[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Thu, 04 Mar 2021 12:13:42 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
3ba53245 by security tracker role at 2021-03-04T20:10:57+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2021-27955
+       RESERVED
+CVE-2021-27954
+       RESERVED
+CVE-2021-27953
+       RESERVED
+CVE-2021-27952
+       RESERVED
+CVE-2021-27951
+       RESERVED
+CVE-2021-27950
+       RESERVED
+CVE-2021-27949
+       RESERVED
+CVE-2021-27948
+       RESERVED
+CVE-2021-27947
+       RESERVED
+CVE-2021-27946
+       RESERVED
+CVE-2021-27945
+       RESERVED
 CVE-2021-XXXX [XSA 369]
        - linux <unfixed> (unimportant)
        [buster] - linux <not-affected> (Vulnerable code introduced later)
@@ -1559,8 +1581,8 @@ CVE-2021-27221
        RESERVED
 CVE-2021-27220
        RESERVED
-CVE-2021-27217
-       RESERVED
+CVE-2021-27217 (An issue was discovered in the _send_secure_msg() function of 
Yubico y ...)
+       TODO: check
 CVE-2021-27216
        RESERVED
 CVE-2021-27215 (An issue was discovered in genua genugate before 9.0 Z p19, 
9.1.x thro ...)
@@ -4414,12 +4436,12 @@ CVE-2021-26031
        RESERVED
 CVE-2021-26030
        RESERVED
-CVE-2021-26029
-       RESERVED
-CVE-2021-26028
-       RESERVED
-CVE-2021-26027
-       RESERVED
+CVE-2021-26029 (An issue was discovered in Joomla! 1.6.0 through 3.9.24. 
Inadequate fi ...)
+       TODO: check
+CVE-2021-26028 (An issue was discovered in Joomla! 3.0.0 through 3.9.24. 
Extracting an ...)
+       TODO: check
+CVE-2021-26027 (An issue was discovered in Joomla! 3.0.0 through 3.9.24. 
Incorrect ACL ...)
+       TODO: check
 CVE-2021-3287
        RESERVED
 CVE-2021-26026 (PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 
has a Use ...)
@@ -10485,12 +10507,12 @@ CVE-2021-23348
        RESERVED
 CVE-2021-23347 (The package github.com/argoproj/argo-cd/cmd before 1.7.13, 
from 1.8.0  ...)
        NOT-FOR-US: argo-cd
-CVE-2021-23346
-       RESERVED
+CVE-2021-23346 (This affects the package html-parse-stringify before 2.0.1; 
all versio ...)
+       TODO: check
 CVE-2021-23345 (All versions of package github.com/thecodingmachine/gotenberg 
are vuln ...)
        TODO: check
-CVE-2021-23344
-       RESERVED
+CVE-2021-23344 (The package total.js before 3.4.8 are vulnerable to Remote 
Code Execut ...)
+       TODO: check
 CVE-2021-23343
        RESERVED
 CVE-2021-23342 (This affects the package docsify before 4.12.0. It is possible 
to bypa ...)
@@ -10909,20 +10931,20 @@ CVE-2021-23134
        RESERVED
 CVE-2021-23133
        RESERVED
-CVE-2021-23132
-       RESERVED
-CVE-2021-23131
-       RESERVED
-CVE-2021-23130
-       RESERVED
-CVE-2021-23129
-       RESERVED
-CVE-2021-23128
-       RESERVED
-CVE-2021-23127
-       RESERVED
-CVE-2021-23126
-       RESERVED
+CVE-2021-23132 (An issue was discovered in Joomla! 3.0.0 through 3.9.24. 
com_media all ...)
+       TODO: check
+CVE-2021-23131 (An issue was discovered in Joomla! 3.2.0 through 3.9.24. 
Missing input ...)
+       TODO: check
+CVE-2021-23130 (An issue was discovered in Joomla! 2.5.0 through 3.9.24. 
Missing filte ...)
+       TODO: check
+CVE-2021-23129 (An issue was discovered in Joomla! 2.5.0 through 3.9.24. 
Missing filte ...)
+       TODO: check
+CVE-2021-23128 (An issue was discovered in Joomla! 3.2.0 through 3.9.24. The 
core ship ...)
+       TODO: check
+CVE-2021-23127 (An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage 
of an i ...)
+       TODO: check
+CVE-2021-23126 (An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage 
of the  ...)
+       TODO: check
 CVE-2021-23125 (An issue was discovered in Joomla! 3.1.0 through 3.9.23. The 
lack of e ...)
        NOT-FOR-US: Joomla!
 CVE-2021-23124 (An issue was discovered in Joomla! 3.9.0 through 3.9.23. The 
lack of e ...)
@@ -12965,8 +12987,8 @@ CVE-2021-22191
        RESERVED
 CVE-2021-22190
        RESERVED
-CVE-2021-22189
-       RESERVED
+CVE-2021-22189 (Starting with version 13.7 the Gitlab CE/EE editions were 
affected by  ...)
+       TODO: check
 CVE-2021-22188 (An issue has been discovered in GitLab affecting all versions 
starting ...)
        TODO: check
 CVE-2021-22187 (An issue has been discovered in GitLab affecting all versions 
of Gitla ...)
@@ -12977,8 +12999,8 @@ CVE-2021-22185
        RESERVED
 CVE-2021-22184
        RESERVED
-CVE-2021-22183
-       RESERVED
+CVE-2021-22183 (An issue has been discovered in GitLab affecting all versions 
starting ...)
+       TODO: check
 CVE-2021-22182 (An issue has been discovered in GitLab affecting all versions 
starting ...)
        TODO: check
 CVE-2021-22181
@@ -13117,8 +13139,8 @@ CVE-2021-22130
        RESERVED
 CVE-2021-22129
        RESERVED
-CVE-2021-22128
-       RESERVED
+CVE-2021-22128 (An improper access control vulnerability in FortiProxy SSL VPN 
portal  ...)
+       TODO: check
 CVE-2021-22127
        RESERVED
 CVE-2021-22126
@@ -18350,10 +18372,10 @@ CVE-2021-20353 (IBM WebSphere Application Server 7.0, 
8.0, 8.5, and 9.0 is vulne
        NOT-FOR-US: IBM
 CVE-2021-20352
        RESERVED
-CVE-2021-20351
-       RESERVED
-CVE-2021-20350
-       RESERVED
+CVE-2021-20351 (IBM Engineering products are vulnerable to cross-site 
scripting. This  ...)
+       TODO: check
+CVE-2021-20350 (IBM Engineering products are vulnerable to cross-site 
scripting. This  ...)
+       TODO: check
 CVE-2021-20349
        RESERVED
 CVE-2021-20348
@@ -18372,8 +18394,8 @@ CVE-2021-20342
        RESERVED
 CVE-2021-20341
        RESERVED
-CVE-2021-20340
-       RESERVED
+CVE-2021-20340 (IBM Engineering products are vulnerable to cross-site 
scripting. This  ...)
+       TODO: check
 CVE-2021-20339
        RESERVED
 CVE-2021-20338
@@ -19895,12 +19917,12 @@ CVE-2020-35331
        RESERVED
 CVE-2020-35330
        RESERVED
-CVE-2020-35329
-       RESERVED
-CVE-2020-35328
-       RESERVED
-CVE-2020-35327
-       RESERVED
+CVE-2020-35329 (Courier Management System 1.0 1.0 is affected by SQL Injection 
via 'MU ...)
+       TODO: check
+CVE-2020-35328 (Courier Management System 1.0 - 'First Name' Stored XSS ...)
+       TODO: check
+CVE-2020-35327 (SQL injection vulnerability was discovered in Courier 
Management Syste ...)
+       TODO: check
 CVE-2020-35326
        RESERVED
 CVE-2020-35325
@@ -36698,12 +36720,12 @@ CVE-2020-24916 (CGI implementation in Yaws web server 
versions 1.81 to 2.0.7 is
        NOTE: https://github.com/vulnbe/poc-yaws-cgi-shell-injection
 CVE-2020-24915
        RESERVED
-CVE-2020-24914
-       RESERVED
-CVE-2020-24913
-       RESERVED
-CVE-2020-24912
-       RESERVED
+CVE-2020-24914 (A PHP object injection bug in profile.php in qcubed (all 
versions incl ...)
+       TODO: check
+CVE-2020-24913 (A SQL injection vulnerability in qcubed (all versions 
including 3.1.1) ...)
+       TODO: check
+CVE-2020-24912 (A reflected cross-site scripting (XSS) vulnerability in qcubed 
(all ve ...)
+       TODO: check
 CVE-2020-24911
        RESERVED
 CVE-2020-24910
@@ -38621,8 +38643,8 @@ CVE-2020-24038
        RESERVED
 CVE-2020-24037
        RESERVED
-CVE-2020-24036
-       RESERVED
+CVE-2020-24036 (PHP object injection in the Ajax endpoint of the backend in 
ForkCMS be ...)
+       TODO: check
 CVE-2020-24035
        RESERVED
 CVE-2020-24034 (Sagemcom F@ST 5280 routers using firmware version 1.150.61 
have insecu ...)
@@ -55325,8 +55347,8 @@ CVE-2020-15940
        RESERVED
 CVE-2020-15939
        RESERVED
-CVE-2020-15938
-       RESERVED
+CVE-2020-15938 (When traffic other than HTTP/S (eg: SSH traffic, etc...) 
traverses the ...)
+       TODO: check
 CVE-2020-15937 (An improper neutralization of input vulnerability in FortiGate 
version ...)
        TODO: check
 CVE-2020-15936
@@ -85729,8 +85751,8 @@ CVE-2020-4977
        RESERVED
 CVE-2020-4976
        RESERVED
-CVE-2020-4975
-       RESERVED
+CVE-2020-4975 (IBM Engineering products are vulnerable to cross-site 
scripting. This  ...)
+       TODO: check
 CVE-2020-4974
        RESERVED
 CVE-2020-4973
@@ -85947,14 +85969,14 @@ CVE-2020-4868
        RESERVED
 CVE-2020-4867
        RESERVED
-CVE-2020-4866
-       RESERVED
+CVE-2020-4866 (IBM Engineering products are vulnerable to cross-site 
scripting. This  ...)
+       TODO: check
 CVE-2020-4865 (IBM Jazz Foundation products is vulnerable to cross-site 
scripting. Th ...)
        NOT-FOR-US: IBM
 CVE-2020-4864 (IBM Resilient SOAR V38.0 could allow an attacker on the 
internal net w ...)
        NOT-FOR-US: IBM
-CVE-2020-4863
-       RESERVED
+CVE-2020-4863 (IBM Engineering products are vulnerable to stored cross-site 
scripting ...)
+       TODO: check
 CVE-2020-4862
        RESERVED
 CVE-2020-4861
@@ -85965,10 +85987,10 @@ CVE-2020-4859
        RESERVED
 CVE-2020-4858
        RESERVED
-CVE-2020-4857
-       RESERVED
-CVE-2020-4856
-       RESERVED
+CVE-2020-4857 (IBM Engineering products are vulnerable to stored cross-site 
scripting ...)
+       TODO: check
+CVE-2020-4856 (IBM Engineering products are vulnerable to stored cross-site 
scripting ...)
+       TODO: check
 CVE-2020-4855 (IBM Jazz Foundation products is vulnerable to cross-site 
scripting. Th ...)
        NOT-FOR-US: IBM
 CVE-2020-4854 (IBM Spectrum Protect Plus 10.1.0 thorugh 10.1.6 contains 
hard-coded cr ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ba53245f329ace09b8390c3ace7e9defa9e2dd1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ba53245f329ace09b8390c3ace7e9defa9e2dd1
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to