diff options
author | security tracker role <sectracker@soriano.debian.org> | 2022-02-04 08:10:17 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2022-02-04 08:10:17 +0000 |
commit | 759049e68934f924e9b5ecd6e27d1c25e418002a (patch) | |
tree | 09a70b34f1e3c8c6aca54d2fc052aab63bd36566 | |
parent | cda77344b04c89906eba4450e708a059fe0943f6 (diff) |
automatic update
-rw-r--r-- | data/CVE/2017.list | 3 | ||||
-rw-r--r-- | data/CVE/2020.list | 2 | ||||
-rw-r--r-- | data/CVE/2021.list | 172 | ||||
-rw-r--r-- | data/CVE/2022.list | 171 |
4 files changed, 199 insertions, 149 deletions
diff --git a/data/CVE/2017.list b/data/CVE/2017.list index 6cc8d5c4ad..2a495ee15e 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -6033,13 +6033,14 @@ CVE-2017-1000235 (I, Librarian version <=4.6 & 4.7 is vulnerable to OS Co CVE-2017-1000234 (I, Librarian version <=4.6 & 4.7 is vulnerable to Directory Enu ...) - i-librarian <itp> (bug #649291) CVE-2017-1000232 (A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecifi ...) + {DLA-2910-1} - ldns 1.7.0-4 (bug #882014) [jessie] - ldns <no-dsa> (Minor issue) [wheezy] - ldns <not-affected> (Vulnerable code not present) NOTE: https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=1257 NOTE: https://github.com/NLnetLabs/ldns/commit/3bdeed02505c9bbacb3b64a97ddcb1de967153b7 CVE-2017-1000231 (A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified ...) - {DLA-1182-1} + {DLA-2910-1 DLA-1182-1} - ldns 1.7.0-4 (bug #882015) [jessie] - ldns <no-dsa> (Minor issue) NOTE: https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=1256 diff --git a/data/CVE/2020.list b/data/CVE/2020.list index f902398959..ed5bc6cc03 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -25994,12 +25994,14 @@ CVE-2020-19863 CVE-2020-19862 RESERVED CVE-2020-19861 (When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt ...) + {DLA-2910-1} - ldns <unfixed> [bullseye] - ldns <no-dsa> (Minor issue) [buster] - ldns <no-dsa> (Minor issue) NOTE: https://github.com/NLnetLabs/ldns/issues/51 NOTE: https://github.com/NLnetLabs/ldns/commit/136ec420437041fe13f344a2053e774f9050cc38 (1.8.0-rc.1) CVE-2020-19860 (When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_ ...) + {DLA-2910-1} - ldns <unfixed> [bullseye] - ldns <no-dsa> (Minor issue) [buster] - ldns <no-dsa> (Minor issue) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 79fc9a1fd8..f95fdc0fe1 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -498,18 +498,18 @@ CVE-2021-46459 (Victor CMS v1.0 was discovered to contain multiple SQL injection NOT-FOR-US: Victor CMS CVE-2021-46458 (Victor CMS v1.0 was discovered to contain a SQL injection vulnerabilit ...) NOT-FOR-US: Victor CMS -CVE-2021-46457 - RESERVED -CVE-2021-46456 - RESERVED -CVE-2021-46455 - RESERVED -CVE-2021-46454 - RESERVED -CVE-2021-46453 - RESERVED -CVE-2021-46452 - RESERVED +CVE-2021-46457 (D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a co ...) + TODO: check +CVE-2021-46456 (D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a co ...) + TODO: check +CVE-2021-46455 (D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a co ...) + TODO: check +CVE-2021-46454 (D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a co ...) + TODO: check +CVE-2021-46453 (D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a co ...) + TODO: check +CVE-2021-46452 (D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a co ...) + TODO: check CVE-2021-46451 (An SQL Injection vulnerabilty exists in Sourcecodester Online Project ...) NOT-FOR-US: Sourcecodester CVE-2021-46450 @@ -1038,22 +1038,22 @@ CVE-2021-46234 (A NULL pointer dereference vulnerability exists in GPAC v1.1.0 v [buster] - gpac <ignored> (Minor issue) NOTE: https://github.com/gpac/gpac/issues/2023 NOTE: https://github.com/gpac/gpac/commit/70c6f6f832dccff814a19a74d87b97b3d68a4af5 -CVE-2021-46233 - RESERVED -CVE-2021-46232 - RESERVED -CVE-2021-46231 - RESERVED -CVE-2021-46230 - RESERVED -CVE-2021-46229 - RESERVED -CVE-2021-46228 - RESERVED -CVE-2021-46227 - RESERVED -CVE-2021-46226 - RESERVED +CVE-2021-46233 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...) + TODO: check +CVE-2021-46232 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...) + TODO: check +CVE-2021-46231 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...) + TODO: check +CVE-2021-46230 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...) + TODO: check +CVE-2021-46229 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...) + TODO: check +CVE-2021-46228 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...) + TODO: check +CVE-2021-46227 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...) + TODO: check +CVE-2021-46226 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...) + TODO: check CVE-2021-46225 (A buffer overflow in the GmfOpenMesh() function of libMeshb v7.61 allo ...) NOT-FOR-US: libMeshb CVE-2021-46224 @@ -1621,32 +1621,32 @@ CVE-2021-46000 RESERVED CVE-2021-45999 RESERVED -CVE-2021-45998 - RESERVED -CVE-2021-45997 - RESERVED -CVE-2021-45996 - RESERVED -CVE-2021-45995 - RESERVED -CVE-2021-45994 - RESERVED -CVE-2021-45993 - RESERVED -CVE-2021-45992 - RESERVED -CVE-2021-45991 - RESERVED -CVE-2021-45990 - RESERVED -CVE-2021-45989 - RESERVED -CVE-2021-45988 - RESERVED -CVE-2021-45987 - RESERVED -CVE-2021-45986 - RESERVED +CVE-2021-45998 (D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered to co ...) + TODO: check +CVE-2021-45997 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...) + TODO: check +CVE-2021-45996 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...) + TODO: check +CVE-2021-45995 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...) + TODO: check +CVE-2021-45994 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...) + TODO: check +CVE-2021-45993 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...) + TODO: check +CVE-2021-45992 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...) + TODO: check +CVE-2021-45991 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...) + TODO: check +CVE-2021-45990 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...) + TODO: check +CVE-2021-45989 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...) + TODO: check +CVE-2021-45988 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...) + TODO: check +CVE-2021-45987 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...) + TODO: check +CVE-2021-45986 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...) + TODO: check CVE-2021-45985 RESERVED CVE-2021-4197 [cgroup: Use open-time creds and namespace for migration perm checks] @@ -2359,26 +2359,26 @@ CVE-2021-45744 (A Stored Cross Site Scripting (XSS) vulnerability exists in blud NOT-FOR-US: Bludit CVE-2021-45743 RESERVED -CVE-2021-45742 - RESERVED -CVE-2021-45741 - RESERVED -CVE-2021-45740 - RESERVED -CVE-2021-45739 - RESERVED -CVE-2021-45738 - RESERVED -CVE-2021-45737 - RESERVED -CVE-2021-45736 - RESERVED -CVE-2021-45735 - RESERVED -CVE-2021-45734 - RESERVED -CVE-2021-45733 - RESERVED +CVE-2021-45742 (TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a comm ...) + TODO: check +CVE-2021-45741 (TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a sta ...) + TODO: check +CVE-2021-45740 (TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stac ...) + TODO: check +CVE-2021-45739 (TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stac ...) + TODO: check +CVE-2021-45738 (TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a com ...) + TODO: check +CVE-2021-45737 (TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stac ...) + TODO: check +CVE-2021-45736 (TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a sta ...) + TODO: check +CVE-2021-45735 (TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to use the HTTP ...) + TODO: check +CVE-2021-45734 (TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a sta ...) + TODO: check +CVE-2021-45733 (TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a com ...) + TODO: check CVE-2021-4180 RESERVED - tripleo-heat-templates <removed> @@ -3548,8 +3548,8 @@ CVE-2021-45270 RESERVED CVE-2021-45269 RESERVED -CVE-2021-45268 - RESERVED +CVE-2021-45268 (A Cross Site Request Forgery (CSRF) vulnerability exists in Backdrop C ...) + TODO: check CVE-2021-45267 (An invalid memory address dereference vulnerability exists in gpac 1.1 ...) - gpac <unfixed> NOTE: https://github.com/gpac/gpac/issues/1965 @@ -4585,12 +4585,12 @@ CVE-2021-44884 RESERVED CVE-2021-44883 RESERVED -CVE-2021-44882 - RESERVED -CVE-2021-44881 - RESERVED -CVE-2021-44880 - RESERVED +CVE-2021-44882 (D-Link device DIR_878_FW1.30B08_Hotfix_02 was discovered to contain a ...) + TODO: check +CVE-2021-44881 (D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered to co ...) + TODO: check +CVE-2021-44880 (D-Link devices DIR_878 DIR_878_FW1.30B08_Hotfix_02 and DIR_882 DIR_882 ...) + TODO: check CVE-2021-44879 RESERVED CVE-2021-44878 (Pac4j v5.1 and earlier allows (by default) clients to accept and succe ...) @@ -6303,10 +6303,10 @@ CVE-2021-44249 (Online Motorcycle (Bike) Rental System 1.0 is vulnerable to a Bl NOT-FOR-US: Online Motorcycle (Bike) Rental System CVE-2021-44248 RESERVED -CVE-2021-44247 - RESERVED -CVE-2021-44246 - RESERVED +CVE-2021-44247 (Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B201 ...) + TODO: check +CVE-2021-44246 (Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B201 ...) + TODO: check CVE-2021-44245 (An SQL Injection vulnerability exists in Courcecodester COVID 19 Testi ...) NOT-FOR-US: Sourcecodester COVID 19 Testing Management System (CTMS) CVE-2021-44244 (An SQL Injection vulnerabiity exists in Sourcecodester Logistic Hub Pa ...) diff --git a/data/CVE/2022.list b/data/CVE/2022.list index 3bc5edcdab..5b8f21d53b 100644 --- a/data/CVE/2022.list +++ b/data/CVE/2022.list @@ -1,3 +1,49 @@ +CVE-2022-24407 + RESERVED +CVE-2022-24406 + RESERVED +CVE-2022-24405 + RESERVED +CVE-2022-24404 + RESERVED +CVE-2022-24403 + RESERVED +CVE-2022-24402 + RESERVED +CVE-2022-24401 + RESERVED +CVE-2022-24400 + RESERVED +CVE-2022-24382 + RESERVED +CVE-2022-24379 + RESERVED +CVE-2022-24297 + RESERVED +CVE-2022-23917 + RESERVED +CVE-2022-23914 + RESERVED +CVE-2022-22730 + RESERVED +CVE-2022-21807 + RESERVED +CVE-2022-21795 + RESERVED +CVE-2022-21233 + RESERVED +CVE-2022-21128 + RESERVED +CVE-2022-0492 + RESERVED +CVE-2022-0491 + RESERVED +CVE-2022-0490 + RESERVED +CVE-2022-0489 + RESERVED +CVE-2022-0488 + RESERVED CVE-2022-24399 RESERVED CVE-2022-24398 @@ -33,6 +79,7 @@ CVE-2022-24384 CVE-2022-21241 RESERVED CVE-2022-0487 [Use after free in moxart_remove] + RESERVED - linux <unfixed> NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1194516 NOTE: https://lore.kernel.org/all/20220114075934.302464-1-gregkh@linuxfoundation.org/ @@ -648,68 +695,68 @@ CVE-2022-24174 RESERVED CVE-2022-24173 RESERVED -CVE-2022-24172 - RESERVED -CVE-2022-24171 - RESERVED -CVE-2022-24170 - RESERVED -CVE-2022-24169 - RESERVED -CVE-2022-24168 - RESERVED -CVE-2022-24167 - RESERVED -CVE-2022-24166 - RESERVED -CVE-2022-24165 - RESERVED -CVE-2022-24164 - RESERVED -CVE-2022-24163 - RESERVED -CVE-2022-24162 - RESERVED -CVE-2022-24161 - RESERVED -CVE-2022-24160 - RESERVED -CVE-2022-24159 - RESERVED -CVE-2022-24158 - RESERVED -CVE-2022-24157 - RESERVED -CVE-2022-24156 - RESERVED -CVE-2022-24155 - RESERVED -CVE-2022-24154 - RESERVED -CVE-2022-24153 - RESERVED -CVE-2022-24152 - RESERVED -CVE-2022-24151 - RESERVED -CVE-2022-24150 - RESERVED -CVE-2022-24149 - RESERVED -CVE-2022-24148 - RESERVED -CVE-2022-24147 - RESERVED -CVE-2022-24146 - RESERVED -CVE-2022-24145 - RESERVED -CVE-2022-24144 - RESERVED -CVE-2022-24143 - RESERVED -CVE-2022-24142 - RESERVED +CVE-2022-24172 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...) + TODO: check +CVE-2022-24171 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...) + TODO: check +CVE-2022-24170 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...) + TODO: check +CVE-2022-24169 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...) + TODO: check +CVE-2022-24168 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...) + TODO: check +CVE-2022-24167 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...) + TODO: check +CVE-2022-24166 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...) + TODO: check +CVE-2022-24165 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...) + TODO: check +CVE-2022-24164 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...) + TODO: check +CVE-2022-24163 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...) + TODO: check +CVE-2022-24162 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...) + TODO: check +CVE-2022-24161 (Tenda AX3 v16.03.12.10_CN was discovered to contain a heap overflow in ...) + TODO: check +CVE-2022-24160 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...) + TODO: check +CVE-2022-24159 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...) + TODO: check +CVE-2022-24158 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...) + TODO: check +CVE-2022-24157 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...) + TODO: check +CVE-2022-24156 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...) + TODO: check +CVE-2022-24155 (Tenda AX3 v16.03.12.10_CN was discovered to contain a heap overflow in ...) + TODO: check +CVE-2022-24154 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...) + TODO: check +CVE-2022-24153 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...) + TODO: check +CVE-2022-24152 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...) + TODO: check +CVE-2022-24151 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...) + TODO: check +CVE-2022-24150 (Tenda AX3 v16.03.12.10_CN was discovered to contain a command injectio ...) + TODO: check +CVE-2022-24149 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...) + TODO: check +CVE-2022-24148 (Tenda AX3 v16.03.12.10_CN was discovered to contain a command injectio ...) + TODO: check +CVE-2022-24147 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...) + TODO: check +CVE-2022-24146 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...) + TODO: check +CVE-2022-24145 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...) + TODO: check +CVE-2022-24144 (Tenda AX3 v16.03.12.10_CN was discovered to contain a command injectio ...) + TODO: check +CVE-2022-24143 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...) + TODO: check +CVE-2022-24142 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...) + TODO: check CVE-2022-24141 RESERVED CVE-2022-24140 |