diff options
author | security tracker role <sectracker@soriano.debian.org> | 2022-02-16 20:10:23 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2022-02-16 20:10:23 +0000 |
commit | ba60c32a49a504ac5418a91e72eab963195253ef (patch) | |
tree | 3926db2eedd52c5416e5fbcd20617650dbe69e5f /data/CVE/2022.list | |
parent | db79df2e3edb33a8d9972ddf8c2c82a72389a569 (diff) |
automatic update
Diffstat (limited to 'data/CVE/2022.list')
-rw-r--r-- | data/CVE/2022.list | 213 |
1 files changed, 147 insertions, 66 deletions
diff --git a/data/CVE/2022.list b/data/CVE/2022.list index 180564c1b4..17a3013011 100644 --- a/data/CVE/2022.list +++ b/data/CVE/2022.list @@ -1,3 +1,85 @@ +CVE-2022-25257 + RESERVED +CVE-2022-25256 + RESERVED +CVE-2022-25255 (In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux ...) + TODO: check +CVE-2022-25254 + RESERVED +CVE-2022-25253 + RESERVED +CVE-2022-25252 + RESERVED +CVE-2022-25251 + RESERVED +CVE-2022-25250 + RESERVED +CVE-2022-25249 + RESERVED +CVE-2022-25248 + RESERVED +CVE-2022-25247 + RESERVED +CVE-2022-25246 + RESERVED +CVE-2022-24374 + RESERVED +CVE-2022-23916 + RESERVED +CVE-2022-23810 + RESERVED +CVE-2022-21142 + RESERVED +CVE-2022-0648 + RESERVED +CVE-2022-0647 + RESERVED +CVE-2022-0646 + RESERVED +CVE-2022-0645 + RESERVED +CVE-2022-0644 + RESERVED +CVE-2022-0643 + RESERVED +CVE-2022-0642 + RESERVED +CVE-2022-0641 + RESERVED +CVE-2022-0640 + RESERVED +CVE-2022-0639 + RESERVED +CVE-2022-0638 + RESERVED +CVE-2022-0637 + RESERVED +CVE-2022-0636 + RESERVED +CVE-2022-0635 + RESERVED +CVE-2022-0634 + RESERVED +CVE-2022-0633 + RESERVED +CVE-2022-0632 + RESERVED +CVE-2022-0631 + RESERVED +CVE-2022-0630 + RESERVED +CVE-2022-0629 + RESERVED +CVE-2022-0628 + RESERVED +CVE-2022-0627 + RESERVED +CVE-2022-0626 + RESERVED +CVE-2022-0625 + RESERVED +CVE-2022-0624 + RESERVED CVE-2022-XXXX [Improper input validation - SA-CORE-2022-003] - drupal7 <removed> [stretch] - drupal7 7.52-2+deb9u18 @@ -97,8 +179,7 @@ CVE-2022-21159 RESERVED CVE-2022-0618 RESERVED -CVE-2022-0617 [Null pointer dereference can be triggered when write to an ICB inode] - RESERVED +CVE-2022-0617 (A flaw null pointer dereference in the Linux kernel UDF file system fu ...) - linux 5.16.7-1 NOTE: https://git.kernel.org/linus/7fc3b7c2981bbd1047916ade327beccb90994eee NOTE: https://git.kernel.org/linus/ea8569194b43f0f01f0a84c689388542c7254a1f @@ -106,10 +187,10 @@ CVE-2022-0616 RESERVED CVE-2022-0615 RESERVED -CVE-2022-0614 - RESERVED -CVE-2022-0613 - RESERVED +CVE-2022-0614 (Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2. ...) + TODO: check +CVE-2022-0613 (Authorization Bypass Through User-Controlled Key in NPM urijs prior to ...) + TODO: check CVE-2022-25212 (A cross-site request forgery (CSRF) vulnerability in Jenkins SWAMP Plu ...) NOT-FOR-US: Jenkins plugin CVE-2022-25211 (A missing permission check in Jenkins SWAMP Plugin 1.2.6 and earlier a ...) @@ -1304,8 +1385,8 @@ CVE-2022-0561 (Null source pointer passed as an argument to memcpy() function wi NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef CVE-2022-0560 (Open Redirect in Packagist microweber/microweber prior to 1.2.11. ...) NOT-FOR-US: microweber -CVE-2022-0559 - RESERVED +CVE-2022-0559 (Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2. ...) + TODO: check CVE-2022-0558 (Cross-site Scripting (XSS) - Stored in Packagist microweber/microweber ...) NOT-FOR-US: microweber CVE-2022-0557 (OS Command Injection in Packagist microweber/microweber prior to 1.2.1 ...) @@ -1511,12 +1592,12 @@ CVE-2022-0516 [KVM: s390: Return error on SIDA memop on normal guest] [stretch] - linux <not-affected> (Vulnerable code not present) NOTE: Fixed by: https://git.kernel.org/linus/2c212e1baedcd782b2535a3f86bc491977677c0e NOTE: https://www.openwall.com/lists/oss-security/2022/02/11/2 -CVE-2022-24665 - RESERVED -CVE-2022-24664 - RESERVED -CVE-2022-24663 - RESERVED +CVE-2022-24665 (PHP Everywhere <= 2.0.3 included functionality that allowed executi ...) + TODO: check +CVE-2022-24664 (PHP Everywhere <= 2.0.3 included functionality that allowed executi ...) + TODO: check +CVE-2022-24663 (PHP Everywhere <= 2.0.3 included functionality that allowed executi ...) + TODO: check CVE-2022-24662 RESERVED CVE-2022-24661 @@ -2016,8 +2097,8 @@ CVE-2022-0515 RESERVED CVE-2022-0514 RESERVED -CVE-2022-0513 - RESERVED +CVE-2022-0513 (The WP Statistics WordPress plugin is vulnerable to SQL Injection due ...) + TODO: check CVE-2022-0512 (Authorization Bypass Through User-Controlled Key in NPM url-parse prio ...) TODO: check CVE-2022-0511 @@ -3071,8 +3152,8 @@ CVE-2022-24088 RESERVED CVE-2022-24087 RESERVED -CVE-2022-24086 - RESERVED +CVE-2022-24086 (Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earli ...) + TODO: check CVE-2022-24085 RESERVED CVE-2022-24084 @@ -3922,10 +4003,10 @@ CVE-2022-23806 (Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17 NOTE: https://github.com/golang/go/commit/e16331902340c02bdf1831b5508df2307b871ef6 (go1.17.7) CVE-2022-23805 (A security out-of-bounds read information disclosure vulnerability in ...) NOT-FOR-US: Trend Micro -CVE-2022-23804 - RESERVED -CVE-2022-23803 - RESERVED +CVE-2022-23804 (A stack-based buffer overflow vulnerability exists in the Gerber Viewe ...) + TODO: check +CVE-2022-23803 (A stack-based buffer overflow vulnerability exists in the Gerber Viewe ...) + TODO: check CVE-2022-23802 RESERVED CVE-2022-23801 @@ -4302,8 +4383,8 @@ CVE-2022-23646 RESERVED CVE-2022-23645 RESERVED -CVE-2022-23644 - RESERVED +CVE-2022-23644 (BookWyrm is a decentralized social network for tracking reading habits ...) + TODO: check CVE-2022-23643 (Sourcegraph is a code search and navigation engine. Sourcegraph versio ...) TODO: check CVE-2022-23642 @@ -5063,8 +5144,8 @@ CVE-2022-23360 RESERVED CVE-2022-23359 RESERVED -CVE-2022-23358 - RESERVED +CVE-2022-23358 (EasyCMS v1.6 allows for SQL injection via ArticlemAction.class.php. In ...) + TODO: check CVE-2022-23357 (mozilo2.0 was discovered to be vulnerable to directory traversal attac ...) TODO: check CVE-2022-23356 @@ -5572,44 +5653,44 @@ CVE-2022-23206 (In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, a NOT-FOR-US: Apache Traffic Control CVE-2022-23205 RESERVED -CVE-2022-23204 - RESERVED -CVE-2022-23203 - RESERVED -CVE-2022-23202 - RESERVED +CVE-2022-23204 (Adobe Premiere Rush versions 2.0 and earlier are affected by an out-of ...) + TODO: check +CVE-2022-23203 (Adobe Photoshop versions 22.5.4 (and earlier) and 23.1 (and earlier) a ...) + TODO: check +CVE-2022-23202 (Adobe Creative Cloud Desktop version 2.7.0.13 (and earlier) is affecte ...) + TODO: check CVE-2022-23201 RESERVED -CVE-2022-23200 - RESERVED -CVE-2022-23199 - RESERVED -CVE-2022-23198 - RESERVED -CVE-2022-23197 - RESERVED -CVE-2022-23196 - RESERVED -CVE-2022-23195 - RESERVED -CVE-2022-23194 - RESERVED -CVE-2022-23193 - RESERVED -CVE-2022-23192 - RESERVED -CVE-2022-23191 - RESERVED -CVE-2022-23190 - RESERVED -CVE-2022-23189 - RESERVED -CVE-2022-23188 - RESERVED +CVE-2022-23200 (Adobe After Effects versions 22.1.1 (and earlier) and 18.4.3 (and earl ...) + TODO: check +CVE-2022-23199 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...) + TODO: check +CVE-2022-23198 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...) + TODO: check +CVE-2022-23197 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...) + TODO: check +CVE-2022-23196 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...) + TODO: check +CVE-2022-23195 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...) + TODO: check +CVE-2022-23194 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...) + TODO: check +CVE-2022-23193 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...) + TODO: check +CVE-2022-23192 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...) + TODO: check +CVE-2022-23191 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...) + TODO: check +CVE-2022-23190 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...) + TODO: check +CVE-2022-23189 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...) + TODO: check +CVE-2022-23188 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...) + TODO: check CVE-2022-23187 RESERVED -CVE-2022-23186 - RESERVED +CVE-2022-23186 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...) + TODO: check CVE-2022-23185 RESERVED CVE-2022-23184 (In affected Octopus Server versions when the server HTTP and HTTPS bin ...) @@ -6240,8 +6321,8 @@ CVE-2022-22947 RESERVED CVE-2022-22946 RESERVED -CVE-2022-22945 - RESERVED +CVE-2022-22945 (VMware NSX Edge contains a CLI shell injection vulnerability. A malici ...) + TODO: check CVE-2022-22944 RESERVED CVE-2022-22943 @@ -6457,8 +6538,8 @@ CVE-2022-22855 RESERVED CVE-2022-22854 (An access control issue in hprms/admin/?page=user/list of Hospital Pat ...) NOT-FOR-US: Hospital Patient Record Management System -CVE-2022-22853 - RESERVED +CVE-2022-22853 (A stored cross-site scripting (XSS) vulnerability in Hospital Patient ...) + TODO: check CVE-2022-22852 (A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodt ...) NOT-FOR-US: Sourcecodtester CVE-2022-22851 (A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodt ...) @@ -6692,8 +6773,8 @@ CVE-2022-22794 RESERVED CVE-2022-22793 RESERVED -CVE-2022-22792 - RESERVED +CVE-2022-22792 (MobiSoft - MobiPlus User Take Over and Improper Handling of url Parame ...) + TODO: check CVE-2022-22791 (SYNEL - eharmony Authenticated Blind & Stored XSS. Inject JS code ...) NOT-FOR-US: SYNEL CVE-2022-22790 (SYNEL - eharmony Directory Traversal. Directory Traversal - is an atta ...) |