[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Mar 10 20:10:39 GMT 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3766e10f by security tracker role at 2023-03-10T20:10:28+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,271 @@
+CVE-2023-28119
+	RESERVED
+CVE-2023-28118
+	RESERVED
+CVE-2023-28117
+	RESERVED
+CVE-2023-28116
+	RESERVED
+CVE-2023-28115
+	RESERVED
+CVE-2023-28114
+	RESERVED
+CVE-2023-28113
+	RESERVED
+CVE-2023-28112
+	RESERVED
+CVE-2023-28111
+	RESERVED
+CVE-2023-28110
+	RESERVED
+CVE-2023-28109
+	RESERVED
+CVE-2023-28108
+	RESERVED
+CVE-2023-28107
+	RESERVED
+CVE-2023-28106
+	RESERVED
+CVE-2023-28105
+	RESERVED
+CVE-2023-28104
+	RESERVED
+CVE-2023-28103
+	RESERVED
+CVE-2023-28102
+	RESERVED
+CVE-2023-28101
+	RESERVED
+CVE-2023-28100
+	RESERVED
+CVE-2023-28099
+	RESERVED
+CVE-2023-28098
+	RESERVED
+CVE-2023-28097
+	RESERVED
+CVE-2023-28096
+	RESERVED
+CVE-2023-28095
+	RESERVED
+CVE-2023-28094
+	RESERVED
+CVE-2023-28093
+	RESERVED
+CVE-2023-28092
+	RESERVED
+CVE-2023-28091
+	RESERVED
+CVE-2023-28090
+	RESERVED
+CVE-2023-28089
+	RESERVED
+CVE-2023-28088
+	RESERVED
+CVE-2023-28087
+	RESERVED
+CVE-2023-28086
+	RESERVED
+CVE-2023-28085
+	RESERVED
+CVE-2023-28084
+	RESERVED
+CVE-2023-28083
+	RESERVED
+CVE-2023-28082
+	RESERVED
+CVE-2023-28081
+	RESERVED
+CVE-2023-28080
+	RESERVED
+CVE-2023-28079
+	RESERVED
+CVE-2023-28078
+	RESERVED
+CVE-2023-28077
+	RESERVED
+CVE-2023-28076
+	RESERVED
+CVE-2023-28075
+	RESERVED
+CVE-2023-28074
+	RESERVED
+CVE-2023-28073
+	RESERVED
+CVE-2023-28072
+	RESERVED
+CVE-2023-28071
+	RESERVED
+CVE-2023-28070
+	RESERVED
+CVE-2023-28069
+	RESERVED
+CVE-2023-28068
+	RESERVED
+CVE-2023-28067
+	RESERVED
+CVE-2023-28066
+	RESERVED
+CVE-2023-28065
+	RESERVED
+CVE-2023-28064
+	RESERVED
+CVE-2023-28063
+	RESERVED
+CVE-2023-28062
+	RESERVED
+CVE-2023-28061
+	RESERVED
+CVE-2023-28060
+	RESERVED
+CVE-2023-28059
+	RESERVED
+CVE-2023-28058
+	RESERVED
+CVE-2023-28057
+	RESERVED
+CVE-2023-28056
+	RESERVED
+CVE-2023-28055
+	RESERVED
+CVE-2023-28054
+	RESERVED
+CVE-2023-28053
+	RESERVED
+CVE-2023-28052
+	RESERVED
+CVE-2023-28051
+	RESERVED
+CVE-2023-28050
+	RESERVED
+CVE-2023-28049
+	RESERVED
+CVE-2023-28048
+	RESERVED
+CVE-2023-28047
+	RESERVED
+CVE-2023-28046
+	RESERVED
+CVE-2023-28045
+	RESERVED
+CVE-2023-28044
+	RESERVED
+CVE-2023-28043
+	RESERVED
+CVE-2023-28042
+	RESERVED
+CVE-2023-28041
+	RESERVED
+CVE-2023-28040
+	RESERVED
+CVE-2023-28039
+	RESERVED
+CVE-2023-28038
+	RESERVED
+CVE-2023-28037
+	RESERVED
+CVE-2023-28036
+	RESERVED
+CVE-2023-28035
+	RESERVED
+CVE-2023-28034
+	RESERVED
+CVE-2023-28033
+	RESERVED
+CVE-2023-28032
+	RESERVED
+CVE-2023-28031
+	RESERVED
+CVE-2023-28030
+	RESERVED
+CVE-2023-28029
+	RESERVED
+CVE-2023-28028
+	RESERVED
+CVE-2023-28027
+	RESERVED
+CVE-2023-28026
+	RESERVED
+CVE-2023-1346
+	RESERVED
+CVE-2023-1345
+	RESERVED
+CVE-2023-1344
+	RESERVED
+CVE-2023-1343
+	RESERVED
+CVE-2023-1342
+	RESERVED
+CVE-2023-1341
+	RESERVED
+CVE-2023-1340
+	RESERVED
+CVE-2023-1339
+	RESERVED
+CVE-2023-1338
+	RESERVED
+CVE-2023-1337
+	RESERVED
+CVE-2023-1336
+	RESERVED
+CVE-2023-1335
+	RESERVED
+CVE-2023-1334 (The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnera ...)
+	TODO: check
+CVE-2023-1333 (The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnera ...)
+	TODO: check
+CVE-2023-1332
+	RESERVED
+CVE-2023-1331
+	RESERVED
+CVE-2023-1330
+	RESERVED
+CVE-2023-1329
+	RESERVED
+CVE-2023-1328 (A vulnerability was found in Guizhou 115cms 4.2. It has been classifie ...)
+	TODO: check
+CVE-2023-1327
+	RESERVED
+CVE-2023-1326
+	RESERVED
+CVE-2023-1325
+	RESERVED
+CVE-2023-1324
+	RESERVED
+CVE-2023-1323
+	RESERVED
+CVE-2023-1322 (A vulnerability was found in lmxcms 1.41 and classified as critical. A ...)
+	TODO: check
+CVE-2023-1321 (A vulnerability has been found in lmxcms 1.41 and classified as critic ...)
+	TODO: check
+CVE-2023-1320 (Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osti ...)
+	TODO: check
+CVE-2023-1319 (Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osti ...)
+	TODO: check
+CVE-2023-1318 (Cross-site Scripting (XSS) - Generic in GitHub repository osticket/ost ...)
+	TODO: check
+CVE-2023-1317 (Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/o ...)
+	TODO: check
+CVE-2023-1316 (Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osti ...)
+	TODO: check
+CVE-2023-1315 (Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/o ...)
+	TODO: check
+CVE-2023-1314
+	RESERVED
+CVE-2023-1313 (Unrestricted Upload of File with Dangerous Type in GitHub repository c ...)
+	TODO: check
+CVE-2023-1312 (Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pi ...)
+	TODO: check
+CVE-2023-1311 (A vulnerability, which was classified as critical, was found in Source ...)
+	TODO: check
+CVE-2023-1310 (A vulnerability, which was classified as critical, has been found in S ...)
+	TODO: check
+CVE-2023-1309 (A vulnerability classified as critical was found in SourceCodester Onl ...)
+	TODO: check
+CVE-2023-1308 (A vulnerability classified as critical has been found in SourceCodeste ...)
+	TODO: check
+CVE-2013-10021
+	RESERVED
 CVE-2023-28025
 	RESERVED
 CVE-2023-28024
@@ -492,12 +760,12 @@ CVE-2023-27855
 	RESERVED
 CVE-2023-27854
 	RESERVED
-CVE-2023-25947
-	RESERVED
+CVE-2023-25947 (The bundle management subsystem within OpenHarmony-v3.1.4 and prior ve ...)
+	TODO: check
 CVE-2023-25076
 	RESERVED
-CVE-2023-24465
-	RESERVED
+CVE-2023-24465 (Communication Wi-Fi subsystem within OpenHarmony-v3.1.4 and prior vers ...)
+	TODO: check
 CVE-2023-1246
 	RESERVED
 CVE-2023-1245 (Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/ans ...)
@@ -628,16 +896,16 @@ CVE-2023-1207
 	RESERVED
 CVE-2023-1206
 	RESERVED
-CVE-2023-27853
-	RESERVED
-CVE-2023-27852
-	RESERVED
-CVE-2023-27851
-	RESERVED
-CVE-2023-27850
-	RESERVED
-CVE-2023-1205
-	RESERVED
+CVE-2023-27853 (NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format s ...)
+	TODO: check
+CVE-2023-27852 (NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a buffer o ...)
+	TODO: check
+CVE-2023-27851 (NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sha ...)
+	TODO: check
+CVE-2023-27850 (NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sha ...)
+	TODO: check
+CVE-2023-1205 (NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 is vulnerable to cr ...)
+	TODO: check
 CVE-2023-1204
 	RESERVED
 CVE-2023-1203 (Improper removal of sensitive data in the entry edit feature of Hub Bu ...)
@@ -2090,8 +2358,8 @@ CVE-2023-1093
 	RESERVED
 CVE-2023-1092
 	RESERVED
-CVE-2023-1091
-	RESERVED
+CVE-2023-1091 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+	TODO: check
 CVE-2023-1090
 	RESERVED
 CVE-2023-1089
@@ -2489,14 +2757,14 @@ CVE-2023-27166
 	RESERVED
 CVE-2023-27165
 	RESERVED
-CVE-2023-27164
-	RESERVED
+CVE-2023-27164 (An arbitrary file upload vulnerability in Halo up to v1.6.1 allows att ...)
+	TODO: check
 CVE-2023-27163
 	RESERVED
 CVE-2023-27162
 	RESERVED
-CVE-2023-27161
-	RESERVED
+CVE-2023-27161 (Jellyfin up to v10.7.7 was discovered to contain a Server-Side Request ...)
+	TODO: check
 CVE-2023-27160
 	RESERVED
 CVE-2023-27159
@@ -3921,8 +4189,8 @@ CVE-2023-1017 (An out-of-bounds write vulnerability exists in TPM2.0's Module Li
 	NOTE: https://trustedcomputinggroup.org/wp-content/uploads/TCGVRT0007-Advisory-FINAL.pdf
 CVE-2023-1016
 	RESERVED
-CVE-2023-1015
-	RESERVED
+CVE-2023-1015 (This CVE ID has been rejected or withdrawn by its CVE Numbering Author ...)
+	TODO: check
 CVE-2023-1014
 	RESERVED
 CVE-2023-1013
@@ -4090,8 +4358,8 @@ CVE-2022-48345 (sanitize-url (aka @braintree/sanitize-url) before 6.0.2 allows X
 	- node-mermaid <unfixed> (bug #1032313)
 	[bullseye] - node-mermaid <no-dsa> (Minor issue)
 	NOTE: https://github.com/braintree/sanitize-url/commit/d4bdc89f1743fe3cdb7c3f24b06e4c875f349b0c
-CVE-2023-26464
-	RESERVED
+CVE-2023-26464 (** UNSUPPORTED WHEN ASSIGNED ** When using the Chainsaw or SocketAppen ...)
+	TODO: check
 CVE-2023-0991
 	RESERVED
 CVE-2023-0990
@@ -5104,8 +5372,8 @@ CVE-2023-26077
 	RESERVED
 CVE-2023-26076
 	RESERVED
-CVE-2023-26075
-	RESERVED
+CVE-2023-26075 (An issue was discovered in Samsung Mobile Chipset and Baseband Modem C ...)
+	TODO: check
 CVE-2023-26074
 	RESERVED
 CVE-2023-26073
@@ -6751,8 +7019,8 @@ CVE-2023-0748 (Open Redirect in GitHub repository btcpayserver/btcpayserver prio
 	NOT-FOR-US: btcpayserver
 CVE-2023-0747 (Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/ ...)
 	NOT-FOR-US: btcpayserver
-CVE-2023-0746
-	RESERVED
+CVE-2023-0746 (The help page in GigaVUE-FM, when using GigaVUE-OS software version 5. ...)
+	TODO: check
 CVE-2023-0745 (Relative Path Traversal vulnerability in YugaByte, Inc. Yugabyte Manag ...)
 	- yugabyte-db <itp> (bug #989673)
 CVE-2022-48321 (Limited Server-Side Request Forgery (SSRF) in agent-receiver in Tribe2 ...)
@@ -8948,8 +9216,8 @@ CVE-2023-24776 (Funadmin v3.2.0 was discovered to contain a remote code executio
 	NOT-FOR-US: Funadmin
 CVE-2023-24775 (Funadmin v3.2.0 was discovered to contain a SQL injection vulnerabilit ...)
 	NOT-FOR-US: Funadmin
-CVE-2023-24774
-	RESERVED
+CVE-2023-24774 (Funadmin v3.2.0 was discovered to contain a SQL injection vulnerabilit ...)
+	TODO: check
 CVE-2023-24773 (Funadmin v3.2.0 was discovered to contain a SQL injection vulnerabilit ...)
 	NOT-FOR-US: Funadmin
 CVE-2023-24772
@@ -15318,10 +15586,10 @@ CVE-2023-22634
 	RESERVED
 CVE-2023-22633
 	RESERVED
-CVE-2023-22436
-	RESERVED
-CVE-2023-22301
-	RESERVED
+CVE-2023-22436 (The kernel subsystem function check_permission_for_set_tokenid within  ...)
+	TODO: check
+CVE-2023-22301 (The kernel subsystem hmdfs within OpenHarmony-v3.1.5 and prior version ...)
+	TODO: check
 CVE-2023-22291
 	RESERVED
 CVE-2023-0091 (A flaw was found in Keycloak, where it did not properly check client t ...)
@@ -15336,8 +15604,8 @@ CVE-2023-0085 (The Metform Elementor Contact Form Builder plugin for WordPress i
 	NOT-FOR-US: Metform Elementor Contact Form Builder plugin for WordPress
 CVE-2023-0084 (The Metform Elementor Contact Form Builder plugin for WordPress is vul ...)
 	NOT-FOR-US: Metform Elementor Contact Form Builder plugin for WordPress
-CVE-2023-0083
-	RESERVED
+CVE-2023-0083 (The ArKUI framework subsystem within OpenHarmony-v3.1.5 and prior vers ...)
+	TODO: check
 CVE-2023-0082 (The ExactMetrics WordPress plugin before 7.12.1 does not validate and  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0081 (The MonsterInsights WordPress plugin before 8.12.1 does not validate a ...)
@@ -16395,8 +16663,8 @@ CVE-2022-48113 (A vulnerability in TOTOLINK N200RE_v5 firmware V9.3.5u.6139 allo
 	NOT-FOR-US: TOTOLINK
 CVE-2022-48112
 	RESERVED
-CVE-2022-48111
-	RESERVED
+CVE-2022-48111 (A cross-site scripting (XSS) vulnerability in the check_login function ...)
+	TODO: check
 CVE-2022-48110 (** DISPUTED ** CKSource CKEditor 5 35.4.0 was discovered to contain a  ...)
 	NOT-FOR-US: Disputed ckeditor issue
 CVE-2022-48109
@@ -20768,11 +21036,11 @@ CVE-2022-47215
 	RESERVED
 CVE-2022-47214
 	RESERVED
-CVE-2022-47213 (Microsoft Office Graphics Remote Code Execution Vulnerability. This CV ...)
+CVE-2022-47213 (Microsoft Office Graphics Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-47212 (Microsoft Office Graphics Remote Code Execution Vulnerability. This CV ...)
+CVE-2022-47212 (Microsoft Office Graphics Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-47211 (Microsoft Office Graphics Remote Code Execution Vulnerability. This CV ...)
+CVE-2022-47211 (Microsoft Office Graphics Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-47210 (The default console presented to users over telnet (when enabled) is r ...)
 	NOT-FOR-US: Netgear
@@ -29260,19 +29528,19 @@ CVE-2023-20904 (In getTrampolineIntent of SettingsActivity.java, there is a poss
 	NOT-FOR-US: Android
 CVE-2022-44714
 	RESERVED
-CVE-2022-44713 (Microsoft Outlook for Mac Spoofing Vulnerability. ...)
+CVE-2022-44713 (Microsoft Outlook for Mac Spoofing Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-44712
 	RESERVED
 CVE-2022-44711
 	RESERVED
-CVE-2022-44710 (DirectX Graphics Kernel Elevation of Privilege Vulnerability. ...)
+CVE-2022-44710 (DirectX Graphics Kernel Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-44709
 	RESERVED
 CVE-2022-44708 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44707 (Windows Kernel Denial of Service Vulnerability. ...)
+CVE-2022-44707 (Windows Kernel Denial of Service Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-44706
 	RESERVED
@@ -29290,27 +29558,27 @@ CVE-2022-44700
 	RESERVED
 CVE-2022-44699 (Azure Network Watcher Agent Security Feature Bypass Vulnerability. ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44698 (Windows SmartScreen Security Feature Bypass Vulnerability. ...)
+CVE-2022-44698 (Windows SmartScreen Security Feature Bypass Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44697 (Windows Graphics Component Elevation of Privilege Vulnerability. This  ...)
+CVE-2022-44697 (Windows Graphics Component Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44696 (Microsoft Office Visio Remote Code Execution Vulnerability. This CVE I ...)
+CVE-2022-44696 (Microsoft Office Visio Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44695 (Microsoft Office Visio Remote Code Execution Vulnerability. This CVE I ...)
+CVE-2022-44695 (Microsoft Office Visio Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44694 (Microsoft Office Visio Remote Code Execution Vulnerability. This CVE I ...)
+CVE-2022-44694 (Microsoft Office Visio Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44693 (Microsoft SharePoint Server Remote Code Execution Vulnerability. This  ...)
+CVE-2022-44693 (Microsoft SharePoint Server Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44692 (Microsoft Office Graphics Remote Code Execution Vulnerability. This CV ...)
+CVE-2022-44692 (Microsoft Office Graphics Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44691 (Microsoft Office OneNote Remote Code Execution Vulnerability. ...)
+CVE-2022-44691 (Microsoft Office OneNote Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44690 (Microsoft SharePoint Server Remote Code Execution Vulnerability. This  ...)
+CVE-2022-44690 (Microsoft SharePoint Server Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-44689 (Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulne ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44688 (Microsoft Edge (Chromium-based) Spoofing Vulnerability. ...)
+CVE-2022-44688 (Microsoft Edge (Chromium-based) Spoofing Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-44687 (Raw Image Extension Remote Code Execution Vulnerability. ...)
 	NOT-FOR-US: Microsoft
@@ -29320,41 +29588,41 @@ CVE-2022-44685
 	RESERVED
 CVE-2022-44684
 	RESERVED
-CVE-2022-44683 (Windows Kernel Elevation of Privilege Vulnerability. ...)
+CVE-2022-44683 (Windows Kernel Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44682 (Windows Hyper-V Denial of Service Vulnerability. ...)
+CVE-2022-44682 (Windows Hyper-V Denial of Service Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44681 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
+CVE-2022-44681 (Windows Print Spooler Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44680 (Windows Graphics Component Elevation of Privilege Vulnerability. This  ...)
+CVE-2022-44680 (Windows Graphics Component Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44679 (Windows Graphics Component Information Disclosure Vulnerability. This  ...)
+CVE-2022-44679 (Windows Graphics Component Information Disclosure Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44678 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
+CVE-2022-44678 (Windows Print Spooler Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44677 (Windows Projected File System Elevation of Privilege Vulnerability. ...)
+CVE-2022-44677 (Windows Projected File System Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-44676 (Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution  ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44675 (Windows Bluetooth Driver Elevation of Privilege Vulnerability. ...)
+CVE-2022-44675 (Windows Bluetooth Driver Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44674 (Windows Bluetooth Driver Information Disclosure Vulnerability. ...)
+CVE-2022-44674 (Windows Bluetooth Driver Information Disclosure Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-44673 (Windows Client Server Run-Time Subsystem (CSRSS) Elevation of Privileg ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-44672
 	RESERVED
-CVE-2022-44671 (Windows Graphics Component Elevation of Privilege Vulnerability. This  ...)
+CVE-2022-44671 (Windows Graphics Component Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-44670 (Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution  ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44669 (Windows Error Reporting Elevation of Privilege Vulnerability. ...)
+CVE-2022-44669 (Windows Error Reporting Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44668 (Windows Media Remote Code Execution Vulnerability. This CVE ID is uniq ...)
+CVE-2022-44668 (Windows Media Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44667 (Windows Media Remote Code Execution Vulnerability. This CVE ID is uniq ...)
+CVE-2022-44667 (Windows Media Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-44666 (Windows Contacts Remote Code Execution Vulnerability. ...)
+CVE-2022-44666 (Windows Contacts Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-44665
 	RESERVED
@@ -40876,7 +41144,7 @@ CVE-2022-41124
 	RESERVED
 CVE-2022-41123 (Microsoft Exchange Server Elevation of Privilege Vulnerability. This C ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41122 (Microsoft SharePoint Server Spoofing Vulnerability. ...)
+CVE-2022-41122 (Microsoft SharePoint Server Spoofing Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41121 (Windows Graphics Component Elevation of Privilege Vulnerability. This  ...)
 	NOT-FOR-US: Microsoft
@@ -40884,7 +41152,7 @@ CVE-2022-41120 (Microsoft Windows Sysmon Elevation of Privilege Vulnerability. .
 	NOT-FOR-US: Microsoft
 CVE-2022-41119 (Visual Studio Remote Code Execution Vulnerability. ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41118 (Windows Scripting Languages Remote Code Execution Vulnerability. This  ...)
+CVE-2022-41118 (Windows Scripting Languages Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41117
 	RESERVED
@@ -40892,9 +41160,9 @@ CVE-2022-41116 (Windows Point-to-Point Tunneling Protocol Denial of Service Vuln
 	NOT-FOR-US: Microsoft
 CVE-2022-41115 (Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerab ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41114 (Windows Bind Filter Driver Elevation of Privilege Vulnerability. ...)
+CVE-2022-41114 (Windows Bind Filter Driver Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41113 (Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability. ...)
+CVE-2022-41113 (Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41112
 	RESERVED
@@ -40902,43 +41170,43 @@ CVE-2022-41111
 	RESERVED
 CVE-2022-41110
 	RESERVED
-CVE-2022-41109 (Windows Win32k Elevation of Privilege Vulnerability. This CVE ID is un ...)
+CVE-2022-41109 (Windows Win32k Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41108
 	RESERVED
-CVE-2022-41107 (Microsoft Office Graphics Remote Code Execution Vulnerability. ...)
+CVE-2022-41107 (Microsoft Office Graphics Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41106 (Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is un ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41105 (Microsoft Excel Information Disclosure Vulnerability. ...)
+CVE-2022-41105 (Microsoft Excel Information Disclosure Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41104 (Microsoft Excel Security Feature Bypass Vulnerability. ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41103 (Microsoft Word Information Disclosure Vulnerability. This CVE ID is un ...)
+CVE-2022-41103 (Microsoft Word Information Disclosure Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41102 (Windows Overlay Filter Elevation of Privilege Vulnerability. This CVE  ...)
+CVE-2022-41102 (Windows Overlay Filter Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41101 (Windows Overlay Filter Elevation of Privilege Vulnerability. This CVE  ...)
+CVE-2022-41101 (Windows Overlay Filter Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41100 (Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vu ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41099 (BitLocker Security Feature Bypass Vulnerability. ...)
+CVE-2022-41099 (BitLocker Security Feature Bypass Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41098 (Windows GDI+ Information Disclosure Vulnerability. ...)
+CVE-2022-41098 (Windows GDI+ Information Disclosure Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41097 (Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vul ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41096 (Microsoft DWM Core Library Elevation of Privilege Vulnerability. ...)
+CVE-2022-41096 (Microsoft DWM Core Library Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41095 (Windows Digital Media Receiver Elevation of Privilege Vulnerability. ...)
+CVE-2022-41095 (Windows Digital Media Receiver Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41094 (Windows Hyper-V Elevation of Privilege Vulnerability. ...)
+CVE-2022-41094 (Windows Hyper-V Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41093 (Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vu ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41092 (Windows Win32k Elevation of Privilege Vulnerability. This CVE ID is un ...)
+CVE-2022-41092 (Windows Win32k Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41091 (Windows Mark of the Web Security Feature Bypass Vulnerability. This CV ...)
+CVE-2022-41091 (Windows Mark of the Web Security Feature Bypass Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41090 (Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerabil ...)
 	NOT-FOR-US: Microsoft
@@ -40948,7 +41216,7 @@ CVE-2022-41088 (Windows Point-to-Point Tunneling Protocol Remote Code Execution
 	NOT-FOR-US: Microsoft
 CVE-2022-41087
 	RESERVED
-CVE-2022-41086 (Windows Group Policy Elevation of Privilege Vulnerability. This CVE ID ...)
+CVE-2022-41086 (Windows Group Policy Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41085 (Azure CycleCloud Elevation of Privilege Vulnerability. ...)
 	NOT-FOR-US: Microsoft
@@ -40966,15 +41234,15 @@ CVE-2022-41079 (Microsoft Exchange Server Spoofing Vulnerability. This CVE ID is
 	NOT-FOR-US: Microsoft
 CVE-2022-41078 (Microsoft Exchange Server Spoofing Vulnerability. This CVE ID is uniqu ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41077 (Windows Fax Compose Form Elevation of Privilege Vulnerability. ...)
+CVE-2022-41077 (Windows Fax Compose Form Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41076 (PowerShell Remote Code Execution Vulnerability. ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41075
 	RESERVED
-CVE-2022-41074 (Windows Graphics Component Information Disclosure Vulnerability. This  ...)
+CVE-2022-41074 (Windows Graphics Component Information Disclosure Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41073 (Windows Print Spooler Elevation of Privilege Vulnerability. ...)
+CVE-2022-41073 (Windows Print Spooler Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41072
 	RESERVED
@@ -40988,7 +41256,7 @@ CVE-2022-41068
 	RESERVED
 CVE-2022-41067
 	RESERVED
-CVE-2022-41066 (Microsoft Business Central Information Disclosure Vulnerability. ...)
+CVE-2022-41066 (Microsoft Business Central Information Disclosure Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41065
 	RESERVED
@@ -40996,37 +41264,37 @@ CVE-2022-41064 (.NET Framework Information Disclosure Vulnerability. ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41063 (Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is un ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41062 (Microsoft SharePoint Server Remote Code Execution Vulnerability. ...)
+CVE-2022-41062 (Microsoft SharePoint Server Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41061 (Microsoft Word Remote Code Execution Vulnerability. ...)
+CVE-2022-41061 (Microsoft Word Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41060 (Microsoft Word Information Disclosure Vulnerability. This CVE ID is un ...)
+CVE-2022-41060 (Microsoft Word Information Disclosure Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41059
 	RESERVED
 CVE-2022-41058 (Windows Network Address Translation (NAT) Denial of Service Vulnerabil ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41057 (Windows HTTP.sys Elevation of Privilege Vulnerability. ...)
+CVE-2022-41057 (Windows HTTP.sys Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41056 (Network Policy Server (NPS) RADIUS Protocol Denial of Service Vulnerab ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41055 (Windows Human Interface Device Information Disclosure Vulnerability. ...)
+CVE-2022-41055 (Windows Human Interface Device Information Disclosure Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41054 (Windows Resilient File System (ReFS) Elevation of Privilege Vulnerabil ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41053 (Windows Kerberos Denial of Service Vulnerability. ...)
+CVE-2022-41053 (Windows Kerberos Denial of Service Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41052 (Windows Graphics Component Remote Code Execution Vulnerability. ...)
+CVE-2022-41052 (Windows Graphics Component Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41051 (Azure RTOS GUIX Studio Remote Code Execution Vulnerability. ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41050 (Windows Extensible File Allocation Table Elevation of Privilege Vulner ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41049 (Windows Mark of the Web Security Feature Bypass Vulnerability. This CV ...)
+CVE-2022-41049 (Windows Mark of the Web Security Feature Bypass Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41048 (Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID ...)
+CVE-2022-41048 (Microsoft ODBC Driver Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41047 (Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID ...)
+CVE-2022-41047 (Microsoft ODBC Driver Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41046
 	RESERVED
@@ -49231,7 +49499,7 @@ CVE-2022-38025 (Windows Distributed File System (DFS) Information Disclosure Vul
 	NOT-FOR-US: Microsoft
 CVE-2022-38024
 	RESERVED
-CVE-2022-38023 (Netlogon RPC Elevation of Privilege Vulnerability. ...)
+CVE-2022-38023 (Netlogon RPC Elevation of Privilege Vulnerability ...)
 	- samba 2:4.17.4+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2022-38023.html
 CVE-2022-38022 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
@@ -49248,7 +49516,7 @@ CVE-2022-38017 (StorSimple 8000 Series Elevation of Privilege Vulnerability. ...
 	NOT-FOR-US: Microsoft
 CVE-2022-38016 (Windows Local Security Authority (LSA) Elevation of Privilege Vulnerab ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-38015 (Windows Hyper-V Denial of Service Vulnerability. ...)
+CVE-2022-38015 (Windows Hyper-V Denial of Service Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-38014 (Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulne ...)
 	NOT-FOR-US: Microsoft
@@ -49294,7 +49562,7 @@ CVE-2022-37994 (Windows Group Policy Preference Client Elevation of Privilege Vu
 	NOT-FOR-US: Microsoft
 CVE-2022-37993 (Windows Group Policy Preference Client Elevation of Privilege Vulnerab ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-37992 (Windows Group Policy Elevation of Privilege Vulnerability. This CVE ID ...)
+CVE-2022-37992 (Windows Group Policy Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-37991 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
 	NOT-FOR-US: Microsoft
@@ -49344,10 +49612,10 @@ CVE-2022-37969 (Windows Common Log File System Driver Elevation of Privilege Vul
 	NOT-FOR-US: Microsoft
 CVE-2022-37968 (Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vu ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-37967 (Windows Kerberos Elevation of Privilege Vulnerability. ...)
+CVE-2022-37967 (Windows Kerberos Elevation of Privilege Vulnerability ...)
 	- samba 2:4.17.4+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2022-37967.html
-CVE-2022-37966 (Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability. ...)
+CVE-2022-37966 (Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability ...)
 	- samba 2:4.17.4+dfsg-1
 	NOTE: https://www.samba.org/samba/security/CVE-2022-37966.html
 CVE-2022-37965 (Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerabil ...)
@@ -80920,11 +81188,11 @@ CVE-2022-26808 (Windows File Explorer Elevation of Privilege Vulnerability. ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-26807 (Windows Work Folder Service Elevation of Privilege Vulnerability. ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-26806 (Microsoft Office Graphics Remote Code Execution Vulnerability. This CV ...)
+CVE-2022-26806 (Microsoft Office Graphics Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-26805 (Microsoft Office Graphics Remote Code Execution Vulnerability. This CV ...)
+CVE-2022-26805 (Microsoft Office Graphics Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-26804 (Microsoft Office Graphics Remote Code Execution Vulnerability. This CV ...)
+CVE-2022-26804 (Microsoft Office Graphics Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-26803 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
 	NOT-FOR-US: Microsoft
@@ -133989,8 +134257,8 @@ CVE-2021-33361 (Memory leak in the afra_box_read function in MP4Box in GPAC 1.0.
 	NOTE: https://github.com/gpac/gpac/commit/a51f951b878c2b73c1d8e2f1518c7cdc5fb82c3f
 	NOTE: https://github.com/gpac/gpac/issues/1782
 	NOTE: Negligible security impact
-CVE-2021-33360
-	RESERVED
+CVE-2021-33360 (An issue found in Stoqey gnuplot v.0.0.3 and earlier allows attackers  ...)
+	TODO: check
 CVE-2021-33359 (A vulnerability exists in gowitness < 2.3.6 that allows an unauthen ...)
 	NOT-FOR-US: gowitness
 CVE-2021-33358 (Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the "interfac ...)
@@ -148754,8 +149022,8 @@ CVE-2021-27790 (The command ipfilter in Brocade Fabric OS before Brocade Fabric
 	NOT-FOR-US: Brocade Fabric OS
 CVE-2021-27789 (The Web application of Brocade Fabric OS before versions Brocade Fabri ...)
 	NOT-FOR-US: Brocade Fabric OS
-CVE-2021-27788
-	RESERVED
+CVE-2021-27788 (HCL Verse is susceptible to a Cross Site Scripting (XSS) vulnerability ...)
+	TODO: check
 CVE-2021-27787
 	RESERVED
 CVE-2021-27786 (Cross-origin resource sharing (CORS) enables browsers to perform cross ...)
@@ -192662,7 +192930,7 @@ CVE-2020-22663
 	RESERVED
 CVE-2020-22662 (In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10. ...)
 	NOT-FOR-US: Ruckus
-CVE-2020-22661
+CVE-2020-22661 (In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10. ...)
 	NOT-FOR-US: Ruckus
 CVE-2020-22660 (In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10. ...)
 	NOT-FOR-US: Ruckus



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3766e10f437fb0710f65a27b1d28a45934a4525d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3766e10f437fb0710f65a27b1d28a45934a4525d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230310/40238486/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list