[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Sep 13 09:10:29 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
48b5b24a by security tracker role at 2022-09-13T08:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,73 @@
+CVE-2022-40630
+ RESERVED
+CVE-2022-40629
+ RESERVED
+CVE-2022-40628
+ RESERVED
+CVE-2022-40627
+ RESERVED
+CVE-2022-40626
+ RESERVED
+CVE-2022-40625
+ RESERVED
+CVE-2022-40624
+ RESERVED
+CVE-2022-40623
+ RESERVED
+CVE-2022-40622
+ RESERVED
+CVE-2022-40621
+ RESERVED
+CVE-2022-40620
+ RESERVED
+CVE-2022-40619
+ RESERVED
+CVE-2022-40618
+ RESERVED
+CVE-2022-40617
+ RESERVED
+CVE-2022-40616
+ RESERVED
+CVE-2022-40615
+ RESERVED
+CVE-2022-40614
+ RESERVED
+CVE-2022-40613
+ RESERVED
+CVE-2022-40612
+ RESERVED
+CVE-2022-40611
+ RESERVED
+CVE-2022-40610
+ RESERVED
+CVE-2022-40609
+ RESERVED
+CVE-2022-40608
+ RESERVED
+CVE-2022-40607
+ RESERVED
+CVE-2022-3192
+ RESERVED
+CVE-2022-3191
+ RESERVED
+CVE-2022-3190
+ RESERVED
+CVE-2022-3189
+ RESERVED
+CVE-2022-3188
+ RESERVED
+CVE-2022-3187
+ RESERVED
+CVE-2022-3186
+ RESERVED
+CVE-2022-3185
+ RESERVED
+CVE-2022-3184
+ RESERVED
+CVE-2022-3183
+ RESERVED
+CVE-2022-3182
+ RESERVED
CVE-2022-40606
RESERVED
CVE-2022-40605
@@ -849,8 +919,8 @@ CVE-2022-38139
RESERVED
CVE-2022-38137
RESERVED
-CVE-2022-38135
- RESERVED
+CVE-2022-38135 (Broken Access Control vulnerability in Dean Oakley's Photospace Galler ...)
+ TODO: check
CVE-2022-38134
RESERVED
CVE-2022-38098
@@ -3016,8 +3086,8 @@ CVE-2022-39202
RESERVED
CVE-2022-39201
RESERVED
-CVE-2022-39200
- RESERVED
+CVE-2022-39200 (Dendrite is a Matrix homeserver written in Go. In affected versions ev ...)
+ TODO: check
CVE-2022-39199
RESERVED
CVE-2022-39198
@@ -4385,8 +4455,8 @@ CVE-2022-2980 (NULL Pointer Dereference in GitHub repository vim/vim prior to 9.
NOTE: https://huntr.dev/bounties/6e7b12a5-242c-453d-b39e-9625d563b0ea
NOTE: https://github.com/vim/vim/commit/80525751c5ce9ed82c41d83faf9ef38667bf61b1 (9.0.0259)
NOTE: Crash in CLI tool, no security impact
-CVE-2022-2979
- RESERVED
+CVE-2022-2979 (Opening a specially crafted file could cause the affected product to f ...)
+ TODO: check
CVE-2022-2978 (A flaw use after free in the Linux kernel NILFS file system was found ...)
- linux <unfixed>
NOTE: https://lore.kernel.org/linux-fsdevel/20220816040859.659129-1-dzm91@hust.edu.cn/T/#u
@@ -4765,18 +4835,18 @@ CVE-2022-38612
RESERVED
CVE-2022-38611
RESERVED
-CVE-2022-38610
- RESERVED
+CVE-2022-38610 (Garage Management System v1.0 was discovered to contain a SQL injectio ...)
+ TODO: check
CVE-2022-38609
RESERVED
CVE-2022-38608
RESERVED
CVE-2022-38607
RESERVED
-CVE-2022-38606
- RESERVED
-CVE-2022-38605
- RESERVED
+CVE-2022-38606 (Garage Management System v1.0 was discovered to contain a SQL injectio ...)
+ TODO: check
+CVE-2022-38605 (Church Management System v1.0 was discovered to contain a SQL injectio ...)
+ TODO: check
CVE-2022-38604
RESERVED
CVE-2022-38603
@@ -5781,34 +5851,34 @@ CVE-2022-2818 (Authentication Bypass by Primary Weakness in GitHub repository co
NOT-FOR-US: Cockpit-HQ/Cockpit
CVE-2022-38305
RESERVED
-CVE-2022-38304
- RESERVED
-CVE-2022-38303
- RESERVED
-CVE-2022-38302
- RESERVED
+CVE-2022-38304 (Online Leave Management System v1.0 was discovered to contain a SQL in ...)
+ TODO: check
+CVE-2022-38303 (Online Leave Management System v1.0 was discovered to contain a SQL in ...)
+ TODO: check
+CVE-2022-38302 (Online Leave Management System v1.0 was discovered to contain a SQL in ...)
+ TODO: check
CVE-2022-38301
RESERVED
CVE-2022-38300
RESERVED
-CVE-2022-38299
- RESERVED
-CVE-2022-38298
- RESERVED
-CVE-2022-38297
- RESERVED
-CVE-2022-38296
- RESERVED
-CVE-2022-38295
- RESERVED
+CVE-2022-38299 (An issue in the Elasticsearch plugin of Appsmith v1.7.11 allows attack ...)
+ TODO: check
+CVE-2022-38298 (Appsmith v1.7.11 was discovered to allow attackers to execute an authe ...)
+ TODO: check
+CVE-2022-38297 (UCMS v1.6.0 contains an authentication bypass vulnerability which is e ...)
+ TODO: check
+CVE-2022-38296 (Cuppa CMS v1.0 was discovered to contain an arbitrary file upload vuln ...)
+ TODO: check
+CVE-2022-38295 (Cuppa CMS v1.0 was discovered to contain a cross-site scripting vulner ...)
+ TODO: check
CVE-2022-38294
RESERVED
CVE-2022-38293
RESERVED
-CVE-2022-38292
- RESERVED
-CVE-2022-38291
- RESERVED
+CVE-2022-38292 (SLiMS Senayan Library Management System v9.4.2 was discovered to conta ...)
+ TODO: check
+CVE-2022-38291 (SLiMS Senayan Library Management System v9.4.2 was discovered to conta ...)
+ TODO: check
CVE-2022-38290
RESERVED
CVE-2022-38289
@@ -11223,10 +11293,10 @@ CVE-2022-36176
RESERVED
CVE-2022-36175
RESERVED
-CVE-2022-36174
- RESERVED
-CVE-2022-36173
- RESERVED
+CVE-2022-36174 (FreshService Windows Agent < 2.11.0 and FreshService macOS Agent &l ...)
+ TODO: check
+CVE-2022-36173 (FreshService macOS Agent < 4.4.0 and FreshServce Linux Agent < 3 ...)
+ TODO: check
CVE-2022-36172
RESERVED
CVE-2022-36171 (MapGIS IGServer 10.5.6.11 is vulnerable to Arbitrary file deletion. ...)
@@ -11441,10 +11511,10 @@ CVE-2022-36104
RESERVED
CVE-2022-36103
RESERVED
-CVE-2022-36102
- RESERVED
-CVE-2022-36101
- RESERVED
+CVE-2022-36102 (Shopware is an open source e-commerce software. In affected versions i ...)
+ TODO: check
+CVE-2022-36101 (Shopware is an open source e-commerce software. In affected versions t ...)
+ TODO: check
CVE-2022-36100 (XWiki Platform Applications Tag and XWiki Platform Tag UI are tag appl ...)
NOT-FOR-US: XWiki
CVE-2022-36099 (XWiki Platform Wiki UI Main Wiki is software for managing subwikis on ...)
@@ -12723,8 +12793,8 @@ CVE-2022-35574
RESERVED
CVE-2022-35573
RESERVED
-CVE-2022-35572
- RESERVED
+CVE-2022-35572 (On Linksys E5350 WiFi Router with firmware version 1.0.00.037 and lowe ...)
+ TODO: check
CVE-2022-35571
RESERVED
CVE-2022-35570
@@ -28364,8 +28434,8 @@ CVE-2022-29909
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-29909
CVE-2022-29492
RESERVED
-CVE-2022-29490
- RESERVED
+CVE-2022-29490 (Improper Authorization vulnerability exists in the Workplace X WebUI o ...)
+ TODO: check
CVE-2022-1543 (Improper handling of Length parameter in GitHub repository erudika/sco ...)
NOT-FOR-US: scoold
CVE-2022-1542 (The HPB Dashboard WordPress plugin through 1.3.1 does not sanitise and ...)
@@ -58634,10 +58704,10 @@ CVE-2021-44428 (Pinkie 2.15 allows remote attackers to cause a denial of service
NOT-FOR-US: Pinkie
CVE-2021-44427 (An unauthenticated SQL Injection vulnerability in Rosario Student Info ...)
NOT-FOR-US: Rosario Student Information System
-CVE-2021-44426
- RESERVED
-CVE-2021-44425
- RESERVED
+CVE-2021-44426 (An issue was discovered in AnyDesk before 6.2.6 and 6.3.x before 6.3.5 ...)
+ TODO: check
+CVE-2021-44425 (An issue was discovered in AnyDesk before 6.2.6 and 6.3.x before 6.3.3 ...)
+ TODO: check
CVE-2021-44424
RESERVED
CVE-2021-44423 (An out-of-bounds read vulnerability exists when reading a BMP file usi ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48b5b24acd37bd143149e34d9d5ba736161a8837
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48b5b24acd37bd143149e34d9d5ba736161a8837
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220913/0421d645/attachment.htm>
More information about the debian-security-tracker-commits
mailing list