[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Mar 29 21:10:40 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
063df950 by security tracker role at 2023-03-29T20:10:29+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,179 @@
+CVE-2023-29021
+ RESERVED
+CVE-2023-29020
+ RESERVED
+CVE-2023-29019
+ RESERVED
+CVE-2023-29018
+ RESERVED
+CVE-2023-29017
+ RESERVED
+CVE-2023-29016
+ RESERVED
+CVE-2023-29015
+ RESERVED
+CVE-2023-29014
+ RESERVED
+CVE-2023-29013
+ RESERVED
+CVE-2023-29012
+ RESERVED
+CVE-2023-29011
+ RESERVED
+CVE-2023-29010
+ RESERVED
+CVE-2023-29009
+ RESERVED
+CVE-2023-29008
+ RESERVED
+CVE-2023-29007
+ RESERVED
+CVE-2023-29006
+ RESERVED
+CVE-2023-29005
+ RESERVED
+CVE-2023-29004
+ RESERVED
+CVE-2023-29003
+ RESERVED
+CVE-2023-29002
+ RESERVED
+CVE-2023-29001
+ RESERVED
+CVE-2023-29000
+ RESERVED
+CVE-2023-28999
+ RESERVED
+CVE-2023-28998
+ RESERVED
+CVE-2023-28997
+ RESERVED
+CVE-2023-28996
+ RESERVED
+CVE-2023-28995
+ RESERVED
+CVE-2023-28994
+ RESERVED
+CVE-2023-28993
+ RESERVED
+CVE-2023-28992
+ RESERVED
+CVE-2023-28991
+ RESERVED
+CVE-2023-28990
+ RESERVED
+CVE-2023-28989
+ RESERVED
+CVE-2023-28988
+ RESERVED
+CVE-2023-28987
+ RESERVED
+CVE-2023-28986
+ RESERVED
+CVE-2023-28985
+ RESERVED
+CVE-2023-28984
+ RESERVED
+CVE-2023-28983
+ RESERVED
+CVE-2023-28982
+ RESERVED
+CVE-2023-28981
+ RESERVED
+CVE-2023-28980
+ RESERVED
+CVE-2023-28979
+ RESERVED
+CVE-2023-28978
+ RESERVED
+CVE-2023-28977
+ RESERVED
+CVE-2023-28976
+ RESERVED
+CVE-2023-28975
+ RESERVED
+CVE-2023-28974
+ RESERVED
+CVE-2023-28973
+ RESERVED
+CVE-2023-28972
+ RESERVED
+CVE-2023-28971
+ RESERVED
+CVE-2023-28970
+ RESERVED
+CVE-2023-28969
+ RESERVED
+CVE-2023-28968
+ RESERVED
+CVE-2023-28967
+ RESERVED
+CVE-2023-28966
+ RESERVED
+CVE-2023-28965
+ RESERVED
+CVE-2023-28964
+ RESERVED
+CVE-2023-28963
+ RESERVED
+CVE-2023-28962
+ RESERVED
+CVE-2023-28961
+ RESERVED
+CVE-2023-28960
+ RESERVED
+CVE-2023-28959
+ RESERVED
+CVE-2023-1708
+ RESERVED
+CVE-2023-1707
+ RESERVED
+CVE-2023-1706
+ RESERVED
+CVE-2023-1705
+ RESERVED
+CVE-2023-1704 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimco ...)
+ TODO: check
+CVE-2023-1703 (Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimc ...)
+ TODO: check
+CVE-2023-1702 (Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimc ...)
+ TODO: check
+CVE-2023-1701 (Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pi ...)
+ TODO: check
+CVE-2023-1700
+ RESERVED
+CVE-2023-1699
+ RESERVED
+CVE-2023-1698
+ RESERVED
+CVE-2023-1697
+ RESERVED
+CVE-2023-1696
+ RESERVED
+CVE-2023-1695
+ RESERVED
+CVE-2023-1694
+ RESERVED
+CVE-2023-1693
+ RESERVED
+CVE-2023-1692
+ RESERVED
+CVE-2023-1691
+ RESERVED
+CVE-2022-48434 (libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and ...)
+ TODO: check
+CVE-2022-48433 (In JetBrains IntelliJ IDEA before 2023.1 the NTLM hash could leak thro ...)
+ TODO: check
+CVE-2022-48432 (In JetBrains IntelliJ IDEA before 2023.1 the bundled version of Chromi ...)
+ TODO: check
+CVE-2022-48431 (In JetBrains IntelliJ IDEA before 2023.1 in some cases, Gradle and Mav ...)
+ TODO: check
+CVE-2022-48430 (In JetBrains IntelliJ IDEA before 2023.1 file content could be disclos ...)
+ TODO: check
+CVE-2021-46879
+ RESERVED
+CVE-2021-46878
+ RESERVED
CVE-2023-28958
RESERVED
CVE-2023-28957
@@ -58,14 +234,14 @@ CVE-2023-25778
RESERVED
CVE-2023-22305
RESERVED
-CVE-2023-1690
- RESERVED
-CVE-2023-1689
- RESERVED
-CVE-2023-1688
- RESERVED
-CVE-2023-1687
- RESERVED
+CVE-2023-1690 (A vulnerability, which was classified as problematic, has been found i ...)
+ TODO: check
+CVE-2023-1689 (A vulnerability classified as problematic was found in SourceCodester ...)
+ TODO: check
+CVE-2023-1688 (A vulnerability classified as problematic has been found in SourceCode ...)
+ TODO: check
+CVE-2023-1687 (A vulnerability classified as problematic has been found in SourceCode ...)
+ TODO: check
CVE-2023-1686 (A vulnerability was found in SourceCodester Young Entrepreneur E-Negos ...)
NOT-FOR-US: SourceCodester Young Entrepreneur E-Negosyo System
CVE-2023-1685 (A vulnerability was found in HadSky up to 7.11.8. It has been declared ...)
@@ -78,8 +254,8 @@ CVE-2023-1682 (A vulnerability has been found in Xunrui CMS 4.61 and classified
NOT-FOR-US: Xunrui CMS
CVE-2023-1681 (A vulnerability, which was classified as problematic, was found in Xun ...)
NOT-FOR-US: Xunrui CMS
-CVE-2023-1680
- RESERVED
+CVE-2023-1680 (A vulnerability, which was classified as problematic, has been found i ...)
+ TODO: check
CVE-2023-1679 (A vulnerability classified as critical was found in DriverGenius 9.70. ...)
NOT-FOR-US: DriverGenius
CVE-2023-1678 (A vulnerability classified as critical has been found in DriverGenius ...)
@@ -207,8 +383,8 @@ CVE-2023-28893
CVE-2023-1664
RESERVED
NOT-FOR-US: Keycloak
-CVE-2023-1663
- RESERVED
+CVE-2023-1663 (Coverity versions prior to 2023.3.2 are vulnerable to forced browsing, ...)
+ TODO: check
CVE-2023-1662
RESERVED
CVE-2023-1661
@@ -257,8 +433,8 @@ CVE-2022-48427 (In JetBrains TeamCity before 2022.10.3 stored XSS on “Pend
NOT-FOR-US: JetBrains TeamCity
CVE-2022-48426 (In JetBrains TeamCity before 2022.10.3 stored XSS in Perforce connecti ...)
NOT-FOR-US: JetBrains TeamCity
-CVE-2023-28892
- RESERVED
+CVE-2023-28892 (Malwarebytes AdwCleaner 8.4.0 runs as Administrator and performs an in ...)
+ TODO: check
CVE-2023-28891
RESERVED
CVE-2023-28890
@@ -746,8 +922,8 @@ CVE-2023-1577
RESERVED
CVE-2023-1576
RESERVED
-CVE-2023-1575
- RESERVED
+CVE-2023-1575 (The Mega Main Menu plugin for WordPress is vulnerable to Stored Cross- ...)
+ TODO: check
CVE-2023-1574 (Information disclosure in the user creation feature of a MSSQL data so ...)
NOT-FOR-US: Devolutions
CVE-2023-1573 (A vulnerability was found in DataGear up to 1.11.1 and classified as p ...)
@@ -903,8 +1079,8 @@ CVE-2023-28687
RESERVED
CVE-2023-1551
RESERVED
-CVE-2023-1550
- RESERVED
+CVE-2023-1550 (Insertion of Sensitive Information into log file vulnerability in NGIN ...)
+ TODO: check
CVE-2023-1549
RESERVED
CVE-2023-1548
@@ -1051,8 +1227,8 @@ CVE-2023-28644
RESERVED
CVE-2023-28643
RESERVED
-CVE-2023-28642
- RESERVED
+CVE-2023-28642 (runc is a CLI tool for spawning and running containers according to th ...)
+ {DLA-3369-1}
- runc 1.1.5+ds1-1
[bullseye] - runc <no-dsa> (Minor issue)
NOTE: https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c
@@ -1141,8 +1317,8 @@ CVE-2023-1511
RESERVED
CVE-2023-1510
RESERVED
-CVE-2023-1509
- RESERVED
+CVE-2023-1509 (The GMAce plugin for WordPress is vulnerable to Cross-Site Request For ...)
+ TODO: check
CVE-2023-1508
RESERVED
CVE-2023-1507 (A vulnerability has been found in SourceCodester E-Commerce System 1.0 ...)
@@ -2152,6 +2328,7 @@ CVE-2023-1394 (A vulnerability was found in SourceCodester Online Graduate Trace
NOT-FOR-US: SourceCodester Online Graduate Tracer System
CVE-2023-1393
RESERVED
+ {DSA-5380-1 DLA-3372-1}
- xorg-server 2:21.1.7-2
- xwayland 2:22.1.9-1
NOTE: https://www.openwall.com/lists/oss-security/2023/03/29/1
@@ -2676,8 +2853,8 @@ CVE-2023-1365 (A vulnerability was found in SourceCodester Online Pizza Ordering
NOT-FOR-US: SourceCodester Online Pizza Ordering System
CVE-2023-1364 (A vulnerability has been found in SourceCodester Online Pizza Ordering ...)
NOT-FOR-US: SourceCodester Online Pizza Ordering System
-CVE-2023-28158
- RESERVED
+CVE-2023-28158 (Privilege escalation via stored XSS using the file upload service to u ...)
+ TODO: check
CVE-2023-28157
RESERVED
CVE-2023-28156
@@ -4827,8 +5004,8 @@ CVE-2023-27491
RESERVED
CVE-2023-27490 (NextAuth.js is an open source authentication solution for Next.js appl ...)
NOT-FOR-US: NextAuth.js
-CVE-2023-27489
- RESERVED
+CVE-2023-27489 (Kiwi TCMS is an open source test management system for both manual and ...)
+ TODO: check
CVE-2023-27488
RESERVED
CVE-2023-27487
@@ -5543,7 +5720,7 @@ CVE-2023-27249 (swfdump v0.9.2 was discovered to contain a heap buffer overflow
NOTE: Crash in CLI tool, no security implications
CVE-2023-27248
RESERVED
-CVE-2023-27247 (An issue in Cynet Client Agent v4.6.0.8010 allows attackers with Admin ...)
+CVE-2023-27247 (Cynet Client Agent v4.6.0.8010 allows attackers with Administrator rig ...)
NOT-FOR-US: Cynet Client Agent
CVE-2023-27246 (An arbitrary file upload vulnerability in the Virtual Disk of MK-Auth ...)
NOT-FOR-US: Virtual Disk of MK-Auth
@@ -5703,8 +5880,8 @@ CVE-2023-27169
RESERVED
CVE-2023-27168
RESERVED
-CVE-2023-27167
- RESERVED
+CVE-2023-27167 (Suprema BioStar 2 v2.8.16 was discovered to contain a SQL injection vu ...)
+ TODO: check
CVE-2023-27166
RESERVED
CVE-2023-27165
@@ -6090,12 +6267,12 @@ CVE-2023-26986
RESERVED
CVE-2023-26985
RESERVED
-CVE-2023-26984
- RESERVED
+CVE-2023-26984 (An issue in the password reset function of Peppermint v0.2.4 allows at ...)
+ TODO: check
CVE-2023-26983
RESERVED
-CVE-2023-26982
- RESERVED
+CVE-2023-26982 (Trudesk v1.2.6 was discovered to contain a stored cross-site scripting ...)
+ TODO: check
CVE-2023-26981
RESERVED
CVE-2023-26980
@@ -6122,8 +6299,8 @@ CVE-2023-26970
RESERVED
CVE-2023-26969
RESERVED
-CVE-2023-26968
- RESERVED
+CVE-2023-26968 (In Atrocore 1.5.25, the Create Import Feed option with glyphicon-glyph ...)
+ TODO: check
CVE-2023-26967
RESERVED
CVE-2023-26966
@@ -7807,12 +7984,12 @@ CVE-2023-26314 (The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arb
NOTE: https://www.openwall.com/lists/oss-security/2023/01/05/1
CVE-2023-26293
RESERVED
-CVE-2023-26292
- RESERVED
-CVE-2023-26291
- RESERVED
-CVE-2023-26290
- RESERVED
+CVE-2023-26292 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-26291 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-26290 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
CVE-2023-26289
RESERVED
CVE-2023-26288
@@ -9129,8 +9306,7 @@ CVE-2023-25811 (Uptime Kuma is a self-hosted monitoring tool. In versions prior
NOT-FOR-US: Uptime Kuma
CVE-2023-25810 (Uptime Kuma is a self-hosted monitoring tool. In versions prior to 1.2 ...)
NOT-FOR-US: Uptime Kuma
-CVE-2023-25809
- RESERVED
+CVE-2023-25809 (runc is a CLI tool for spawning and running containers according to th ...)
- runc 1.1.5+ds1-1
[bullseye] - runc <no-dsa> (Minor issue)
NOTE: https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc
@@ -14711,8 +14887,8 @@ CVE-2023-23863
RESERVED
CVE-2023-23862
RESERVED
-CVE-2023-23861
- RESERVED
+CVE-2023-23861 (Cross-Site Request Forgery (CSRF) vulnerability in German Mesky GMAce ...)
+ TODO: check
CVE-2023-23550
RESERVED
CVE-2023-0406 (Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa ...)
@@ -15265,7 +15441,7 @@ CVE-2023-0338 (Cross-site Scripting (XSS) - Reflected in GitHub repository liran
NOT-FOR-US: lirantal/daloradius
CVE-2023-0337 (Cross-site Scripting (XSS) - Reflected in GitHub repository lirantal/d ...)
NOT-FOR-US: lirantal/daloradius
-CVE-2023-0336 (The OoohBoi Steroids for Elementor WordPress plugin through 2.1.3 has ...)
+CVE-2023-0336 (The OoohBoi Steroids for Elementor WordPress plugin before 2.1.5 has C ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0335 (The WP Shamsi WordPress plugin through 4.3.3 has CSRF and broken acces ...)
NOT-FOR-US: WordPress plugin
@@ -17020,8 +17196,8 @@ CVE-2023-0215 (The public API function BIO_new_NDEF is a helper function used fo
NOTE: https://www.openwall.com/lists/oss-security/2023/03/03/1
CVE-2023-0214 (A cross-site scripting vulnerability in Skyhigh SWG in main releases 1 ...)
NOT-FOR-US: Skyhigh SWG
-CVE-2023-0213
- RESERVED
+CVE-2023-0213 (Elevation of privilege issue in M-Files Installer versions before 22.6 ...)
+ TODO: check
CVE-2023-0212 (The Advanced Recent Posts WordPress plugin through 0.6.14 does not val ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0211
@@ -17618,7 +17794,7 @@ CVE-2023-0151 (The uTubeVideo Gallery WordPress plugin before 2.0.8 does not val
NOT-FOR-US: WordPress plugin
CVE-2023-0150 (The Cloak Front End Email WordPress plugin before 1.9.2 does not valid ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-0149 (The WordPrezi WordPress plugin through 0.8.2 does not validate and esc ...)
+CVE-2023-0149 (The WordPrezi WordPress plugin before 0.9 does not validate and escape ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0148 (The Gallery Factory Lite WordPress plugin through 2.0.0 does not valid ...)
NOT-FOR-US: WordPress plugin
@@ -21579,28 +21755,28 @@ CVE-2022-47615 (Local File Inclusion vulnerability in LearnPress – WordPre
NOT-FOR-US: WordPress plugin
CVE-2022-47614
RESERVED
-CVE-2022-47613
- RESERVED
+CVE-2022-47613 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Quan ...)
+ TODO: check
CVE-2022-47612 (Cross-Site Request Forgery (CSRF) vulnerability in Roland Barker, xnau ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47611
RESERVED
-CVE-2022-47610
- RESERVED
+CVE-2022-47610 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mr D ...)
+ TODO: check
CVE-2022-47609
RESERVED
CVE-2022-47608
RESERVED
-CVE-2022-47607
- RESERVED
+CVE-2022-47607 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in User ...)
+ TODO: check
CVE-2022-47606
RESERVED
CVE-2022-47605
RESERVED
CVE-2022-47604
RESERVED
-CVE-2022-47603
- RESERVED
+CVE-2022-47603 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in wpdevart ...)
+ TODO: check
CVE-2022-47602
RESERVED
CVE-2022-47601
@@ -21613,8 +21789,8 @@ CVE-2022-47598
RESERVED
CVE-2022-47597
RESERVED
-CVE-2022-47596
- RESERVED
+CVE-2022-47596 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jeff ...)
+ TODO: check
CVE-2022-47595 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47594
@@ -23308,8 +23484,8 @@ CVE-2022-47446
RESERVED
CVE-2022-47445
RESERVED
-CVE-2022-47444
- RESERVED
+CVE-2022-47444 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ProfileP ...)
+ TODO: check
CVE-2022-47443 (Cross-Site Request Forgery (CSRF) vulnerability in Daniel Powney Multi ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47442
@@ -23320,8 +23496,8 @@ CVE-2022-47440 (Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dols
NOT-FOR-US: WordPress plugin
CVE-2022-47439
RESERVED
-CVE-2022-47438
- RESERVED
+CVE-2022-47438 (Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in WpD ...)
+ TODO: check
CVE-2022-47437
RESERVED
CVE-2022-47436
@@ -23330,8 +23506,8 @@ CVE-2022-47435
RESERVED
CVE-2022-47434
RESERVED
-CVE-2022-47433
- RESERVED
+CVE-2022-47433 (Unauth. Reflected Cross-Site Scripting vulnerability in Daniel Powney ...)
+ TODO: check
CVE-2022-47432
RESERVED
CVE-2022-47431 (Reflected Cross-Site Scripting (XSS) vulnerability in Tussendoor inter ...)
@@ -29834,8 +30010,8 @@ CVE-2022-45357
RESERVED
CVE-2022-45356
RESERVED
-CVE-2022-45355
- RESERVED
+CVE-2022-45355 (Auth. (admin+) SQL Injection (SQLi) vulnerability in ThimPress WP Pipe ...)
+ TODO: check
CVE-2022-45354
RESERVED
CVE-2022-45353 (Broken Access Control in Betheme theme <= 26.6.1 on WordPress. ...)
@@ -37096,92 +37272,92 @@ CVE-2022-43652
RESERVED
CVE-2022-43651
RESERVED
-CVE-2022-43650
- RESERVED
-CVE-2022-43649
- RESERVED
-CVE-2022-43648
- RESERVED
-CVE-2022-43647
- RESERVED
-CVE-2022-43646
- RESERVED
-CVE-2022-43645
- RESERVED
-CVE-2022-43644
- RESERVED
-CVE-2022-43643
- RESERVED
-CVE-2022-43642
- RESERVED
-CVE-2022-43641
- RESERVED
-CVE-2022-43640
- RESERVED
-CVE-2022-43639
- RESERVED
-CVE-2022-43638
- RESERVED
-CVE-2022-43637
- RESERVED
-CVE-2022-43636
- RESERVED
-CVE-2022-43635
- RESERVED
-CVE-2022-43634
- RESERVED
-CVE-2022-43633
- RESERVED
-CVE-2022-43632
- RESERVED
-CVE-2022-43631
- RESERVED
-CVE-2022-43630
- RESERVED
-CVE-2022-43629
- RESERVED
-CVE-2022-43628
- RESERVED
-CVE-2022-43627
- RESERVED
-CVE-2022-43626
- RESERVED
-CVE-2022-43625
- RESERVED
-CVE-2022-43624
- RESERVED
-CVE-2022-43623
- RESERVED
-CVE-2022-43622
- RESERVED
-CVE-2022-43621
- RESERVED
-CVE-2022-43620
- RESERVED
-CVE-2022-43619
- RESERVED
-CVE-2022-43618
- RESERVED
-CVE-2022-43617
- RESERVED
-CVE-2022-43616
- RESERVED
-CVE-2022-43615
- RESERVED
-CVE-2022-43614
- RESERVED
-CVE-2022-43613
- RESERVED
-CVE-2022-43612
- RESERVED
-CVE-2022-43611
- RESERVED
-CVE-2022-43610
- RESERVED
-CVE-2022-43609
- RESERVED
-CVE-2022-43608
- RESERVED
+CVE-2022-43650 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-43649 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-43648 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-43647 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-43646 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-43645 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-43644 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-43643 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-43642 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-43641 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-43640 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-43639 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-43638 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-43637 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-43636 (This vulnerability allows network-adjacent attackers to bypass authent ...)
+ TODO: check
+CVE-2022-43635 (This vulnerability allows network-adjacent attackers to disclose sensi ...)
+ TODO: check
+CVE-2022-43634 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-43633 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-43632 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-43631 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-43630 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-43629 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-43628 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-43627 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-43626 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-43625 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-43624 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-43623 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-43622 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-43621 (This vulnerability allows network-adjacent attackers to bypass authent ...)
+ TODO: check
+CVE-2022-43620 (This vulnerability allows network-adjacent attackers to bypass authent ...)
+ TODO: check
+CVE-2022-43619 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-43618 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-43617 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-43616 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-43615 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-43614 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-43613 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-43612 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-43611 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-43610 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-43609 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-43608 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
CVE-2022-3661 (Insufficient data validation in Extensions in Google Chrome prior to 1 ...)
{DSA-5261-1}
- chromium 107.0.5304.68-1
@@ -40628,26 +40804,26 @@ CVE-2022-42436 (IBM MQ 8.0.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0 Managed File Transfer c
NOT-FOR-US: IBM
CVE-2022-42435 (IBM Business Automation Workflow 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0. ...)
NOT-FOR-US: IBM
-CVE-2022-42433
- RESERVED
-CVE-2022-42432
- RESERVED
-CVE-2022-42431
- RESERVED
-CVE-2022-42430
- RESERVED
-CVE-2022-42429
- RESERVED
-CVE-2022-42428
- RESERVED
-CVE-2022-42427
- RESERVED
-CVE-2022-42426
- RESERVED
-CVE-2022-42425
- RESERVED
-CVE-2022-42424
- RESERVED
+CVE-2022-42433 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-42432 (This vulnerability allows local attackers to disclose sensitive inform ...)
+ TODO: check
+CVE-2022-42431 (This vulnerability allows local attackers to escalate privileges on af ...)
+ TODO: check
+CVE-2022-42430 (This vulnerability allows local attackers to escalate privileges on af ...)
+ TODO: check
+CVE-2022-42429 (This vulnerability allows remote attackers to escalate privileges on a ...)
+ TODO: check
+CVE-2022-42428 (This vulnerability allows remote attackers to escalate privileges on a ...)
+ TODO: check
+CVE-2022-42427 (This vulnerability allows remote attackers to escalate privileges on a ...)
+ TODO: check
+CVE-2022-42426 (This vulnerability allows remote attackers to escalate privileges on a ...)
+ TODO: check
+CVE-2022-42425 (This vulnerability allows remote attackers to escalate privileges on a ...)
+ TODO: check
+CVE-2022-42424 (This vulnerability allows remote attackers to escalate privileges on a ...)
+ TODO: check
CVE-2022-42423 (This vulnerability allows remote attackers to execute arbitrary code o ...)
NOT-FOR-US: PDF-XChange Editor
CVE-2022-42422
@@ -45380,8 +45556,8 @@ CVE-2022-40637 (This vulnerability allows remote attackers to execute arbitrary
NOT-FOR-US: Ansys SpaceClaim
CVE-2022-40636 (This vulnerability allows remote attackers to execute arbitrary code o ...)
NOT-FOR-US: Ansys SpaceClaim
-CVE-2022-3210
- RESERVED
+CVE-2022-3210 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
CVE-2022-31735 (OpenAM Consortium Edition version 14.0.0 provided by OpenAM Consortium ...)
NOT-FOR-US: OpenAM (different from src:openam)
CVE-2021-46838
@@ -45409,6 +45585,7 @@ CVE-2022-3206 (The Passster WordPress plugin before 3.5.5.5.2 stores the passwor
CVE-2022-3205 (Cross site scripting in automation controller UI in Red Hat Ansible Au ...)
NOT-FOR-US: Red Hat Ansible Automation Controller
CVE-2022-3204 (A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation ...)
+ {DLA-3371-1}
- unbound 1.16.3-1
[bullseye] - unbound <no-dsa> (Minor issue)
NOTE: https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt
@@ -46424,8 +46601,8 @@ CVE-2022-38086 (Cross-Site Request Forgery (CSRF) vulnerability in Shortcodes Ul
NOT-FOR-US: WordPress plugin
CVE-2022-38085 (Cross-Site Request Forgery (CSRF) vulnerability in Read more By Adam p ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-38077
- RESERVED
+CVE-2022-38077 (Cross-Site Request Forgery (CSRF) vulnerability in WP OnlineSupport, E ...)
+ TODO: check
CVE-2022-37342 (Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability ...)
NOT-FOR-US: WordPress plugin
CVE-2022-36790
@@ -49002,8 +49179,8 @@ CVE-2022-39161
RESERVED
CVE-2022-39160 (IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 is vulnerable to cross ...)
NOT-FOR-US: IBM
-CVE-2022-3093
- RESERVED
+CVE-2022-3093 (This vulnerability allows physical attackers to execute arbitrary code ...)
+ TODO: check
CVE-2022-3092 (GE CIMPICITY versions 2022 and prior is vulnerable to an out-of-bounds ...)
NOT-FOR-US: GE CIMPICITY
CVE-2022-3091 (RONDS EPM version 1.19.5 has a vulnerability in which a function could ...)
@@ -51585,8 +51762,8 @@ CVE-2022-2849 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to
NOTE: https://huntr.dev/bounties/389aeccd-deb9-49ae-9b6a-24c12d79b02e
NOTE: https://github.com/vim/vim/commit/f6d39c31d2177549a986d170e192d8351bd571e2 (v9.0.0220)
NOTE: Crash in CLI tool, no security impact
-CVE-2022-2848
- RESERVED
+CVE-2022-2848 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
CVE-2022-2847 (A vulnerability, which was classified as critical, has been found in S ...)
NOT-FOR-US: SourceCodester Guest Management System
CVE-2022-2846 (The Calendar Event Multi View WordPress plugin before 1.4.07 does not ...)
@@ -51770,8 +51947,8 @@ CVE-2022-38306 (LIEF commit 5d1d643 was discovered to contain a heap-buffer over
NOT-FOR-US: LIEF
CVE-2022-36403 (Untrusted search path vulnerability in the installer of Device Softwar ...)
NOT-FOR-US: Ricoh
-CVE-2022-2825
- RESERVED
+CVE-2022-2825 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
CVE-2022-2824 (Improper Access Control in GitHub repository openemr/openemr prior to ...)
NOT-FOR-US: OpenEMR
CVE-2022-2823 (The Slider, Gallery, and Carousel by MetaSlider WordPress plugin befor ...)
@@ -54237,92 +54414,92 @@ CVE-2022-37392 (Improper Check for Unusual or Exceptional Conditions vulnerabili
NOTE: https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02
NOTE: https://github.com/apache/trafficserver/commit/3b9cbf873a77bb7f9297f2b16496a290e0cf7de1 (master)
NOTE: https://github.com/apache/trafficserver/commit/0ba19c72b70a25e3dfbbc3f507427314ba2afd80 (v9.1.x)
-CVE-2022-37391
- RESERVED
-CVE-2022-37390
- RESERVED
-CVE-2022-37389
- RESERVED
-CVE-2022-37388
- RESERVED
-CVE-2022-37387
- RESERVED
-CVE-2022-37386
- RESERVED
-CVE-2022-37385
- RESERVED
-CVE-2022-37384
- RESERVED
-CVE-2022-37383
- RESERVED
-CVE-2022-37382
- RESERVED
-CVE-2022-37381
- RESERVED
-CVE-2022-37380
- RESERVED
-CVE-2022-37379
- RESERVED
-CVE-2022-37378
- RESERVED
-CVE-2022-37377
- RESERVED
-CVE-2022-37376
- RESERVED
-CVE-2022-37375
- RESERVED
-CVE-2022-37374
- RESERVED
-CVE-2022-37373
- RESERVED
-CVE-2022-37372
- RESERVED
-CVE-2022-37371
- RESERVED
-CVE-2022-37370
- RESERVED
-CVE-2022-37369
- RESERVED
-CVE-2022-37368
- RESERVED
-CVE-2022-37367
- RESERVED
-CVE-2022-37366
- RESERVED
-CVE-2022-37365
- RESERVED
-CVE-2022-37364
- RESERVED
-CVE-2022-37363
- RESERVED
-CVE-2022-37362
- RESERVED
-CVE-2022-37361
- RESERVED
-CVE-2022-37360
- RESERVED
-CVE-2022-37359
- RESERVED
-CVE-2022-37358
- RESERVED
-CVE-2022-37357
- RESERVED
-CVE-2022-37356
- RESERVED
-CVE-2022-37355
- RESERVED
-CVE-2022-37354
- RESERVED
-CVE-2022-37353
- RESERVED
-CVE-2022-37352
- RESERVED
-CVE-2022-37351
- RESERVED
-CVE-2022-37350
- RESERVED
-CVE-2022-37349
- RESERVED
+CVE-2022-37391 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37390 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37389 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37388 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37387 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37386 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-37385 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37384 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37383 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-37382 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-37381 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37380 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-37379 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-37378 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37377 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37376 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-37375 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-37374 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37373 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-37372 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37371 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37370 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-37369 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37368 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-37367 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37366 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37365 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37364 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37363 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37362 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37361 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-37360 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-37359 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37358 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37357 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37356 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37355 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37354 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37353 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-37352 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-37351 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-37350 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-37349 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
CVE-2022-2633 (The All-in-One Video Gallery plugin for WordPress is vulnerable to arb ...)
NOT-FOR-US: All-in-One Video Gallery plugin for WordPress
CVE-2022-2632
@@ -55318,10 +55495,10 @@ CVE-2022-2571 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to
NOTE: Crash in CLI tool, no security impact
CVE-2022-2570
RESERVED
-CVE-2022-37013
- RESERVED
-CVE-2022-37012
- RESERVED
+CVE-2022-37013 (This vulnerability allows remote attackers to create a denial-of-servi ...)
+ TODO: check
+CVE-2022-37012 (This vulnerability allows remote attackers to create a denial-of-servi ...)
+ TODO: check
CVE-2022-37011 (A vulnerability has been identified in Mendix SAML (Mendix 7 compatibl ...)
NOT-FOR-US: Siemens
CVE-2022-37010 (In JetBrains IntelliJ IDEA before 2022.2 email address validation in t ...)
@@ -55398,36 +55575,36 @@ CVE-2022-36985 (An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2
NOT-FOR-US: Veritas
CVE-2022-36984 (An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, ...)
NOT-FOR-US: Veritas
-CVE-2022-36983
- RESERVED
-CVE-2022-36982
- RESERVED
-CVE-2022-36981
- RESERVED
-CVE-2022-36980
- RESERVED
-CVE-2022-36979
- RESERVED
-CVE-2022-36978
- RESERVED
-CVE-2022-36977
- RESERVED
-CVE-2022-36976
- RESERVED
-CVE-2022-36975
- RESERVED
-CVE-2022-36974
- RESERVED
-CVE-2022-36973
- RESERVED
-CVE-2022-36972
- RESERVED
-CVE-2022-36971
- RESERVED
-CVE-2022-36970
- RESERVED
-CVE-2022-36969
- RESERVED
+CVE-2022-36983 (This vulnerability allows remote attackers to bypass authentication on ...)
+ TODO: check
+CVE-2022-36982 (This vulnerability allows remote attackers to read arbitrary files on ...)
+ TODO: check
+CVE-2022-36981 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-36980 (This vulnerability allows remote attackers to bypass authentication on ...)
+ TODO: check
+CVE-2022-36979 (This vulnerability allows remote attackers to bypass authentication on ...)
+ TODO: check
+CVE-2022-36978 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-36977 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-36976 (This vulnerability allows remote attackers to bypass authentication on ...)
+ TODO: check
+CVE-2022-36975 (This vulnerability allows remote attackers to bypass authentication on ...)
+ TODO: check
+CVE-2022-36974 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-36973 (This vulnerability allows remote attackers to bypass authentication on ...)
+ TODO: check
+CVE-2022-36972 (This vulnerability allows remote attackers to bypass authentication on ...)
+ TODO: check
+CVE-2022-36971 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-36970 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-36969 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
CVE-2022-36968 (In Progress WS_FTP Server prior to version 8.7.3, forms within the adm ...)
NOT-FOR-US: Progress WS_FTP Server
CVE-2022-36967 (In Progress WS_FTP Server prior to version 8.7.3, multiple reflected c ...)
@@ -55505,10 +55682,10 @@ CVE-2022-33145
RESERVED
CVE-2022-2562
RESERVED
-CVE-2022-2561
- RESERVED
-CVE-2022-2560
- RESERVED
+CVE-2022-2561 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-2560 (This vulnerability allows remote attackers to delete arbitrary files o ...)
+ TODO: check
CVE-2022-2559 (The Fluent Support WordPress plugin before 1.5.8 does not properly san ...)
NOT-FOR-US: WordPress plugin
CVE-2022-2558 (The Simple Job Board WordPress plugin before 2.10.0 is susceptible to ...)
@@ -72633,11 +72810,13 @@ CVE-2022-30701 (An uncontrolled search path element vulnerability in Trend Micro
CVE-2022-30700 (An incorrect permission assignment vulnerability in Trend Micro Apex O ...)
NOT-FOR-US: Trend Micro
CVE-2022-30699 (NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable ...)
+ {DLA-3371-1}
- unbound 1.16.2-1 (bug #1016493)
[bullseye] - unbound <no-dsa> (Minor issue)
NOTE: https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-30698_CVE-2022-30699.txt
NOTE: https://github.com/NLnetLabs/unbound/commit/f6753a0f1018133df552347a199e0362fc1dac68 (release-1.16.2)
CVE-2022-30698 (NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable t ...)
+ {DLA-3371-1}
- unbound 1.16.2-1 (bug #1016493)
[bullseye] - unbound <no-dsa> (Minor issue)
NOTE: https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-30698_CVE-2022-30699.txt
@@ -78571,14 +78750,14 @@ CVE-2022-28696 (Uncontrolled search path in the Intel(R) Distribution for Python
NOT-FOR-US: Intel
CVE-2022-28694
RESERVED
-CVE-2022-28688
- RESERVED
-CVE-2022-28687
- RESERVED
-CVE-2022-28686
- RESERVED
-CVE-2022-28685
- RESERVED
+CVE-2022-28688 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28687 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28686 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28685 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
CVE-2022-28684 (This vulnerability allows remote attackers to execute arbitrary code o ...)
NOT-FOR-US: DevExpress
CVE-2022-28683 (This vulnerability allows remote attackers to execute arbitrary code o ...)
@@ -78867,20 +79046,20 @@ CVE-2022-28649 (In JetBrains YouTrack before 2022.1.43563 it was possible to inc
NOT-FOR-US: JetBrains YouTrack
CVE-2022-28648 (In JetBrains YouTrack before 2022.1.43563 HTML code from the issue des ...)
NOT-FOR-US: JetBrains YouTrack
-CVE-2022-28647
- RESERVED
-CVE-2022-28646
- RESERVED
-CVE-2022-28645
- RESERVED
-CVE-2022-28644
- RESERVED
-CVE-2022-28643
- RESERVED
-CVE-2022-28642
- RESERVED
-CVE-2022-28641
- RESERVED
+CVE-2022-28647 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28646 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28645 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-28644 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28643 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28642 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28641 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
CVE-2022-28640 (A potential local adjacent arbitrary code execution vulnerability that ...)
NOT-FOR-US: HPE
CVE-2022-28639 (A remote potential adjacent denial of service (DoS) and potential adja ...)
@@ -79705,48 +79884,48 @@ CVE-2022-28322
CVE-2022-28321 (The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows ...)
- pam <not-affected> (Vulnerability introduced to SUSE-specific patch)
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1197654
-CVE-2022-28320
- RESERVED
-CVE-2022-28319
- RESERVED
-CVE-2022-28318
- RESERVED
-CVE-2022-28317
- RESERVED
-CVE-2022-28316
- RESERVED
-CVE-2022-28315
- RESERVED
-CVE-2022-28314
- RESERVED
-CVE-2022-28313
- RESERVED
-CVE-2022-28312
- RESERVED
-CVE-2022-28311
- RESERVED
-CVE-2022-28310
- RESERVED
-CVE-2022-28309
- RESERVED
-CVE-2022-28308
- RESERVED
-CVE-2022-28307
- RESERVED
-CVE-2022-28306
- RESERVED
-CVE-2022-28305
- RESERVED
-CVE-2022-28304
- RESERVED
-CVE-2022-28303
- RESERVED
-CVE-2022-28302
- RESERVED
-CVE-2022-28301
- RESERVED
-CVE-2022-28300
- RESERVED
+CVE-2022-28320 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28319 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28318 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28317 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28316 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28315 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28314 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28313 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-28312 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-28311 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28310 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28309 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-28308 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2022-28307 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28306 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28305 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28304 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28303 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28302 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28301 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-28300 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
CVE-2022-27188 (OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4. ...)
NOT-FOR-US: CENTUM
CVE-2022-26034 (Improper authentication vulnerability in the communication protocol pr ...)
@@ -81875,22 +82054,22 @@ CVE-2022-27649 (A flaw was found in Podman, where containers were started incorr
NOTE: https://github.com/containers/podman/releases/tag/v4.0.3
NOTE: https://github.com/containers/podman/commit/aafa80918a245edcbdaceb1191d749570f1872d0 (main)
NOTE: https://github.com/containers/podman/commit/7b368768c2990b9781b2b6813e1c7f91c7e6cb13 (v4.0.3)
-CVE-2022-27648
- RESERVED
-CVE-2022-27647
- RESERVED
-CVE-2022-27646
- RESERVED
-CVE-2022-27645
- RESERVED
-CVE-2022-27644
- RESERVED
-CVE-2022-27643
- RESERVED
-CVE-2022-27642
- RESERVED
-CVE-2022-27641
- RESERVED
+CVE-2022-27648 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2022-27647 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-27646 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-27645 (This vulnerability allows network-adjacent attackers to bypass authent ...)
+ TODO: check
+CVE-2022-27644 (This vulnerability allows network-adjacent attackers to compromise the ...)
+ TODO: check
+CVE-2022-27643 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2022-27642 (This vulnerability allows network-adjacent attackers to bypass authent ...)
+ TODO: check
+CVE-2022-27641 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
CVE-2022-27640 (A vulnerability has been identified in SIMATIC CP 442-1 RNA (All versi ...)
NOT-FOR-US: Siemens
CVE-2022-1055 (A use-after-free exists in the Linux Kernel in tc_new_tfilter that cou ...)
@@ -177589,7 +177768,7 @@ CVE-2020-28937 (OpenClinic version 0.8.2 is affected by a missing authentication
CVE-2020-28936
RESERVED
CVE-2020-28935 (NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs ...)
- {DLA-2556-1}
+ {DLA-3371-1 DLA-2556-1}
- nsd 4.3.4-1
[buster] - nsd <no-dsa> (Minor issue)
[stretch] - nsd <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/063df9506c3a15866b7867514dc0ac01080a3625
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/063df9506c3a15866b7867514dc0ac01080a3625
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230329/df45509b/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list