[Git][security-tracker-team/security-tracker][master] automatic update

Mon Jan 9 08:12:34 GMT 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
932fce87 by security tracker role at 2023-01-09T08:10:49+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,15 @@
+CVE-2023-22858
+	RESERVED
+CVE-2023-22857
+	RESERVED
+CVE-2023-22856
+	RESERVED
+CVE-2023-0117
+	RESERVED
+CVE-2023-0116
+	RESERVED
+CVE-2023-0115
+	RESERVED
 CVE-2022-4881 (A vulnerability was found in CapsAdmin PAC3. It has been rated as prob ...)
 	NOT-FOR-US: CapsAdmin PAC3
 CVE-2021-4309 (A vulnerability, which was classified as problematic, has been found i ...)
@@ -967,10 +979,10 @@ CVE-2023-0038 (The "Survey Maker – Best WordPress Survey Plugin" plugin fo
 	NOT-FOR-US: "Survey Maker – Best WordPress Survey Plugin" plugin for WordPress
 CVE-2023-0037
 	RESERVED
-CVE-2023-0036
-	RESERVED
-CVE-2023-0035
-	RESERVED
+CVE-2023-0036 (platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and ...)
+	TODO: check
+CVE-2023-0035 (softbus_client_stub in communication subsystem within OpenHarmony-v3.0 ...)
+	TODO: check
 CVE-2022-4871 (A vulnerability classified as problematic was found in ummmmm nflpick- ...)
 	NOT-FOR-US: ummmmm nflpick-em.com
 CVE-2022-48215
@@ -9908,14 +9920,14 @@ CVE-2022-45875 (Improper validation of script alert plugin parameters in Apache
 	TODO: check
 CVE-2022-45874 (Huawei Aslan Children's Watch has an improper authorization vulnerabil ...)
 	NOT-FOR-US: Huawei
-CVE-2022-45126
-	RESERVED
+CVE-2022-45126 (Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kerne ...)
+	TODO: check
 CVE-2022-45118 (OpenHarmony-v3.1.2 and prior versions had a vulnerability that telepho ...)
 	NOT-FOR-US: OpenHarmony
 CVE-2022-44455 (The appspawn and nwebspawn services within OpenHarmony-v3.1.2 and prio ...)
 	NOT-FOR-US: OpenHarmony
-CVE-2022-43662
-	RESERVED
+CVE-2022-43662 (Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kerne ...)
+	TODO: check
 CVE-2022-41802 (Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kerne ...)
 	NOT-FOR-US: OpenHarmony
 CVE-2022-4138
@@ -68098,8 +68110,8 @@ CVE-2022-25892 (The package muhammara before 2.6.1, from 3.0.0 and before 3.1.1;
 	NOT-FOR-US: Muhammara Nodejs module
 CVE-2022-25891 (The package github.com/containrrr/shoutrrr/pkg/util before 0.6.0 are v ...)
 	NOT-FOR-US: github.com/containrrr/shoutrrr/pkg/util
-CVE-2022-25890
-	RESERVED
+CVE-2022-25890 (All versions of the package wifey are vulnerable to Command Injection  ...)
+	TODO: check
 CVE-2022-25888 (The package opcua from 0.0.0 are vulnerable to Denial of Service (DoS) ...)
 	NOT-FOR-US: Rust crate opcua
 CVE-2022-25887 (The package sanitize-html before 2.7.1 are vulnerable to Regular Expre ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/932fce8778953f61b92bc6c15fd19df6fe4158c6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/932fce8778953f61b92bc6c15fd19df6fe4158c6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230109/1602f0cf/attachment-0001.htm>
