[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jan 3 20:10:38 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3cd25e2e by security tracker role at 2023-01-03T20:10:26+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,57 @@
+CVE-2023-22586
+ RESERVED
+CVE-2023-22585
+ RESERVED
+CVE-2023-22584
+ RESERVED
+CVE-2023-22583
+ RESERVED
+CVE-2023-22582
+ RESERVED
+CVE-2023-22581
+ RESERVED
+CVE-2023-22580
+ RESERVED
+CVE-2023-22579
+ RESERVED
+CVE-2023-22578
+ RESERVED
+CVE-2023-22577
+ RESERVED
+CVE-2023-0040
+ RESERVED
+CVE-2023-0039 (The User Post Gallery - UPG plugin for WordPress is vulnerable to auth ...)
+ TODO: check
+CVE-2023-0038 (The "Survey Maker – Best WordPress Survey Plugin" plugin for Wor ...)
+ TODO: check
+CVE-2023-0037
+ RESERVED
+CVE-2023-0036
+ RESERVED
+CVE-2023-0035
+ RESERVED
+CVE-2022-4871 (A vulnerability classified as problematic was found in ummmmm nflpick- ...)
+ TODO: check
+CVE-2022-48215
+ RESERVED
+CVE-2022-48214
+ RESERVED
+CVE-2022-48213
+ RESERVED
+CVE-2022-48212
+ RESERVED
+CVE-2022-48211
+ RESERVED
+CVE-2022-48210
+ RESERVED
+CVE-2015-10012 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in sumocoder ...)
+ TODO: check
+CVE-2013-10007 (A vulnerability classified as problematic has been found in ethitter W ...)
+ TODO: check
+CVE-2012-10003 (A vulnerability, which was classified as problematic, has been found i ...)
+ TODO: check
+CVE-2012-10002 (A vulnerability was found in ahmyi RivetTracker. It has been declared ...)
+ TODO: check
CVE-2023-0034
RESERVED
CVE-2023-0033
@@ -522,8 +576,8 @@ CVE-2023-22458
RESERVED
CVE-2023-22457
RESERVED
-CVE-2023-22456
- RESERVED
+CVE-2023-22456 (ViewVC, a browser interface for CVS and Subversion version control rep ...)
+ TODO: check
CVE-2023-22455
RESERVED
CVE-2023-22454
@@ -1674,8 +1728,8 @@ CVE-2023-0021
RESERVED
CVE-2022-47926 (AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_ ...)
NOT-FOR-US: AyaCMS
-CVE-2022-4663
- RESERVED
+CVE-2022-4663 (The Members Import plugin for WordPress is vulnerable to Self Cross-Si ...)
+ TODO: check
CVE-2022-4662 (A flaw incorrect access control in the Linux kernel USB core subsystem ...)
- linux 5.19.11-1
[bullseye] - linux 5.10.148-1
@@ -11157,8 +11211,8 @@ CVE-2022-3934 (The Flat PM WordPress plugin through 2.661 does not sanitize and
NOT-FOR-US: WordPress plugin
CVE-2022-3933 (The Essential Real Estate WordPress plugin before 3.9.6 does not sanit ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-45143
- RESERVED
+CVE-2022-45143 (The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and ...)
+ TODO: check
CVE-2022-45142
RESERVED
CVE-2022-45141
@@ -18079,14 +18133,14 @@ CVE-2022-43524
RESERVED
CVE-2022-43523
RESERVED
-CVE-2022-43522
- RESERVED
-CVE-2022-43521
- RESERVED
-CVE-2022-43520
- RESERVED
-CVE-2022-43519
- RESERVED
+CVE-2022-43522 (Multiple vulnerabilities in the web-based management interface of Arub ...)
+ TODO: check
+CVE-2022-43521 (Multiple vulnerabilities in the web-based management interface of Arub ...)
+ TODO: check
+CVE-2022-43520 (Multiple vulnerabilities in the web-based management interface of Arub ...)
+ TODO: check
+CVE-2022-43519 (Multiple vulnerabilities in the web-based management interface of Arub ...)
+ TODO: check
CVE-2022-43518 (An authenticated path traversal vulnerability exists in the Aruba Edge ...)
NOT-FOR-US: Aruba
CVE-2022-43517 (A vulnerability has been identified in Simcenter STAR-CCM+ (All versio ...)
@@ -21071,8 +21125,8 @@ CVE-2022-42473 (A missing authentication for a critical function vulnerability i
NOT-FOR-US: FortiGuard
CVE-2022-42472
RESERVED
-CVE-2022-42471
- RESERVED
+CVE-2022-42471 (An improper neutralization of CRLF sequences in HTTP headers ('HTTP Re ...)
+ TODO: check
CVE-2022-42470
RESERVED
CVE-2022-42469
@@ -24115,8 +24169,8 @@ CVE-2022-3293 (Email addresses were leaked in WebHook logs in GitLab EE affectin
- gitlab <not-affected> (Only affects Gitlab EE)
CVE-2022-3292 (Use of Cache Containing Sensitive Information in GitHub repository iku ...)
- rdiffweb <itp> (bug #969974)
-CVE-2022-41336
- RESERVED
+CVE-2022-41336 (An improper neutralization of input during web page generation vulnera ...)
+ TODO: check
CVE-2022-41335
RESERVED
CVE-2022-41334
@@ -27524,8 +27578,8 @@ CVE-2022-39949 (An improper control of a resource through its lifetime vulnerabi
NOT-FOR-US: FortiGuard
CVE-2022-39948
RESERVED
-CVE-2022-39947
- RESERVED
+CVE-2022-39947 (A improper neutralization of special elements used in an os command (' ...)
+ TODO: check
CVE-2022-39946
RESERVED
CVE-2022-39945 (An improper access control vulnerability [CWE-284] in FortiMail 7.2.0, ...)
@@ -30622,8 +30676,8 @@ CVE-2022-38768 (The mobile application in Transtek Mojodat FAM (Fixed Asset Mana
NOT-FOR-US: Transtek
CVE-2022-38767 (An issue was discovered in Wind River VxWorks 6.9 and 7, that allows a ...)
NOT-FOR-US: Wind River VxWorks
-CVE-2022-38766
- RESERVED
+CVE-2022-38766 (The remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MH ...)
+ TODO: check
CVE-2022-38765 (Canon Medical Informatics Vitrea Vision 7.7.76.1 does not adequately e ...)
NOT-FOR-US: Canon Medical Informatics Vitrea
CVE-2022-38764 (A vulnerability on Trend Micro HouseCall version 1.62.1.1133 and below ...)
@@ -33216,10 +33270,10 @@ CVE-2022-37936
RESERVED
CVE-2022-37935
RESERVED
-CVE-2022-37934
- RESERVED
-CVE-2022-37933
- RESERVED
+CVE-2022-37934 (A potential security vulnerability has been identified in HPE OfficeCo ...)
+ TODO: check
+CVE-2022-37933 (A potential security vulnerability has been identified in HPE Superdom ...)
+ TODO: check
CVE-2022-37932 (A potential security vulnerability has been identified in Hewlett Pack ...)
NOT-FOR-US: HPE
CVE-2022-37931 (A vulnerability in NetBatch-Plus software allows unauthorized access t ...)
@@ -38691,8 +38745,8 @@ CVE-2022-35847 (An improper neutralization of special elements used in a templat
NOT-FOR-US: FortiGuard
CVE-2022-35846 (An improper restriction of excessive authentication attempts vulnerabi ...)
NOT-FOR-US: FortiGuard
-CVE-2022-35845
- RESERVED
+CVE-2022-35845 (Multiple improper neutralization of special elements used in an OS Com ...)
+ TODO: check
CVE-2022-35844 (An improper neutralization of special elements used in an OS command v ...)
NOT-FOR-US: FortiGuard
CVE-2022-35843 (An authentication bypass by assumed-immutable data vulnerability [CWE- ...)
@@ -118896,8 +118950,8 @@ CVE-2021-32826 (Proxyee-Down is open source proxy software. An attacker being ab
NOT-FOR-US: Proxyee-Down
CVE-2021-32825 (bblfshd is an open source self-hosted server for source code parsing. ...)
NOT-FOR-US: bblfshd
-CVE-2021-32824
- RESERVED
+CVE-2021-32824 (Apache Dubbo is a java based, open source RPC framework. Versions prio ...)
+ TODO: check
CVE-2021-32823 (In the bindata RubyGem before version 2.4.10 there is a potential deni ...)
- ruby-bindata <unfixed> (bug #990577)
[bullseye] - ruby-bindata <no-dsa> (Minor issue)
@@ -118908,8 +118962,8 @@ CVE-2021-32823 (In the bindata RubyGem before version 2.4.10 there is a potentia
NOTE: https://github.com/dmendel/bindata/blob/v2.4.10/ChangeLog.rdoc#version-2410-2021-05-18-
CVE-2021-32822 (The npm hbs package is an Express view engine wrapper for Handlebars. ...)
NOT-FOR-US: Node hbs
-CVE-2021-32821
- RESERVED
+CVE-2021-32821 (MooTools is a collection of JavaScript utilities for JavaScript develo ...)
+ TODO: check
CVE-2021-32820 (Express-handlebars is a Handlebars view engine for Express. Express-ha ...)
NOT-FOR-US: Express-handlebars
CVE-2021-32819 (Squirrelly is a template engine implemented in JavaScript that works o ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3cd25e2ef840783a98453860868fb6c5c1acc38f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3cd25e2ef840783a98453860868fb6c5c1acc38f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230103/b6da2e39/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list