diff options
author | security tracker role <sectracker@soriano.debian.org> | 2021-12-30 08:10:12 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2021-12-30 08:10:12 +0000 |
commit | e26dcef5c8c705caa9ce4739d66a21fa97d179cb (patch) | |
tree | 64962d3c02597981d01bb36839e2c5a62814005c | |
parent | d899d450d9ac22be1c7d117e3b817c8fb9b10087 (diff) |
automatic update
-rw-r--r-- | data/CVE/2018.list | 2 | ||||
-rw-r--r-- | data/CVE/2019.list | 4 | ||||
-rw-r--r-- | data/CVE/2021.list | 19 | ||||
-rw-r--r-- | data/CVE/2022.list | 40 |
4 files changed, 56 insertions, 9 deletions
diff --git a/data/CVE/2018.list b/data/CVE/2018.list index f4aa2b4fd9..0f1b18d972 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -53029,7 +53029,7 @@ CVE-2018-1057 (On a Samba 4 AD DC the LDAP server in all versions of Samba from NOTE: https://www.samba.org/samba/security/CVE-2018-1057.html NOTE: https://wiki.samba.org/index.php/CVE-2018-1057 CVE-2018-1056 (An out-of-bounds heap buffer read flaw was found in the way advancecom ...) - {DLA-1702-1 DLA-1281-1} + {DLA-2868-1 DLA-1702-1 DLA-1281-1} - advancecomp 2.1-1 (bug #889270) NOTE: https://sourceforge.net/p/advancemame/bugs/259/ NOTE: https://github.com/amadvance/advancecomp/commit/7deeafc02b29cc51d51079e66f4f43f986ff9cc5 diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 3de53dfc3c..1ab0ef2066 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -32416,7 +32416,7 @@ CVE-2019-9211 (There is a reachable assertion abort in the function write_long_s NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1683499 NOTE: Crash in CLI tool, no security impact CVE-2019-9210 (In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer ...) - {DLA-1702-1} + {DLA-2868-1 DLA-1702-1} - advancecomp 2.1-2 (low; bug #923416) NOTE: https://sourceforge.net/p/advancemame/bugs/277/ NOTE: Fixed by https://github.com/amadvance/advancecomp/commit/fcf71a89265c78fc26243574dda3a872574a5c02 @@ -34735,6 +34735,7 @@ CVE-2019-8385 (An issue was discovered in Thomson Reuters Desktop Extensions 1.9 CVE-2019-8384 RESERVED CVE-2019-8383 (An issue was discovered in AdvanceCOMP through 2.1. An invalid memory ...) + {DLA-2868-1} - advancecomp 2.1-2.1 (bug #928730) [jessie] - advancecomp <ignored> (Minor issue) NOTE: https://sourceforge.net/p/advancemame/bugs/272/ @@ -34748,6 +34749,7 @@ CVE-2019-8381 (An issue was discovered in Tcpreplay 4.3.1. An invalid memory acc CVE-2019-8380 (An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereferenc ...) NOT-FOR-US: Bento4 CVE-2019-8379 (An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer der ...) + {DLA-2868-1} - advancecomp 2.1-2.1 (bug #928729) [jessie] - advancecomp <ignored> (Minor issue) NOTE: https://sourceforge.net/p/advancemame/bugs/271/ diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 7d80a71144..c96c300060 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -1,3 +1,7 @@ +CVE-2021-45919 + RESERVED +CVE-2021-4190 + RESERVED CVE-2021-4189 RESERVED CVE-2021-45918 @@ -10,8 +14,8 @@ CVE-2021-45915 RESERVED CVE-2021-45914 RESERVED -CVE-2021-4188 - RESERVED +CVE-2021-4188 (mruby is vulnerable to NULL Pointer Dereference ...) + TODO: check CVE-2021-45913 RESERVED CVE-2021-45912 @@ -2641,6 +2645,7 @@ CVE-2021-4104 (JMSAppender in Log4j 1.2 is vulnerable to deserialization of untr CVE-2021-4103 RESERVED CVE-2021-44832 (Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fi ...) + {DLA-2870-1} - apache-log4j2 2.17.1-1 (bug #1002813) [bullseye] - apache-log4j2 <no-dsa> (Minor issue; requires attacker with permissions to modify the logging configuration file) [buster] - apache-log4j2 <no-dsa> (Minor issue; requires attacker with permissions to modify the logging configuration file) @@ -4394,7 +4399,7 @@ CVE-2021-44159 (4MOSAn GCB Doctor’s file upload function has improper user CVE-2021-44158 RESERVED CVE-2021-4011 (A flaw was found in xorg-x11-server in versions before 21.1.2 and befo ...) - {DSA-5027-1} + {DSA-5027-1 DLA-2869-1} - xorg-server 2:1.20.13-3 - xwayland 2:21.1.4-1 NOTE: https://lists.x.org/archives/xorg-announce/2021-December/003122.html @@ -4407,13 +4412,13 @@ CVE-2021-4010 (A flaw was found in xorg-x11-server in versions before 21.1.2 and NOTE: https://lists.x.org/archives/xorg-announce/2021-December/003122.html NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/6c4c53010772e3cb4cb8acd54950c8eec9c00d21 CVE-2021-4009 (A flaw was found in xorg-x11-server in versions before 21.1.2 and befo ...) - {DSA-5027-1} + {DSA-5027-1 DLA-2869-1} - xorg-server 2:1.20.13-3 - xwayland 2:21.1.4-1 NOTE: https://lists.x.org/archives/xorg-announce/2021-December/003122.html NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/b5196750099ae6ae582e1f46bd0a6dad29550e02 CVE-2021-4008 (A flaw was found in xorg-x11-server in versions before 21.1.2 and befo ...) - {DSA-5027-1} + {DSA-5027-1 DLA-2869-1} - xorg-server 2:1.20.13-3 - xwayland 2:21.1.4-1 NOTE: https://lists.x.org/archives/xorg-announce/2021-December/003122.html @@ -5123,8 +5128,8 @@ CVE-2021-43878 RESERVED CVE-2021-43877 (ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability ...) NOT-FOR-US: .NET core -CVE-2021-43876 - RESERVED +CVE-2021-43876 (Microsoft SharePoint Elevation of Privilege Vulnerability. ...) + TODO: check CVE-2021-43875 (Microsoft Office Graphics Remote Code Execution Vulnerability ...) NOT-FOR-US: Microsoft CVE-2021-43874 diff --git a/data/CVE/2022.list b/data/CVE/2022.list index bdd6f1ad11..382fe3309b 100644 --- a/data/CVE/2022.list +++ b/data/CVE/2022.list @@ -1,3 +1,43 @@ +CVE-2022-22282 + RESERVED +CVE-2022-22281 + RESERVED +CVE-2022-22280 + RESERVED +CVE-2022-22279 + RESERVED +CVE-2022-22278 + RESERVED +CVE-2022-22277 + RESERVED +CVE-2022-22276 + RESERVED +CVE-2022-22275 + RESERVED +CVE-2022-22274 + RESERVED +CVE-2022-22273 + RESERVED +CVE-2022-22272 + RESERVED +CVE-2022-22271 + RESERVED +CVE-2022-22270 + RESERVED +CVE-2022-22269 + RESERVED +CVE-2022-22268 + RESERVED +CVE-2022-22267 + RESERVED +CVE-2022-22266 + RESERVED +CVE-2022-22265 + RESERVED +CVE-2022-22264 + RESERVED +CVE-2022-22263 + RESERVED CVE-2022-22262 RESERVED CVE-2022-0077 |