automatic update

author: security tracker role <sectracker@soriano.debian.org> 2022-05-24 08:10:15 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2022-05-24 08:10:15 +0000
commit: 1b766b3b5fcd7d077f845edca97098067ef1d691 (patch)
tree: b14410764c2af4ba741127ce928699901106b2b5 /data
parent: abb39de76cf7449ca9cfc42723bdcd2592cbce2d (diff)
1 files changed, 284 insertions, 32 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 28765b8715..9ce4703b28 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,255 @@
+CVE-2022-31598
+	RESERVED
+CVE-2022-31597
+	RESERVED
+CVE-2022-31596
+	RESERVED
+CVE-2022-31595
+	RESERVED
+CVE-2022-31594
+	RESERVED
+CVE-2022-31593
+	RESERVED
+CVE-2022-31592
+	RESERVED
+CVE-2022-31591
+	RESERVED
+CVE-2022-31590
+	RESERVED
+CVE-2022-31589
+	RESERVED
+CVE-2022-31588
+	RESERVED
+CVE-2022-31587
+	RESERVED
+CVE-2022-31586
+	RESERVED
+CVE-2022-31585
+	RESERVED
+CVE-2022-31584
+	RESERVED
+CVE-2022-31583
+	RESERVED
+CVE-2022-31582
+	RESERVED
+CVE-2022-31581
+	RESERVED
+CVE-2022-31580
+	RESERVED
+CVE-2022-31579
+	RESERVED
+CVE-2022-31578
+	RESERVED
+CVE-2022-31577
+	RESERVED
+CVE-2022-31576
+	RESERVED
+CVE-2022-31575
+	RESERVED
+CVE-2022-31574
+	RESERVED
+CVE-2022-31573
+	RESERVED
+CVE-2022-31572
+	RESERVED
+CVE-2022-31571
+	RESERVED
+CVE-2022-31570
+	RESERVED
+CVE-2022-31569
+	RESERVED
+CVE-2022-31568
+	RESERVED
+CVE-2022-31567
+	RESERVED
+CVE-2022-31566
+	RESERVED
+CVE-2022-31565
+	RESERVED
+CVE-2022-31564
+	RESERVED
+CVE-2022-31563
+	RESERVED
+CVE-2022-31562
+	RESERVED
+CVE-2022-31561
+	RESERVED
+CVE-2022-31560
+	RESERVED
+CVE-2022-31559
+	RESERVED
+CVE-2022-31558
+	RESERVED
+CVE-2022-31557
+	RESERVED
+CVE-2022-31556
+	RESERVED
+CVE-2022-31555
+	RESERVED
+CVE-2022-31554
+	RESERVED
+CVE-2022-31553
+	RESERVED
+CVE-2022-31552
+	RESERVED
+CVE-2022-31551
+	RESERVED
+CVE-2022-31550
+	RESERVED
+CVE-2022-31549
+	RESERVED
+CVE-2022-31548
+	RESERVED
+CVE-2022-31547
+	RESERVED
+CVE-2022-31546
+	RESERVED
+CVE-2022-31545
+	RESERVED
+CVE-2022-31544
+	RESERVED
+CVE-2022-31543
+	RESERVED
+CVE-2022-31542
+	RESERVED
+CVE-2022-31541
+	RESERVED
+CVE-2022-31540
+	RESERVED
+CVE-2022-31539
+	RESERVED
+CVE-2022-31538
+	RESERVED
+CVE-2022-31537
+	RESERVED
+CVE-2022-31536
+	RESERVED
+CVE-2022-31535
+	RESERVED
+CVE-2022-31534
+	RESERVED
+CVE-2022-31533
+	RESERVED
+CVE-2022-31532
+	RESERVED
+CVE-2022-31531
+	RESERVED
+CVE-2022-31530
+	RESERVED
+CVE-2022-31529
+	RESERVED
+CVE-2022-31528
+	RESERVED
+CVE-2022-31527
+	RESERVED
+CVE-2022-31526
+	RESERVED
+CVE-2022-31525
+	RESERVED
+CVE-2022-31524
+	RESERVED
+CVE-2022-31523
+	RESERVED
+CVE-2022-31522
+	RESERVED
+CVE-2022-31521
+	RESERVED
+CVE-2022-31520
+	RESERVED
+CVE-2022-31519
+	RESERVED
+CVE-2022-31518
+	RESERVED
+CVE-2022-31517
+	RESERVED
+CVE-2022-31516
+	RESERVED
+CVE-2022-31515
+	RESERVED
+CVE-2022-31514
+	RESERVED
+CVE-2022-31513
+	RESERVED
+CVE-2022-31512
+	RESERVED
+CVE-2022-31511
+	RESERVED
+CVE-2022-31510
+	RESERVED
+CVE-2022-31509
+	RESERVED
+CVE-2022-31508
+	RESERVED
+CVE-2022-31507
+	RESERVED
+CVE-2022-31506
+	RESERVED
+CVE-2022-31505
+	RESERVED
+CVE-2022-31504
+	RESERVED
+CVE-2022-31503
+	RESERVED
+CVE-2022-31502
+	RESERVED
+CVE-2022-31501
+	RESERVED
+CVE-2022-31500
+	RESERVED
+CVE-2022-31499
+	RESERVED
+CVE-2022-31498
+	RESERVED
+CVE-2022-31497
+	RESERVED
+CVE-2022-31496
+	RESERVED
+CVE-2022-31495
+	RESERVED
+CVE-2022-31494
+	RESERVED
+CVE-2022-31493
+	RESERVED
+CVE-2022-31492
+	RESERVED
+CVE-2022-31491
+	RESERVED
+CVE-2022-31490
+	RESERVED
+CVE-2022-31489 (Inout Blockchain AltExchanger 1.2.1 allows index.php/home/about inouti ...)
+	TODO: check
+CVE-2022-31488 (Inout Blockchain AltExchanger 1.2.1 allows index.php/coins/update_mark ...)
+	TODO: check
+CVE-2022-31487 (Inout Blockchain AltExchanger 1.2.1 and Inout Blockchain FiatExchanger ...)
+	TODO: check
+CVE-2022-31486
+	RESERVED
+CVE-2022-31485
+	RESERVED
+CVE-2022-31484
+	RESERVED
+CVE-2022-31483
+	RESERVED
+CVE-2022-31482
+	RESERVED
+CVE-2022-31481
+	RESERVED
+CVE-2022-31480
+	RESERVED
+CVE-2022-31479
+	RESERVED
+CVE-2022-31478
+	RESERVED
+CVE-2022-1841
+	RESERVED
+CVE-2022-1840 (A vulnerability, which was classified as problematic, has been found i ...)
+	TODO: check
+CVE-2022-1839 (A vulnerability classified as critical was found in Home Clean Service ...)
+	TODO: check
+CVE-2022-1838 (A vulnerability classified as critical has been found in Home Clean Se ...)
+	TODO: check
+CVE-2022-1837 (A vulnerability was found in Home Clean Services Management System 1.0 ...)
+	TODO: check
 CVE-2022-31470
 	RESERVED
 CVE-2022-31469
@@ -446,8 +698,8 @@ CVE-2022-1821
 	RESERVED
 CVE-2022-1820
 	RESERVED
-CVE-2022-1819
-	RESERVED
+CVE-2022-1819 (A vulnerability, which was classified as problematic, was found in Stu ...)
+	TODO: check
 CVE-2022-1818
 	RESERVED
 CVE-2022-1817 (A vulnerability, which was classified as problematic, was found in Bad ...)
@@ -484,8 +736,8 @@ CVE-2022-31265
 	RESERVED
 CVE-2022-31264 (Solana solana_rbpf before 0.2.29 has an addition integer overflow via  ...)
 	NOT-FOR-US: Solana rBPF
-CVE-2022-31263
-	RESERVED
+CVE-2022-31263 (app/models/user.rb in Mastodon before 3.5.0 allows a bypass of e-mail  ...)
+	TODO: check
 CVE-2022-31262
 	RESERVED
 CVE-2022-31261
@@ -550,7 +802,7 @@ CVE-2022-1803 (Improper Restriction of Rendered UI Layers or Frames in GitHub re
 	NOT-FOR-US: Trudesk
 CVE-2022-1802
 	RESERVED
-	{DSA-5143-1}
+	{DSA-5143-1 DLA-3021-1}
 	- firefox 100.0.2-1
 	- firefox-esr 91.9.1esr-1
 	- thunderbird <unfixed>
@@ -3805,8 +4057,8 @@ CVE-2022-30017 (Rescue Dispatch Management System 1.0 suffers from Stored XSS, l
 	NOT-FOR-US: Rescue Dispatch Management System
 CVE-2022-30016 (Rescue Dispatch Management System 1.0 is vulnerable to Incorrect Acces ...)
 	NOT-FOR-US: Rescue Dispatch Management System
-CVE-2022-30015
-	RESERVED
+CVE-2022-30015 (In Simple Food Website 1.0, a moderation can put the Cross Site Script ...)
+	TODO: check
 CVE-2022-30014 (Lumidek Associates Simple Food Website 1.0 is vulnerable to Cross Site ...)
 	NOT-FOR-US: Lumidek Associates Simple Food Website
 CVE-2022-30013 (A stored cross-site scripting (XSS) vulnerability in the upload functi ...)
@@ -4124,7 +4376,7 @@ CVE-2022-1530 (Cross-site Scripting (XSS) in GitHub repository livehelperchat/li
 	NOT-FOR-US: livehelperchat
 CVE-2022-1529
 	RESERVED
-	{DSA-5143-1}
+	{DSA-5143-1 DLA-3021-1}
 	- firefox 100.0.2-1
 	- firefox-esr 91.9.1esr-1
 	- thunderbird <unfixed>
@@ -4611,8 +4863,8 @@ CVE-2022-29802
 	RESERVED
 CVE-2022-1468 (On all versions of 17.0.x, 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and ...)
 	NOT-FOR-US: F5 BIG-IP
-CVE-2022-1467
-	RESERVED
+CVE-2022-1467 (Windows OS can be configured to overlay a &#8220;language bar&#8221; o ...)
+	TODO: check
 CVE-2022-1466 (Due to improper authorization, Red Hat Single Sign-On is vulnerable to ...)
 	NOT-FOR-US: Red Hat Single Sign-On / Keycloak
 CVE-2022-29801 (A vulnerability has been identified in Teamcenter V12.4 (All versions  ...)
@@ -5755,10 +6007,10 @@ CVE-2022-29379
 	RESERVED
 CVE-2022-29378
 	RESERVED
-CVE-2022-29377
-	RESERVED
-CVE-2022-29376
-	RESERVED
+CVE-2022-29377 (Totolink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a st ...)
+	TODO: check
+CVE-2022-29376 (Xampp for Windows v8.1.4 and below was discovered to contain insecure  ...)
+	TODO: check
 CVE-2022-29375
 	RESERVED
 CVE-2022-29374
@@ -5901,16 +6153,16 @@ CVE-2022-29311
 	RESERVED
 CVE-2022-29310
 	RESERVED
-CVE-2022-29309
-	RESERVED
+CVE-2022-29309 (mysiteforme v2.2.1 was discovered to contain a Server-Side Request For ...)
+	TODO: check
 CVE-2022-29308
 	RESERVED
 CVE-2022-29307 (IonizeCMS v1.0.8.1 was discovered to contain a command injection vulne ...)
 	NOT-FOR-US: Ionize CMS
 CVE-2022-29306 (IonizeCMS v1.0.8.1 was discovered to contain a SQL injection vulnerabi ...)
 	NOT-FOR-US: Ionize CMS
-CVE-2022-29305
-	RESERVED
+CVE-2022-29305 (imgurl v2.31 was discovered to contain a Blind SQL injection vulnerabi ...)
+	TODO: check
 CVE-2022-29304 (Online Sports Complex Booking System 1.0 is vulnerable to SQL Injectio ...)
 	NOT-FOR-US: Sourcecodester Online Sports Complex Booking System
 CVE-2022-29303 (SolarView Compact ver.6.00 was discovered to contain a command injecti ...)
@@ -6843,14 +7095,14 @@ CVE-2022-29004 (Diary Management System v1.0 was discovered to contain a cross-s
 	NOT-FOR-US: Diary Management System
 CVE-2022-29003
 	RESERVED
-CVE-2022-29002
-	RESERVED
+CVE-2022-29002 (A Cross-Site Request Forgery (CSRF) in XXL-Job v2.3.0 allows attackers ...)
+	TODO: check
 CVE-2022-29001 (In SpringBootMovie &lt;=1.2, the uploaded file suffix parameter is not ...)
 	NOT-FOR-US: SpringBootMovie
 CVE-2022-29000
 	RESERVED
-CVE-2022-28999
-	RESERVED
+CVE-2022-28999 (Insecure permissions in the install directories and binaries of Dev-CP ...)
+	TODO: check
 CVE-2022-28998 (Xlight FTP v3.9.3.2 was discovered to contain a stack-based buffer ove ...)
 	NOT-FOR-US: Xlight FTP
 CVE-2022-28997 (CSZCMS v1.3.0 allows attackers to execute a Server-Side Request Forger ...)
@@ -13170,8 +13422,8 @@ CVE-2022-25915 (Improper access control vulnerability in ELECOM LAN routers (WRC
 	NOT-FOR-US: ELECOM LAN routers
 CVE-2022-25905
 	RESERVED
-CVE-2022-0910
-	RESERVED
+CVE-2022-0910 (A downgrade from two-factor authentication to one-factor authenticatio ...)
+	TODO: check
 CVE-2022-0909 (Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to  ...)
 	{DSA-5108-1}
 	- tiff 4.3.0-6
@@ -13801,10 +14053,10 @@ CVE-2022-0874 (The WP Social Buttons WordPress plugin through 2.1 does not sanit
 	NOT-FOR-US: WordPress plugin
 CVE-2022-0873 (The Gmedia Photo Gallery WordPress plugin before 1.20.0 does not sanit ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2022-26532
-	RESERVED
-CVE-2022-26531
-	RESERVED
+CVE-2022-26532 (A argument injection vulnerability in the 'packet-trace' CLI command o ...)
+	TODO: check
+CVE-2022-26531 (Multiple improper input validation flaws were identified in some CLI c ...)
+	TODO: check
 CVE-2022-26530 (swaylock before 1.6 allows attackers to trigger a crash and achieve un ...)
 	- swaylock 1.6-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2066596
@@ -15937,8 +16189,8 @@ CVE-2022-25763
 	RESERVED
 CVE-2022-21182 (A privilege escalation vulnerability exists in the router configuratio ...)
 	NOT-FOR-US: InHand Networks InRouter302
-CVE-2022-0734
-	RESERVED
+CVE-2022-0734 (A cross-site scripting vulnerability was identified in the CGI program ...)
+	TODO: check
 CVE-2022-0733
 	RESERVED
 CVE-2022-0732 (The backend infrastructure shared by multiple mobile device monitoring ...)
@@ -66091,8 +66343,8 @@ CVE-2021-32960 (Rockwell Automation FactoryTalk Services Platform v6.11 and earl
 	NOT-FOR-US: Rockwell Automation FactoryTalk
 CVE-2021-32959 (Heap-based buffer overflow in SuiteLink server while processing comman ...)
 	NOT-FOR-US: Suitelink
-CVE-2021-32958
-	RESERVED
+CVE-2021-32958 (Successful exploitation of this vulnerability on Claroty Secure Remote ...)
+	TODO: check
 CVE-2021-32957 (A function in MDT AutoSave versions prior to v6.02.06 is used to retri ...)
 	NOT-FOR-US: Auvesy-MDT
 CVE-2021-32956 (Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to re ...)
author	security tracker role <sectracker@soriano.debian.org>	2022-05-24 08:10:15 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2022-05-24 08:10:15 +0000
commit	1b766b3b5fcd7d077f845edca97098067ef1d691 (patch)
tree	b14410764c2af4ba741127ce928699901106b2b5 /data
parent	abb39de76cf7449ca9cfc42723bdcd2592cbce2d (diff)