From c663e63c91c07814e1ac3a0ac8283f214a51c46e Mon Sep 17 00:00:00 2001 From: security tracker role Date: Fri, 20 May 2022 08:10:11 +0000 Subject: automatic update --- data/CVE/list | 99 +++++++++++++++++++++++++++++++++++++---------------------- 1 file changed, 63 insertions(+), 36 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index c08c3654b9..29fe53980d 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,27 @@ +CVE-2022-31246 + RESERVED +CVE-2022-31245 + RESERVED +CVE-2022-31244 + RESERVED +CVE-2022-31243 + RESERVED +CVE-2022-31242 + RESERVED +CVE-2022-31241 + RESERVED +CVE-2022-31240 + RESERVED +CVE-2022-1805 + RESERVED +CVE-2022-1804 + RESERVED +CVE-2022-1803 + RESERVED +CVE-2022-1802 + RESERVED +CVE-2020-36522 + RESERVED CVE-2022-31239 RESERVED CVE-2022-31238 @@ -698,8 +722,8 @@ CVE-2022-30946 (A cross-site request forgery (CSRF) vulnerability in Jenkins Scr NOT-FOR-US: Jenkins plugin CVE-2022-30945 (Jenkins Pipeline: Groovy Plugin 2689.v434009a_31b_f1 and earlier allow ...) NOT-FOR-US: Jenkins plugin -CVE-2022-1754 - RESERVED +CVE-2022-1754 (Integer Overflow or Wraparound in GitHub repository polonel/trudesk pr ...) + TODO: check CVE-2022-1753 (A vulnerability, which was classified as critical, was found in WoWond ...) NOT-FOR-US: WoWonder CVE-2022-1752 @@ -3443,7 +3467,7 @@ CVE-2022-29918 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-16/#CVE-2022-29918 CVE-2022-29917 RESERVED - {DSA-5129-1 DLA-2994-1} + {DSA-5141-1 DSA-5129-1 DLA-2994-1} - firefox 100.0-1 - firefox-esr 91.9.0esr-1 - thunderbird 1:91.9.0-1 @@ -3452,7 +3476,7 @@ CVE-2022-29917 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-29917 CVE-2022-29916 RESERVED - {DSA-5129-1 DLA-2994-1} + {DSA-5141-1 DSA-5129-1 DLA-2994-1} - firefox 100.0-1 - firefox-esr 91.9.0esr-1 - thunderbird 1:91.9.0-1 @@ -3465,7 +3489,7 @@ CVE-2022-29915 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-16/#CVE-2022-29915 CVE-2022-29914 RESERVED - {DSA-5129-1 DLA-2994-1} + {DSA-5141-1 DSA-5129-1 DLA-2994-1} - firefox 100.0-1 - firefox-esr 91.9.0esr-1 - thunderbird 1:91.9.0-1 @@ -3474,11 +3498,12 @@ CVE-2022-29914 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-29914 CVE-2022-29913 RESERVED + {DSA-5141-1} - thunderbird 1:91.9.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-29913 CVE-2022-29912 RESERVED - {DSA-5129-1 DLA-2994-1} + {DSA-5141-1 DSA-5129-1 DLA-2994-1} - firefox 100.0-1 - firefox-esr 91.9.0esr-1 - thunderbird 1:91.9.0-1 @@ -3487,7 +3512,7 @@ CVE-2022-29912 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-29912 CVE-2022-29911 RESERVED - {DSA-5129-1 DLA-2994-1} + {DSA-5141-1 DSA-5129-1 DLA-2994-1} - firefox 100.0-1 - firefox-esr 91.9.0esr-1 - thunderbird 1:91.9.0-1 @@ -3500,7 +3525,7 @@ CVE-2022-29910 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-16/#CVE-2022-29910 CVE-2022-29909 RESERVED - {DSA-5129-1 DLA-2994-1} + {DSA-5141-1 DSA-5129-1 DLA-2994-1} - firefox 100.0-1 - firefox-esr 91.9.0esr-1 - thunderbird 1:91.9.0-1 @@ -3657,6 +3682,7 @@ CVE-2022-1521 RESERVED CVE-2022-1520 RESERVED + {DSA-5141-1} - thunderbird 1:91.9.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-1520 CVE-2022-1519 @@ -4370,8 +4396,8 @@ CVE-2022-29654 RESERVED CVE-2022-29653 RESERVED -CVE-2022-29652 - RESERVED +CVE-2022-29652 (Online Sports Complex Booking System 1.0 is vulnerable to SQL Injectio ...) + TODO: check CVE-2022-29651 RESERVED CVE-2022-29650 @@ -5320,8 +5346,8 @@ CVE-2022-29306 (IonizeCMS v1.0.8.1 was discovered to contain a SQL injection vul NOT-FOR-US: Ionize CMS CVE-2022-29305 RESERVED -CVE-2022-29304 - RESERVED +CVE-2022-29304 (Online Sports Complex Booking System 1.0 is vulnerable to SQL Injectio ...) + TODO: check CVE-2022-29303 (SolarView Compact ver.6.00 was discovered to contain a command injecti ...) NOT-FOR-US: SolarView Compact CVE-2022-29302 (SolarView Compact ver.6.00 was discovered to contain a local file disc ...) @@ -6266,12 +6292,12 @@ CVE-2022-28989 RESERVED CVE-2022-28988 RESERVED -CVE-2022-28987 - RESERVED +CVE-2022-28987 (ManageEngine ADSelfService Plus v6.1 allows attackers to perform usern ...) + TODO: check CVE-2022-28986 (LMS Doctor Simple 2 Factor Authentication Plugin For Moodle Affected: ...) NOT-FOR-US: LMS Doctor Simple 2 Factor Authentication Plugin For Moodle -CVE-2022-28985 - RESERVED +CVE-2022-28985 (A stored cross-site scripting (XSS) vulnerability in the addNewPost co ...) + TODO: check CVE-2022-28984 RESERVED CVE-2022-28983 @@ -6310,28 +6336,28 @@ CVE-2022-28967 RESERVED CVE-2022-28966 (Wasm3 0.5.0 has a heap-based buffer overflow in NewCodePage in m3_code ...) NOT-FOR-US: wasm3 -CVE-2022-28965 - RESERVED -CVE-2022-28964 - RESERVED +CVE-2022-28965 (Multiple DLL hijacking vulnerabilities via the components instup.exe a ...) + TODO: check +CVE-2022-28964 (An arbitrary file write vulnerability in Avast Premium Security before ...) + TODO: check CVE-2022-28963 RESERVED -CVE-2022-28962 - RESERVED -CVE-2022-28961 - RESERVED +CVE-2022-28962 (Online Sports Complex Booking System 1.0 is vulnerable to SQL Injectio ...) + TODO: check +CVE-2022-28961 (Spip Web Framework v3.1.13 and below was discovered to contain multipl ...) + {DSA-4798-1} - spip 3.2.8-1 NOTE: https://blog.spip.net/Mise-a-jour-CRITIQUE-de-securite-SPIP-3-2-8-et-SPIP-3-1-13.html?lang=fr NOTE: https://github.com/spip/SPIP/commit/0394b44774555ae8331b6e65e35065dfa0bb41e4 NOTE: https://github.com/spip/SPIP/commit/6c1650713fc948318852ace759aab8f1a84791cf -CVE-2022-28960 - RESERVED +CVE-2022-28960 (A PHP injection vulnerability in Spip before v3.2.8 allows attackers t ...) + {DSA-4798-1} - spip 3.2.8-1 NOTE: https://blog.spip.net/Mise-a-jour-CRITIQUE-de-securite-SPIP-3-2-8-et-SPIP-3-1-13.html?lang=fr NOTE: https://github.com/spip/SPIP/commit/0394b44774555ae8331b6e65e35065dfa0bb41e4 NOTE: https://github.com/spip/SPIP/commit/6c1650713fc948318852ace759aab8f1a84791cf -CVE-2022-28959 - RESERVED +CVE-2022-28959 (Multiple cross-site scripting (XSS) vulnerabilities in the component / ...) + TODO: check CVE-2022-28958 (D-Link DIR816L_FW206b01 was discovered to contain a remote code execut ...) NOT-FOR-US: D-Link CVE-2022-28957 @@ -6352,8 +6378,8 @@ CVE-2022-28950 RESERVED CVE-2022-28949 RESERVED -CVE-2022-28948 - RESERVED +CVE-2022-28948 (An issue in the Unmarshal function in Go-Yaml v3 causes the program to ...) + TODO: check CVE-2022-28947 RESERVED CVE-2022-28946 (An issue in the component ast/parser.go of Open Policy Agent v0.39.0 c ...) @@ -35576,8 +35602,8 @@ CVE-2022-21502 RESERVED CVE-2022-21501 RESERVED -CVE-2022-21500 - RESERVED +CVE-2022-21500 (Vulnerability in Oracle E-Business Suite (component: Manage Proxies). ...) + TODO: check CVE-2022-21499 RESERVED CVE-2022-21498 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...) @@ -35690,6 +35716,7 @@ CVE-2022-21451 (Vulnerability in the MySQL Server product of Oracle MySQL (compo CVE-2022-21450 (Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub produc ...) NOT-FOR-US: Oracle CVE-2022-21449 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) + {DSA-5128-1} - openjdk-17 17.0.3+7-1 - openjdk-18 18.0.1+10-1 CVE-2022-21448 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...) @@ -62471,8 +62498,8 @@ CVE-2021-34113 RESERVED CVE-2021-34112 RESERVED -CVE-2021-34111 - RESERVED +CVE-2021-34111 (Thecus 4800Eco was discovered to contain a command injection vulnerabi ...) + TODO: check CVE-2021-34110 (WinWaste.NET version 1.0.6183.16475 has incorrect permissions, allowin ...) NOT-FOR-US: WinWaste.NET CVE-2021-34109 @@ -169737,8 +169764,8 @@ CVE-2020-4109 RESERVED CVE-2020-4108 RESERVED -CVE-2020-4107 - RESERVED +CVE-2020-4107 (HCL Domino is affected by an Insufficient Access Control vulnerability ...) + TODO: check CVE-2020-4106 RESERVED CVE-2020-4105 -- cgit v1.2.3