summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorsecurity tracker role <sectracker@soriano.debian.org>2022-01-27 08:10:17 +0000
committersecurity tracker role <sectracker@soriano.debian.org>2022-01-27 08:10:17 +0000
commitf64ee9bc35e77c1c3427712c8c27a7dda449dd5e (patch)
treee1af3c2a0a30bb70e48e228ca0af6864bfe57204
parentc440bfebfb5d343db781609c6b3cacbd078f84a0 (diff)
automatic update
-rw-r--r--data/CVE/list.2021212
-rw-r--r--data/CVE/list.202296
2 files changed, 284 insertions, 24 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index c824f23dd3..85b608f1a1 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -1,3 +1,193 @@
+CVE-2021-46656
+ RESERVED
+CVE-2021-46655
+ RESERVED
+CVE-2021-46654
+ RESERVED
+CVE-2021-46653
+ RESERVED
+CVE-2021-46652
+ RESERVED
+CVE-2021-46651
+ RESERVED
+CVE-2021-46650
+ RESERVED
+CVE-2021-46649
+ RESERVED
+CVE-2021-46648
+ RESERVED
+CVE-2021-46647
+ RESERVED
+CVE-2021-46646
+ RESERVED
+CVE-2021-46645
+ RESERVED
+CVE-2021-46644
+ RESERVED
+CVE-2021-46643
+ RESERVED
+CVE-2021-46642
+ RESERVED
+CVE-2021-46641
+ RESERVED
+CVE-2021-46640
+ RESERVED
+CVE-2021-46639
+ RESERVED
+CVE-2021-46638
+ RESERVED
+CVE-2021-46637
+ RESERVED
+CVE-2021-46636
+ RESERVED
+CVE-2021-46635
+ RESERVED
+CVE-2021-46634
+ RESERVED
+CVE-2021-46633
+ RESERVED
+CVE-2021-46632
+ RESERVED
+CVE-2021-46631
+ RESERVED
+CVE-2021-46630
+ RESERVED
+CVE-2021-46629
+ RESERVED
+CVE-2021-46628
+ RESERVED
+CVE-2021-46627
+ RESERVED
+CVE-2021-46626
+ RESERVED
+CVE-2021-46625
+ RESERVED
+CVE-2021-46624
+ RESERVED
+CVE-2021-46623
+ RESERVED
+CVE-2021-46622
+ RESERVED
+CVE-2021-46621
+ RESERVED
+CVE-2021-46620
+ RESERVED
+CVE-2021-46619
+ RESERVED
+CVE-2021-46618
+ RESERVED
+CVE-2021-46617
+ RESERVED
+CVE-2021-46616
+ RESERVED
+CVE-2021-46615
+ RESERVED
+CVE-2021-46614
+ RESERVED
+CVE-2021-46613
+ RESERVED
+CVE-2021-46612
+ RESERVED
+CVE-2021-46611
+ RESERVED
+CVE-2021-46610
+ RESERVED
+CVE-2021-46609
+ RESERVED
+CVE-2021-46608
+ RESERVED
+CVE-2021-46607
+ RESERVED
+CVE-2021-46606
+ RESERVED
+CVE-2021-46605
+ RESERVED
+CVE-2021-46604
+ RESERVED
+CVE-2021-46603
+ RESERVED
+CVE-2021-46602
+ RESERVED
+CVE-2021-46601
+ RESERVED
+CVE-2021-46600
+ RESERVED
+CVE-2021-46599
+ RESERVED
+CVE-2021-46598
+ RESERVED
+CVE-2021-46597
+ RESERVED
+CVE-2021-46596
+ RESERVED
+CVE-2021-46595
+ RESERVED
+CVE-2021-46594
+ RESERVED
+CVE-2021-46593
+ RESERVED
+CVE-2021-46592
+ RESERVED
+CVE-2021-46591
+ RESERVED
+CVE-2021-46590
+ RESERVED
+CVE-2021-46589
+ RESERVED
+CVE-2021-46588
+ RESERVED
+CVE-2021-46587
+ RESERVED
+CVE-2021-46586
+ RESERVED
+CVE-2021-46585
+ RESERVED
+CVE-2021-46584
+ RESERVED
+CVE-2021-46583
+ RESERVED
+CVE-2021-46582
+ RESERVED
+CVE-2021-46581
+ RESERVED
+CVE-2021-46580
+ RESERVED
+CVE-2021-46579
+ RESERVED
+CVE-2021-46578
+ RESERVED
+CVE-2021-46577
+ RESERVED
+CVE-2021-46576
+ RESERVED
+CVE-2021-46575
+ RESERVED
+CVE-2021-46574
+ RESERVED
+CVE-2021-46573
+ RESERVED
+CVE-2021-46572
+ RESERVED
+CVE-2021-46571
+ RESERVED
+CVE-2021-46570
+ RESERVED
+CVE-2021-46569
+ RESERVED
+CVE-2021-46568
+ RESERVED
+CVE-2021-46567
+ RESERVED
+CVE-2021-46566
+ RESERVED
+CVE-2021-46565
+ RESERVED
+CVE-2021-46564
+ RESERVED
+CVE-2021-46563
+ RESERVED
+CVE-2021-46562
+ RESERVED
CVE-2021-46561 (controller/org.controller/org.controller.js in the CVE Services API 1. ...)
NOT-FOR-US: controller/org.controller/org.controller.js in the CVE Services API
CVE-2021-46560 (The firmware on Moxa TN-5900 devices through 3.1 allows command inject ...)
@@ -1490,7 +1680,7 @@ CVE-2021-45943 (GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCI
NOTE: Backport to 3.4: https://github.com/OSGeo/gdal/pull/4947
NOTE: https://github.com/OSGeo/gdal/commit/9b2bcbc47d1649adc0ab65b801f96f56156cf017 (v3.4.1RC1)
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gdal/OSV-2021-1651.yaml
-CVE-2021-45942 (OpenEXR 3.1.0 through 3.1.3 has a heap-based buffer overflow in Imf_3_ ...)
+CVE-2021-45942 (OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1 ...)
- openexr <unfixed>
[buster] - openexr <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41416
@@ -13573,8 +13763,8 @@ CVE-2021-41168 (Snudown is a reddit-specific fork of the Sundown Markdown parser
NOT-FOR-US: Snudown
CVE-2021-41167 (modern-async is an open source JavaScript tooling library for asynchro ...)
NOT-FOR-US: modern-async
-CVE-2021-41166
- RESERVED
+CVE-2021-41166 (The Nextcloud Android app is the Android client for Nextcloud, a self- ...)
+ TODO: check
CVE-2021-41165 (CKEditor4 is an open source WYSIWYG HTML editor. In affected version a ...)
- ckeditor <unfixed> (bug #999909)
[bullseye] - ckeditor <no-dsa> (Minor issue)
@@ -33479,8 +33669,8 @@ CVE-2021-32851
RESERVED
CVE-2021-32850
RESERVED
-CVE-2021-32849
- RESERVED
+CVE-2021-32849 (Gerapy is a distributed crawler management framework. Prior to version ...)
+ TODO: check
CVE-2021-32848
RESERVED
CVE-2021-32847
@@ -33493,12 +33683,12 @@ CVE-2021-32844
RESERVED
CVE-2021-32843
RESERVED
-CVE-2021-32842
- RESERVED
-CVE-2021-32841
- RESERVED
-CVE-2021-32840
- RESERVED
+CVE-2021-32842 (SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Starti ...)
+ TODO: check
+CVE-2021-32841 (SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Starti ...)
+ TODO: check
+CVE-2021-32840 (SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Prior ...)
+ TODO: check
CVE-2021-32839 (sqlparse is a non-validating SQL parser module for Python. In sqlparse ...)
- sqlparse 0.4.2-1 (bug #994841)
[bullseye] - sqlparse <no-dsa> (Minor issue)
diff --git a/data/CVE/list.2022 b/data/CVE/list.2022
index 5ff812ee74..4be70b98ee 100644
--- a/data/CVE/list.2022
+++ b/data/CVE/list.2022
@@ -1,3 +1,73 @@
+CVE-2022-24035
+ RESERVED
+CVE-2022-24034
+ RESERVED
+CVE-2022-24033
+ RESERVED
+CVE-2022-24032
+ RESERVED
+CVE-2022-24031
+ RESERVED
+CVE-2022-24030
+ RESERVED
+CVE-2022-24029
+ RESERVED
+CVE-2022-24028
+ RESERVED
+CVE-2022-24027
+ RESERVED
+CVE-2022-24026
+ RESERVED
+CVE-2022-24025
+ RESERVED
+CVE-2022-24024
+ RESERVED
+CVE-2022-24023
+ RESERVED
+CVE-2022-24022
+ RESERVED
+CVE-2022-24021
+ RESERVED
+CVE-2022-24020
+ RESERVED
+CVE-2022-24019
+ RESERVED
+CVE-2022-24018
+ RESERVED
+CVE-2022-24017
+ RESERVED
+CVE-2022-24016
+ RESERVED
+CVE-2022-24015
+ RESERVED
+CVE-2022-24014
+ RESERVED
+CVE-2022-24013
+ RESERVED
+CVE-2022-24012
+ RESERVED
+CVE-2022-24011
+ RESERVED
+CVE-2022-24010
+ RESERVED
+CVE-2022-24009
+ RESERVED
+CVE-2022-24008
+ RESERVED
+CVE-2022-24007
+ RESERVED
+CVE-2022-24006
+ RESERVED
+CVE-2022-24005
+ RESERVED
+CVE-2022-0387 (Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat ...)
+ TODO: check
+CVE-2022-0386
+ RESERVED
+CVE-2022-0385
+ RESERVED
+CVE-2022-0384
+ RESERVED
CVE-2022-24004
RESERVED
CVE-2022-24003
@@ -93,10 +163,10 @@ CVE-2022-23970
RESERVED
CVE-2022-23969
RESERVED
-CVE-2022-23968 (Xerox VersaLink devices through 2022-01-24 allow remote attackers to b ...)
+CVE-2022-23968 (Xerox VersaLink devices on specific versions of firmware before 2022-0 ...)
NOT-FOR-US: Xerox
-CVE-2022-23967
- RESERVED
+CVE-2022-23967 (In TightVNC 1.3.10, there is an integer signedness error and resultant ...)
+ TODO: check
CVE-2022-23966
RESERVED
CVE-2022-23965
@@ -141,8 +211,8 @@ CVE-2022-23948
RESERVED
CVE-2022-0371
RESERVED
-CVE-2022-0370
- RESERVED
+CVE-2022-0370 (Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat ...)
+ TODO: check
CVE-2022-0369
RESERVED
CVE-2022-23947
@@ -3094,8 +3164,8 @@ CVE-2022-22830
RESERVED
CVE-2022-22829
RESERVED
-CVE-2022-22828
- RESERVED
+CVE-2022-22828 (An insecure direct object reference for the file-download URL in Synam ...)
+ TODO: check
CVE-2022-0156 (vim is vulnerable to Use After Free ...)
- vim <unfixed>
[bullseye] - vim <no-dsa> (Minor issue)
@@ -5854,10 +5924,10 @@ CVE-2022-21725
RESERVED
CVE-2022-21724
RESERVED
-CVE-2022-21723
- RESERVED
-CVE-2022-21722
- RESERVED
+CVE-2022-21723 (PJSIP is a free and open source multimedia communication library writt ...)
+ TODO: check
+CVE-2022-21722 (PJSIP is a free and open source multimedia communication library writt ...)
+ TODO: check
CVE-2022-21721
RESERVED
CVE-2022-21720
@@ -5943,8 +6013,8 @@ CVE-2022-21688 (OnionShare is an open source tool that lets you securely and ano
NOTE: https://github.com/onionshare/onionshare/security/advisories/GHSA-x7wr-283h-5h2v
CVE-2022-21687
RESERVED
-CVE-2022-21686
- RESERVED
+CVE-2022-21686 (PrestaShop is an Open Source e-commerce platform. Starting with versio ...)
+ TODO: check
CVE-2022-21685 (Frontier is Substrate's Ethereum compatibility layer. Prior to commit ...)
TODO: check
CVE-2022-21684 (Discourse is an open source discussion platform. Versions prior to 2.7 ...)

© 2014-2024 Faster IT GmbH | imprint | privacy policy