[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Sat, 06 Feb 2021 00:10:34 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f52330d4 by security tracker role at 2021-02-06T08:10:16+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,221 @@
+CVE-2021-26842
+       RESERVED
+CVE-2021-26841
+       RESERVED
+CVE-2021-26840
+       RESERVED
+CVE-2021-26839
+       RESERVED
+CVE-2021-26838
+       RESERVED
+CVE-2021-26837
+       RESERVED
+CVE-2021-26836
+       RESERVED
+CVE-2021-26835
+       RESERVED
+CVE-2021-26834
+       RESERVED
+CVE-2021-26833
+       RESERVED
+CVE-2021-26832
+       RESERVED
+CVE-2021-26831
+       RESERVED
+CVE-2021-26830
+       RESERVED
+CVE-2021-26829
+       RESERVED
+CVE-2021-26828
+       RESERVED
+CVE-2021-26827
+       RESERVED
+CVE-2021-26826
+       RESERVED
+CVE-2021-26825
+       RESERVED
+CVE-2021-26824
+       RESERVED
+CVE-2021-26823
+       RESERVED
+CVE-2021-26822
+       RESERVED
+CVE-2021-26821
+       RESERVED
+CVE-2021-26820
+       RESERVED
+CVE-2021-26819
+       RESERVED
+CVE-2021-26818
+       RESERVED
+CVE-2021-26817
+       RESERVED
+CVE-2021-26816
+       RESERVED
+CVE-2021-26815
+       RESERVED
+CVE-2021-26814
+       RESERVED
+CVE-2021-26813
+       RESERVED
+CVE-2021-26812
+       RESERVED
+CVE-2021-26811
+       RESERVED
+CVE-2021-26810
+       RESERVED
+CVE-2021-26809
+       RESERVED
+CVE-2021-26808
+       RESERVED
+CVE-2021-26807
+       RESERVED
+CVE-2021-26806
+       RESERVED
+CVE-2021-26805
+       RESERVED
+CVE-2021-26804
+       RESERVED
+CVE-2021-26803
+       RESERVED
+CVE-2021-26802
+       RESERVED
+CVE-2021-26801
+       RESERVED
+CVE-2021-26800
+       RESERVED
+CVE-2021-26799
+       RESERVED
+CVE-2021-26798
+       RESERVED
+CVE-2021-26797
+       RESERVED
+CVE-2021-26796
+       RESERVED
+CVE-2021-26795
+       RESERVED
+CVE-2021-26794
+       RESERVED
+CVE-2021-26793
+       RESERVED
+CVE-2021-26792
+       RESERVED
+CVE-2021-26791
+       RESERVED
+CVE-2021-26790
+       RESERVED
+CVE-2021-26789
+       RESERVED
+CVE-2021-26788
+       RESERVED
+CVE-2021-26787
+       RESERVED
+CVE-2021-26786
+       RESERVED
+CVE-2021-26785
+       RESERVED
+CVE-2021-26784
+       RESERVED
+CVE-2021-26783
+       RESERVED
+CVE-2021-26782
+       RESERVED
+CVE-2021-26781
+       RESERVED
+CVE-2021-26780
+       RESERVED
+CVE-2021-26779
+       RESERVED
+CVE-2021-26778
+       RESERVED
+CVE-2021-26777
+       RESERVED
+CVE-2021-26776
+       RESERVED
+CVE-2021-26775
+       RESERVED
+CVE-2021-26774
+       RESERVED
+CVE-2021-26773
+       RESERVED
+CVE-2021-26772
+       RESERVED
+CVE-2021-26771
+       RESERVED
+CVE-2021-26770
+       RESERVED
+CVE-2021-26769
+       RESERVED
+CVE-2021-26768
+       RESERVED
+CVE-2021-26767
+       RESERVED
+CVE-2021-26766
+       RESERVED
+CVE-2021-26765
+       RESERVED
+CVE-2021-26764
+       RESERVED
+CVE-2021-26763
+       RESERVED
+CVE-2021-26762
+       RESERVED
+CVE-2021-26761
+       RESERVED
+CVE-2021-26760
+       RESERVED
+CVE-2021-26759
+       RESERVED
+CVE-2021-26758
+       RESERVED
+CVE-2021-26757
+       RESERVED
+CVE-2021-26756
+       RESERVED
+CVE-2021-26755
+       RESERVED
+CVE-2021-26754
+       RESERVED
+CVE-2021-26753
+       RESERVED
+CVE-2021-26752
+       RESERVED
+CVE-2021-26751
+       RESERVED
+CVE-2021-26750
+       RESERVED
+CVE-2021-26749
+       RESERVED
+CVE-2021-26748
+       RESERVED
+CVE-2021-26747
+       RESERVED
+CVE-2021-26746
+       RESERVED
+CVE-2021-26745
+       RESERVED
+CVE-2021-26744
+       RESERVED
+CVE-2021-26743
+       RESERVED
+CVE-2021-26742
+       RESERVED
+CVE-2021-26741
+       RESERVED
+CVE-2021-26740
+       RESERVED
+CVE-2021-26739
+       RESERVED
+CVE-2021-26738
+       RESERVED
+CVE-2021-26737
+       RESERVED
+CVE-2021-26736
+       RESERVED
+CVE-2021-26735
+       RESERVED
+CVE-2021-26734
+       RESERVED
 CVE-2021-26733
        RESERVED
 CVE-2021-26732
@@ -18,8 +236,8 @@ CVE-2021-26725
        RESERVED
 CVE-2021-26724
        RESERVED
-CVE-2021-26723
-       RESERVED
+CVE-2021-26723 (Jenzabar 9.2.x through 9.2.2 allows 
/ics?tool=search&amp;query= XSS. ...)
+       TODO: check
 CVE-2021-26722 (LinkedIn Oncall through 1.4.0 allows reflected XSS via /query 
because  ...)
        NOT-FOR-US: LinkedIn Oncall
 CVE-2021-26721
@@ -2200,8 +2418,8 @@ CVE-2021-3231
        RESERVED
 CVE-2021-3230
        RESERVED
-CVE-2021-3229
-       RESERVED
+CVE-2021-3229 (Denial of service in ASUSWRT ASUS RT-AX3000 firmware versions 
3.0.0.4. ...)
+       TODO: check
 CVE-2021-3228
        RESERVED
 CVE-2021-3227
@@ -9543,10 +9761,10 @@ CVE-2021-22502
        RESERVED
 CVE-2021-22501
        RESERVED
-CVE-2021-22500
-       RESERVED
-CVE-2021-22499
-       RESERVED
+CVE-2021-22500 (Cross Site Request Forgery vulnerability in Micro Focus 
Application Pe ...)
+       TODO: check
+CVE-2021-22499 (Persistent Cross-Site scripting vulnerability in Micro Focus 
Applicati ...)
+       TODO: check
 CVE-2021-22498 (XML External Entity Injection vulnerability in Micro Focus 
Application ...)
        NOT-FOR-US: Micro Focus
 CVE-2021-22497
@@ -9929,26 +10147,26 @@ CVE-2021-22309
        RESERVED
 CVE-2021-22308
        RESERVED
-CVE-2021-22307
-       RESERVED
-CVE-2021-22306
-       RESERVED
-CVE-2021-22305
-       RESERVED
-CVE-2021-22304
-       RESERVED
-CVE-2021-22303
-       RESERVED
-CVE-2021-22302
-       RESERVED
-CVE-2021-22301
-       RESERVED
-CVE-2021-22300
-       RESERVED
-CVE-2021-22299
-       RESERVED
-CVE-2021-22298
-       RESERVED
+CVE-2021-22307 (There is a weak algorithm vulnerability in Mate 
3010.0.0.203(C00E201R7 ...)
+       TODO: check
+CVE-2021-22306 (There is an out-of-bound read vulnerability in Mate 30 
10.0.0.182(C00E ...)
+       TODO: check
+CVE-2021-22305 (There is a buffer overflow vulnerability in Mate 30 
10.1.0.126(C00E125 ...)
+       TODO: check
+CVE-2021-22304 (There is a use after free vulnerability in Taurus-AL00A 
10.0.0.1(C00E1 ...)
+       TODO: check
+CVE-2021-22303 (There is a pointer double free vulnerability in Taurus-AL00A 
10.0.0.1( ...)
+       TODO: check
+CVE-2021-22302 (There is an out-of-bound read vulnerability in Taurus-AL00A 
10.0.0.1(C ...)
+       TODO: check
+CVE-2021-22301 (Mate 30 10.0.0.203(C00E201R7P2) have a buffer overflow 
vulnerability.  ...)
+       TODO: check
+CVE-2021-22300 (There is an information leak vulnerability in eCNS280_TD 
versions V100 ...)
+       TODO: check
+CVE-2021-22299 (There is a local privilege escalation vulnerability in some 
Huawei pro ...)
+       TODO: check
+CVE-2021-22298 (There is a logic vulnerability in Huawei Gauss100 OLTP 
Product. An att ...)
+       TODO: check
 CVE-2021-22297
        RESERVED
 CVE-2021-22296
@@ -9957,10 +10175,10 @@ CVE-2021-22295
        RESERVED
 CVE-2021-22294
        RESERVED
-CVE-2021-22293
-       RESERVED
-CVE-2021-22292
-       RESERVED
+CVE-2021-22293 (Some Huawei products have an inconsistent interpretation of 
HTTP reque ...)
+       TODO: check
+CVE-2021-22292 (There is a denial of service (DoS) vulnerability in eCNS280 
versions V ...)
+       TODO: check
 CVE-2021-22291
        RESERVED
 CVE-2021-22290
@@ -13215,8 +13433,8 @@ CVE-2021-21305
        RESERVED
 CVE-2021-21304
        RESERVED
-CVE-2021-21303
-       RESERVED
+CVE-2021-21303 (Helm is open-source software which is essentially "The 
Kubernetes Pack ...)
+       TODO: check
 CVE-2021-21302
        RESERVED
 CVE-2021-21301
@@ -15856,8 +16074,7 @@ CVE-2021-20177
        [stretch] - linux <not-affected> (Vulnerable code not present)
        NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=209823
        NOTE: https://www.openwall.com/lists/oss-security/2021/01/12/1
-CVE-2021-20176 [processing crafted file leads to division by zero]
-       RESERVED
+CVE-2021-20176 (A flaw was found in ImageMagick in MagickCore/gem.c. An 
attacker who s ...)
        - imagemagick 8:6.9.11.57+dfsg-1
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/3077
        NOTE: ImageMagick: 
https://github.com/ImageMagick/ImageMagick/commit/fbd9a963db1ae5551c45dc8af57db0abd7695774
@@ -19004,7 +19221,8 @@ CVE-2020-29599 (ImageMagick before 6.9.11-40 and 7.x 
before 7.0.10-40 mishandles
        NOTE: broken between 78c7532f3ff5424de06e5d807cbb35c041bd2990 (6.9.4-2) 
and 8787fc6de99078fde055bd400b14e1ce3a2971f9 (6.9.8-1)
        NOTE: '-authenticate' replaced by '-define authenticate=' between 
8787fc6de99078fde055bd400b14e1ce3a2971f9 (6.9.8-1) and 83ec5b above
        NOTE: - bimodal ('-define delegate:bimodal=true' + pdf->(e)ps 
delegates, %a expansion) after 78c7532f3ff5424de06e5d807cbb35c041bd2990 
(6.9.4-2)
-CVE-2020-29598 (The My AIA SG application 1.2.6 for Android allows attackers 
to obtain ...)
+CVE-2020-29598
+       REJECTED
        NOT-FOR-US: My AIA SG application for Android
 CVE-2020-29597 (IncomCMS 2.0 has a modules/uploader/showcase/script.php 
insecure file  ...)
        NOT-FOR-US: IncomCMS
@@ -22660,8 +22878,8 @@ CVE-2021-1074
        RESERVED
 CVE-2021-1073
        RESERVED
-CVE-2021-1072
-       RESERVED
+CVE-2021-1072 (NVIDIA GeForce Experience, all versions prior to 3.21, contains 
a vuln ...)
+       TODO: check
 CVE-2021-1071 (NVIDIA Tegra kernel in Jetson AGX Xavier Series, Jetson Xavier 
NX, TX1 ...)
        NOT-FOR-US: NVIDIA
 CVE-2021-1070 (NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, 
Nano and  ...)
@@ -56704,8 +56922,7 @@ CVE-2020-14314 (A memory out-of-bounds read flaw was 
found in the Linux kernel b
        NOTE: 
https://git.kernel.org/linus/5872331b3d91820e14716632ebb56b1399b34fe1
 CVE-2020-14313 (An information disclosure vulnerability was found in Red Hat 
Quay in v ...)
        NOT-FOR-US: Quay
-CVE-2020-14312
-       RESERVED
+CVE-2020-14312 (A flaw was found in the default configuration of dnsmasq, as 
shipped w ...)
        - dnsmasq 2.69-1 (bug #732610)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1851342
 CVE-2020-14311 (There is an issue with grub2 before version 2.06 while 
handling symlin ...)
@@ -63848,8 +64065,8 @@ CVE-2020-11838 (Cross Site Scripting (XSS) 
vulnerability in Micro Focus ArcSight
        NOT-FOR-US: Micro Focus
 CVE-2020-11837
        RESERVED
-CVE-2020-11836
-       RESERVED
+CVE-2020-11836 (OPPO Android Phone with MTK chipset and Android 8.1/9/10/11 
versions h ...)
+       TODO: check
 CVE-2020-11835 (In 
/SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_d ...)
        NOT-FOR-US: oppo
 CVE-2020-11834 (In 
/SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_vooc.c, the  ...)
@@ -67078,10 +67295,10 @@ CVE-2020-10860 (An issue was discovered in Avast 
Antivirus before 20. An Arbitra
        NOT-FOR-US: Avast Antivirus
 CVE-2020-10859 (Zoho ManageEngine Desktop Central before 10.0.484 allows 
authenticated ...)
        NOT-FOR-US: Zoho
-CVE-2020-10858
-       RESERVED
-CVE-2020-10857
-       RESERVED
+CVE-2020-10858 (Zulip Desktop before 5.0.0 allows attackers to perform 
recording via t ...)
+       TODO: check
+CVE-2020-10857 (Zulip Desktop before 5.0.0 improperly uses shell.openExternal 
and shel ...)
+       TODO: check
 CVE-2020-10856
        RESERVED
 CVE-2019-20627 (AutoUpdater.cs in AutoUpdater.NET before 1.5.8 allows XXE. ...)
@@ -68245,12 +68462,12 @@ CVE-2020-10556
        RESERVED
 CVE-2020-10555
        RESERVED
-CVE-2020-10554
-       RESERVED
-CVE-2020-10553
-       RESERVED
-CVE-2020-10552
-       RESERVED
+CVE-2020-10554 (An issue was discovered in Psyprax beforee 3.2.2. Passwords 
used to en ...)
+       TODO: check
+CVE-2020-10553 (An issue was discovered in Psyprax before 3.2.2. The file 
%PROGRAMDATA ...)
+       TODO: check
+CVE-2020-10552 (An issue was discovered in Psyprax before 3.2.2. The Firebird 
database ...)
+       TODO: check
 CVE-2020-10551 (QQBrowser before 10.5.3870.400 installs a Windows service 
TsService.ex ...)
        NOT-FOR-US: QQBrowser
 CVE-2020-10550
@@ -68634,8 +68851,8 @@ CVE-2020-10377 (A weak encryption vulnerability in 
Mitel MiVoice Connect Client
        NOT-FOR-US: Mitel
 CVE-2020-10376 (Technicolor TC7337NET 08.89.17.23.03 devices allow remote 
attackers to ...)
        NOT-FOR-US: Technicolor
-CVE-2020-10375
-       RESERVED
+CVE-2020-10375 (An issue was discovered in New Media Smarty before 9.10. 
Passwords are ...)
+       TODO: check
 CVE-2020-10374 (A webserver component in Paessler PRTG Network Monitor 19.2.50 
to PRTG ...)
        NOT-FOR-US: PRTG Network Monitor
 CVE-2020-10373
@@ -71467,8 +71684,8 @@ CVE-2020-9207 (There is an improper authentication 
vulnerability in some verison
        NOT-FOR-US: Huawei
 CVE-2020-9206
        RESERVED
-CVE-2020-9205
-       RESERVED
+CVE-2020-9205 (There has a CSV injection vulnerability in ManageOne 8.0.1. An 
attacke ...)
+       TODO: check
 CVE-2020-9204
        RESERVED
 CVE-2020-9203 (There is a resource management errors vulnerability in Huawei 
P30. Loc ...)
@@ -71641,8 +71858,8 @@ CVE-2020-9120 (CloudEngine 1800V versions 
V100R019C10SPC500 has a resource manag
        NOT-FOR-US: Huawei
 CVE-2020-9119 (There is a privilege escalation vulnerability on some Huawei 
smart pho ...)
        NOT-FOR-US: Huawei
-CVE-2020-9118
-       RESERVED
+CVE-2020-9118 (There is an insufficient integrity check vulnerability in 
Huawei Sound ...)
+       TODO: check
 CVE-2020-9117 (HUAWEI nova 4 versions earlier than 10.0.0.165(C01E34R2P4) and 
SydneyM ...)
        NOT-FOR-US: Huawei
 CVE-2020-9116 (Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command 
injection ...)
@@ -80144,8 +80361,8 @@ CVE-2020-5814
        RESERVED
 CVE-2020-5813
        RESERVED
-CVE-2020-5812
-       RESERVED
+CVE-2020-5812 (Nessus AMI versions 8.12.0 and earlier were found to either not 
valida ...)
+       TODO: check
 CVE-2020-5811 (An authenticated path traversal vulnerability exists during 
package in ...)
        NOT-FOR-US: Umbraco CMS
 CVE-2020-5810 (A stored XSS vulnerability exists in Umbraco CMS &lt;= 8.9.1 or 
curren ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f52330d4ce51b249ddada7639adf5bcb37ac3b2e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f52330d4ce51b249ddada7639adf5bcb37ac3b2e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to