From 282212d8681f3f2e0e4ce5579ceae4a48011076d Mon Sep 17 00:00:00 2001 From: security tracker role Date: Wed, 19 Jan 2022 08:10:09 +0000 Subject: automatic update --- data/CVE/list | 270 ++++++++++++++++++++++++++++++++++------------------------ 1 file changed, 160 insertions(+), 110 deletions(-) (limited to 'data/CVE/list') diff --git a/data/CVE/list b/data/CVE/list index f9cccbd32c..0706860a7b 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,73 @@ +CVE-2022-23436 + RESERVED +CVE-2022-23435 (decoding.c in android-gif-drawable before 1.2.24 does not limit the ma ...) + TODO: check +CVE-2022-23434 + RESERVED +CVE-2022-23433 + RESERVED +CVE-2022-23432 + RESERVED +CVE-2022-23431 + RESERVED +CVE-2022-23430 + RESERVED +CVE-2022-23429 + RESERVED +CVE-2022-23428 + RESERVED +CVE-2022-23427 + RESERVED +CVE-2022-23426 + RESERVED +CVE-2022-23425 + RESERVED +CVE-2022-23424 + RESERVED +CVE-2022-23423 + RESERVED +CVE-2022-23422 + RESERVED +CVE-2022-23421 + RESERVED +CVE-2022-23420 + RESERVED +CVE-2022-23419 + RESERVED +CVE-2022-23418 + RESERVED +CVE-2022-23417 + RESERVED +CVE-2022-23416 + RESERVED +CVE-2022-23415 + RESERVED +CVE-2022-23414 + RESERVED +CVE-2022-23413 + RESERVED +CVE-2022-23412 + RESERVED +CVE-2022-23411 + RESERVED +CVE-2022-23410 + RESERVED +CVE-2022-23409 + RESERVED +CVE-2022-23408 (wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situatio ...) + TODO: check +CVE-2022-23407 + RESERVED +CVE-2022-23406 + RESERVED +CVE-2022-23405 + RESERVED +CVE-2022-23404 + RESERVED +CVE-2022-0276 + RESERVED +CVE-2022-0275 + RESERVED CVE-2022-23398 RESERVED CVE-2022-23397 @@ -392,8 +462,8 @@ CVE-2022-23309 RESERVED CVE-2022-23308 RESERVED -CVE-2022-0266 - RESERVED +CVE-2022-0266 (Authorization Bypass Through User-Controlled Key in Packagist remdex/l ...) + TODO: check CVE-2022-0265 RESERVED CVE-2022-23307 (CVE-2020-9493 identified a deserialization issue that was present in A ...) @@ -5637,88 +5707,63 @@ CVE-2022-22182 RESERVED CVE-2022-22181 RESERVED -CVE-2022-22180 - RESERVED +CVE-2022-22180 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...) NOT-FOR-US: Juniper -CVE-2022-22179 - RESERVED +CVE-2022-22179 (A Improper Validation of Specified Index, Position, or Offset in Input ...) NOT-FOR-US: Juniper -CVE-2022-22178 - RESERVED +CVE-2022-22178 (A Stack-based Buffer Overflow vulnerability in the flow processing dae ...) NOT-FOR-US: Juniper -CVE-2022-22177 - RESERVED +CVE-2022-22177 (A release of illegal memory vulnerability in the snmpd daemon of Junip ...) NOT-FOR-US: Juniper -CVE-2022-22176 - RESERVED +CVE-2022-22176 (An Improper Validation of Syntactic Correctness of Input vulnerability ...) NOT-FOR-US: Juniper -CVE-2022-22175 - RESERVED +CVE-2022-22175 (An Improper Locking vulnerability in the SIP ALG of Juniper Networks J ...) NOT-FOR-US: Juniper -CVE-2022-22174 - RESERVED +CVE-2022-22174 (A vulnerability in the processing of inbound IPv6 packets in Juniper N ...) NOT-FOR-US: Juniper -CVE-2022-22173 - RESERVED +CVE-2022-22173 (A Missing Release of Memory after Effective Lifetime vulnerability in ...) NOT-FOR-US: Juniper -CVE-2022-22172 - RESERVED +CVE-2022-22172 (A Missing Release of Memory after Effective Lifetime vulnerability in ...) NOT-FOR-US: Juniper -CVE-2022-22171 - RESERVED +CVE-2022-22171 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...) NOT-FOR-US: Juniper -CVE-2022-22170 - RESERVED +CVE-2022-22170 (A Missing Release of Resource after Effective Lifetime vulnerability i ...) NOT-FOR-US: Juniper -CVE-2022-22169 - RESERVED -CVE-2022-22168 - RESERVED +CVE-2022-22169 (An Improper Initialization vulnerability in the routing protocol daemo ...) + TODO: check +CVE-2022-22168 (An Improper Validation of Specified Type of Input vulnerability in the ...) NOT-FOR-US: Juniper -CVE-2022-22167 - RESERVED +CVE-2022-22167 (A traffic classification vulnerability in Juniper Networks Junos OS on ...) NOT-FOR-US: Juniper -CVE-2022-22166 - RESERVED +CVE-2022-22166 (An Improper Validation of Specified Quantity in Input vulnerability in ...) NOT-FOR-US: Juniper CVE-2022-22165 RESERVED -CVE-2022-22164 - RESERVED +CVE-2022-22164 (An Improper Initialization vulnerability in Juniper Networks Junos OS ...) NOT-FOR-US: Juniper -CVE-2022-22163 - RESERVED +CVE-2022-22163 (An Improper Input Validation vulnerability in the Juniper DHCP daemon ...) NOT-FOR-US: Juniper -CVE-2022-22162 - RESERVED +CVE-2022-22162 (A Generation of Error Message Containing Sensitive Information vulnera ...) NOT-FOR-US: Juniper -CVE-2022-22161 - RESERVED +CVE-2022-22161 (An Uncontrolled Resource Consumption vulnerability in the kernel of Ju ...) NOT-FOR-US: Juniper -CVE-2022-22160 - RESERVED +CVE-2022-22160 (An Unchecked Error Condition vulnerability in the subscriber managemen ...) NOT-FOR-US: Juniper -CVE-2022-22159 - RESERVED +CVE-2022-22159 (A vulnerability in the NETISR network queue functionality of Juniper N ...) NOT-FOR-US: Juniper CVE-2022-22158 RESERVED -CVE-2022-22157 - RESERVED +CVE-2022-22157 (A traffic classification vulnerability in Juniper Networks Junos OS on ...) NOT-FOR-US: Juniper -CVE-2022-22156 - RESERVED +CVE-2022-22156 (An Improper Certificate Validation weakness in the Juniper Networks Ju ...) NOT-FOR-US: Juniper -CVE-2022-22155 - RESERVED +CVE-2022-22155 (An Uncontrolled Resource Consumption vulnerability in the handling of ...) NOT-FOR-US: Juniper -CVE-2022-22154 - RESERVED +CVE-2022-22154 (In a Junos Fusion scenario an External Control of Critical State Data ...) NOT-FOR-US: Juniper -CVE-2022-22153 - RESERVED -CVE-2022-22152 - RESERVED +CVE-2022-22153 (An Insufficient Algorithmic Complexity combined with an Allocation of ...) + TODO: check +CVE-2022-22152 (A Protection Mechanism Failure vulnerability in the REST API of Junipe ...) NOT-FOR-US: Juniper CVE-2022-21800 RESERVED @@ -7958,14 +8003,14 @@ CVE-2021-44841 RESERVED CVE-2021-44840 (An issue was discovered in Delta RM 1.2. Using an privileged account, ...) NOT-FOR-US: Delta RM -CVE-2021-44839 - RESERVED +CVE-2021-44839 (An issue was discovered in Delta RM 1.2. It is possible to request a n ...) + TODO: check CVE-2021-44838 (An issue was discovered in Delta RM 1.2. Using the /risque/risque/ajax ...) NOT-FOR-US: Delta RM CVE-2021-44837 RESERVED -CVE-2021-44836 - RESERVED +CVE-2021-44836 (An issue was discovered in Delta RM 1.2. The /risque/risque/workflow/r ...) + TODO: check CVE-2021-44835 RESERVED CVE-2021-44834 @@ -10718,32 +10763,32 @@ CVE-2022-21702 RESERVED CVE-2022-21701 RESERVED -CVE-2022-21700 - RESERVED +CVE-2022-21700 (Micronaut is a JVM-based, full stack Java framework designed for build ...) + TODO: check CVE-2022-21699 RESERVED CVE-2022-21698 RESERVED CVE-2022-21697 RESERVED -CVE-2022-21696 - RESERVED -CVE-2022-21695 - RESERVED -CVE-2022-21694 - RESERVED -CVE-2022-21693 - RESERVED -CVE-2022-21692 - RESERVED -CVE-2022-21691 - RESERVED -CVE-2022-21690 - RESERVED -CVE-2022-21689 - RESERVED -CVE-2022-21688 - RESERVED +CVE-2022-21696 (OnionShare is an open source tool that lets you securely and anonymous ...) + TODO: check +CVE-2022-21695 (OnionShare is an open source tool that lets you securely and anonymous ...) + TODO: check +CVE-2022-21694 (OnionShare is an open source tool that lets you securely and anonymous ...) + TODO: check +CVE-2022-21693 (OnionShare is an open source tool that lets you securely and anonymous ...) + TODO: check +CVE-2022-21692 (OnionShare is an open source tool that lets you securely and anonymous ...) + TODO: check +CVE-2022-21691 (OnionShare is an open source tool that lets you securely and anonymous ...) + TODO: check +CVE-2022-21690 (OnionShare is an open source tool that lets you securely and anonymous ...) + TODO: check +CVE-2022-21689 (OnionShare is an open source tool that lets you securely and anonymous ...) + TODO: check +CVE-2022-21688 (OnionShare is an open source tool that lets you securely and anonymous ...) + TODO: check CVE-2022-21687 RESERVED CVE-2022-21686 @@ -10775,8 +10820,8 @@ CVE-2022-21675 (Bytecode Viewer (BCV) is a Java/Android reverse engineering suit TODO: check CVE-2022-21674 RESERVED -CVE-2022-21673 - RESERVED +CVE-2022-21673 (Grafana is an open-source platform for monitoring and observability. I ...) + TODO: check CVE-2022-21672 (make-ca is a utility to deliver and manage a complete PKI configuratio ...) TODO: check CVE-2022-21671 (@replit/crosis is a JavaScript client that speaks Replit's container p ...) @@ -43760,8 +43805,8 @@ CVE-2021-31823 RESERVED CVE-2021-31822 (When Octopus Tentacle is installed on a Linux operating system, the sy ...) NOT-FOR-US: Octopus Tentacle -CVE-2021-31821 - RESERVED +CVE-2021-31821 (When the Windows Tentacle docker image starts up it logs all the comma ...) + TODO: check CVE-2021-31820 (In Octopus Server after version 2018.8.2 if the Octopus Server Web Req ...) NOT-FOR-US: Octopus Server CVE-2021-31819 (In Halibut versions prior to 4.4.7 there is a deserialisation vulnerab ...) @@ -58517,57 +58562,57 @@ CVE-2021-26068 (An endpoint in Atlassian Jira Server for Slack plugin from versi CVE-2021-26067 (Affected versions of Atlassian Bamboo allow an unauthenticated remote ...) NOT-FOR-US: Atlassian CVE-2021-26066 - RESERVED + REJECTED CVE-2021-26065 - RESERVED + REJECTED CVE-2021-26064 - RESERVED + REJECTED CVE-2021-26063 - RESERVED + REJECTED CVE-2021-26062 - RESERVED + REJECTED CVE-2021-26061 - RESERVED + REJECTED CVE-2021-26060 - RESERVED + REJECTED CVE-2021-26059 - RESERVED + REJECTED CVE-2021-26058 - RESERVED + REJECTED CVE-2021-26057 - RESERVED + REJECTED CVE-2021-26056 - RESERVED + REJECTED CVE-2021-26055 - RESERVED + REJECTED CVE-2021-26054 - RESERVED + REJECTED CVE-2021-26053 - RESERVED + REJECTED CVE-2021-26052 - RESERVED + REJECTED CVE-2021-26051 - RESERVED + REJECTED CVE-2021-26050 - RESERVED + REJECTED CVE-2021-26049 - RESERVED + REJECTED CVE-2021-26048 - RESERVED + REJECTED CVE-2021-26047 - RESERVED + REJECTED CVE-2021-26046 - RESERVED + REJECTED CVE-2021-26045 - RESERVED + REJECTED CVE-2021-26044 - RESERVED + REJECTED CVE-2021-26043 - RESERVED + REJECTED CVE-2021-26042 - RESERVED + REJECTED CVE-2021-26041 - RESERVED + REJECTED CVE-2021-26040 (An issue was discovered in Joomla! 4.0.0. The media manager does not c ...) NOT-FOR-US: Joomla! CVE-2021-26039 (An issue was discovered in Joomla! 3.0.0 through 3.9.27. Inadequate es ...) @@ -81420,6 +81465,7 @@ CVE-2021-1097 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU CVE-2021-1096 (NVIDIA Windows GPU Display Driver for Windows contains a vulnerability ...) NOT-FOR-US: NVIDIA Windows GPU Display Driver for Windows CVE-2021-1095 (NVIDIA GPU Display Driver for Windows and Linux contains a vulnerabili ...) + {DLA-2888-1} - nvidia-graphics-drivers 460.91.03-1 (bug #991351) [buster] - nvidia-graphics-drivers 418.211.00-1 - nvidia-graphics-drivers-legacy-390xx 390.144-1 (bug #991353) @@ -81433,6 +81479,7 @@ CVE-2021-1095 (NVIDIA GPU Display Driver for Windows and Linux contains a vulner - nvidia-graphics-drivers-tesla-418 418.211.00-1 (bug #991354) NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5211 CVE-2021-1094 (NVIDIA GPU Display Driver for Windows and Linux contains a vulnerabili ...) + {DLA-2888-1} - nvidia-graphics-drivers 460.91.03-1 (bug #991351) [buster] - nvidia-graphics-drivers 418.211.00-1 - nvidia-graphics-drivers-legacy-390xx 390.144-1 (bug #991353) @@ -81446,6 +81493,7 @@ CVE-2021-1094 (NVIDIA GPU Display Driver for Windows and Linux contains a vulner - nvidia-graphics-drivers-tesla-418 418.211.00-1 (bug #991354) NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5211 CVE-2021-1093 (NVIDIA GPU Display Driver for Windows and Linux contains a vulnerabili ...) + {DLA-2888-1} - nvidia-graphics-drivers 460.91.03-1 (bug #991351) [buster] - nvidia-graphics-drivers 418.211.00-1 - nvidia-graphics-drivers-legacy-390xx 390.144-1 (bug #991353) @@ -81496,6 +81544,7 @@ CVE-2021-1077 (NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 dr - nvidia-graphics-drivers-tesla-450 450.119.03-1 (bug #987221) - nvidia-graphics-drivers-tesla-460 460.73.01-1 (bug #987222) CVE-2021-1076 (NVIDIA GPU Display Driver for Windows and Linux, all versions, contain ...) + {DLA-2888-1} - nvidia-graphics-drivers 460.73.01-1 (bug #987216) [buster] - nvidia-graphics-drivers 418.197.02-1 - nvidia-graphics-drivers-legacy-340xx (bug #987217) @@ -81546,6 +81595,7 @@ CVE-2021-1058 (NVIDIA vGPU software contains a vulnerability in the guest kernel CVE-2021-1057 (NVIDIA Virtual GPU Manager NVIDIA vGPU manager contains a vulnerabilit ...) NOT-FOR-US: NVIDIA Virtual GPU Manager NVIDIA vGPU manager CVE-2021-1056 (NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerab ...) + {DLA-2888-1} - nvidia-graphics-drivers 460.32.03-1 (bug #979670) [buster] - nvidia-graphics-drivers 418.181.07-1 - nvidia-graphics-drivers-legacy-340xx (bug #979671) -- cgit v1.2.3