summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorsecurity tracker role <sectracker@soriano.debian.org>2022-02-22 08:10:23 +0000
committersecurity tracker role <sectracker@soriano.debian.org>2022-02-22 08:10:23 +0000
commit241196660357db5d8c585a79e6ba03f61bac302c (patch)
treec23ecf676eaa487720324c7190d74e4eaabc06d8
parent23ed5cc89dadf7161a60fbe8df7f1fb6ae8cf45c (diff)
automatic update
-rw-r--r--data/CVE/2021.list39
-rw-r--r--data/CVE/2022.list81
2 files changed, 89 insertions, 31 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index dc9df2ac56..795cacc715 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -4324,8 +4324,7 @@ CVE-2021-4117 (yetiforcecrm is vulnerable to Business Logic Errors ...)
NOT-FOR-US: yetiforcecrm
CVE-2021-4116 (yetiforcecrm is vulnerable to Improper Neutralization of Input During ...)
NOT-FOR-US: yetiforcecrm
-CVE-2021-4115 [file descriptor leak allows an unprivileged user to cause a crash]
- RESERVED
+CVE-2021-4115 (There is a flaw in polkit which can allow an unprivileged user to caus ...)
[experimental] - policykit-1 0.120-6
- policykit-1 0.105-32 (bug #1005784)
[bullseye] - policykit-1 <no-dsa> (Minor issue)
@@ -5570,24 +5569,24 @@ CVE-2021-44579
RESERVED
CVE-2021-44578
RESERVED
-CVE-2021-44577
- RESERVED
-CVE-2021-44576
- RESERVED
-CVE-2021-44575
- RESERVED
-CVE-2021-44574
- RESERVED
-CVE-2021-44573
- RESERVED
+CVE-2021-44577 (Two heap-overflow vulnerabilities exist in openSUSE libsolv through 13 ...)
+ TODO: check
+CVE-2021-44576 (Two memory vulnerabilities exists in openSUSE libsolv through 13 Dec 2 ...)
+ TODO: check
+CVE-2021-44575 (Two heap-overflow vulnerabilities exists in openSUSE libsolv through 1 ...)
+ TODO: check
+CVE-2021-44574 (A heap-overflow vulnerability exists in openSUSE libsolv through 13 De ...)
+ TODO: check
+CVE-2021-44573 (Two heap overflow vulnerabilities exist in oenSUSE libsolv through 13 ...)
+ TODO: check
CVE-2021-44572
RESERVED
-CVE-2021-44571
- RESERVED
-CVE-2021-44570
- RESERVED
-CVE-2021-44569
- RESERVED
+CVE-2021-44571 (A heap overflow vulnerability exisfts in openSUSE libsolv through 13 D ...)
+ TODO: check
+CVE-2021-44570 (Two heap-overflow vulnerabilities exists in openSUSE/libsolv through 1 ...)
+ TODO: check
+CVE-2021-44569 (A heap-buffer openSUSE libsolv through 13 Dec 2020 exists in the solve ...)
+ TODO: check
CVE-2021-44568 (Two heap-overflow vulnerabilities exist in openSUSE/libsolv libsolv th ...)
- libsolv <unfixed> (unimportant)
NOTE: https://github.com/openSUSE/libsolv/issues/425
@@ -23509,9 +23508,9 @@ CVE-2021-37422 (Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerabl
NOT-FOR-US: Zoho ManageEngine
CVE-2021-37421 (Zoho ManageEngine ADSelfService Plus 6103 and prior is vulnerable to a ...)
NOT-FOR-US: Zoho ManageEngine
-CVE-2021-37420 (ManageEngine ADSelfService Plus before 6112 is vulnerable to mail spoo ...)
+CVE-2021-37420 (Zoho ManageEngine ADSelfService Plus before 6112 is vulnerable to mail ...)
NOT-FOR-US: ManageEngine
-CVE-2021-37419 (ManageEngine ADSelfService Plus before 6112 is vulnerable to SSRF. ...)
+CVE-2021-37419 (Zoho ManageEngine ADSelfService Plus before 6112 is vulnerable to SSRF ...)
NOT-FOR-US: ManageEngine
CVE-2021-37418
REJECTED
diff --git a/data/CVE/2022.list b/data/CVE/2022.list
index dd8f2c9fc6..6ffd890630 100644
--- a/data/CVE/2022.list
+++ b/data/CVE/2022.list
@@ -1,4 +1,64 @@
-CVE-2022-25636 [netfilter: nf_tables_offload: incorrect flow offload action array size]
+CVE-2022-25643
+ RESERVED
+CVE-2022-25642
+ RESERVED
+CVE-2022-25641
+ RESERVED
+CVE-2022-25640
+ RESERVED
+CVE-2022-25639
+ RESERVED
+CVE-2022-25638
+ RESERVED
+CVE-2022-25637
+ RESERVED
+CVE-2022-25635
+ RESERVED
+CVE-2022-25634
+ RESERVED
+CVE-2022-25633
+ RESERVED
+CVE-2022-25632
+ RESERVED
+CVE-2022-25631
+ RESERVED
+CVE-2022-25630
+ RESERVED
+CVE-2022-25629
+ RESERVED
+CVE-2022-25628
+ RESERVED
+CVE-2022-25627
+ RESERVED
+CVE-2022-25626
+ RESERVED
+CVE-2022-25625
+ RESERVED
+CVE-2022-25624
+ RESERVED
+CVE-2022-25623
+ RESERVED
+CVE-2022-25325
+ RESERVED
+CVE-2022-25234
+ RESERVED
+CVE-2022-25230
+ RESERVED
+CVE-2022-21219
+ RESERVED
+CVE-2022-21124
+ RESERVED
+CVE-2022-0717
+ RESERVED
+CVE-2022-0716
+ RESERVED
+CVE-2022-0715
+ RESERVED
+CVE-2022-0714
+ RESERVED
+CVE-2022-0713
+ RESERVED
+CVE-2022-25636 (net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 a ...)
- linux <unfixed>
[buster] - linux <not-affected> (Vulnerable code not present)
[stretch] - linux <not-affected> (Vulnerable code not present)
@@ -540,8 +600,8 @@ CVE-2022-0698
RESERVED
CVE-2022-0697
RESERVED
-CVE-2022-0696
- RESERVED
+CVE-2022-0696 (NULL Pointer Dereference in Conda vim prior to 8.2. ...)
+ TODO: check
CVE-2022-0695
RESERVED
CVE-2022-25371
@@ -704,8 +764,8 @@ CVE-2022-25312
RESERVED
CVE-2022-21132
RESERVED
-CVE-2022-0676
- RESERVED
+CVE-2022-0676 (Heap-based Buffer Overflow in NPM radare2.js prior to 5.6.4. ...)
+ TODO: check
CVE-2022-0675
RESERVED
CVE-2022-25315 (In Expat (aka libexpat) before 2.4.5, there is an integer overflow in ...)
@@ -2290,8 +2350,7 @@ CVE-2022-23922
RESERVED
CVE-2022-23104
RESERVED
-CVE-2022-0563 [partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline]
- RESERVED
+CVE-2022-0563 (A flaw was found in the util-linux chfn and chsh utilities when compil ...)
- util-linux <unfixed> (unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2053151
NOTE: https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u
@@ -2731,8 +2790,8 @@ CVE-2022-24566
RESERVED
CVE-2022-24565
RESERVED
-CVE-2022-24564
- RESERVED
+CVE-2022-24564 (Checkmk &lt;=2.0.0p19 contains a Cross Site Scripting (XSS) vulnerabil ...)
+ TODO: check
CVE-2022-24563
RESERVED
CVE-2022-24562
@@ -9095,8 +9154,8 @@ CVE-2022-22310 (IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.
NOT-FOR-US: IBM
CVE-2022-22309
RESERVED
-CVE-2022-22308
- RESERVED
+CVE-2022-22308 (IBM Planning Analytics 2.0 is vulnerable to a Remote File Include (RFI ...)
+ TODO: check
CVE-2022-22307
RESERVED
CVE-2022-0087 (keystone is vulnerable to Improper Neutralization of Input During Web ...)

© 2014-2024 Faster IT GmbH | imprint | privacy policy