From 29d18160fa71c28e3a81f3d6031be83a4ecfdcd5 Mon Sep 17 00:00:00 2001
From: security tracker role <sectracker@soriano.debian.org>
Date: Wed, 23 Mar 2022 08:10:15 +0000
Subject: automatic update

---
 data/CVE/list | 57 +++++++++++++++++++++++++++++++++++++++++++--------------
 1 file changed, 43 insertions(+), 14 deletions(-)

(limited to 'data')

diff --git a/data/CVE/list b/data/CVE/list
index 28e1deee2c..7704bea064 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,31 @@
+CVE-2022-27666 (In the Linux kernel before 5.16.15, there is a buffer overflow in ESP  ...)
+	TODO: check
+CVE-2022-27665
+	RESERVED
+CVE-2022-27664
+	RESERVED
+CVE-2022-27663
+	RESERVED
+CVE-2022-27658
+	RESERVED
+CVE-2022-27657
+	RESERVED
+CVE-2022-27656
+	RESERVED
+CVE-2022-27655
+	RESERVED
+CVE-2022-27654
+	RESERVED
+CVE-2022-26518
+	RESERVED
+CVE-2022-26422
+	RESERVED
+CVE-2022-26420
+	RESERVED
+CVE-2022-26075
+	RESERVED
+CVE-2022-1056
+	RESERVED
 CVE-2022-XXXX [Possible man-in-the-middle attack in TLS connection to servers]
 	- weechat 3.4.1-1
 	NOTE: https://weechat.org/doc/security/WSA-2022-1/
@@ -56,6 +84,7 @@ CVE-2022-1045
 CVE-2022-1044
 	RESERVED
 CVE-2022-1043 [Linux Kernel io_uring Use-After-Free Privilege Escalation Vulnerability]
+	RESERVED
 	- linux 5.14.6-1
 	[bullseye] - linux 5.10.70-1
 	[buster] - linux <not-affected> (Vulnerable code not present)
@@ -848,8 +877,8 @@ CVE-2022-1033
 	RESERVED
 CVE-2022-1032
 	RESERVED
-CVE-2022-1031
-	RESERVED
+CVE-2022-1031 (Use After Free in op_is_set_bp in GitHub repository radareorg/radare2  ...)
+	TODO: check
 CVE-2022-27258
 	RESERVED
 CVE-2022-27257
@@ -3720,14 +3749,14 @@ CVE-2022-26191
 	RESERVED
 CVE-2022-26190
 	RESERVED
-CVE-2022-26189
-	RESERVED
-CVE-2022-26188
-	RESERVED
-CVE-2022-26187
-	RESERVED
-CVE-2022-26186
-	RESERVED
+CVE-2022-26189 (TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a com ...)
+	TODO: check
+CVE-2022-26188 (TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a com ...)
+	TODO: check
+CVE-2022-26187 (TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a com ...)
+	TODO: check
+CVE-2022-26186 (TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a com ...)
+	TODO: check
 CVE-2022-26185
 	RESERVED
 CVE-2022-26184 (Poetry v1.1.9 and below was discovered to contain an untrusted search  ...)
@@ -5503,8 +5532,8 @@ CVE-2022-25520
 	RESERVED
 CVE-2022-25519
 	RESERVED
-CVE-2022-25518
-	RESERVED
+CVE-2022-25518 (In CMDBuild from version 3.0 to 3.3.2 payload requests are saved in a  ...)
+	TODO: check
 CVE-2022-25517 (MyBatis plus v3.4.3 was discovered to contain a SQL injection vulnerab ...)
 	TODO: check
 CVE-2022-25516 (stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow  ...)
@@ -51558,8 +51587,8 @@ CVE-2021-33963 (China Mobile An Lianbao WF-1 v1.0.1 router web interface through
 	NOT-FOR-US: China Mobile An Lianbao WF-1 router web interface
 CVE-2021-33962 (China Mobile An Lianbao WF-1 router v1.0.1 is affected by an OS comman ...)
 	NOT-FOR-US: China Mobile An Lianbao WF-1 router
-CVE-2021-33961
-	RESERVED
+CVE-2021-33961 (A Cross Site Scripting (XSS) vulnerabililty exists in enhanced-github  ...)
+	TODO: check
 CVE-2021-33960
 	RESERVED
 CVE-2021-33959
-- 
cgit v1.2.3