[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Mon, 22 Feb 2021 12:10:56 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
146fe271 by security tracker role at 2021-02-22T20:10:40+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2021-3414
+       RESERVED
+CVE-2021-27565
+       RESERVED
+CVE-2021-27564 (A stored XSS issue exists in Appspace 6.2.4. After a user is 
authentic ...)
+       TODO: check
+CVE-2021-27563
+       RESERVED
+CVE-2021-27562
+       RESERVED
+CVE-2021-27561
+       RESERVED
+CVE-2021-27560
+       RESERVED
+CVE-2021-27559 (The Contact page in Monica 2.19.1 allows stored XSS via the 
Nickname f ...)
+       TODO: check
 CVE-2021-27558
        RESERVED
 CVE-2021-27557
@@ -16,8 +32,8 @@ CVE-2021-27551
        RESERVED
 CVE-2021-27550
        RESERVED
-CVE-2021-27549
-       RESERVED
+CVE-2021-27549 (** DISPUTED ** Genymotion Desktop through 3.2.0 leaks the 
host's clipb ...)
+       TODO: check
 CVE-2021-27548
        RESERVED
 CVE-2021-27547
@@ -412,14 +428,14 @@ CVE-2021-27373
        RESERVED
 CVE-2021-27372
        RESERVED
-CVE-2021-27371
-       RESERVED
-CVE-2021-27370
-       RESERVED
-CVE-2021-27369
-       RESERVED
-CVE-2021-27368
-       RESERVED
+CVE-2021-27371 (The Contact page in Monica 2.19.1 allows stored XSS via the 
Descriptio ...)
+       TODO: check
+CVE-2021-27370 (The Contact page in Monica 2.19.1 allows stored XSS via the 
Last Name  ...)
+       TODO: check
+CVE-2021-27369 (The Contact page in Monica 2.19.1 allows stored XSS via the 
Middle Nam ...)
+       TODO: check
+CVE-2021-27368 (The Contact page in Monica 2.19.1 allows stored XSS via the 
First Name ...)
+       TODO: check
 CVE-2021-27367 (Controller/Backend/FileEditController.php and 
Controller/Backend/Filem ...)
        NOT-FOR-US: Bolt CMS
 CVE-2021-27366
@@ -599,8 +615,8 @@ CVE-2021-27281
        RESERVED
 CVE-2021-27280
        RESERVED
-CVE-2021-27279
-       RESERVED
+CVE-2021-27279 (MyBB before 1.8.25 allows stored XSS via nested [email] tags 
with MyCo ...)
+       TODO: check
 CVE-2021-27278
        RESERVED
 CVE-2021-27277
@@ -705,8 +721,8 @@ CVE-2021-27229 (Mumble before 1.3.4 allows remote code 
execution if a victim nav
        [buster] - mumble <no-dsa> (Minor issue)
        NOTE: 
https://github.com/mumble-voip/mumble/commit/e59ee87abe249f345908c7d568f6879d16bfd648
        NOTE: https://github.com/mumble-voip/mumble/pull/4733
-CVE-2021-27228
-       RESERVED
+CVE-2021-27228 (An issue was discovered in Shinobi through ocean version 1. 
lib/auth.j ...)
+       TODO: check
 CVE-2021-27227
        RESERVED
 CVE-2021-27226
@@ -8584,8 +8600,8 @@ CVE-2021-3122 (CMCAgent in NCR Command Center Agent 16.3 
on Aloha POS/BOH server
 CVE-2021-3121 (An issue was discovered in GoGo Protobuf before 1.3.2. 
plugin/unmarsha ...)
        - golang-gogoprotobuf 1.3.2-1
        NOTE: 
https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc
-CVE-2021-3120
-       RESERVED
+CVE-2021-3120 (An arbitrary file upload vulnerability in the YITH WooCommerce 
Gift Ca ...)
+       TODO: check
 CVE-2021-3119
        RESERVED
 CVE-2021-3118 (** UNSUPPORTED WHEN ASSIGNED ** EVOLUCARE ECSIMAGING (aka ECS 
Imaging) ...)
@@ -37312,8 +37328,8 @@ CVE-2020-24177
        RESERVED
 CVE-2020-24176
        RESERVED
-CVE-2020-24175
-       RESERVED
+CVE-2020-24175 (Buffer overflow in Yz1 0.30 and 0.32, as used in IZArc 4.4, 
ZipGenius  ...)
+       TODO: check
 CVE-2020-24174
        RESERVED
 CVE-2020-24173
@@ -40718,10 +40734,10 @@ CVE-2020-22477
        RESERVED
 CVE-2020-22476
        RESERVED
-CVE-2020-22475
-       RESERVED
-CVE-2020-22474
-       RESERVED
+CVE-2020-22475 ("Tasks" application version before 9.7.3 is affected by 
insecure permi ...)
+       TODO: check
+CVE-2020-22474 (In webERP 4.15, the ManualContents.php file allows users to 
specify th ...)
+       TODO: check
 CVE-2020-22473
        RESERVED
 CVE-2020-22472
@@ -43225,8 +43241,8 @@ CVE-2020-21226
        RESERVED
 CVE-2020-21225
        RESERVED
-CVE-2020-21224
-       RESERVED
+CVE-2020-21224 (A Remote Code Execution vulnerability has been found in Inspur 
Cluster ...)
+       TODO: check
 CVE-2020-21223
        RESERVED
 CVE-2020-21222
@@ -46157,8 +46173,8 @@ CVE-2020-19764
        RESERVED
 CVE-2020-19763
        RESERVED
-CVE-2020-19762
-       RESERVED
+CVE-2020-19762 (Automated Logic Corporation (ALC) WebCTRL System 6.5 and prior 
allows  ...)
+       TODO: check
 CVE-2020-19761
        RESERVED
 CVE-2020-19760



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/146fe2715ac28934df9e2d46b8824256f324af85

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/146fe2715ac28934df9e2d46b8824256f324af85
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to