automatic update

author: security tracker role <sectracker@soriano.debian.org> 2022-02-04 08:10:17 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2022-02-04 08:10:17 +0000
commit: c274b8005a82ead0c8f982c2f7ab1ed1a81f6218 (patch)
tree: 968127a1f19c7f97c915b0acfd6a8375fd32214b /data
parent: 856f1488142d67d47ad91802aba1a7f6040a859d (diff)
1 files changed, 199 insertions, 149 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 59fb091cb1..fbfbc785b9 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,49 @@
+CVE-2022-24407
+	RESERVED
+CVE-2022-24406
+	RESERVED
+CVE-2022-24405
+	RESERVED
+CVE-2022-24404
+	RESERVED
+CVE-2022-24403
+	RESERVED
+CVE-2022-24402
+	RESERVED
+CVE-2022-24401
+	RESERVED
+CVE-2022-24400
+	RESERVED
+CVE-2022-24382
+	RESERVED
+CVE-2022-24379
+	RESERVED
+CVE-2022-24297
+	RESERVED
+CVE-2022-23917
+	RESERVED
+CVE-2022-23914
+	RESERVED
+CVE-2022-22730
+	RESERVED
+CVE-2022-21807
+	RESERVED
+CVE-2022-21795
+	RESERVED
+CVE-2022-21233
+	RESERVED
+CVE-2022-21128
+	RESERVED
+CVE-2022-0492
+	RESERVED
+CVE-2022-0491
+	RESERVED
+CVE-2022-0490
+	RESERVED
+CVE-2022-0489
+	RESERVED
+CVE-2022-0488
+	RESERVED
 CVE-2022-24399
 	RESERVED
 CVE-2022-24398
@@ -33,6 +79,7 @@ CVE-2022-24384
 CVE-2022-21241
 	RESERVED
 CVE-2022-0487 [Use after free in moxart_remove]
+	RESERVED
 	- linux <unfixed>
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1194516
 	NOTE: https://lore.kernel.org/all/20220114075934.302464-1-gregkh@linuxfoundation.org/
@@ -705,68 +752,68 @@ CVE-2022-24174
 	RESERVED
 CVE-2022-24173
 	RESERVED
-CVE-2022-24172
-	RESERVED
-CVE-2022-24171
-	RESERVED
-CVE-2022-24170
-	RESERVED
-CVE-2022-24169
-	RESERVED
-CVE-2022-24168
-	RESERVED
-CVE-2022-24167
-	RESERVED
-CVE-2022-24166
-	RESERVED
-CVE-2022-24165
-	RESERVED
-CVE-2022-24164
-	RESERVED
-CVE-2022-24163
-	RESERVED
-CVE-2022-24162
-	RESERVED
-CVE-2022-24161
-	RESERVED
-CVE-2022-24160
-	RESERVED
-CVE-2022-24159
-	RESERVED
-CVE-2022-24158
-	RESERVED
-CVE-2022-24157
-	RESERVED
-CVE-2022-24156
-	RESERVED
-CVE-2022-24155
-	RESERVED
-CVE-2022-24154
-	RESERVED
-CVE-2022-24153
-	RESERVED
-CVE-2022-24152
-	RESERVED
-CVE-2022-24151
-	RESERVED
-CVE-2022-24150
-	RESERVED
-CVE-2022-24149
-	RESERVED
-CVE-2022-24148
-	RESERVED
-CVE-2022-24147
-	RESERVED
-CVE-2022-24146
-	RESERVED
-CVE-2022-24145
-	RESERVED
-CVE-2022-24144
-	RESERVED
-CVE-2022-24143
-	RESERVED
-CVE-2022-24142
-	RESERVED
+CVE-2022-24172 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+	TODO: check
+CVE-2022-24171 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+	TODO: check
+CVE-2022-24170 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+	TODO: check
+CVE-2022-24169 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+	TODO: check
+CVE-2022-24168 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+	TODO: check
+CVE-2022-24167 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+	TODO: check
+CVE-2022-24166 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+	TODO: check
+CVE-2022-24165 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+	TODO: check
+CVE-2022-24164 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+	TODO: check
+CVE-2022-24163 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+	TODO: check
+CVE-2022-24162 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+	TODO: check
+CVE-2022-24161 (Tenda AX3 v16.03.12.10_CN was discovered to contain a heap overflow in ...)
+	TODO: check
+CVE-2022-24160 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+	TODO: check
+CVE-2022-24159 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+	TODO: check
+CVE-2022-24158 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+	TODO: check
+CVE-2022-24157 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+	TODO: check
+CVE-2022-24156 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+	TODO: check
+CVE-2022-24155 (Tenda AX3 v16.03.12.10_CN was discovered to contain a heap overflow in ...)
+	TODO: check
+CVE-2022-24154 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+	TODO: check
+CVE-2022-24153 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+	TODO: check
+CVE-2022-24152 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+	TODO: check
+CVE-2022-24151 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+	TODO: check
+CVE-2022-24150 (Tenda AX3 v16.03.12.10_CN was discovered to contain a command injectio ...)
+	TODO: check
+CVE-2022-24149 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+	TODO: check
+CVE-2022-24148 (Tenda AX3 v16.03.12.10_CN was discovered to contain a command injectio ...)
+	TODO: check
+CVE-2022-24147 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+	TODO: check
+CVE-2022-24146 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+	TODO: check
+CVE-2022-24145 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+	TODO: check
+CVE-2022-24144 (Tenda AX3 v16.03.12.10_CN was discovered to contain a command injectio ...)
+	TODO: check
+CVE-2022-24143 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+	TODO: check
+CVE-2022-24142 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+	TODO: check
 CVE-2022-24141
 	RESERVED
 CVE-2022-24140
@@ -2030,18 +2077,18 @@ CVE-2021-46459 (Victor CMS v1.0 was discovered to contain multiple SQL injection
 	NOT-FOR-US: Victor CMS
 CVE-2021-46458 (Victor CMS v1.0 was discovered to contain a SQL injection vulnerabilit ...)
 	NOT-FOR-US: Victor CMS
-CVE-2021-46457
-	RESERVED
-CVE-2021-46456
-	RESERVED
-CVE-2021-46455
-	RESERVED
-CVE-2021-46454
-	RESERVED
-CVE-2021-46453
-	RESERVED
-CVE-2021-46452
-	RESERVED
+CVE-2021-46457 (D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a co ...)
+	TODO: check
+CVE-2021-46456 (D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a co ...)
+	TODO: check
+CVE-2021-46455 (D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a co ...)
+	TODO: check
+CVE-2021-46454 (D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a co ...)
+	TODO: check
+CVE-2021-46453 (D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a co ...)
+	TODO: check
+CVE-2021-46452 (D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a co ...)
+	TODO: check
 CVE-2021-46451 (An SQL Injection vulnerabilty exists in Sourcecodester Online Project  ...)
 	NOT-FOR-US: Sourcecodester
 CVE-2021-46450
@@ -5297,22 +5344,22 @@ CVE-2021-46234 (A NULL pointer dereference vulnerability exists in GPAC v1.1.0 v
 	[buster] - gpac <ignored> (Minor issue)
 	NOTE: https://github.com/gpac/gpac/issues/2023
 	NOTE: https://github.com/gpac/gpac/commit/70c6f6f832dccff814a19a74d87b97b3d68a4af5
-CVE-2021-46233
-	RESERVED
-CVE-2021-46232
-	RESERVED
-CVE-2021-46231
-	RESERVED
-CVE-2021-46230
-	RESERVED
-CVE-2021-46229
-	RESERVED
-CVE-2021-46228
-	RESERVED
-CVE-2021-46227
-	RESERVED
-CVE-2021-46226
-	RESERVED
+CVE-2021-46233 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...)
+	TODO: check
+CVE-2021-46232 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...)
+	TODO: check
+CVE-2021-46231 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...)
+	TODO: check
+CVE-2021-46230 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...)
+	TODO: check
+CVE-2021-46229 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...)
+	TODO: check
+CVE-2021-46228 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...)
+	TODO: check
+CVE-2021-46227 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...)
+	TODO: check
+CVE-2021-46226 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a co ...)
+	TODO: check
 CVE-2021-46225 (A buffer overflow in the GmfOpenMesh() function of libMeshb v7.61 allo ...)
 	NOT-FOR-US: libMeshb
 CVE-2021-46224
@@ -7421,32 +7468,32 @@ CVE-2021-46000
 	RESERVED
 CVE-2021-45999
 	RESERVED
-CVE-2021-45998
-	RESERVED
-CVE-2021-45997
-	RESERVED
-CVE-2021-45996
-	RESERVED
-CVE-2021-45995
-	RESERVED
-CVE-2021-45994
-	RESERVED
-CVE-2021-45993
-	RESERVED
-CVE-2021-45992
-	RESERVED
-CVE-2021-45991
-	RESERVED
-CVE-2021-45990
-	RESERVED
-CVE-2021-45989
-	RESERVED
-CVE-2021-45988
-	RESERVED
-CVE-2021-45987
-	RESERVED
-CVE-2021-45986
-	RESERVED
+CVE-2021-45998 (D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered to co ...)
+	TODO: check
+CVE-2021-45997 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+	TODO: check
+CVE-2021-45996 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+	TODO: check
+CVE-2021-45995 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+	TODO: check
+CVE-2021-45994 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+	TODO: check
+CVE-2021-45993 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+	TODO: check
+CVE-2021-45992 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+	TODO: check
+CVE-2021-45991 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+	TODO: check
+CVE-2021-45990 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+	TODO: check
+CVE-2021-45989 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+	TODO: check
+CVE-2021-45988 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+	TODO: check
+CVE-2021-45987 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+	TODO: check
+CVE-2021-45986 (Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contai ...)
+	TODO: check
 CVE-2021-45985
 	RESERVED
 CVE-2021-4197 [cgroup: Use open-time creds and namespace for migration perm checks]
@@ -8374,26 +8421,26 @@ CVE-2021-45744 (A Stored Cross Site Scripting (XSS) vulnerability exists in blud
 	NOT-FOR-US: Bludit
 CVE-2021-45743
 	RESERVED
-CVE-2021-45742
-	RESERVED
-CVE-2021-45741
-	RESERVED
-CVE-2021-45740
-	RESERVED
-CVE-2021-45739
-	RESERVED
-CVE-2021-45738
-	RESERVED
-CVE-2021-45737
-	RESERVED
-CVE-2021-45736
-	RESERVED
-CVE-2021-45735
-	RESERVED
-CVE-2021-45734
-	RESERVED
-CVE-2021-45733
-	RESERVED
+CVE-2021-45742 (TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a comm ...)
+	TODO: check
+CVE-2021-45741 (TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a sta ...)
+	TODO: check
+CVE-2021-45740 (TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stac ...)
+	TODO: check
+CVE-2021-45739 (TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stac ...)
+	TODO: check
+CVE-2021-45738 (TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a com ...)
+	TODO: check
+CVE-2021-45737 (TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stac ...)
+	TODO: check
+CVE-2021-45736 (TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a sta ...)
+	TODO: check
+CVE-2021-45735 (TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to use the HTTP  ...)
+	TODO: check
+CVE-2021-45734 (TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a sta ...)
+	TODO: check
+CVE-2021-45733 (TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a com ...)
+	TODO: check
 CVE-2021-4180
 	RESERVED
 	- tripleo-heat-templates <removed>
@@ -9996,8 +10043,8 @@ CVE-2021-45270
 	RESERVED
 CVE-2021-45269
 	RESERVED
-CVE-2021-45268
-	RESERVED
+CVE-2021-45268 (A Cross Site Request Forgery (CSRF) vulnerability exists in Backdrop C ...)
+	TODO: check
 CVE-2021-45267 (An invalid memory address dereference vulnerability exists in gpac 1.1 ...)
 	- gpac <unfixed>
 	NOTE: https://github.com/gpac/gpac/issues/1965
@@ -11477,12 +11524,12 @@ CVE-2021-44884
 	RESERVED
 CVE-2021-44883
 	RESERVED
-CVE-2021-44882
-	RESERVED
-CVE-2021-44881
-	RESERVED
-CVE-2021-44880
-	RESERVED
+CVE-2021-44882 (D-Link device DIR_878_FW1.30B08_Hotfix_02 was discovered to contain a  ...)
+	TODO: check
+CVE-2021-44881 (D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered to co ...)
+	TODO: check
+CVE-2021-44880 (D-Link devices DIR_878 DIR_878_FW1.30B08_Hotfix_02 and DIR_882 DIR_882 ...)
+	TODO: check
 CVE-2021-44879
 	RESERVED
 CVE-2021-44878 (Pac4j v5.1 and earlier allows (by default) clients to accept and succe ...)
@@ -13347,10 +13394,10 @@ CVE-2021-44249 (Online Motorcycle (Bike) Rental System 1.0 is vulnerable to a Bl
 	NOT-FOR-US: Online Motorcycle (Bike) Rental System
 CVE-2021-44248
 	RESERVED
-CVE-2021-44247
-	RESERVED
-CVE-2021-44246
-	RESERVED
+CVE-2021-44247 (Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B201 ...)
+	TODO: check
+CVE-2021-44246 (Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B201 ...)
+	TODO: check
 CVE-2021-44245 (An SQL Injection vulnerability exists in Courcecodester COVID 19 Testi ...)
 	NOT-FOR-US: Sourcecodester COVID 19 Testing Management System (CTMS)
 CVE-2021-44244 (An SQL Injection vulnerabiity exists in Sourcecodester Logistic Hub Pa ...)
@@ -107784,12 +107831,14 @@ CVE-2020-19863
 CVE-2020-19862
 	RESERVED
 CVE-2020-19861 (When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt ...)
+	{DLA-2910-1}
 	- ldns <unfixed>
 	[bullseye] - ldns <no-dsa> (Minor issue)
 	[buster] - ldns <no-dsa> (Minor issue)
 	NOTE: https://github.com/NLnetLabs/ldns/issues/51
 	NOTE: https://github.com/NLnetLabs/ldns/commit/136ec420437041fe13f344a2053e774f9050cc38 (1.8.0-rc.1)
 CVE-2020-19860 (When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_ ...)
+	{DLA-2910-1}
 	- ldns <unfixed>
 	[bullseye] - ldns <no-dsa> (Minor issue)
 	[buster] - ldns <no-dsa> (Minor issue)
@@ -271976,13 +272025,14 @@ CVE-2017-1000235 (I, Librarian version &lt;=4.6 &amp; 4.7 is vulnerable to OS Co
 CVE-2017-1000234 (I, Librarian version &lt;=4.6 &amp; 4.7 is vulnerable to Directory Enu ...)
 	- i-librarian <itp> (bug #649291)
 CVE-2017-1000232 (A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecifi ...)
+	{DLA-2910-1}
 	- ldns 1.7.0-4 (bug #882014)
 	[jessie] - ldns <no-dsa> (Minor issue)
 	[wheezy] - ldns <not-affected> (Vulnerable code not present)
 	NOTE: https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=1257
 	NOTE: https://github.com/NLnetLabs/ldns/commit/3bdeed02505c9bbacb3b64a97ddcb1de967153b7
 CVE-2017-1000231 (A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified  ...)
-	{DLA-1182-1}
+	{DLA-2910-1 DLA-1182-1}
 	- ldns 1.7.0-4 (bug #882015)
 	[jessie] - ldns <no-dsa> (Minor issue)
 	NOTE: https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=1256
author	security tracker role <sectracker@soriano.debian.org>	2022-02-04 08:10:17 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2022-02-04 08:10:17 +0000
commit	c274b8005a82ead0c8f982c2f7ab1ed1a81f6218 (patch)
tree	968127a1f19c7f97c915b0acfd6a8375fd32214b /data
parent	856f1488142d67d47ad91802aba1a7f6040a859d (diff)