[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Feb 6 20:10:35 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0a4a6839 by security tracker role at 2023-02-06T20:10:25+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,631 @@
+CVE-2023-25498
+	RESERVED
+CVE-2023-25497
+	RESERVED
+CVE-2023-25496
+	RESERVED
+CVE-2023-25495
+	RESERVED
+CVE-2023-25494
+	RESERVED
+CVE-2023-25493
+	RESERVED
+CVE-2023-25492
+	RESERVED
+CVE-2023-25491
+	RESERVED
+CVE-2023-25490
+	RESERVED
+CVE-2023-25489
+	RESERVED
+CVE-2023-25488
+	RESERVED
+CVE-2023-25487
+	RESERVED
+CVE-2023-25486
+	RESERVED
+CVE-2023-25485
+	RESERVED
+CVE-2023-25484
+	RESERVED
+CVE-2023-25483
+	RESERVED
+CVE-2023-25482
+	RESERVED
+CVE-2023-25481
+	RESERVED
+CVE-2023-25480
+	RESERVED
+CVE-2023-25479
+	RESERVED
+CVE-2023-25478
+	RESERVED
+CVE-2023-25477
+	RESERVED
+CVE-2023-25476
+	RESERVED
+CVE-2023-25475
+	RESERVED
+CVE-2023-25474
+	RESERVED
+CVE-2023-25473
+	RESERVED
+CVE-2023-25472
+	RESERVED
+CVE-2023-25471
+	RESERVED
+CVE-2023-25470
+	RESERVED
+CVE-2023-25469
+	RESERVED
+CVE-2023-25468
+	RESERVED
+CVE-2023-25467
+	RESERVED
+CVE-2023-25466
+	RESERVED
+CVE-2023-25465
+	RESERVED
+CVE-2023-25464
+	RESERVED
+CVE-2023-25463
+	RESERVED
+CVE-2023-25462
+	RESERVED
+CVE-2023-25461
+	RESERVED
+CVE-2023-25460
+	RESERVED
+CVE-2023-25459
+	RESERVED
+CVE-2023-25458
+	RESERVED
+CVE-2023-25457
+	RESERVED
+CVE-2023-25456
+	RESERVED
+CVE-2023-25455
+	RESERVED
+CVE-2023-25454
+	RESERVED
+CVE-2023-25453
+	RESERVED
+CVE-2023-25452
+	RESERVED
+CVE-2023-25451
+	RESERVED
+CVE-2023-25450
+	RESERVED
+CVE-2023-25449
+	RESERVED
+CVE-2023-25448
+	RESERVED
+CVE-2023-25447
+	RESERVED
+CVE-2023-25446
+	RESERVED
+CVE-2023-25445
+	RESERVED
+CVE-2023-25444
+	RESERVED
+CVE-2023-25443
+	RESERVED
+CVE-2023-25442
+	RESERVED
+CVE-2023-25441
+	RESERVED
+CVE-2023-25440
+	RESERVED
+CVE-2023-25439
+	RESERVED
+CVE-2023-25438
+	RESERVED
+CVE-2023-25437
+	RESERVED
+CVE-2023-25436
+	RESERVED
+CVE-2023-25435
+	RESERVED
+CVE-2023-25434
+	RESERVED
+CVE-2023-25433
+	RESERVED
+CVE-2023-25432
+	RESERVED
+CVE-2023-25431
+	RESERVED
+CVE-2023-25430
+	RESERVED
+CVE-2023-25429
+	RESERVED
+CVE-2023-25428
+	RESERVED
+CVE-2023-25427
+	RESERVED
+CVE-2023-25426
+	RESERVED
+CVE-2023-25425
+	RESERVED
+CVE-2023-25424
+	RESERVED
+CVE-2023-25423
+	RESERVED
+CVE-2023-25422
+	RESERVED
+CVE-2023-25421
+	RESERVED
+CVE-2023-25420
+	RESERVED
+CVE-2023-25419
+	RESERVED
+CVE-2023-25418
+	RESERVED
+CVE-2023-25417
+	RESERVED
+CVE-2023-25416
+	RESERVED
+CVE-2023-25415
+	RESERVED
+CVE-2023-25414
+	RESERVED
+CVE-2023-25413
+	RESERVED
+CVE-2023-25412
+	RESERVED
+CVE-2023-25411
+	RESERVED
+CVE-2023-25410
+	RESERVED
+CVE-2023-25409
+	RESERVED
+CVE-2023-25408
+	RESERVED
+CVE-2023-25407
+	RESERVED
+CVE-2023-25406
+	RESERVED
+CVE-2023-25405
+	RESERVED
+CVE-2023-25404
+	RESERVED
+CVE-2023-25403
+	RESERVED
+CVE-2023-25402
+	RESERVED
+CVE-2023-25401
+	RESERVED
+CVE-2023-25400
+	RESERVED
+CVE-2023-25399
+	RESERVED
+CVE-2023-25398
+	RESERVED
+CVE-2023-25397
+	RESERVED
+CVE-2023-25396
+	RESERVED
+CVE-2023-25395
+	RESERVED
+CVE-2023-25394
+	RESERVED
+CVE-2023-25393
+	RESERVED
+CVE-2023-25392
+	RESERVED
+CVE-2023-25391
+	RESERVED
+CVE-2023-25390
+	RESERVED
+CVE-2023-25389
+	RESERVED
+CVE-2023-25388
+	RESERVED
+CVE-2023-25387
+	RESERVED
+CVE-2023-25386
+	RESERVED
+CVE-2023-25385
+	RESERVED
+CVE-2023-25384
+	RESERVED
+CVE-2023-25383
+	RESERVED
+CVE-2023-25382
+	RESERVED
+CVE-2023-25381
+	RESERVED
+CVE-2023-25380
+	RESERVED
+CVE-2023-25379
+	RESERVED
+CVE-2023-25378
+	RESERVED
+CVE-2023-25377
+	RESERVED
+CVE-2023-25376
+	RESERVED
+CVE-2023-25375
+	RESERVED
+CVE-2023-25374
+	RESERVED
+CVE-2023-25373
+	RESERVED
+CVE-2023-25372
+	RESERVED
+CVE-2023-25371
+	RESERVED
+CVE-2023-25370
+	RESERVED
+CVE-2023-25369
+	RESERVED
+CVE-2023-25368
+	RESERVED
+CVE-2023-25367
+	RESERVED
+CVE-2023-25366
+	RESERVED
+CVE-2023-25365
+	RESERVED
+CVE-2023-25364
+	RESERVED
+CVE-2023-25363
+	RESERVED
+CVE-2023-25362
+	RESERVED
+CVE-2023-25361
+	RESERVED
+CVE-2023-25360
+	RESERVED
+CVE-2023-25359
+	RESERVED
+CVE-2023-25358
+	RESERVED
+CVE-2023-25357
+	RESERVED
+CVE-2023-25356
+	RESERVED
+CVE-2023-25355
+	RESERVED
+CVE-2023-25354
+	RESERVED
+CVE-2023-25353
+	RESERVED
+CVE-2023-25352
+	RESERVED
+CVE-2023-25351
+	RESERVED
+CVE-2023-25350
+	RESERVED
+CVE-2023-25349
+	RESERVED
+CVE-2023-25348
+	RESERVED
+CVE-2023-25347
+	RESERVED
+CVE-2023-25346
+	RESERVED
+CVE-2023-25345
+	RESERVED
+CVE-2023-25344
+	RESERVED
+CVE-2023-25343
+	RESERVED
+CVE-2023-25342
+	RESERVED
+CVE-2023-25341
+	RESERVED
+CVE-2023-25340
+	RESERVED
+CVE-2023-25339
+	RESERVED
+CVE-2023-25338
+	RESERVED
+CVE-2023-25337
+	RESERVED
+CVE-2023-25336
+	RESERVED
+CVE-2023-25335
+	RESERVED
+CVE-2023-25334
+	RESERVED
+CVE-2023-25333
+	RESERVED
+CVE-2023-25332
+	RESERVED
+CVE-2023-25331
+	RESERVED
+CVE-2023-25330
+	RESERVED
+CVE-2023-25329
+	RESERVED
+CVE-2023-25328
+	RESERVED
+CVE-2023-25327
+	RESERVED
+CVE-2023-25326
+	RESERVED
+CVE-2023-25325
+	RESERVED
+CVE-2023-25324
+	RESERVED
+CVE-2023-25323
+	RESERVED
+CVE-2023-25322
+	RESERVED
+CVE-2023-25321
+	RESERVED
+CVE-2023-25320
+	RESERVED
+CVE-2023-25319
+	RESERVED
+CVE-2023-25318
+	RESERVED
+CVE-2023-25317
+	RESERVED
+CVE-2023-25316
+	RESERVED
+CVE-2023-25315
+	RESERVED
+CVE-2023-25314
+	RESERVED
+CVE-2023-25313
+	RESERVED
+CVE-2023-25312
+	RESERVED
+CVE-2023-25311
+	RESERVED
+CVE-2023-25310
+	RESERVED
+CVE-2023-25309
+	RESERVED
+CVE-2023-25308
+	RESERVED
+CVE-2023-25307
+	RESERVED
+CVE-2023-25306
+	RESERVED
+CVE-2023-25305
+	RESERVED
+CVE-2023-25304
+	RESERVED
+CVE-2023-25303
+	RESERVED
+CVE-2023-25302
+	RESERVED
+CVE-2023-25301
+	RESERVED
+CVE-2023-25300
+	RESERVED
+CVE-2023-25299
+	RESERVED
+CVE-2023-25298
+	RESERVED
+CVE-2023-25297
+	RESERVED
+CVE-2023-25296
+	RESERVED
+CVE-2023-25295
+	RESERVED
+CVE-2023-25294
+	RESERVED
+CVE-2023-25293
+	RESERVED
+CVE-2023-25292
+	RESERVED
+CVE-2023-25291
+	RESERVED
+CVE-2023-25290
+	RESERVED
+CVE-2023-25289
+	RESERVED
+CVE-2023-25288
+	RESERVED
+CVE-2023-25287
+	RESERVED
+CVE-2023-25286
+	RESERVED
+CVE-2023-25285
+	RESERVED
+CVE-2023-25284
+	RESERVED
+CVE-2023-25283
+	RESERVED
+CVE-2023-25282
+	RESERVED
+CVE-2023-25281
+	RESERVED
+CVE-2023-25280
+	RESERVED
+CVE-2023-25279
+	RESERVED
+CVE-2023-25278
+	RESERVED
+CVE-2023-25277
+	RESERVED
+CVE-2023-25276
+	RESERVED
+CVE-2023-25275
+	RESERVED
+CVE-2023-25274
+	RESERVED
+CVE-2023-25273
+	RESERVED
+CVE-2023-25272
+	RESERVED
+CVE-2023-25271
+	RESERVED
+CVE-2023-25270
+	RESERVED
+CVE-2023-25269
+	RESERVED
+CVE-2023-25268
+	RESERVED
+CVE-2023-25267
+	RESERVED
+CVE-2023-25266
+	RESERVED
+CVE-2023-25265
+	RESERVED
+CVE-2023-25264
+	RESERVED
+CVE-2023-25263
+	RESERVED
+CVE-2023-25262
+	RESERVED
+CVE-2023-25261
+	RESERVED
+CVE-2023-25260
+	RESERVED
+CVE-2023-25259
+	RESERVED
+CVE-2023-25258
+	RESERVED
+CVE-2023-25257
+	RESERVED
+CVE-2023-25256
+	RESERVED
+CVE-2023-25255
+	RESERVED
+CVE-2023-25254
+	RESERVED
+CVE-2023-25253
+	RESERVED
+CVE-2023-25252
+	RESERVED
+CVE-2023-25251
+	RESERVED
+CVE-2023-25250
+	RESERVED
+CVE-2023-25249
+	RESERVED
+CVE-2023-25248
+	RESERVED
+CVE-2023-25247
+	RESERVED
+CVE-2023-25246
+	RESERVED
+CVE-2023-25245
+	RESERVED
+CVE-2023-25244
+	RESERVED
+CVE-2023-25243
+	RESERVED
+CVE-2023-25242
+	RESERVED
+CVE-2023-25241
+	RESERVED
+CVE-2023-25240
+	RESERVED
+CVE-2023-25239
+	RESERVED
+CVE-2023-25238
+	RESERVED
+CVE-2023-25237
+	RESERVED
+CVE-2023-25236
+	RESERVED
+CVE-2023-25235
+	RESERVED
+CVE-2023-25234
+	RESERVED
+CVE-2023-25233
+	RESERVED
+CVE-2023-25232
+	RESERVED
+CVE-2023-25231
+	RESERVED
+CVE-2023-25230
+	RESERVED
+CVE-2023-25229
+	RESERVED
+CVE-2023-25228
+	RESERVED
+CVE-2023-25227
+	RESERVED
+CVE-2023-25226
+	RESERVED
+CVE-2023-25225
+	RESERVED
+CVE-2023-25224
+	RESERVED
+CVE-2023-25223
+	RESERVED
+CVE-2023-25222
+	RESERVED
+CVE-2023-25221
+	RESERVED
+CVE-2023-25220
+	RESERVED
+CVE-2023-25219
+	RESERVED
+CVE-2023-25218
+	RESERVED
+CVE-2023-25217
+	RESERVED
+CVE-2023-25216
+	RESERVED
+CVE-2023-25215
+	RESERVED
+CVE-2023-25214
+	RESERVED
+CVE-2023-25213
+	RESERVED
+CVE-2023-25212
+	RESERVED
+CVE-2023-25211
+	RESERVED
+CVE-2023-25210
+	RESERVED
+CVE-2023-25209
+	RESERVED
+CVE-2023-25208
+	RESERVED
+CVE-2023-25207
+	RESERVED
+CVE-2023-25206
+	RESERVED
+CVE-2023-25205
+	RESERVED
+CVE-2023-25204
+	RESERVED
+CVE-2023-25203
+	RESERVED
+CVE-2023-25202
+	RESERVED
+CVE-2023-25201
+	RESERVED
+CVE-2023-25200
+	RESERVED
+CVE-2023-25199
+	RESERVED
+CVE-2023-0687 (A vulnerability was found in GNU C Library 2.38. It has been declared  ...)
+	TODO: check
+CVE-2023-0686 (A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. I ...)
+	TODO: check
+CVE-2023-0685
+	RESERVED
+CVE-2023-0684
+	RESERVED
+CVE-2023-0683
+	RESERVED
+CVE-2023-0682
+	RESERVED
+CVE-2023-0681
+	RESERVED
+CVE-2023-0680
+	RESERVED
+CVE-2023-0679 (A vulnerability was found in SourceCodester Canteen Management System  ...)
+	TODO: check
+CVE-2022-48316
+	RESERVED
+CVE-2022-48315
+	RESERVED
+CVE-2015-10075
+	RESERVED
+CVE-2015-10074
+	RESERVED
+CVE-2011-10002
+	RESERVED
 CVE-2023-25198
 	RESERVED
 CVE-2023-25197
@@ -14,10 +642,10 @@ CVE-2022-48312
 	RESERVED
 CVE-2023-25194
 	RESERVED
-CVE-2022-4902
-	RESERVED
-CVE-2020-36660
-	RESERVED
+CVE-2022-4902 (A vulnerability classified as problematic has been found in eXo Chat A ...)
+	TODO: check
+CVE-2020-36660 (A vulnerability was found in paxswill EVE Ship Replacement Program 0.1 ...)
+	TODO: check
 CVE-2017-20177
 	RESERVED
 CVE-2015-10073
@@ -1068,7 +1696,7 @@ CVE-2023-0578
 	RESERVED
 CVE-2023-0577
 	RESERVED
-CVE-2023-0576 (Server-Side Request Forgery (SSRF), Improperly Controlled Modification ...)
+CVE-2023-0576 (This CVE ID has been rejected or withdrawn by its CVE Numbering Author ...)
 	- yugabyte-db <itp> (bug #989673)
 CVE-2023-0575
 	RESERVED
@@ -2515,8 +3143,8 @@ CVE-2023-24278
 	RESERVED
 CVE-2023-24277
 	RESERVED
-CVE-2023-24276
-	RESERVED
+CVE-2023-24276 (TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a co ...)
+	TODO: check
 CVE-2023-24275
 	RESERVED
 CVE-2023-24274
@@ -2663,30 +3291,30 @@ CVE-2023-24204
 	RESERVED
 CVE-2023-24203
 	RESERVED
-CVE-2023-24202
-	RESERVED
-CVE-2023-24201
-	RESERVED
-CVE-2023-24200
-	RESERVED
-CVE-2023-24199
-	RESERVED
-CVE-2023-24198
-	RESERVED
-CVE-2023-24197
-	RESERVED
+CVE-2023-24202 (Raffle Draw System v1.0 was discovered to contain a local file inclusi ...)
+	TODO: check
+CVE-2023-24201 (Raffle Draw System v1.0 was discovered to contain a SQL injection vuln ...)
+	TODO: check
+CVE-2023-24200 (Raffle Draw System v1.0 was discovered to contain a SQL injection vuln ...)
+	TODO: check
+CVE-2023-24199 (Raffle Draw System v1.0 was discovered to contain a SQL injection vuln ...)
+	TODO: check
+CVE-2023-24198 (Raffle Draw System v1.0 was discovered to contain multiple SQL injecti ...)
+	TODO: check
+CVE-2023-24197 (Online Food Ordering System v2 was discovered to contain a SQL injecti ...)
+	TODO: check
 CVE-2023-24196
 	RESERVED
-CVE-2023-24195
-	RESERVED
-CVE-2023-24194
-	RESERVED
+CVE-2023-24195 (Online Food Ordering System v2 was discovered to contain a cross-site  ...)
+	TODO: check
+CVE-2023-24194 (Online Food Ordering System v2 was discovered to contain a cross-site  ...)
+	TODO: check
 CVE-2023-24193
 	RESERVED
-CVE-2023-24192
-	RESERVED
-CVE-2023-24191
-	RESERVED
+CVE-2023-24192 (Online Food Ordering System v2 was discovered to contain a cross-site  ...)
+	TODO: check
+CVE-2023-24191 (Online Food Ordering System v2 was discovered to contain a cross-site  ...)
+	TODO: check
 CVE-2023-24190
 	RESERVED
 CVE-2023-24189
@@ -4666,11 +5294,13 @@ CVE-2023-23519
 	RESERVED
 CVE-2023-23518 [Processing maliciously crafted web content may lead to arbitrary code execution]
 	RESERVED
+	{DSA-5341-1 DSA-5340-1 DLA-3308-1}
 	- webkit2gtk 2.38.4-1
 	- wpewebkit 2.38.4-1
 	NOTE: https://webkitgtk.org/security/WSA-2023-0001.html
 CVE-2023-23517 [Processing maliciously crafted web content may lead to arbitrary code execution]
 	RESERVED
+	{DSA-5341-1 DSA-5340-1 DLA-3308-1}
 	- webkit2gtk 2.38.4-1
 	- wpewebkit 2.38.4-1
 	NOTE: https://webkitgtk.org/security/WSA-2023-0001.html
@@ -8251,8 +8881,8 @@ CVE-2022-48166
 	RESERVED
 CVE-2022-48165 (An access control issue in the component /cgi-bin/ExportLogs.sh of Wav ...)
 	TODO: check
-CVE-2022-48164
-	RESERVED
+CVE-2022-48164 (An access control issue in the component /cgi-bin/ExportLogs.sh of Wav ...)
+	TODO: check
 CVE-2022-48163
 	RESERVED
 CVE-2022-48162
@@ -8409,8 +9039,8 @@ CVE-2022-48087
 	RESERVED
 CVE-2022-48086
 	RESERVED
-CVE-2022-48085
-	RESERVED
+CVE-2022-48085 (Softr v2.0 was discovered to contain a HTML injection vulnerability vi ...)
+	TODO: check
 CVE-2022-48084
 	RESERVED
 CVE-2022-48083
@@ -8423,8 +9053,8 @@ CVE-2022-48080
 	RESERVED
 CVE-2022-48079 (Monnai aaPanel host system v1.5 contains an access control issue which ...)
 	TODO: check
-CVE-2022-48078
-	RESERVED
+CVE-2022-48078 (pycdc commit 44a730f3a889503014fec94ae6e62d8401cb75e5 was discovered t ...)
+	TODO: check
 CVE-2022-48077
 	RESERVED
 CVE-2022-48076
@@ -8541,8 +9171,8 @@ CVE-2022-48021 (A vulnerability in Zammad v5.3.0 allows attackers to execute arb
 	TODO: check
 CVE-2022-48020
 	RESERVED
-CVE-2022-48019
-	RESERVED
+CVE-2022-48019 (The components wfshbr64.sys and wfshbr32.sys in Another Eden before v3 ...)
+	TODO: check
 CVE-2022-48018
 	RESERVED
 CVE-2022-48017
@@ -11362,7 +11992,7 @@ CVE-2023-21845 (Vulnerability in the PeopleSoft Enterprise PeopleTools product o
 CVE-2023-21844 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
 	NOT-FOR-US: Oracle
 CVE-2023-21843 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5335-1 DSA-5331-1}
+	{DSA-5335-1 DSA-5331-1 DLA-3307-1}
 	- openjdk-8 8u362-ga-1
 	- openjdk-11 11.0.18+10-1
 	- openjdk-17 17.0.6+10-1
@@ -11382,7 +12012,7 @@ CVE-2023-21837 (Vulnerability in the Oracle WebLogic Server product of Oracle Fu
 CVE-2023-21836 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 8.0.32-1 (bug #1029151)
 CVE-2023-21835 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5335-1 DSA-5331-1}
+	{DSA-5335-1 DSA-5331-1 DLA-3307-1}
 	- openjdk-11 11.0.18+10-1
 	- openjdk-17 17.0.6+10-1
 	- openjdk-21 21~7ea-1
@@ -13079,8 +13709,8 @@ CVE-2022-47073 (A cross-site scripting (XSS) vulnerability in the Create Ticket
 	NOT-FOR-US: Small CRM
 CVE-2022-47072
 	RESERVED
-CVE-2022-47071
-	RESERVED
+CVE-2022-47071 (In NVS365 V01, the background network test function can trigger comman ...)
+	TODO: check
 CVE-2022-47070 (NVS365 V01 is vulnerable to Incorrect Access Control. After entering a ...)
 	TODO: check
 CVE-2022-47069
@@ -17118,8 +17748,8 @@ CVE-2022-45724
 	RESERVED
 CVE-2022-45723
 	RESERVED
-CVE-2022-45722
-	RESERVED
+CVE-2022-45722 (ezEIP v5.3.0(0649) was discovered to contain a cross-site scripting (X ...)
+	TODO: check
 CVE-2022-45721 (IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overf ...)
 	NOT-FOR-US: IP-COM M50
 CVE-2022-45720 (IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffe ...)
@@ -22249,8 +22879,8 @@ CVE-2022-44345 (Sanitization Management System v1.0 is vulnerable to SQL Injecti
 	NOT-FOR-US: Sanitization Management System
 CVE-2022-44344
 	RESERVED
-CVE-2022-44343
-	RESERVED
+CVE-2022-44343 (CRMEB 4.4.4 is vulnerable to Any File download. ...)
+	TODO: check
 CVE-2022-44342
 	RESERVED
 CVE-2022-44341
@@ -28161,6 +28791,7 @@ CVE-2022-42827 (An out-of-bounds write issue was addressed with improved bounds
 	NOT-FOR-US: Apple
 CVE-2022-42826 [Processing maliciously crafted web content may lead to arbitrary code execution]
 	RESERVED
+	{DSA-5341-1 DSA-5340-1 DLA-3308-1}
 	- webkit2gtk 2.38.4-1
 	- wpewebkit 2.38.4-1
 	NOTE: https://webkitgtk.org/security/WSA-2023-0001.html
@@ -31452,8 +32083,8 @@ CVE-2022-3329
 	RESERVED
 CVE-2022-30544 (Cross-Site Request Forgery (CSRF) in MiKa's OSM – OpenStreetMap  ...)
 	NOT-FOR-US: MiKa
-CVE-2022-27628
-	RESERVED
+CVE-2022-27628 (Cross-Site Request Forgery (CSRF) vulnerability in AA-Team WZone &#821 ...)
+	TODO: check
 CVE-2022-26375 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mamm ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-46840 (The HW_KEYMASTER module has an out-of-bounds access vulnerability in p ...)
@@ -31484,8 +32115,8 @@ CVE-2022-41559 (The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus c
 	NOT-FOR-US: TIBCO
 CVE-2022-41558 (The Visualizations component of TIBCO Software Inc.'s TIBCO Spotfire A ...)
 	NOT-FOR-US: TIBCO
-CVE-2022-41342
-	RESERVED
+CVE-2022-41342 (Improper buffer restrictions the Intel(R) C++ Compiler Classic before  ...)
+	TODO: check
 CVE-2022-41314
 	RESERVED
 CVE-2022-40982
@@ -31498,10 +32129,10 @@ CVE-2022-40964
 	RESERVED
 CVE-2022-40210
 	RESERVED
-CVE-2022-40196
-	RESERVED
-CVE-2022-38136
-	RESERVED
+CVE-2022-40196 (Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler befo ...)
+	TODO: check
+CVE-2022-38136 (Uncontrolled search path in the Intel(R) oneAPI DPC++/C++ Compiler bef ...)
+	TODO: check
 CVE-2022-38099 (Improper input validation in BIOS firmware for some Intel(R) NUC 11 Co ...)
 	NOT-FOR-US: Intel
 CVE-2022-3328
@@ -36751,7 +37382,7 @@ CVE-2022-39401 (Vulnerability in the Oracle Solaris product of Oracle Systems (c
 CVE-2022-39400 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 8.0.31-1 (bug #1024016)
 CVE-2022-39399 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5335-1 DSA-5331-1}
+	{DSA-5335-1 DSA-5331-1 DLA-3307-1}
 	- openjdk-11 11.0.17+8-1
 	- openjdk-17 17.0.5+8-1
 CVE-2022-39398 (tasklists is a tasklists plugin for GLPI (Kanban). Versions prior to 2 ...)
@@ -39086,8 +39717,8 @@ CVE-2022-2935 (The Image Hover Effects Ultimate plugin for WordPress is vulnerab
 	NOT-FOR-US: Image Hover Effects Ultimate plugin for WordPress
 CVE-2022-2934 (The Beaver Builder – WordPress Page Builder for WordPress is vul ...)
 	NOT-FOR-US: WordPress Page Builder
-CVE-2022-2933
-	RESERVED
+CVE-2022-2933 (The 0mk Shortener plugin for WordPress is vulnerable to Cross-Site Req ...)
+	TODO: check
 CVE-2022-2932 (Cross-site Scripting (XSS) - Reflected in GitHub repository bustle/mob ...)
 	NOT-FOR-US: Mobiledoc Kit
 CVE-2022-2931 (A potential DOS vulnerability was discovered in GitLab CE/EE affecting ...)
@@ -65023,8 +65654,8 @@ CVE-2022-29418 (Authenticated (admin user role) Persistent Cross-Site Scripting
 	NOT-FOR-US: WordPress plugin
 CVE-2022-29417 (Plugin Settings Update vulnerability in ShortPixel's ShortPixel Adapti ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2022-29416
-	RESERVED
+CVE-2022-29416 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Afterpay ...)
+	TODO: check
 CVE-2022-29415 (Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability in  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-29414 (Multiple (13x) Cross-Site Request Forgery (CSRF) vulnerabilities in WP ...)
@@ -70577,7 +71208,7 @@ CVE-2022-27501
 	RESERVED
 CVE-2022-27500 (Incorrect default permissions for the Intel(R) Support Android applica ...)
 	NOT-FOR-US: Intel
-CVE-2022-27233 (XML injection in the Intel(R) Quartus Prime Pro and Standard edition s ...)
+CVE-2022-27233 (XML injection Quartus(R) Prime Programmer included in the Intel(R) Qua ...)
 	NOT-FOR-US: Intel
 CVE-2022-27229
 	RESERVED
@@ -96105,7 +96736,7 @@ CVE-2022-21630 (Vulnerability in the JD Edwards EnterpriseOne Tools product of O
 CVE-2022-21629 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle  ...)
 	NOT-FOR-US: Oracle
 CVE-2022-21628 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5335-1 DSA-5331-1}
+	{DSA-5335-1 DSA-5331-1 DLA-3307-1}
 	- openjdk-8 8u352-ga-1
 	- openjdk-11 11.0.17+8-1
 	- openjdk-17 17.0.5+8-1
@@ -96113,13 +96744,13 @@ CVE-2022-21627 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virt
 	- virtualbox 6.1.40-dfsg-1
 	NOTE: https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixOVIR
 CVE-2022-21626 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5331-1}
+	{DSA-5331-1 DLA-3307-1}
 	- openjdk-8 8u352-ga-1
 	- openjdk-11 11.0.17+8-1
 CVE-2022-21625 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 8.0.31-1 (bug #1024016)
 CVE-2022-21624 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5335-1 DSA-5331-1}
+	{DSA-5335-1 DSA-5331-1 DLA-3307-1}
 	- openjdk-8 8u352-ga-1
 	- openjdk-11 11.0.17+8-1
 	- openjdk-17 17.0.5+8-1
@@ -96134,7 +96765,7 @@ CVE-2022-21620 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virt
 	- virtualbox 6.1.40-dfsg-1
 	NOTE: https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixOVIR
 CVE-2022-21619 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5335-1 DSA-5331-1}
+	{DSA-5335-1 DSA-5331-1 DLA-3307-1}
 	- openjdk-8 8u352-ga-1
 	- openjdk-11 11.0.17+8-1
 	- openjdk-17 17.0.5+8-1
@@ -118602,12 +119233,12 @@ CVE-2021-36228
 	RESERVED
 CVE-2021-36227
 	RESERVED
-CVE-2021-36226
-	RESERVED
-CVE-2021-36225
-	RESERVED
-CVE-2021-36224
-	RESERVED
+CVE-2021-36226 (Western Digital My Cloud devices before OS5 do not use cryptographical ...)
+	TODO: check
+CVE-2021-36225 (Western Digital My Cloud devices before OS5 allow REST API access by l ...)
+	TODO: check
+CVE-2021-36224 (Western Digital My Cloud devices before OS5 have a nobody account with ...)
+	TODO: check
 CVE-2021-36223
 	RESERVED
 CVE-2021-36222 (ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a4a6839579069f0f34e9dedac269e21cfba9c08

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a4a6839579069f0f34e9dedac269e21cfba9c08
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230206/e26f89f7/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list