[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Feb 6 08:10:26 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
272931f4 by security tracker role at 2023-02-06T08:10:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2023-25198
+ RESERVED
+CVE-2023-25197
+ RESERVED
+CVE-2023-25196
+ RESERVED
+CVE-2023-25195
+ RESERVED
+CVE-2022-48314
+ RESERVED
+CVE-2022-48313
+ RESERVED
+CVE-2022-48312
+ RESERVED
CVE-2023-25194
RESERVED
CVE-2022-4902
@@ -12,12 +26,12 @@ CVE-2023-25193 (hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attack
- harfbuzz <unfixed> (bug #1030612)
[bullseye] - harfbuzz <no-dsa> (Minor issue)
NOTE: https://github.com/harfbuzz/harfbuzz/commit/85be877925ddbf34f74a1229f3ca1716bb6170dc
-CVE-2014-125086
- RESERVED
-CVE-2014-125085
- RESERVED
-CVE-2014-125084
- RESERVED
+CVE-2014-125086 (A vulnerability has been found in Gimmie Plugin 1.2.2 and classified a ...)
+ TODO: check
+CVE-2014-125085 (A vulnerability, which was classified as critical, was found in Gimmie ...)
+ TODO: check
+CVE-2014-125084 (A vulnerability, which was classified as critical, has been found in G ...)
+ TODO: check
CVE-2023-25192
RESERVED
CVE-2023-25191
@@ -36,10 +50,10 @@ CVE-2023-0674 (A vulnerability, which was classified as problematic, has been fo
NOT-FOR-US: XXL-JOB
CVE-2023-0673 (A vulnerability classified as critical was found in SourceCodester Onl ...)
NOT-FOR-US: SourceCodester Online Eyewear Shop
-CVE-2017-20176
- RESERVED
-CVE-2017-20175
- RESERVED
+CVE-2017-20176 (A vulnerability classified as problematic was found in ciubotaru share ...)
+ TODO: check
+CVE-2017-20175 (A vulnerability classified as problematic has been found in DaSchTour ...)
+ TODO: check
CVE-2023-25189
RESERVED
CVE-2023-25188
@@ -11851,12 +11865,12 @@ CVE-2022-47454
RESERVED
CVE-2022-47453
RESERVED
-CVE-2022-47452
- RESERVED
-CVE-2022-47451
- RESERVED
-CVE-2022-47450
- RESERVED
+CVE-2022-47452 (In gnss driver, there is a possible out of bounds write due to a missi ...)
+ TODO: check
+CVE-2022-47451 (In wlan driver, there is a possible missing params check. This could l ...)
+ TODO: check
+CVE-2022-47450 (In wlan driver, there is a possible missing permission check. This cou ...)
+ TODO: check
CVE-2022-46732 (Even if the authentication fails for local service authentication, the ...)
NOT-FOR-US: GE Digital
CVE-2022-46660 (An unauthorized user could alter or write files with full control over ...)
@@ -12389,42 +12403,42 @@ CVE-2019-25078 (A vulnerability classified as problematic was found in pacparser
[buster] - pacparser <no-dsa> (Minor issue)
NOTE: https://github.com/manugarg/pacparser/issues/99
NOTE: https://github.com/manugarg/pacparser/commit/853e8f45607cb07b877ffd270c63dbcdd5201ad9 (v1.4.0)
-CVE-2022-47371
- RESERVED
-CVE-2022-47370
- RESERVED
-CVE-2022-47369
- RESERVED
-CVE-2022-47368
- RESERVED
-CVE-2022-47367
- RESERVED
-CVE-2022-47366
- RESERVED
-CVE-2022-47365
- RESERVED
-CVE-2022-47364
- RESERVED
-CVE-2022-47363
- RESERVED
+CVE-2022-47371 (In bt driver, there is a thread competition leads to early release of ...)
+ TODO: check
+CVE-2022-47370 (In wlan driver, there is a possible missing params check. This could l ...)
+ TODO: check
+CVE-2022-47369 (In wlan driver, there is a possible missing params check. This could l ...)
+ TODO: check
+CVE-2022-47368 (In wlan driver, there is a possible missing params check. This could l ...)
+ TODO: check
+CVE-2022-47367 (In bluetooth driver, there is a missing permission check. This could l ...)
+ TODO: check
+CVE-2022-47366 (In wlan driver, there is a possible out of bounds write due to a missi ...)
+ TODO: check
+CVE-2022-47365 (In wlan driver, there is a possible out of bounds write due to a missi ...)
+ TODO: check
+CVE-2022-47364 (In wlan driver, there is a possible out of bounds write due to a missi ...)
+ TODO: check
+CVE-2022-47363 (In wlan driver, there is a possible out of bounds read due to a missin ...)
+ TODO: check
CVE-2022-47362
RESERVED
-CVE-2022-47361
- RESERVED
-CVE-2022-47360
- RESERVED
-CVE-2022-47359
- RESERVED
-CVE-2022-47358
- RESERVED
-CVE-2022-47357
- RESERVED
-CVE-2022-47356
- RESERVED
-CVE-2022-47355
- RESERVED
-CVE-2022-47354
- RESERVED
+CVE-2022-47361 (In firewall service, there is a missing permission check. This could l ...)
+ TODO: check
+CVE-2022-47360 (In log service, there is a missing permission check. This could lead t ...)
+ TODO: check
+CVE-2022-47359 (In log service, there is a missing permission check. This could lead t ...)
+ TODO: check
+CVE-2022-47358 (In log service, there is a missing permission check. This could lead t ...)
+ TODO: check
+CVE-2022-47357 (In log service, there is a missing permission check. This could lead t ...)
+ TODO: check
+CVE-2022-47356 (In log service, there is a missing permission check. This could lead t ...)
+ TODO: check
+CVE-2022-47355 (In log service, there is a missing permission check. This could lead t ...)
+ TODO: check
+CVE-2022-47354 (In log service, there is a missing permission check. This could lead t ...)
+ TODO: check
CVE-2022-47353
RESERVED
CVE-2022-47352
@@ -12435,26 +12449,26 @@ CVE-2022-47350
RESERVED
CVE-2022-47349
RESERVED
-CVE-2022-47348
- RESERVED
-CVE-2022-47347
- RESERVED
-CVE-2022-47346
- RESERVED
-CVE-2022-47345
- RESERVED
-CVE-2022-47344
- RESERVED
-CVE-2022-47343
- RESERVED
-CVE-2022-47342
- RESERVED
-CVE-2022-47341
- RESERVED
+CVE-2022-47348 (In engineermode services, there is a missing permission check. This co ...)
+ TODO: check
+CVE-2022-47347 (In engineermode services, there is a missing permission check. This co ...)
+ TODO: check
+CVE-2022-47346 (In engineermode services, there is a missing permission check. This co ...)
+ TODO: check
+CVE-2022-47345 (In engineermode services, there is a missing permission check. This co ...)
+ TODO: check
+CVE-2022-47344 (In engineermode services, there is a missing permission check. This co ...)
+ TODO: check
+CVE-2022-47343 (In engineermode services, there is a missing permission check. This co ...)
+ TODO: check
+CVE-2022-47342 (In engineermode services, there is a missing permission check. This co ...)
+ TODO: check
+CVE-2022-47341 (In engineermode services, there is a missing permission check. This co ...)
+ TODO: check
CVE-2022-47340
RESERVED
-CVE-2022-47339
- RESERVED
+CVE-2022-47339 (In cmd services, there is a OS command injection issue due to missing ...)
+ TODO: check
CVE-2022-47338
RESERVED
CVE-2022-47337
@@ -12465,30 +12479,30 @@ CVE-2022-47335
RESERVED
CVE-2022-47334
RESERVED
-CVE-2022-47333
- RESERVED
-CVE-2022-47332
- RESERVED
-CVE-2022-47331
- RESERVED
-CVE-2022-47330
- RESERVED
-CVE-2022-47329
- RESERVED
-CVE-2022-47328
- RESERVED
-CVE-2022-47327
- RESERVED
-CVE-2022-47326
- RESERVED
-CVE-2022-47325
- RESERVED
-CVE-2022-47324
- RESERVED
-CVE-2022-47323
- RESERVED
-CVE-2022-47322
- RESERVED
+CVE-2022-47333 (In wlan driver, there is a possible missing permission check. This cou ...)
+ TODO: check
+CVE-2022-47332 (In wlan driver, there is a possible missing permission check. This cou ...)
+ TODO: check
+CVE-2022-47331 (In wlan driver, there is a race condition. This could lead to local de ...)
+ TODO: check
+CVE-2022-47330 (In wlan driver, there is a possible missing permission check. This cou ...)
+ TODO: check
+CVE-2022-47329 (In wlan driver, there is a possible missing permission check. This cou ...)
+ TODO: check
+CVE-2022-47328 (In wlan driver, there is a possible missing permission check. This cou ...)
+ TODO: check
+CVE-2022-47327 (In wlan driver, there is a possible missing permission check. This cou ...)
+ TODO: check
+CVE-2022-47326 (In wlan driver, there is a possible missing permission check. This cou ...)
+ TODO: check
+CVE-2022-47325 (In wlan driver, there is a possible missing permission check. This cou ...)
+ TODO: check
+CVE-2022-47324 (In wlan driver, there is a possible missing permission check. This cou ...)
+ TODO: check
+CVE-2022-47323 (In wlan driver, there is a possible missing params check. This could l ...)
+ TODO: check
+CVE-2022-47322 (In wlan driver, there is a possible missing params check. This could l ...)
+ TODO: check
CVE-2022-47310
RESERVED
CVE-2022-47309
@@ -22015,10 +22029,10 @@ CVE-2023-20853
RESERVED
CVE-2023-20852
RESERVED
-CVE-2022-44448
- RESERVED
-CVE-2022-44447
- RESERVED
+CVE-2022-44448 (In wlan driver, there is a possible missing params check. This could l ...)
+ TODO: check
+CVE-2022-44447 (In wlan driver, there is a possible null pointer dereference issue due ...)
+ TODO: check
CVE-2022-44446 (In wlan driver, there is a possible missing bounds check. This could l ...)
NOT-FOR-US: Unisoc
CVE-2022-44445 (In wlan driver, there is a possible missing bounds check. This could l ...)
@@ -22069,8 +22083,8 @@ CVE-2022-44423 (In music service, there is a missing permission check. This coul
NOT-FOR-US: Unisoc
CVE-2022-44422 (In music service, there is a missing permission check. This could lead ...)
NOT-FOR-US: Unisoc
-CVE-2022-44421
- RESERVED
+CVE-2022-44421 (In wlan driver, there is a possible missing permission check. This cou ...)
+ TODO: check
CVE-2022-44420
RESERVED
CVE-2022-44419
@@ -28250,8 +28264,8 @@ CVE-2022-3453 (A vulnerability was found in SourceCodester Book Store Management
NOT-FOR-US: SourceCodester Book Store Management System
CVE-2022-3452 (A vulnerability was found in SourceCodester Book Store Management Syst ...)
NOT-FOR-US: SourceCodester Book Store Management System
-CVE-2022-42783
- RESERVED
+CVE-2022-42783 (In wlan driver, there is a possible missing params check. This could l ...)
+ TODO: check
CVE-2022-42782 (In wlan driver, there is a possible missing permission check, This cou ...)
NOT-FOR-US: Unisoc
CVE-2022-42781 (In wlan driver, there is a possible missing bounds check, This could l ...)
@@ -38933,8 +38947,8 @@ CVE-2022-38688 (In telephony service, there is a missing permission check. This
NOT-FOR-US: Unisoc
CVE-2022-38687 (In messaging service, there is a missing permission check. This could ...)
NOT-FOR-US: Unisoc
-CVE-2022-38686
- RESERVED
+CVE-2022-38686 (In wlan driver, there is a possible missing params check. This could l ...)
+ TODO: check
CVE-2022-38685
RESERVED
CVE-2022-38684 (In contacts service, there is a missing permission check. This could l ...)
@@ -38943,10 +38957,10 @@ CVE-2022-38683 (In contacts service, there is a missing permission check. This c
NOT-FOR-US: Unisoc
CVE-2022-38682 (In contacts service, there is a missing permission check. This could l ...)
NOT-FOR-US: Unisoc
-CVE-2022-38681
- RESERVED
-CVE-2022-38680
- RESERVED
+CVE-2022-38681 (In wlan driver, there is a possible missing params check. This could l ...)
+ TODO: check
+CVE-2022-38680 (In wlan driver, there is a possible missing params check. This could l ...)
+ TODO: check
CVE-2022-38679 (In music service, there is a missing permission check. This could lead ...)
NOT-FOR-US: Unisoc
CVE-2022-38678 (In contacts service, there is a missing permission check. This could l ...)
@@ -38955,10 +38969,10 @@ CVE-2022-38677 (In cell service, there is a missing permission check. This could
NOT-FOR-US: Unisoc
CVE-2022-38676 (In gpu driver, there is a possible out of bounds write due to a missin ...)
NOT-FOR-US: Unisoc
-CVE-2022-38675
- RESERVED
-CVE-2022-38674
- RESERVED
+CVE-2022-38675 (In gpu driver, there is a possible out of bounds write due to a missin ...)
+ TODO: check
+CVE-2022-38674 (In wlan driver, there is a possible missing params check. This could l ...)
+ TODO: check
CVE-2022-38673 (In face detect driver, there is a possible out of bounds write due to ...)
NOT-FOR-US: Unisoc
CVE-2022-38672 (In face detect driver, there is a possible out of bounds write due to ...)
@@ -75100,12 +75114,12 @@ CVE-2022-25857 (The package org.yaml:snakeyaml from 0 and before 1.31 are vulner
NOTE: https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-2806360
CVE-2022-25856 (The package github.com/argoproj/argo-events/sensors/artifacts before 1 ...)
NOT-FOR-US: github.com/argoproj/argo-events/sensors/artifacts
-CVE-2022-25855
- RESERVED
+CVE-2022-25855 (All versions of the package create-choo-app3 are vulnerable to Command ...)
+ TODO: check
CVE-2022-25854 (This affects the package @yaireo/tagify before 4.9.8. The package is u ...)
NOT-FOR-US: Tagify
-CVE-2022-25853
- RESERVED
+CVE-2022-25853 (All versions of the package semver-tags are vulnerable to Command Inje ...)
+ TODO: check
CVE-2022-25852 (All versions of package pg-native; all versions of package libpq are v ...)
NOT-FOR-US: Node pgnative
CVE-2022-25851 (The package jpeg-js before 0.4.4 are vulnerable to Denial of Service ( ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/272931f4b76e18f9d3a7d4917d4473d557dce939
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/272931f4b76e18f9d3a7d4917d4473d557dce939
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230206/97e4c9f8/attachment.htm>
More information about the debian-security-tracker-commits
mailing list