From 50abc733ec3f8470a47509bce04da89ea7eb8cef Mon Sep 17 00:00:00 2001 From: security tracker role Date: Sat, 24 Sep 2022 08:10:16 +0000 Subject: automatic update --- data/CVE/list | 84 ++++++++++++++++++++++++++++++++--------------------------- 1 file changed, 45 insertions(+), 39 deletions(-) (limited to 'data/CVE/list') diff --git a/data/CVE/list b/data/CVE/list index 2487401749..41ec8e5e7a 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,9 @@ +CVE-2022-3294 + RESERVED +CVE-2022-3293 + RESERVED +CVE-2022-3292 + RESERVED CVE-2022-41336 RESERVED CVE-2022-41335 @@ -60,8 +66,8 @@ CVE-2022-3280 RESERVED CVE-2022-3279 RESERVED -CVE-2022-3278 - RESERVED +CVE-2022-3278 (NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.055 ...) + TODO: check CVE-2022-3277 [unrestricted creation of security groups] RESERVED - neutron @@ -1600,15 +1606,15 @@ CVE-2022-40673 (KDiskMark before 3.1.0 lacks authorization checking for D-Bus me CVE-2022-40670 RESERVED CVE-2022-40669 - RESERVED + REJECTED CVE-2022-40668 - RESERVED + REJECTED CVE-2022-40667 - RESERVED + REJECTED CVE-2022-40666 - RESERVED + REJECTED CVE-2022-40665 - RESERVED + REJECTED CVE-2022-40664 RESERVED CVE-2022-40663 (This vulnerability allows remote attackers to execute arbitrary code o ...) @@ -2934,26 +2940,26 @@ CVE-2022-40124 RESERVED CVE-2022-40123 RESERVED -CVE-2022-40122 - RESERVED -CVE-2022-40121 - RESERVED -CVE-2022-40120 - RESERVED -CVE-2022-40119 - RESERVED -CVE-2022-40118 - RESERVED -CVE-2022-40117 - RESERVED -CVE-2022-40116 - RESERVED -CVE-2022-40115 - RESERVED -CVE-2022-40114 - RESERVED -CVE-2022-40113 - RESERVED +CVE-2022-40122 (Online Banking System v1.0 was discovered to contain a SQL injection v ...) + TODO: check +CVE-2022-40121 (Online Banking System v1.0 was discovered to contain a SQL injection v ...) + TODO: check +CVE-2022-40120 (Online Banking System v1.0 was discovered to contain a SQL injection v ...) + TODO: check +CVE-2022-40119 (Online Banking System v1.0 was discovered to contain a SQL injection v ...) + TODO: check +CVE-2022-40118 (Online Banking System v1.0 was discovered to contain a SQL injection v ...) + TODO: check +CVE-2022-40117 (Online Banking System v1.0 was discovered to contain a SQL injection v ...) + TODO: check +CVE-2022-40116 (Online Banking System v1.0 was discovered to contain a SQL injection v ...) + TODO: check +CVE-2022-40115 (Online Banking System v1.0 was discovered to contain a SQL injection v ...) + TODO: check +CVE-2022-40114 (Online Banking System v1.0 was discovered to contain a SQL injection v ...) + TODO: check +CVE-2022-40113 (Online Banking System v1.0 was discovered to contain a SQL injection v ...) + TODO: check CVE-2022-40112 (TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable ...) NOT-FOR-US: TOTOLINK CVE-2022-40111 (In TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 in the sha ...) @@ -4805,12 +4811,12 @@ CVE-2022-39244 RESERVED CVE-2022-39243 RESERVED -CVE-2022-39242 - RESERVED +CVE-2022-39242 (Frontier is an Ethereum compatibility layer for Substrate. Prior to co ...) + TODO: check CVE-2022-39241 RESERVED -CVE-2022-39240 - RESERVED +CVE-2022-39240 (MyGraph is a permission management system. Versions prior to 1.0.4 are ...) + TODO: check CVE-2022-39239 (netlify-ipx is an on-Demand image optimization for Netlify using ipx. ...) TODO: check CVE-2022-39238 (Arvados is an open source platform for managing and analyzing biomedic ...) @@ -13610,8 +13616,8 @@ CVE-2022-36027 (TensorFlow is an open source platform for machine learning. When - tensorflow (bug #804612) CVE-2022-36026 (TensorFlow is an open source platform for machine learning. If `Quanti ...) - tensorflow (bug #804612) -CVE-2022-36025 - RESERVED +CVE-2022-36025 (Besu is a Java-based Ethereum client. In versions newer than 22.1.3 an ...) + TODO: check CVE-2022-36024 (py-cord is a an API wrapper for Discord written in Python. Bots creati ...) NOT-FOR-US: py-cord CVE-2022-36023 (Hyperledger Fabric is an enterprise-grade permissioned distributed led ...) @@ -50198,14 +50204,14 @@ CVE-2022-23466 RESERVED CVE-2022-23465 RESERVED -CVE-2022-23464 - RESERVED -CVE-2022-23463 - RESERVED +CVE-2022-23464 (Nepxion Discovery is a solution for Spring Cloud. Discovery is vulnera ...) + TODO: check +CVE-2022-23463 (Nepxion Discovery is a solution for Spring Cloud. Discover is vulnerab ...) + TODO: check CVE-2022-23462 RESERVED -CVE-2022-23461 - RESERVED +CVE-2022-23461 (Jodit Editor is a WYSIWYG editor written in pure TypeScript without th ...) + TODO: check CVE-2022-23460 (Jsonxx or Json++ is a JSON parser, writer and reader written in C++. I ...) TODO: check - numerous jsonxx repositories exist on github NOTE: https://github.com/advisories/GHSA-h8mv-q3c4-8hw2 -- cgit v1.2.3