diff options
author | security tracker role <sectracker@soriano.debian.org> | 2022-01-25 08:10:27 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2022-01-25 08:10:27 +0000 |
commit | 11446148c9312ecb49b1ffdaf9ba625a6333bc33 (patch) | |
tree | 6980b1f5f157547e080b0e5d3b6a531d83b02561 | |
parent | db61f3e251d42839b3f361c940c9ee56f674d07e (diff) |
automatic update
-rw-r--r-- | data/CVE/list.2017 | 2 | ||||
-rw-r--r-- | data/CVE/list.2020 | 4 | ||||
-rw-r--r-- | data/CVE/list.2021 | 98 | ||||
-rw-r--r-- | data/CVE/list.2022 | 76 |
4 files changed, 121 insertions, 59 deletions
diff --git a/data/CVE/list.2017 b/data/CVE/list.2017 index 4078027376..5f6baebde9 100644 --- a/data/CVE/list.2017 +++ b/data/CVE/list.2017 @@ -18082,7 +18082,7 @@ CVE-2017-12615 (When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP CVE-2017-12614 (It was noticed an XSS in certain 404 pages that could be exploited to ...) - airflow <itp> (bug #819700) CVE-2017-12613 (When apr_time_exp*() or apr_os_exp_time*() functions are invoked with ...) - {DLA-1162-1} + {DLA-2897-1 DLA-1162-1} - apr 1.6.3-1 (low; bug #879708) [jessie] - apr <no-dsa> (Minor issue) NOTE: mail-archives.apache.org/mod_mbox/apr-dev/201710.mbox/%3CCACsi252POs4toeJJciwg09_eu2cO3XFg%3DUqsPjXsfjDoeC3-UQ%40mail.gmail.com%3E diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index 1f15f9b70d..bbfb69501e 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -31190,8 +31190,8 @@ CVE-2020-17385 (Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL i NOT-FOR-US: Cellopoint Cellos CVE-2020-17384 (Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputte ...) NOT-FOR-US: Cellopoint Cellos -CVE-2020-17383 - RESERVED +CVE-2020-17383 (A directory traversal vulnerability on Telos Z/IP One devices through ...) + TODO: check CVE-2020-17382 (The MSI AmbientLink MsIo64 driver 1.0.0.8 has a Buffer Overflow (0x801 ...) NOT-FOR-US: MSI AmbientLink MsIo64 driver CVE-2020-17381 (An issue was discovered in Ghisler Total Commander 9.51. Due to insuff ...) diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 7aea5792af..09c16b2889 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -1,3 +1,9 @@ +CVE-2021-4212 + RESERVED +CVE-2021-4211 + RESERVED +CVE-2021-4210 + RESERVED CVE-2021-46558 RESERVED CVE-2021-46557 @@ -148,26 +154,26 @@ CVE-2021-46485 RESERVED CVE-2021-46484 RESERVED -CVE-2021-46483 - RESERVED -CVE-2021-46482 - RESERVED -CVE-2021-46481 - RESERVED -CVE-2021-46480 - RESERVED +CVE-2021-46483 (Jsish v3.5.0 was discovered to contain a heap buffer overflow via Bool ...) + TODO: check +CVE-2021-46482 (Jsish v3.5.0 was discovered to contain a heap buffer overflow via Numb ...) + TODO: check +CVE-2021-46481 (Jsish v3.5.0 was discovered to contain a memory leak via linenoise at ...) + TODO: check +CVE-2021-46480 (Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiV ...) + TODO: check CVE-2021-46479 RESERVED -CVE-2021-46478 - RESERVED -CVE-2021-46477 - RESERVED +CVE-2021-46478 (Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiC ...) + TODO: check +CVE-2021-46477 (Jsish v3.5.0 was discovered to contain a heap buffer overflow via RegE ...) + TODO: check CVE-2021-46476 RESERVED -CVE-2021-46475 - RESERVED -CVE-2021-46474 - RESERVED +CVE-2021-46475 (Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsi_ ...) + TODO: check +CVE-2021-46474 (Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiE ...) + TODO: check CVE-2021-46473 RESERVED CVE-2021-46472 @@ -3312,16 +3318,16 @@ CVE-2021-45228 RESERVED CVE-2021-45227 RESERVED -CVE-2021-45226 - RESERVED -CVE-2021-45225 - RESERVED -CVE-2021-45224 - RESERVED -CVE-2021-45223 - RESERVED -CVE-2021-45222 - RESERVED +CVE-2021-45226 (An issue was discovered in COINS Construction Cloud 11.12. Due to impr ...) + TODO: check +CVE-2021-45225 (An issue was discovered in COINS Construction Cloud 11.12. Due to impr ...) + TODO: check +CVE-2021-45224 (An issue was discovered in COINS Construction Cloud 11.12. In several ...) + TODO: check +CVE-2021-45223 (An issue was discovered in COINS Construction Cloud 11.12. Due to insu ...) + TODO: check +CVE-2021-45222 (An issue was discovered in COINS Construction Cloud 11.12. Due to logi ...) + TODO: check CVE-2021-45221 RESERVED CVE-2021-45220 @@ -3967,20 +3973,20 @@ CVE-2021-44996 RESERVED CVE-2021-44995 RESERVED -CVE-2021-44994 - RESERVED -CVE-2021-44993 - RESERVED -CVE-2021-44992 - RESERVED +CVE-2021-44994 (There is an Assertion ''JERRY_CONTEXT (jmem_heap_allocated_size) == 0' ...) + TODO: check +CVE-2021-44993 (There is an Assertion ''ecma_is_value_boolean (base_value)'' failed at ...) + TODO: check +CVE-2021-44992 (There is an Assertion ''ecma_object_is_typedarray (obj_p)'' failed at ...) + TODO: check CVE-2021-44991 RESERVED CVE-2021-44990 RESERVED CVE-2021-44989 RESERVED -CVE-2021-44988 - RESERVED +CVE-2021-44988 (Jerryscript v3.0.0 and below was discovered to contain a stack overflo ...) + TODO: check CVE-2021-44987 RESERVED CVE-2021-44986 @@ -7647,10 +7653,10 @@ CVE-2021-43591 RESERVED CVE-2021-43590 RESERVED -CVE-2021-43589 - RESERVED -CVE-2021-43588 - RESERVED +CVE-2021-43589 (Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions prior ...) + TODO: check +CVE-2021-43588 (Dell EMC Data Protection Central version 19.5 contains an Improper Inp ...) + TODO: check CVE-2021-43587 (Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, ...) NOT-FOR-US: Dell CVE-2021-43586 @@ -8267,8 +8273,8 @@ CVE-2021-43397 (LiquidFiles before 3.6.3 allows remote attackers to elevate thei NOT-FOR-US: LiquidFiles CVE-2021-43395 RESERVED -CVE-2021-43394 - RESERVED +CVE-2021-43394 (Unisys OS 2200 Messaging Integration Services (NTSI) 7R3B IC3 and IC4, ...) + TODO: check CVE-2021-43393 RESERVED CVE-2021-43392 @@ -25268,8 +25274,8 @@ CVE-2021-3639 [Prevent redirect to URLs that begin with '///'] NOTE: https://github.com/latchset/mod_auth_mellon/commit/42a11261b9dad2e48d70bdff7c53dd57a12db6f5 CVE-2021-36350 (Dell PowerScale OneFS, versions 8.2.2-9.3.0.x, contain an authenticati ...) NOT-FOR-US: Dell -CVE-2021-36349 - RESERVED +CVE-2021-36349 (Dell EMC Data Protection Central versions 19.5 and prior contain a Ser ...) + TODO: check CVE-2021-36348 RESERVED CVE-2021-36347 @@ -25280,10 +25286,10 @@ CVE-2021-36345 RESERVED CVE-2021-36344 RESERVED -CVE-2021-36343 - RESERVED -CVE-2021-36342 - RESERVED +CVE-2021-36343 (Dell BIOS contains an improper input validation vulnerability. A local ...) + TODO: check +CVE-2021-36342 (Dell BIOS contains an improper input validation vulnerability. A local ...) + TODO: check CVE-2021-36341 (Dell Wyse Device Agent version 14.5.4.1 and below contain a sensitive ...) NOT-FOR-US: Dell CVE-2021-36340 (Dell EMC SCG 5.00.00.10 and earlier, contain a sensitive information d ...) diff --git a/data/CVE/list.2022 b/data/CVE/list.2022 index 3742ae6661..aeb50ab5ba 100644 --- a/data/CVE/list.2022 +++ b/data/CVE/list.2022 @@ -1,3 +1,59 @@ +CVE-2022-23941 + RESERVED +CVE-2022-23940 + RESERVED +CVE-2022-23939 + RESERVED +CVE-2022-23938 + RESERVED +CVE-2022-23937 + RESERVED +CVE-2022-23936 + RESERVED +CVE-2022-23935 (lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ / ...) + TODO: check +CVE-2022-23934 + RESERVED +CVE-2022-23933 + RESERVED +CVE-2022-23932 + RESERVED +CVE-2022-23931 + RESERVED +CVE-2022-23930 + RESERVED +CVE-2022-23929 + RESERVED +CVE-2022-23928 + RESERVED +CVE-2022-23927 + RESERVED +CVE-2022-23926 + RESERVED +CVE-2022-23925 + RESERVED +CVE-2022-23924 + RESERVED +CVE-2022-23919 + RESERVED +CVE-2022-23918 + RESERVED +CVE-2022-23399 + RESERVED +CVE-2022-22144 + RESERVED +CVE-2022-22140 + RESERVED +CVE-2022-21201 + RESERVED +CVE-2022-21178 + RESERVED +CVE-2022-0355 + RESERVED +CVE-2022-0354 + RESERVED +CVE-2022-0353 + RESERVED CVE-2022-23913 RESERVED CVE-2022-23912 @@ -2408,8 +2464,8 @@ CVE-2022-0179 (snipe-it is vulnerable to Improper Access Control ...) NOT-FOR-US: snipe-it CVE-2022-0178 (snipe-it is vulnerable to Improper Access Control ...) NOT-FOR-US: snipe-it -CVE-2022-0177 - RESERVED +CVE-2022-0177 (Cross-site Scripting (XSS) - DOM in GitHub repository mrdoob/three.js ...) + TODO: check CVE-2022-22983 RESERVED CVE-2022-22982 @@ -3557,8 +3613,8 @@ CVE-2022-22556 RESERVED CVE-2022-22555 RESERVED -CVE-2022-22554 - RESERVED +CVE-2022-22554 (Dell EMC System Update, version 1.9.2 and prior, contain an Unprotecte ...) + TODO: check CVE-2022-22553 (Dell EMC AppSync versions 3.9 to 4.3 contain an Improper Restriction o ...) NOT-FOR-US: EMC CVE-2022-22552 (Dell EMC AppSync versions 3.9 to 4.3 contain a clickjacking vulnerabil ...) @@ -5570,18 +5626,18 @@ CVE-2022-21717 RESERVED CVE-2022-21716 RESERVED -CVE-2022-21715 - RESERVED +CVE-2022-21715 (CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web fr ...) + TODO: check CVE-2022-21714 RESERVED CVE-2022-21713 RESERVED CVE-2022-21712 RESERVED -CVE-2022-21711 - RESERVED -CVE-2022-21710 - RESERVED +CVE-2022-21711 (elfspirit is an ELF static analysis and injection framework that parse ...) + TODO: check +CVE-2022-21710 (ShortDescription is a MediaWiki extension that provides local short de ...) + TODO: check CVE-2022-21709 RESERVED CVE-2022-21708 (graphql-go is a GraphQL server with a focus on ease of use. In version ...) |