[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Sep 22 09:10:32 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2c9659f8 by security tracker role at 2022-09-22T08:10:21+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2022-41313
+ RESERVED
+CVE-2022-41312
+ RESERVED
+CVE-2022-41311
+ RESERVED
+CVE-2022-40691
+ RESERVED
+CVE-2022-40214
+ RESERVED
+CVE-2022-3265
+ RESERVED
+CVE-2022-3264
+ RESERVED
CVE-2022-41310
RESERVED
CVE-2022-41309
@@ -1235,8 +1249,8 @@ CVE-2022-40744
RESERVED
CVE-2022-40743
RESERVED
-CVE-2022-3233
- RESERVED
+CVE-2022-3233 (Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffwe ...)
+ TODO: check
CVE-2022-3232 (Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffwe ...)
- rdiffweb <itp> (bug #969974)
CVE-2022-3231 (Cross-site Scripting (XSS) - Stored in GitHub repository librenms/libr ...)
@@ -1390,8 +1404,8 @@ CVE-2022-40223
RESERVED
CVE-2022-40219 (Cross-Site Request Forgery (CSRF) vulnerability in SedLex FavIcon Swit ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-40217
- RESERVED
+CVE-2022-40217 (Authenticated (admin+) Arbitrary File Edit/Upload vulnerability in Xpl ...)
+ TODO: check
CVE-2022-40215
RESERVED
CVE-2022-40213
@@ -2592,8 +2606,8 @@ CVE-2022-40188
NOTE: https://www.knot-resolver.cz/2022-09-21-knot-resolver-5.5.3.html
CVE-2022-40187
RESERVED
-CVE-2022-40186
- RESERVED
+CVE-2022-40186 (An issue was discovered in HashiCorp Vault and Vault Enterprise before ...)
+ TODO: check
CVE-2022-40185
RESERVED
CVE-2022-40184
@@ -3091,8 +3105,8 @@ CVE-2022-39977
RESERVED
CVE-2022-39976
RESERVED
-CVE-2022-39975
- RESERVED
+CVE-2022-39975 (The Layout module in Liferay Portal v7.3.3 through v7.4.3.34, and Life ...)
+ TODO: check
CVE-2022-39974 (WASM3 v0.5.0 was discovered to contain a segmentation fault via the co ...)
NOT-FOR-US: WASM3
CVE-2022-39973
@@ -4698,8 +4712,8 @@ CVE-2022-39226
RESERVED
CVE-2022-39225
RESERVED
-CVE-2022-39224
- RESERVED
+CVE-2022-39224 (Arr-pm is an RPM reader/writer library written in Ruby. Versions prior ...)
+ TODO: check
CVE-2022-39223
RESERVED
CVE-2022-39222
@@ -4773,8 +4787,8 @@ CVE-2022-3095
RESERVED
CVE-2022-3094
RESERVED
-CVE-2022-39197
- RESERVED
+CVE-2022-39197 (An XSS (Cross Site Scripting) vulnerability was found in HelpSystems C ...)
+ TODO: check
CVE-2022-39196 (Blackboard Learn 1.10.1 allows remote authenticated users to read unin ...)
NOT-FOR-US: Blackboard Learn
CVE-2022-39195
@@ -6760,8 +6774,8 @@ CVE-2022-38514
RESERVED
CVE-2022-38513
RESERVED
-CVE-2022-38512
- RESERVED
+CVE-2022-38512 (The Translation module in Liferay Portal v7.4.3.12 through v7.4.3.36, ...)
+ TODO: check
CVE-2022-38511 (TOTOLINK A810R V5.9c.4050_B20190424 was discovered to contain a comman ...)
NOT-FOR-US: TOTOLINK
CVE-2022-38510 (Tenda_TX9pro V22.03.02.10 was discovered to contain a buffer overflow ...)
@@ -13724,10 +13738,10 @@ CVE-2022-35898
RESERVED
CVE-2022-35897
RESERVED
-CVE-2022-35896
- RESERVED
-CVE-2022-35895
- RESERVED
+CVE-2022-35896 (An issue SMM memory leak vulnerability in SMM driver (SMRAM was discov ...)
+ TODO: check
+CVE-2022-35895 (An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5. ...)
+ TODO: check
CVE-2022-35894
RESERVED
CVE-2022-35893
@@ -33147,18 +33161,18 @@ CVE-2022-28984
RESERVED
CVE-2022-28983
RESERVED
-CVE-2022-28982
- RESERVED
-CVE-2022-28981
- RESERVED
-CVE-2022-28980
- RESERVED
-CVE-2022-28979
- RESERVED
-CVE-2022-28978
- RESERVED
-CVE-2022-28977
- RESERVED
+CVE-2022-28982 (A cross-site scripting (XSS) vulnerability in Liferay Portal v7.3.3 th ...)
+ TODO: check
+CVE-2022-28981 (Path traversal vulnerability in the Hypermedia REST APIs module in Lif ...)
+ TODO: check
+CVE-2022-28980 (Multiple cross-site scripting (XSS) vulnerabilities in Liferay Portal ...)
+ TODO: check
+CVE-2022-28979 (Liferay Portal v7.1.0 through v7.4.2 and Liferay DXP v7.3 before servi ...)
+ TODO: check
+CVE-2022-28978 (Stored cross-site scripting (XSS) vulnerability in the Site module's u ...)
+ TODO: check
+CVE-2022-28977 (HtmlUtil.escapeRedirect in Liferay Portal 7.3.1 through 7.4.2, and Lif ...)
+ TODO: check
CVE-2022-28976
RESERVED
CVE-2022-28975
@@ -33559,8 +33573,8 @@ CVE-2022-28804
RESERVED
CVE-2022-28803 (In SilverStripe Framework through 2022-04-07, Stored XSS can occur in ...)
NOT-FOR-US: Silverstripe CMS
-CVE-2022-28802
- RESERVED
+CVE-2022-28802 (Code by Zapier before 2022-08-17 allowed intra-account privilege escal ...)
+ TODO: check
CVE-2022-28801
RESERVED
CVE-2022-28800
@@ -98374,8 +98388,8 @@ CVE-2021-31015
REJECTED
CVE-2021-31014
REJECTED
-CVE-2021-31013
- REJECTED
+CVE-2021-31013 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
+ TODO: check
CVE-2021-31012
REJECTED
CVE-2021-31011
@@ -98396,8 +98410,8 @@ CVE-2021-31004 (A race condition was addressed with improved locking. This issue
NOT-FOR-US: Apple
CVE-2021-31003
REJECTED
-CVE-2021-31002
- REJECTED
+CVE-2021-31002 (An out-of-bounds read was addressed with improved input validation. Th ...)
+ TODO: check
CVE-2021-31001 (An access issue was addressed with improved access restrictions. This ...)
NOT-FOR-US: Apple
CVE-2021-31000 (A permissions issue was addressed with improved validation. This issue ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c9659f890043101ce803a07a2c573f814bf33bd
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c9659f890043101ce803a07a2c573f814bf33bd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220922/29d84146/attachment.htm>
More information about the debian-security-tracker-commits
mailing list