diff options
| author | security tracker role <sectracker@soriano.debian.org> | 2022-01-17 20:10:21 +0000 |
|---|---|---|
| committer | security tracker role <sectracker@soriano.debian.org> | 2022-01-17 20:10:21 +0000 |
| commit | 6d0ff20dc5100e10c1818ad51b832102eae2f6ed (patch) | |
| tree | b2e943825bc5f88feb313a71aacb6341c9452552 /data/CVE/list.2022 | |
| parent | 2027e6f09deb24e6b4fb63b1c8c8177e4ee2c6d2 (diff) | |
automatic update
Diffstat (limited to 'data/CVE/list.2022')
| -rw-r--r-- | data/CVE/list.2022 | 83 |
1 files changed, 63 insertions, 20 deletions
diff --git a/data/CVE/list.2022 b/data/CVE/list.2022 index 2ec8ecfbdf..7c3a68f239 100644 --- a/data/CVE/list.2022 +++ b/data/CVE/list.2022 @@ -1,3 +1,45 @@ +CVE-2022-23307 + RESERVED +CVE-2022-23306 + RESERVED +CVE-2022-23305 + RESERVED +CVE-2022-0263 + RESERVED +CVE-2022-0262 + RESERVED +CVE-2022-0261 + RESERVED +CVE-2022-0260 + RESERVED +CVE-2022-0259 + RESERVED +CVE-2022-0258 (pimcore is vulnerable to Improper Neutralization of Special Elements u ...) + TODO: check +CVE-2022-0257 (pimcore is vulnerable to Improper Neutralization of Input During Web P ...) + TODO: check +CVE-2022-0256 (pimcore is vulnerable to Improper Neutralization of Input During Web P ...) + TODO: check +CVE-2022-0255 + RESERVED +CVE-2022-0254 + RESERVED +CVE-2022-0253 (livehelperchat is vulnerable to Improper Neutralization of Input Durin ...) + TODO: check +CVE-2022-0252 + RESERVED +CVE-2022-0251 + RESERVED +CVE-2022-0250 + RESERVED +CVE-2022-0249 + RESERVED +CVE-2022-0248 + RESERVED +CVE-2022-0247 + RESERVED +CVE-2022-0246 + RESERVED CVE-2022-23304 (The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplica ...) - wpa 2:2.10-1 NOTE: https://w1.fi/security/2022-1/ @@ -7,6 +49,7 @@ CVE-2022-23303 (The implementations of SAE in hostapd before 2.10 and wpa_suppli NOTE: https://w1.fi/security/2022-1/ NOTE: Issue exists because of an incomplete fix for CVE-2019-9494 CVE-2022-0264 [bpf: Fix kernel address leakage in atomic fetch] + RESERVED - linux 5.15.5-2 [bullseye] - linux <not-affected> (Vulnerable code not present) [buster] - linux <not-affected> (Vulnerable code not present) @@ -24,12 +67,12 @@ CVE-2022-22142 RESERVED CVE-2022-21805 RESERVED -CVE-2022-0242 - RESERVED +CVE-2022-0242 (Unrestricted Upload of File with Dangerous Type in GitHub repository c ...) + TODO: check CVE-2022-0241 RESERVED -CVE-2022-0240 - RESERVED +CVE-2022-0240 (mruby is vulnerable to NULL Pointer Dereference ...) + TODO: check CVE-2022-0239 (corenlp is vulnerable to Improper Restriction of XML External Entity R ...) NOT-FOR-US: corenlp CVE-2022-0238 (phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF) ...) @@ -575,10 +618,10 @@ CVE-2022-0186 RESERVED CVE-2022-0185 RESERVED -CVE-2022-0184 - RESERVED -CVE-2022-0183 - RESERVED +CVE-2022-0184 (Insufficiently protected credentials vulnerability in 'TEPRA' PRO SR59 ...) + TODO: check +CVE-2022-0183 (Missing encryption of sensitive data vulnerability in 'MIRUPASS' PW10 ...) + TODO: check CVE-2022-23101 RESERVED CVE-2022-23100 @@ -819,12 +862,12 @@ CVE-2022-21210 RESERVED CVE-2022-21145 RESERVED -CVE-2022-0182 - RESERVED -CVE-2022-0181 - RESERVED -CVE-2022-0180 - RESERVED +CVE-2022-0182 (Stored cross-site scripting vulnerability in Quiz And Survey Master ve ...) + TODO: check +CVE-2022-0181 (Reflected cross-site scripting vulnerability in Quiz And Survey Master ...) + TODO: check +CVE-2022-0180 (Cross-site request forgery (CSRF) vulnerability in Quiz And Survey Mas ...) + TODO: check CVE-2022-0179 (snipe-it is vulnerable to Improper Access Control ...) NOT-FOR-US: snipe-it CVE-2022-0178 (snipe-it is vulnerable to Improper Access Control ...) @@ -1620,8 +1663,8 @@ CVE-2022-0133 (peertube is vulnerable to Improper Access Control ...) - peertube <itp> (bug #950821) CVE-2022-0132 (peertube is vulnerable to Server-Side Request Forgery (SSRF) ...) - peertube <itp> (bug #950821) -CVE-2022-0131 - RESERVED +CVE-2022-0131 (Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API ...) + TODO: check CVE-2022-22708 RESERVED CVE-2022-22707 (In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded functi ...) @@ -4109,25 +4152,25 @@ CVE-2022-21666 (Useful Simple Open-Source CMS (USOC) is a content management sys CVE-2022-21665 RESERVED CVE-2022-21664 (WordPress is a free and open-source content management system written ...) - {DSA-5039-1} + {DSA-5039-1 DLA-2884-1} - wordpress 5.8.3+dfsg1-1 (bug #1003243) NOTE: https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/ NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-jp3p-gw8h-6x86 NOTE: https://github.com/WordPress/wordpress-develop/commit/c09ccfbc547d75b392dbccc1ef0b4442ccd3c957 CVE-2022-21663 (WordPress is a free and open-source content management system written ...) - {DSA-5039-1} + {DSA-5039-1 DLA-2884-1} - wordpress 5.8.3+dfsg1-1 (bug #1003243) NOTE: https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/ NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-jmmq-m8p8-332h NOTE: https://hackerone.com/reports/541469 CVE-2022-21662 (WordPress is a free and open-source content management system written ...) - {DSA-5039-1} + {DSA-5039-1 DLA-2884-1} - wordpress 5.8.3+dfsg1-1 (bug #1003243) NOTE: https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/ NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-699q-3hj9-889w NOTE: https://hackerone.com/reports/425342 CVE-2022-21661 (WordPress is a free and open-source content management system written ...) - {DSA-5039-1} + {DSA-5039-1 DLA-2884-1} - wordpress 5.8.3+dfsg1-1 (bug #1003243) NOTE: https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/ NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-6676-cqfm-gw84 |