[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Mar 10 20:10:39 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3766e10f by security tracker role at 2023-03-10T20:10:28+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,271 @@
+CVE-2023-28119
+ RESERVED
+CVE-2023-28118
+ RESERVED
+CVE-2023-28117
+ RESERVED
+CVE-2023-28116
+ RESERVED
+CVE-2023-28115
+ RESERVED
+CVE-2023-28114
+ RESERVED
+CVE-2023-28113
+ RESERVED
+CVE-2023-28112
+ RESERVED
+CVE-2023-28111
+ RESERVED
+CVE-2023-28110
+ RESERVED
+CVE-2023-28109
+ RESERVED
+CVE-2023-28108
+ RESERVED
+CVE-2023-28107
+ RESERVED
+CVE-2023-28106
+ RESERVED
+CVE-2023-28105
+ RESERVED
+CVE-2023-28104
+ RESERVED
+CVE-2023-28103
+ RESERVED
+CVE-2023-28102
+ RESERVED
+CVE-2023-28101
+ RESERVED
+CVE-2023-28100
+ RESERVED
+CVE-2023-28099
+ RESERVED
+CVE-2023-28098
+ RESERVED
+CVE-2023-28097
+ RESERVED
+CVE-2023-28096
+ RESERVED
+CVE-2023-28095
+ RESERVED
+CVE-2023-28094
+ RESERVED
+CVE-2023-28093
+ RESERVED
+CVE-2023-28092
+ RESERVED
+CVE-2023-28091
+ RESERVED
+CVE-2023-28090
+ RESERVED
+CVE-2023-28089
+ RESERVED
+CVE-2023-28088
+ RESERVED
+CVE-2023-28087
+ RESERVED
+CVE-2023-28086
+ RESERVED
+CVE-2023-28085
+ RESERVED
+CVE-2023-28084
+ RESERVED
+CVE-2023-28083
+ RESERVED
+CVE-2023-28082
+ RESERVED
+CVE-2023-28081
+ RESERVED
+CVE-2023-28080
+ RESERVED
+CVE-2023-28079
+ RESERVED
+CVE-2023-28078
+ RESERVED
+CVE-2023-28077
+ RESERVED
+CVE-2023-28076
+ RESERVED
+CVE-2023-28075
+ RESERVED
+CVE-2023-28074
+ RESERVED
+CVE-2023-28073
+ RESERVED
+CVE-2023-28072
+ RESERVED
+CVE-2023-28071
+ RESERVED
+CVE-2023-28070
+ RESERVED
+CVE-2023-28069
+ RESERVED
+CVE-2023-28068
+ RESERVED
+CVE-2023-28067
+ RESERVED
+CVE-2023-28066
+ RESERVED
+CVE-2023-28065
+ RESERVED
+CVE-2023-28064
+ RESERVED
+CVE-2023-28063
+ RESERVED
+CVE-2023-28062
+ RESERVED
+CVE-2023-28061
+ RESERVED
+CVE-2023-28060
+ RESERVED
+CVE-2023-28059
+ RESERVED
+CVE-2023-28058
+ RESERVED
+CVE-2023-28057
+ RESERVED
+CVE-2023-28056
+ RESERVED
+CVE-2023-28055
+ RESERVED
+CVE-2023-28054
+ RESERVED
+CVE-2023-28053
+ RESERVED
+CVE-2023-28052
+ RESERVED
+CVE-2023-28051
+ RESERVED
+CVE-2023-28050
+ RESERVED
+CVE-2023-28049
+ RESERVED
+CVE-2023-28048
+ RESERVED
+CVE-2023-28047
+ RESERVED
+CVE-2023-28046
+ RESERVED
+CVE-2023-28045
+ RESERVED
+CVE-2023-28044
+ RESERVED
+CVE-2023-28043
+ RESERVED
+CVE-2023-28042
+ RESERVED
+CVE-2023-28041
+ RESERVED
+CVE-2023-28040
+ RESERVED
+CVE-2023-28039
+ RESERVED
+CVE-2023-28038
+ RESERVED
+CVE-2023-28037
+ RESERVED
+CVE-2023-28036
+ RESERVED
+CVE-2023-28035
+ RESERVED
+CVE-2023-28034
+ RESERVED
+CVE-2023-28033
+ RESERVED
+CVE-2023-28032
+ RESERVED
+CVE-2023-28031
+ RESERVED
+CVE-2023-28030
+ RESERVED
+CVE-2023-28029
+ RESERVED
+CVE-2023-28028
+ RESERVED
+CVE-2023-28027
+ RESERVED
+CVE-2023-28026
+ RESERVED
+CVE-2023-1346
+ RESERVED
+CVE-2023-1345
+ RESERVED
+CVE-2023-1344
+ RESERVED
+CVE-2023-1343
+ RESERVED
+CVE-2023-1342
+ RESERVED
+CVE-2023-1341
+ RESERVED
+CVE-2023-1340
+ RESERVED
+CVE-2023-1339
+ RESERVED
+CVE-2023-1338
+ RESERVED
+CVE-2023-1337
+ RESERVED
+CVE-2023-1336
+ RESERVED
+CVE-2023-1335
+ RESERVED
+CVE-2023-1334 (The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnera ...)
+ TODO: check
+CVE-2023-1333 (The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnera ...)
+ TODO: check
+CVE-2023-1332
+ RESERVED
+CVE-2023-1331
+ RESERVED
+CVE-2023-1330
+ RESERVED
+CVE-2023-1329
+ RESERVED
+CVE-2023-1328 (A vulnerability was found in Guizhou 115cms 4.2. It has been classifie ...)
+ TODO: check
+CVE-2023-1327
+ RESERVED
+CVE-2023-1326
+ RESERVED
+CVE-2023-1325
+ RESERVED
+CVE-2023-1324
+ RESERVED
+CVE-2023-1323
+ RESERVED
+CVE-2023-1322 (A vulnerability was found in lmxcms 1.41 and classified as critical. A ...)
+ TODO: check
+CVE-2023-1321 (A vulnerability has been found in lmxcms 1.41 and classified as critic ...)
+ TODO: check
+CVE-2023-1320 (Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osti ...)
+ TODO: check
+CVE-2023-1319 (Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osti ...)
+ TODO: check
+CVE-2023-1318 (Cross-site Scripting (XSS) - Generic in GitHub repository osticket/ost ...)
+ TODO: check
+CVE-2023-1317 (Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/o ...)
+ TODO: check
+CVE-2023-1316 (Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osti ...)
+ TODO: check
+CVE-2023-1315 (Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/o ...)
+ TODO: check
+CVE-2023-1314
+ RESERVED
+CVE-2023-1313 (Unrestricted Upload of File with Dangerous Type in GitHub repository c ...)
+ TODO: check
+CVE-2023-1312 (Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pi ...)
+ TODO: check
+CVE-2023-1311 (A vulnerability, which was classified as critical, was found in Source ...)
+ TODO: check
+CVE-2023-1310 (A vulnerability, which was classified as critical, has been found in S ...)
+ TODO: check
+CVE-2023-1309 (A vulnerability classified as critical was found in SourceCodester Onl ...)
+ TODO: check
+CVE-2023-1308 (A vulnerability classified as critical has been found in SourceCodeste ...)
+ TODO: check
+CVE-2013-10021
+ RESERVED
CVE-2023-28025
RESERVED
CVE-2023-28024
@@ -492,12 +760,12 @@ CVE-2023-27855
RESERVED
CVE-2023-27854
RESERVED
-CVE-2023-25947
- RESERVED
+CVE-2023-25947 (The bundle management subsystem within OpenHarmony-v3.1.4 and prior ve ...)
+ TODO: check
CVE-2023-25076
RESERVED
-CVE-2023-24465
- RESERVED
+CVE-2023-24465 (Communication Wi-Fi subsystem within OpenHarmony-v3.1.4 and prior vers ...)
+ TODO: check
CVE-2023-1246
RESERVED
CVE-2023-1245 (Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/ans ...)
@@ -628,16 +896,16 @@ CVE-2023-1207
RESERVED
CVE-2023-1206
RESERVED
-CVE-2023-27853
- RESERVED
-CVE-2023-27852
- RESERVED
-CVE-2023-27851
- RESERVED
-CVE-2023-27850
- RESERVED
-CVE-2023-1205
- RESERVED
+CVE-2023-27853 (NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format s ...)
+ TODO: check
+CVE-2023-27852 (NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a buffer o ...)
+ TODO: check
+CVE-2023-27851 (NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sha ...)
+ TODO: check
+CVE-2023-27850 (NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sha ...)
+ TODO: check
+CVE-2023-1205 (NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 is vulnerable to cr ...)
+ TODO: check
CVE-2023-1204
RESERVED
CVE-2023-1203 (Improper removal of sensitive data in the entry edit feature of Hub Bu ...)
@@ -2090,8 +2358,8 @@ CVE-2023-1093
RESERVED
CVE-2023-1092
RESERVED
-CVE-2023-1091
- RESERVED
+CVE-2023-1091 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
CVE-2023-1090
RESERVED
CVE-2023-1089
@@ -2489,14 +2757,14 @@ CVE-2023-27166
RESERVED
CVE-2023-27165
RESERVED
-CVE-2023-27164
- RESERVED
+CVE-2023-27164 (An arbitrary file upload vulnerability in Halo up to v1.6.1 allows att ...)
+ TODO: check
CVE-2023-27163
RESERVED
CVE-2023-27162
RESERVED
-CVE-2023-27161
- RESERVED
+CVE-2023-27161 (Jellyfin up to v10.7.7 was discovered to contain a Server-Side Request ...)
+ TODO: check
CVE-2023-27160
RESERVED
CVE-2023-27159
@@ -3921,8 +4189,8 @@ CVE-2023-1017 (An out-of-bounds write vulnerability exists in TPM2.0's Module Li
NOTE: https://trustedcomputinggroup.org/wp-content/uploads/TCGVRT0007-Advisory-FINAL.pdf
CVE-2023-1016
RESERVED
-CVE-2023-1015
- RESERVED
+CVE-2023-1015 (This CVE ID has been rejected or withdrawn by its CVE Numbering Author ...)
+ TODO: check
CVE-2023-1014
RESERVED
CVE-2023-1013
@@ -4090,8 +4358,8 @@ CVE-2022-48345 (sanitize-url (aka @braintree/sanitize-url) before 6.0.2 allows X
- node-mermaid <unfixed> (bug #1032313)
[bullseye] - node-mermaid <no-dsa> (Minor issue)
NOTE: https://github.com/braintree/sanitize-url/commit/d4bdc89f1743fe3cdb7c3f24b06e4c875f349b0c
-CVE-2023-26464
- RESERVED
+CVE-2023-26464 (** UNSUPPORTED WHEN ASSIGNED ** When using the Chainsaw or SocketAppen ...)
+ TODO: check
CVE-2023-0991
RESERVED
CVE-2023-0990
@@ -5104,8 +5372,8 @@ CVE-2023-26077
RESERVED
CVE-2023-26076
RESERVED
-CVE-2023-26075
- RESERVED
+CVE-2023-26075 (An issue was discovered in Samsung Mobile Chipset and Baseband Modem C ...)
+ TODO: check
CVE-2023-26074
RESERVED
CVE-2023-26073
@@ -6751,8 +7019,8 @@ CVE-2023-0748 (Open Redirect in GitHub repository btcpayserver/btcpayserver prio
NOT-FOR-US: btcpayserver
CVE-2023-0747 (Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/ ...)
NOT-FOR-US: btcpayserver
-CVE-2023-0746
- RESERVED
+CVE-2023-0746 (The help page in GigaVUE-FM, when using GigaVUE-OS software version 5. ...)
+ TODO: check
CVE-2023-0745 (Relative Path Traversal vulnerability in YugaByte, Inc. Yugabyte Manag ...)
- yugabyte-db <itp> (bug #989673)
CVE-2022-48321 (Limited Server-Side Request Forgery (SSRF) in agent-receiver in Tribe2 ...)
@@ -8948,8 +9216,8 @@ CVE-2023-24776 (Funadmin v3.2.0 was discovered to contain a remote code executio
NOT-FOR-US: Funadmin
CVE-2023-24775 (Funadmin v3.2.0 was discovered to contain a SQL injection vulnerabilit ...)
NOT-FOR-US: Funadmin
-CVE-2023-24774
- RESERVED
+CVE-2023-24774 (Funadmin v3.2.0 was discovered to contain a SQL injection vulnerabilit ...)
+ TODO: check
CVE-2023-24773 (Funadmin v3.2.0 was discovered to contain a SQL injection vulnerabilit ...)
NOT-FOR-US: Funadmin
CVE-2023-24772
@@ -15318,10 +15586,10 @@ CVE-2023-22634
RESERVED
CVE-2023-22633
RESERVED
-CVE-2023-22436
- RESERVED
-CVE-2023-22301
- RESERVED
+CVE-2023-22436 (The kernel subsystem function check_permission_for_set_tokenid within ...)
+ TODO: check
+CVE-2023-22301 (The kernel subsystem hmdfs within OpenHarmony-v3.1.5 and prior version ...)
+ TODO: check
CVE-2023-22291
RESERVED
CVE-2023-0091 (A flaw was found in Keycloak, where it did not properly check client t ...)
@@ -15336,8 +15604,8 @@ CVE-2023-0085 (The Metform Elementor Contact Form Builder plugin for WordPress i
NOT-FOR-US: Metform Elementor Contact Form Builder plugin for WordPress
CVE-2023-0084 (The Metform Elementor Contact Form Builder plugin for WordPress is vul ...)
NOT-FOR-US: Metform Elementor Contact Form Builder plugin for WordPress
-CVE-2023-0083
- RESERVED
+CVE-2023-0083 (The ArKUI framework subsystem within OpenHarmony-v3.1.5 and prior vers ...)
+ TODO: check
CVE-2023-0082 (The ExactMetrics WordPress plugin before 7.12.1 does not validate and ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0081 (The MonsterInsights WordPress plugin before 8.12.1 does not validate a ...)
@@ -16395,8 +16663,8 @@ CVE-2022-48113 (A vulnerability in TOTOLINK N200RE_v5 firmware V9.3.5u.6139 allo
NOT-FOR-US: TOTOLINK
CVE-2022-48112
RESERVED
-CVE-2022-48111
- RESERVED
+CVE-2022-48111 (A cross-site scripting (XSS) vulnerability in the check_login function ...)
+ TODO: check
CVE-2022-48110 (** DISPUTED ** CKSource CKEditor 5 35.4.0 was discovered to contain a ...)
NOT-FOR-US: Disputed ckeditor issue
CVE-2022-48109
@@ -20768,11 +21036,11 @@ CVE-2022-47215
RESERVED
CVE-2022-47214
RESERVED
-CVE-2022-47213 (Microsoft Office Graphics Remote Code Execution Vulnerability. This CV ...)
+CVE-2022-47213 (Microsoft Office Graphics Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-47212 (Microsoft Office Graphics Remote Code Execution Vulnerability. This CV ...)
+CVE-2022-47212 (Microsoft Office Graphics Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-47211 (Microsoft Office Graphics Remote Code Execution Vulnerability. This CV ...)
+CVE-2022-47211 (Microsoft Office Graphics Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-47210 (The default console presented to users over telnet (when enabled) is r ...)
NOT-FOR-US: Netgear
@@ -29260,19 +29528,19 @@ CVE-2023-20904 (In getTrampolineIntent of SettingsActivity.java, there is a poss
NOT-FOR-US: Android
CVE-2022-44714
RESERVED
-CVE-2022-44713 (Microsoft Outlook for Mac Spoofing Vulnerability. ...)
+CVE-2022-44713 (Microsoft Outlook for Mac Spoofing Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-44712
RESERVED
CVE-2022-44711
RESERVED
-CVE-2022-44710 (DirectX Graphics Kernel Elevation of Privilege Vulnerability. ...)
+CVE-2022-44710 (DirectX Graphics Kernel Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-44709
RESERVED
CVE-2022-44708 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. ...)
NOT-FOR-US: Microsoft
-CVE-2022-44707 (Windows Kernel Denial of Service Vulnerability. ...)
+CVE-2022-44707 (Windows Kernel Denial of Service Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-44706
RESERVED
@@ -29290,27 +29558,27 @@ CVE-2022-44700
RESERVED
CVE-2022-44699 (Azure Network Watcher Agent Security Feature Bypass Vulnerability. ...)
NOT-FOR-US: Microsoft
-CVE-2022-44698 (Windows SmartScreen Security Feature Bypass Vulnerability. ...)
+CVE-2022-44698 (Windows SmartScreen Security Feature Bypass Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-44697 (Windows Graphics Component Elevation of Privilege Vulnerability. This ...)
+CVE-2022-44697 (Windows Graphics Component Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-44696 (Microsoft Office Visio Remote Code Execution Vulnerability. This CVE I ...)
+CVE-2022-44696 (Microsoft Office Visio Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-44695 (Microsoft Office Visio Remote Code Execution Vulnerability. This CVE I ...)
+CVE-2022-44695 (Microsoft Office Visio Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-44694 (Microsoft Office Visio Remote Code Execution Vulnerability. This CVE I ...)
+CVE-2022-44694 (Microsoft Office Visio Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-44693 (Microsoft SharePoint Server Remote Code Execution Vulnerability. This ...)
+CVE-2022-44693 (Microsoft SharePoint Server Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-44692 (Microsoft Office Graphics Remote Code Execution Vulnerability. This CV ...)
+CVE-2022-44692 (Microsoft Office Graphics Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-44691 (Microsoft Office OneNote Remote Code Execution Vulnerability. ...)
+CVE-2022-44691 (Microsoft Office OneNote Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-44690 (Microsoft SharePoint Server Remote Code Execution Vulnerability. This ...)
+CVE-2022-44690 (Microsoft SharePoint Server Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-44689 (Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulne ...)
NOT-FOR-US: Microsoft
-CVE-2022-44688 (Microsoft Edge (Chromium-based) Spoofing Vulnerability. ...)
+CVE-2022-44688 (Microsoft Edge (Chromium-based) Spoofing Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-44687 (Raw Image Extension Remote Code Execution Vulnerability. ...)
NOT-FOR-US: Microsoft
@@ -29320,41 +29588,41 @@ CVE-2022-44685
RESERVED
CVE-2022-44684
RESERVED
-CVE-2022-44683 (Windows Kernel Elevation of Privilege Vulnerability. ...)
+CVE-2022-44683 (Windows Kernel Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-44682 (Windows Hyper-V Denial of Service Vulnerability. ...)
+CVE-2022-44682 (Windows Hyper-V Denial of Service Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-44681 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
+CVE-2022-44681 (Windows Print Spooler Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-44680 (Windows Graphics Component Elevation of Privilege Vulnerability. This ...)
+CVE-2022-44680 (Windows Graphics Component Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-44679 (Windows Graphics Component Information Disclosure Vulnerability. This ...)
+CVE-2022-44679 (Windows Graphics Component Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-44678 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
+CVE-2022-44678 (Windows Print Spooler Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-44677 (Windows Projected File System Elevation of Privilege Vulnerability. ...)
+CVE-2022-44677 (Windows Projected File System Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-44676 (Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution ...)
NOT-FOR-US: Microsoft
-CVE-2022-44675 (Windows Bluetooth Driver Elevation of Privilege Vulnerability. ...)
+CVE-2022-44675 (Windows Bluetooth Driver Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-44674 (Windows Bluetooth Driver Information Disclosure Vulnerability. ...)
+CVE-2022-44674 (Windows Bluetooth Driver Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-44673 (Windows Client Server Run-Time Subsystem (CSRSS) Elevation of Privileg ...)
NOT-FOR-US: Microsoft
CVE-2022-44672
RESERVED
-CVE-2022-44671 (Windows Graphics Component Elevation of Privilege Vulnerability. This ...)
+CVE-2022-44671 (Windows Graphics Component Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-44670 (Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution ...)
NOT-FOR-US: Microsoft
-CVE-2022-44669 (Windows Error Reporting Elevation of Privilege Vulnerability. ...)
+CVE-2022-44669 (Windows Error Reporting Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-44668 (Windows Media Remote Code Execution Vulnerability. This CVE ID is uniq ...)
+CVE-2022-44668 (Windows Media Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-44667 (Windows Media Remote Code Execution Vulnerability. This CVE ID is uniq ...)
+CVE-2022-44667 (Windows Media Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-44666 (Windows Contacts Remote Code Execution Vulnerability. ...)
+CVE-2022-44666 (Windows Contacts Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-44665
RESERVED
@@ -40876,7 +41144,7 @@ CVE-2022-41124
RESERVED
CVE-2022-41123 (Microsoft Exchange Server Elevation of Privilege Vulnerability. This C ...)
NOT-FOR-US: Microsoft
-CVE-2022-41122 (Microsoft SharePoint Server Spoofing Vulnerability. ...)
+CVE-2022-41122 (Microsoft SharePoint Server Spoofing Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41121 (Windows Graphics Component Elevation of Privilege Vulnerability. This ...)
NOT-FOR-US: Microsoft
@@ -40884,7 +41152,7 @@ CVE-2022-41120 (Microsoft Windows Sysmon Elevation of Privilege Vulnerability. .
NOT-FOR-US: Microsoft
CVE-2022-41119 (Visual Studio Remote Code Execution Vulnerability. ...)
NOT-FOR-US: Microsoft
-CVE-2022-41118 (Windows Scripting Languages Remote Code Execution Vulnerability. This ...)
+CVE-2022-41118 (Windows Scripting Languages Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41117
RESERVED
@@ -40892,9 +41160,9 @@ CVE-2022-41116 (Windows Point-to-Point Tunneling Protocol Denial of Service Vuln
NOT-FOR-US: Microsoft
CVE-2022-41115 (Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerab ...)
NOT-FOR-US: Microsoft
-CVE-2022-41114 (Windows Bind Filter Driver Elevation of Privilege Vulnerability. ...)
+CVE-2022-41114 (Windows Bind Filter Driver Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-41113 (Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability. ...)
+CVE-2022-41113 (Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41112
RESERVED
@@ -40902,43 +41170,43 @@ CVE-2022-41111
RESERVED
CVE-2022-41110
RESERVED
-CVE-2022-41109 (Windows Win32k Elevation of Privilege Vulnerability. This CVE ID is un ...)
+CVE-2022-41109 (Windows Win32k Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41108
RESERVED
-CVE-2022-41107 (Microsoft Office Graphics Remote Code Execution Vulnerability. ...)
+CVE-2022-41107 (Microsoft Office Graphics Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41106 (Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is un ...)
NOT-FOR-US: Microsoft
-CVE-2022-41105 (Microsoft Excel Information Disclosure Vulnerability. ...)
+CVE-2022-41105 (Microsoft Excel Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41104 (Microsoft Excel Security Feature Bypass Vulnerability. ...)
NOT-FOR-US: Microsoft
-CVE-2022-41103 (Microsoft Word Information Disclosure Vulnerability. This CVE ID is un ...)
+CVE-2022-41103 (Microsoft Word Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-41102 (Windows Overlay Filter Elevation of Privilege Vulnerability. This CVE ...)
+CVE-2022-41102 (Windows Overlay Filter Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-41101 (Windows Overlay Filter Elevation of Privilege Vulnerability. This CVE ...)
+CVE-2022-41101 (Windows Overlay Filter Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41100 (Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vu ...)
NOT-FOR-US: Microsoft
-CVE-2022-41099 (BitLocker Security Feature Bypass Vulnerability. ...)
+CVE-2022-41099 (BitLocker Security Feature Bypass Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-41098 (Windows GDI+ Information Disclosure Vulnerability. ...)
+CVE-2022-41098 (Windows GDI+ Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41097 (Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vul ...)
NOT-FOR-US: Microsoft
-CVE-2022-41096 (Microsoft DWM Core Library Elevation of Privilege Vulnerability. ...)
+CVE-2022-41096 (Microsoft DWM Core Library Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-41095 (Windows Digital Media Receiver Elevation of Privilege Vulnerability. ...)
+CVE-2022-41095 (Windows Digital Media Receiver Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-41094 (Windows Hyper-V Elevation of Privilege Vulnerability. ...)
+CVE-2022-41094 (Windows Hyper-V Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41093 (Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vu ...)
NOT-FOR-US: Microsoft
-CVE-2022-41092 (Windows Win32k Elevation of Privilege Vulnerability. This CVE ID is un ...)
+CVE-2022-41092 (Windows Win32k Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-41091 (Windows Mark of the Web Security Feature Bypass Vulnerability. This CV ...)
+CVE-2022-41091 (Windows Mark of the Web Security Feature Bypass Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41090 (Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerabil ...)
NOT-FOR-US: Microsoft
@@ -40948,7 +41216,7 @@ CVE-2022-41088 (Windows Point-to-Point Tunneling Protocol Remote Code Execution
NOT-FOR-US: Microsoft
CVE-2022-41087
RESERVED
-CVE-2022-41086 (Windows Group Policy Elevation of Privilege Vulnerability. This CVE ID ...)
+CVE-2022-41086 (Windows Group Policy Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41085 (Azure CycleCloud Elevation of Privilege Vulnerability. ...)
NOT-FOR-US: Microsoft
@@ -40966,15 +41234,15 @@ CVE-2022-41079 (Microsoft Exchange Server Spoofing Vulnerability. This CVE ID is
NOT-FOR-US: Microsoft
CVE-2022-41078 (Microsoft Exchange Server Spoofing Vulnerability. This CVE ID is uniqu ...)
NOT-FOR-US: Microsoft
-CVE-2022-41077 (Windows Fax Compose Form Elevation of Privilege Vulnerability. ...)
+CVE-2022-41077 (Windows Fax Compose Form Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41076 (PowerShell Remote Code Execution Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-41075
RESERVED
-CVE-2022-41074 (Windows Graphics Component Information Disclosure Vulnerability. This ...)
+CVE-2022-41074 (Windows Graphics Component Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-41073 (Windows Print Spooler Elevation of Privilege Vulnerability. ...)
+CVE-2022-41073 (Windows Print Spooler Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41072
RESERVED
@@ -40988,7 +41256,7 @@ CVE-2022-41068
RESERVED
CVE-2022-41067
RESERVED
-CVE-2022-41066 (Microsoft Business Central Information Disclosure Vulnerability. ...)
+CVE-2022-41066 (Microsoft Business Central Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41065
RESERVED
@@ -40996,37 +41264,37 @@ CVE-2022-41064 (.NET Framework Information Disclosure Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-41063 (Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is un ...)
NOT-FOR-US: Microsoft
-CVE-2022-41062 (Microsoft SharePoint Server Remote Code Execution Vulnerability. ...)
+CVE-2022-41062 (Microsoft SharePoint Server Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-41061 (Microsoft Word Remote Code Execution Vulnerability. ...)
+CVE-2022-41061 (Microsoft Word Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-41060 (Microsoft Word Information Disclosure Vulnerability. This CVE ID is un ...)
+CVE-2022-41060 (Microsoft Word Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41059
RESERVED
CVE-2022-41058 (Windows Network Address Translation (NAT) Denial of Service Vulnerabil ...)
NOT-FOR-US: Microsoft
-CVE-2022-41057 (Windows HTTP.sys Elevation of Privilege Vulnerability. ...)
+CVE-2022-41057 (Windows HTTP.sys Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41056 (Network Policy Server (NPS) RADIUS Protocol Denial of Service Vulnerab ...)
NOT-FOR-US: Microsoft
-CVE-2022-41055 (Windows Human Interface Device Information Disclosure Vulnerability. ...)
+CVE-2022-41055 (Windows Human Interface Device Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41054 (Windows Resilient File System (ReFS) Elevation of Privilege Vulnerabil ...)
NOT-FOR-US: Microsoft
-CVE-2022-41053 (Windows Kerberos Denial of Service Vulnerability. ...)
+CVE-2022-41053 (Windows Kerberos Denial of Service Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-41052 (Windows Graphics Component Remote Code Execution Vulnerability. ...)
+CVE-2022-41052 (Windows Graphics Component Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41051 (Azure RTOS GUIX Studio Remote Code Execution Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-41050 (Windows Extensible File Allocation Table Elevation of Privilege Vulner ...)
NOT-FOR-US: Microsoft
-CVE-2022-41049 (Windows Mark of the Web Security Feature Bypass Vulnerability. This CV ...)
+CVE-2022-41049 (Windows Mark of the Web Security Feature Bypass Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-41048 (Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID ...)
+CVE-2022-41048 (Microsoft ODBC Driver Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-41047 (Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID ...)
+CVE-2022-41047 (Microsoft ODBC Driver Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-41046
RESERVED
@@ -49231,7 +49499,7 @@ CVE-2022-38025 (Windows Distributed File System (DFS) Information Disclosure Vul
NOT-FOR-US: Microsoft
CVE-2022-38024
RESERVED
-CVE-2022-38023 (Netlogon RPC Elevation of Privilege Vulnerability. ...)
+CVE-2022-38023 (Netlogon RPC Elevation of Privilege Vulnerability ...)
- samba 2:4.17.4+dfsg-1
NOTE: https://www.samba.org/samba/security/CVE-2022-38023.html
CVE-2022-38022 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
@@ -49248,7 +49516,7 @@ CVE-2022-38017 (StorSimple 8000 Series Elevation of Privilege Vulnerability. ...
NOT-FOR-US: Microsoft
CVE-2022-38016 (Windows Local Security Authority (LSA) Elevation of Privilege Vulnerab ...)
NOT-FOR-US: Microsoft
-CVE-2022-38015 (Windows Hyper-V Denial of Service Vulnerability. ...)
+CVE-2022-38015 (Windows Hyper-V Denial of Service Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-38014 (Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulne ...)
NOT-FOR-US: Microsoft
@@ -49294,7 +49562,7 @@ CVE-2022-37994 (Windows Group Policy Preference Client Elevation of Privilege Vu
NOT-FOR-US: Microsoft
CVE-2022-37993 (Windows Group Policy Preference Client Elevation of Privilege Vulnerab ...)
NOT-FOR-US: Microsoft
-CVE-2022-37992 (Windows Group Policy Elevation of Privilege Vulnerability. This CVE ID ...)
+CVE-2022-37992 (Windows Group Policy Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-37991 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
NOT-FOR-US: Microsoft
@@ -49344,10 +49612,10 @@ CVE-2022-37969 (Windows Common Log File System Driver Elevation of Privilege Vul
NOT-FOR-US: Microsoft
CVE-2022-37968 (Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vu ...)
NOT-FOR-US: Microsoft
-CVE-2022-37967 (Windows Kerberos Elevation of Privilege Vulnerability. ...)
+CVE-2022-37967 (Windows Kerberos Elevation of Privilege Vulnerability ...)
- samba 2:4.17.4+dfsg-1
NOTE: https://www.samba.org/samba/security/CVE-2022-37967.html
-CVE-2022-37966 (Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability. ...)
+CVE-2022-37966 (Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability ...)
- samba 2:4.17.4+dfsg-1
NOTE: https://www.samba.org/samba/security/CVE-2022-37966.html
CVE-2022-37965 (Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerabil ...)
@@ -80920,11 +81188,11 @@ CVE-2022-26808 (Windows File Explorer Elevation of Privilege Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-26807 (Windows Work Folder Service Elevation of Privilege Vulnerability. ...)
NOT-FOR-US: Microsoft
-CVE-2022-26806 (Microsoft Office Graphics Remote Code Execution Vulnerability. This CV ...)
+CVE-2022-26806 (Microsoft Office Graphics Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-26805 (Microsoft Office Graphics Remote Code Execution Vulnerability. This CV ...)
+CVE-2022-26805 (Microsoft Office Graphics Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2022-26804 (Microsoft Office Graphics Remote Code Execution Vulnerability. This CV ...)
+CVE-2022-26804 (Microsoft Office Graphics Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2022-26803 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
NOT-FOR-US: Microsoft
@@ -133989,8 +134257,8 @@ CVE-2021-33361 (Memory leak in the afra_box_read function in MP4Box in GPAC 1.0.
NOTE: https://github.com/gpac/gpac/commit/a51f951b878c2b73c1d8e2f1518c7cdc5fb82c3f
NOTE: https://github.com/gpac/gpac/issues/1782
NOTE: Negligible security impact
-CVE-2021-33360
- RESERVED
+CVE-2021-33360 (An issue found in Stoqey gnuplot v.0.0.3 and earlier allows attackers ...)
+ TODO: check
CVE-2021-33359 (A vulnerability exists in gowitness < 2.3.6 that allows an unauthen ...)
NOT-FOR-US: gowitness
CVE-2021-33358 (Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the "interfac ...)
@@ -148754,8 +149022,8 @@ CVE-2021-27790 (The command ipfilter in Brocade Fabric OS before Brocade Fabric
NOT-FOR-US: Brocade Fabric OS
CVE-2021-27789 (The Web application of Brocade Fabric OS before versions Brocade Fabri ...)
NOT-FOR-US: Brocade Fabric OS
-CVE-2021-27788
- RESERVED
+CVE-2021-27788 (HCL Verse is susceptible to a Cross Site Scripting (XSS) vulnerability ...)
+ TODO: check
CVE-2021-27787
RESERVED
CVE-2021-27786 (Cross-origin resource sharing (CORS) enables browsers to perform cross ...)
@@ -192662,7 +192930,7 @@ CVE-2020-22663
RESERVED
CVE-2020-22662 (In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10. ...)
NOT-FOR-US: Ruckus
-CVE-2020-22661
+CVE-2020-22661 (In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10. ...)
NOT-FOR-US: Ruckus
CVE-2020-22660 (In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10. ...)
NOT-FOR-US: Ruckus
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3766e10f437fb0710f65a27b1d28a45934a4525d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3766e10f437fb0710f65a27b1d28a45934a4525d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230310/40238486/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list