[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Apr 4 09:10:27 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
378f4a3a by security tracker role at 2023-04-04T08:10:16+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,81 @@
+CVE-2023-29233
+ RESERVED
+CVE-2023-29232
+ RESERVED
+CVE-2023-29231
+ RESERVED
+CVE-2023-29230
+ RESERVED
+CVE-2023-29229
+ RESERVED
+CVE-2023-29228
+ RESERVED
+CVE-2023-29227
+ RESERVED
+CVE-2023-29226
+ RESERVED
+CVE-2023-29225
+ RESERVED
+CVE-2023-29224
+ RESERVED
+CVE-2023-29223
+ RESERVED
+CVE-2023-29222
+ RESERVED
+CVE-2023-29221
+ RESERVED
+CVE-2023-29220
+ RESERVED
+CVE-2023-29219
+ RESERVED
+CVE-2023-29218 (The Twitter Recommendation Algorithm through ec83d01 allows attackers ...)
+ TODO: check
+CVE-2023-29217
+ RESERVED
+CVE-2023-29169
+ RESERVED
+CVE-2023-29150
+ RESERVED
+CVE-2023-28716
+ RESERVED
+CVE-2023-28400
+ RESERVED
+CVE-2023-28384
+ RESERVED
+CVE-2023-1824
+ RESERVED
+CVE-2023-1823
+ RESERVED
+CVE-2023-1822
+ RESERVED
+CVE-2023-1821
+ RESERVED
+CVE-2023-1820
+ RESERVED
+CVE-2023-1819
+ RESERVED
+CVE-2023-1818
+ RESERVED
+CVE-2023-1817
+ RESERVED
+CVE-2023-1816
+ RESERVED
+CVE-2023-1815
+ RESERVED
+CVE-2023-1814
+ RESERVED
+CVE-2023-1813
+ RESERVED
+CVE-2023-1812
+ RESERVED
+CVE-2023-1811
+ RESERVED
+CVE-2023-1810
+ RESERVED
+CVE-2023-1809
+ RESERVED
+CVE-2023-1808
+ RESERVED
CVE-2023-29216
RESERVED
CVE-2023-29215
@@ -312,8 +390,8 @@ CVE-2023-1770 (A vulnerability has been found in SourceCodester Grade Point Aver
NOT-FOR-US: SourceCodester Grade Point Average GPA Calculator
CVE-2023-1769 (A vulnerability, which was classified as problematic, was found in Sou ...)
NOT-FOR-US: SourceCodester Grade Point Average GPA Calculator
-CVE-2023-1768
- RESERVED
+CVE-2023-1768 (Inappropriate error handling in Tribe29 Checkmk <= 2.1.0p25, <= ...)
+ TODO: check
CVE-2023-1767
RESERVED
CVE-2023-1766 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -1375,8 +1453,7 @@ CVE-2023-1613 (A vulnerability has been found in Rebuild up to 3.2.3 and classif
NOT-FOR-US: Rebuild
CVE-2023-1612 (A vulnerability, which was classified as critical, was found in Rebuil ...)
NOT-FOR-US: Rebuild
-CVE-2023-1611
- RESERVED
+CVE-2023-1611 (A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree ...)
- linux <unfixed>
NOTE: https://lore.kernel.org/linux-btrfs/35b9a70650ea947387cf352914a8774b4f7e8a6f.1679481128.git.fdmanana@suse.com/
CVE-2023-1610 (A vulnerability, which was classified as critical, has been found in R ...)
@@ -1518,8 +1595,8 @@ CVE-2023-1581
RESERVED
CVE-2023-1580 (Uncontrolled resource consumption in the logging feature in Devolution ...)
NOT-FOR-US: Devolutions
-CVE-2023-1579
- RESERVED
+CVE-2023-1579 (Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. ...)
+ TODO: check
CVE-2023-1578 (SQL Injection in GitHub repository pimcore/pimcore prior to 10.5.19. ...)
NOT-FOR-US: pimcore
CVE-2023-1577
@@ -6904,8 +6981,8 @@ CVE-2023-26978
RESERVED
CVE-2023-26977
RESERVED
-CVE-2023-26976
- RESERVED
+CVE-2023-26976 (Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflo ...)
+ TODO: check
CVE-2023-26975
RESERVED
CVE-2023-26974
@@ -7029,8 +7106,8 @@ CVE-2023-26918
RESERVED
CVE-2023-26917
RESERVED
-CVE-2023-26916
- RESERVED
+CVE-2023-26916 (libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL poin ...)
+ TODO: check
CVE-2023-26915
RESERVED
CVE-2023-26914
@@ -7151,8 +7228,8 @@ CVE-2023-26857
RESERVED
CVE-2023-26856
RESERVED
-CVE-2023-26855
- RESERVED
+CVE-2023-26855 (The hashing algorithm of ChurchCRM v4.5.3 utilizes a non-random salt v ...)
+ TODO: check
CVE-2023-26854
RESERVED
CVE-2023-26853
@@ -9101,8 +9178,7 @@ CVE-2023-0924
CVE-2023-0923
RESERVED
NOT-FOR-US: Red Hat OpenShift Data Science
-CVE-2023-0922 [Samba AD DC admin tool samba-tool sends passwords in cleartext]
- RESERVED
+CVE-2023-0922 (The Samba AD DC administration tool, when operating against a remote L ...)
- samba 2:4.17.7+dfsg-1
NOTE: https://www.samba.org/samba/security/CVE-2023-0922.html
CVE-2023-0921
@@ -12509,8 +12585,7 @@ CVE-2023-0616
CVE-2023-0615 (A memory leak flaw and potential divide by zero and Integer overflow w ...)
- linux <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2166287
-CVE-2023-0614 [Access controlled AD LDAP attributes can be discovered]
- RESERVED
+CVE-2023-0614 (The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confident ...)
- samba 2:4.17.7+dfsg-1
NOTE: https://www.samba.org/samba/security/CVE-2023-0614.html
CVE-2023-0613 (A vulnerability has been found in TRENDnet TEW-811DRU 1.0.10.0 and cla ...)
@@ -13166,8 +13241,8 @@ CVE-2023-24726 (Art Gallery Management System v1.0 was discovered to contain a S
NOT-FOR-US: Art Gallery Management System
CVE-2023-24725
RESERVED
-CVE-2023-24724
- RESERVED
+CVE-2023-24724 (A stored cross site scripting (XSS) vulnerability was discovered in th ...)
+ TODO: check
CVE-2023-24723
RESERVED
CVE-2023-24722
@@ -17261,8 +17336,7 @@ CVE-2023-0227 (Insufficient Session Expiration in GitHub repository pyload/pyloa
- pyload <itp> (bug #1001980)
CVE-2023-0226
RESERVED
-CVE-2023-0225 [Samba AD DC "dnsHostname" attribute can be deleted by unprivileged authenticated users.]
- RESERVED
+CVE-2023-0225 (A flaw was found in Samba. An incomplete access check on dnsHostName a ...)
- samba 2:4.17.7+dfsg-1
NOTE: https://www.samba.org/samba/security/CVE-2023-0225.html
CVE-2023-0224
@@ -26567,8 +26641,8 @@ CVE-2023-21632
RESERVED
CVE-2023-21631
RESERVED
-CVE-2023-21630
- RESERVED
+CVE-2023-21630 (Memory Corruption in Multimedia Framework due to integer overflow when ...)
+ TODO: check
CVE-2023-21629
RESERVED
CVE-2023-21628
@@ -46713,8 +46787,8 @@ CVE-2022-40534
RESERVED
CVE-2022-40533
RESERVED
-CVE-2022-40532
- RESERVED
+CVE-2022-40532 (Memory corruption due to integer overflow or wraparound in WLAN while ...)
+ TODO: check
CVE-2022-40531 (Memory corruption in WLAN due to incorrect type cast while sending WMI ...)
NOT-FOR-US: Qualcomm
CVE-2022-40530 (Memory corruption in WLAN due to integer overflow to buffer overflow i ...)
@@ -46771,8 +46845,8 @@ CVE-2022-40505
RESERVED
CVE-2022-40504
RESERVED
-CVE-2022-40503
- RESERVED
+CVE-2022-40503 (Information disclosure due to buffer over-read in Bluetooth Host while ...)
+ TODO: check
CVE-2022-40502 (Transient DOS due to improper input validation in WLAN Host. ...)
NOT-FOR-US: Snapdragon
CVE-2022-3181 (An Improper Input Validation vulnerability exists in Trihedral VTScada ...)
@@ -66354,38 +66428,38 @@ CVE-2022-33304
RESERVED
CVE-2022-33303
RESERVED
-CVE-2022-33302
- RESERVED
-CVE-2022-33301
- RESERVED
+CVE-2022-33302 (Memory corruption due to improper validation of array index in User Id ...)
+ TODO: check
+CVE-2022-33301 (Memory corruption due to incorrect type conversion or cast in audio wh ...)
+ TODO: check
CVE-2022-33300 (Memory corruption in Automotive Android OS due to improper input valid ...)
NOT-FOR-US: Qualcomm
CVE-2022-33299 (Transient DOS due to null pointer dereference in Bluetooth HOST while ...)
NOT-FOR-US: Qualcomm
-CVE-2022-33298
- RESERVED
-CVE-2022-33297
- RESERVED
-CVE-2022-33296
- RESERVED
-CVE-2022-33295
- RESERVED
-CVE-2022-33294
- RESERVED
+CVE-2022-33298 (Memory corruption due to use after free in Modem while modem initializ ...)
+ TODO: check
+CVE-2022-33297 (Information disclosure due to buffer overread in Linux sensors ...)
+ TODO: check
+CVE-2022-33296 (Memory corruption due to integer overflow to buffer overflow in Modem ...)
+ TODO: check
+CVE-2022-33295 (Information disclosure in Modem due to buffer over-read while parsing ...)
+ TODO: check
+CVE-2022-33294 (Transient DOS in Modem due to NULL pointer dereference while receiving ...)
+ TODO: check
CVE-2022-33293
RESERVED
CVE-2022-33292
RESERVED
-CVE-2022-33291
- RESERVED
+CVE-2022-33291 (Information disclosure in Modem due to buffer over-read while receivin ...)
+ TODO: check
CVE-2022-33290 (Transient DOS in Bluetooth HOST due to null pointer dereference when a ...)
NOT-FOR-US: Qualcomm
-CVE-2022-33289
- RESERVED
-CVE-2022-33288
- RESERVED
-CVE-2022-33287
- RESERVED
+CVE-2022-33289 (Memory corruption occurs in Modem due to improper validation of array ...)
+ TODO: check
+CVE-2022-33288 (Memory corruption due to buffer copy without checking the size of inpu ...)
+ TODO: check
+CVE-2022-33287 (Information disclosure in Modem due to buffer over-read while getting ...)
+ TODO: check
CVE-2022-33286 (Transient DOS due to buffer over-read in WLAN while processing 802.11 ...)
NOT-FOR-US: Qualcomm
CVE-2022-33285 (Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA a ...)
@@ -66394,8 +66468,8 @@ CVE-2022-33284 (Information disclosure due to buffer over-read in WLAN while par
NOT-FOR-US: Qualcomm
CVE-2022-33283 (Information disclosure due to buffer over-read in WLAN while WLAN fram ...)
NOT-FOR-US: Qualcomm
-CVE-2022-33282
- RESERVED
+CVE-2022-33282 (Memory corruption in Automotive Multimedia due to integer overflow to ...)
+ TODO: check
CVE-2022-33281
RESERVED
CVE-2022-33280 (Memory corruption due to access of uninitialized pointer in Bluetooth ...)
@@ -66418,10 +66492,10 @@ CVE-2022-33272 (Transient DOS in modem due to reachable assertion. ...)
NOT-FOR-US: Qualcomm
CVE-2022-33271 (Information disclosure due to buffer over-read in WLAN while parsing N ...)
NOT-FOR-US: Qualcomm
-CVE-2022-33270
- RESERVED
-CVE-2022-33269
- RESERVED
+CVE-2022-33270 (Transient DOS due to time-of-check time-of-use race condition in Modem ...)
+ TODO: check
+CVE-2022-33269 (Memory corruption due to integer overflow or wraparound in Core while ...)
+ TODO: check
CVE-2022-33268 (Information disclosure due to buffer over-read in Bluetooth HOST while ...)
NOT-FOR-US: Qualcomm
CVE-2022-33267
@@ -66440,10 +66514,10 @@ CVE-2022-33261
RESERVED
CVE-2022-33260 (Memory corruption due to stack based buffer overflow in core while sen ...)
NOT-FOR-US: Qualcomm
-CVE-2022-33259
- RESERVED
-CVE-2022-33258
- RESERVED
+CVE-2022-33259 (Memory corruption due to buffer copy without checking the size of inpu ...)
+ TODO: check
+CVE-2022-33258 (Information disclosure due to buffer over-read in modem while reading ...)
+ TODO: check
CVE-2022-33257 (Memory corruption in Core due to time-of-check time-of-use race condit ...)
NOT-FOR-US: Qualcomm
CVE-2022-33256 (Memory corruption due to improper validation of array index in Multi-m ...)
@@ -66496,14 +66570,14 @@ CVE-2022-33233 (Memory corruption due to configuration weakness in modem wile se
NOT-FOR-US: Qualcomm
CVE-2022-33232 (Memory corruption due to buffer copy without checking size of input wh ...)
NOT-FOR-US: Qualcomm
-CVE-2022-33231
- RESERVED
+CVE-2022-33231 (Memory corruption due to double free in core while initializing the en ...)
+ TODO: check
CVE-2022-33230
RESERVED
CVE-2022-33229 (Information disclosure due to buffer over-read in Modem while using st ...)
NOT-FOR-US: Qualcomm
-CVE-2022-33228
- RESERVED
+CVE-2022-33228 (Information disclosure sue to buffer over-read in modem while processi ...)
+ TODO: check
CVE-2022-33227
RESERVED
CVE-2022-33226
@@ -66512,10 +66586,10 @@ CVE-2022-33225 (Memory corruption due to use after free in trusted application e
NOT-FOR-US: Qualcomm
CVE-2022-33224
RESERVED
-CVE-2022-33223
- RESERVED
-CVE-2022-33222
- RESERVED
+CVE-2022-33223 (Transient DOS in Modem due to null pointer dereference while processin ...)
+ TODO: check
+CVE-2022-33222 (Information disclosure due to buffer over-read while parsing DNS respo ...)
+ TODO: check
CVE-2022-33221 (Information disclosure in Trusted Execution Environment due to buffer ...)
NOT-FOR-US: Qualcomm
CVE-2022-33220
@@ -66536,8 +66610,8 @@ CVE-2022-33213 (Memory corruption in modem due to buffer overflow while processi
NOT-FOR-US: Qualcomm
CVE-2022-33212
RESERVED
-CVE-2022-33211
- RESERVED
+CVE-2022-33211 (memory corruption in modem due to improper check while calculating siz ...)
+ TODO: check
CVE-2022-33210 (Memory corruption in automotive multimedia due to use of out-of-range ...)
NOT-FOR-US: Snapdragon
CVE-2022-33146 (Open redirect vulnerability in web2py versions prior to 2.22.5 allows ...)
@@ -88349,12 +88423,12 @@ CVE-2022-25749 (Transient Denial-of-Service in WLAN due to buffer over-read whil
NOT-FOR-US: Qualcomm
CVE-2022-25748 (Memory corruption in WLAN due to integer overflow to buffer overflow w ...)
NOT-FOR-US: Qualcomm
-CVE-2022-25747
- RESERVED
+CVE-2022-25747 (Information disclosure in modem due to improper input validation durin ...)
+ TODO: check
CVE-2022-25746 (Memory corruption in kernel due to missing checks when updating the ac ...)
NOT-FOR-US: Qualcomm
-CVE-2022-25745
- RESERVED
+CVE-2022-25745 (Memory corruption in modem due to improper input validation while hand ...)
+ TODO: check
CVE-2022-25744
RESERVED
CVE-2022-25743 (Memory corruption in graphics due to use-after-free while importing gr ...)
@@ -88363,14 +88437,14 @@ CVE-2022-25742 (Denial of service in modem due to infinite loop while parsing IG
NOT-FOR-US: Snapdragon
CVE-2022-25741 (Denial of service in WLAN due to potential null pointer dereference wh ...)
NOT-FOR-US: Snapdragon
-CVE-2022-25740
- RESERVED
-CVE-2022-25739
- RESERVED
+CVE-2022-25740 (Memory corruption in modem due to buffer overwrite while building an I ...)
+ TODO: check
+CVE-2022-25739 (Denial of service in modem due to missing null check while processing ...)
+ TODO: check
CVE-2022-25738 (Information disclosure in modem due to buffer over-red while performin ...)
NOT-FOR-US: Qualcomm
-CVE-2022-25737
- RESERVED
+CVE-2022-25737 (Information disclosure in modem due to missing NULL check while readin ...)
+ TODO: check
CVE-2022-25736 (Denial of service in WLAN due to out-of-bound read happens while proce ...)
NOT-FOR-US: Qualcomm
CVE-2022-25735 (Denial of service in modem due to missing null check while processing ...)
@@ -88381,18 +88455,18 @@ CVE-2022-25733 (Denial of service in modem due to null pointer dereference while
NOT-FOR-US: Qualcomm
CVE-2022-25732 (Information disclosure in modem due to buffer over read in dns client ...)
NOT-FOR-US: Qualcomm
-CVE-2022-25731
- RESERVED
-CVE-2022-25730
- RESERVED
+CVE-2022-25731 (Information disclosure in modem due to buffer over-read while processi ...)
+ TODO: check
+CVE-2022-25730 (Information disclosure in modem due to improper check of IP type while ...)
+ TODO: check
CVE-2022-25729 (Memory corruption in modem due to improper length check while copying ...)
NOT-FOR-US: Qualcomm
CVE-2022-25728 (Information disclosure in modem due to buffer over-read while processi ...)
NOT-FOR-US: Qualcomm
CVE-2022-25727 (Memory Corruption in modem due to improper length check while copying ...)
NOT-FOR-US: Snapdragon
-CVE-2022-25726
- RESERVED
+CVE-2022-25726 (Information disclosure in modem data due to array out of bound access ...)
+ TODO: check
CVE-2022-25725 (Denial of service in MODEM due to improper pointer handling ...)
NOT-FOR-US: Qualcomm
CVE-2022-25724 (Memory corruption in graphics due to buffer overflow while validating ...)
@@ -88487,8 +88561,8 @@ CVE-2022-25680 (Memory corruption in multimedia due to buffer overflow while pro
NOT-FOR-US: Snapdragon
CVE-2022-25679 (Denial of service in video due to improper access control in broadcast ...)
NOT-FOR-US: Snapdragon
-CVE-2022-25678
- RESERVED
+CVE-2022-25678 (Memory correction in modem due to buffer overwrite during coap connect ...)
+ TODO: check
CVE-2022-25677 (Memory corruption in diag due to use after free while processing dci p ...)
NOT-FOR-US: Qualcomm
CVE-2022-25676 (Information disclosure in video due to buffer over-read while parsing ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/378f4a3a2d75fdded13d38e2f97ec023458b11b2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/378f4a3a2d75fdded13d38e2f97ec023458b11b2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230404/cc69bc8a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list