frames in GitHub reposit ...)
+ TODO: check
CVE-2022-3166
RESERVED
CVE-2022-3165
@@ -4212,8 +4358,8 @@ CVE-2022-38495
RESERVED
CVE-2022-38078 (Movable Type XMLRPC API provided by Six Apart Ltd. contains a command ...)
- movabletype-opensource <removed>
-CVE-2022-2925
- RESERVED
+CVE-2022-2925 (Cross-site Scripting (XSS) - Stored in GitHub repository appwrite/appw ...)
+ TODO: check
CVE-2022-2924
RESERVED
CVE-2022-2923 (NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.024 ...)
@@ -5053,16 +5199,16 @@ CVE-2022-38271
RESERVED
CVE-2022-38270
RESERVED
-CVE-2022-38269
- RESERVED
-CVE-2022-38268
- RESERVED
-CVE-2022-38267
- RESERVED
+CVE-2022-38269 (School Activity Updates with SMS Notification v1.0 was discovered to c ...)
+ TODO: check
+CVE-2022-38268 (School Activity Updates with SMS Notification v1.0 was discovered to c ...)
+ TODO: check
+CVE-2022-38267 (School Activity Updates with SMS Notification v1.0 was discovered to c ...)
+ TODO: check
CVE-2022-38266
RESERVED
-CVE-2022-38265
- RESERVED
+CVE-2022-38265 (Apartment Visitor Management System v1.0 was discovered to contain a S ...)
+ TODO: check
CVE-2022-38264
RESERVED
CVE-2022-38263
@@ -8964,7 +9110,7 @@ CVE-2022-36738
RESERVED
CVE-2022-36737
RESERVED
-CVE-2022-36736 (Jitsi-2.10.5550 was discovered to contain a vulnerability in its web U ...)
+CVE-2022-36736 (** DISPUTED ** Jitsi-2.10.5550 was discovered to contain a vulnerabili ...)
TODO: check
CVE-2022-36735 (Library Management System v1.0 was discovered to contain a SQL injecti ...)
NOT-FOR-US: Library Management System
@@ -10638,20 +10784,20 @@ CVE-2022-36102
RESERVED
CVE-2022-36101
RESERVED
-CVE-2022-36100
- RESERVED
-CVE-2022-36099
- RESERVED
-CVE-2022-36098
- RESERVED
-CVE-2022-36097
- RESERVED
-CVE-2022-36096
- RESERVED
-CVE-2022-36095
- RESERVED
-CVE-2022-36094
- RESERVED
+CVE-2022-36100 (XWiki Platform Applications Tag and XWiki Platform Tag UI are tag appl ...)
+ TODO: check
+CVE-2022-36099 (XWiki Platform Wiki UI Main Wiki is software for managing subwikis on ...)
+ TODO: check
+CVE-2022-36098 (XWiki Platform Mentions UI is a user interface for mentioning users in ...)
+ TODO: check
+CVE-2022-36097 (XWiki Platform Attachment UI provides a macro to easily upload and sel ...)
+ TODO: check
+CVE-2022-36096 (The XWiki Platform Index UI is an Index of all pages, attachments, orp ...)
+ TODO: check
+CVE-2022-36095 (XWiki Platform is a generic wiki platform. Prior to versions 13.10.5 a ...)
+ TODO: check
+CVE-2022-36094 (XWiki Platform Web Parent POM contains Web resources for the XWiki pla ...)
+ TODO: check
CVE-2022-36093 (XWiki Platform Web Templates are templates for XWiki Platform, a gener ...)
NOT-FOR-US: XWiki
CVE-2022-36092 (XWiki Platform Old Core is a core package for XWiki Platform, a generi ...)
@@ -10670,8 +10816,8 @@ CVE-2022-36086 (linked_list_allocator is an allocator usable for no_std systems.
TODO: check
CVE-2022-36085 (Open Policy Agent (OPA) is an open source, general-purpose policy engi ...)
TODO: check
-CVE-2022-36084
- RESERVED
+CVE-2022-36084 (cruddl is software for creating a GraphQL API for a database, using th ...)
+ TODO: check
CVE-2022-36083 (JOSE is "JSON Web Almost Everything" - JWA, JWS, JWE, JWT, JWK, JWKS w ...)
TODO: check
CVE-2022-36082 (mangadex-downloader is a command-line tool to download manga from Mang ...)
@@ -39216,8 +39362,8 @@ CVE-2022-25767 (All versions of package com.bstek.ureport:ureport2-console are v
NOT-FOR-US: youseries/ureport
CVE-2022-25766 (The package ungit before 1.5.20 are vulnerable to Remote Code Executio ...)
NOT-FOR-US: NodeJS ungit
-CVE-2022-25765
- RESERVED
+CVE-2022-25765 (The package pdfkit from 0.0.0 are vulnerable to Command Injection wher ...)
+ TODO: check
CVE-2022-25764
RESERVED
CVE-2022-25761 (The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57788dbeb135c9731b9dd887a495cc31a36f65a9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57788dbeb135c9731b9dd887a495cc31a36f65a9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220909/1d4c9e39/attachment.htm>
More information about the debian-security-tracker-commits
mailing list