Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
efc1a1d9 by security tracker role at 2021-03-19T20:10:19+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,245 @@
+CVE-2021-3455
+ RESERVED
+CVE-2021-3454
+ RESERVED
+CVE-2021-3453
+ RESERVED
+CVE-2021-3452
+ RESERVED
+CVE-2021-3451
+ RESERVED
+CVE-2021-3450
+ RESERVED
+CVE-2021-28949
+ RESERVED
+CVE-2021-28948
+ RESERVED
+CVE-2021-28947
+ RESERVED
+CVE-2021-28946
+ RESERVED
+CVE-2021-28945
+ RESERVED
+CVE-2021-28944
+ RESERVED
+CVE-2021-28943
+ RESERVED
+CVE-2021-28942
+ RESERVED
+CVE-2021-28941
+ RESERVED
+CVE-2021-28940
+ RESERVED
+CVE-2021-28939
+ RESERVED
+CVE-2021-28938
+ RESERVED
+CVE-2021-28937
+ RESERVED
+CVE-2021-28936
+ RESERVED
+CVE-2021-28935
+ RESERVED
+CVE-2021-28934
+ RESERVED
+CVE-2021-28933
+ RESERVED
+CVE-2021-28932
+ RESERVED
+CVE-2021-28931
+ RESERVED
+CVE-2021-28930
+ RESERVED
+CVE-2021-28929
+ RESERVED
+CVE-2021-28928
+ RESERVED
+CVE-2021-28927
+ RESERVED
+CVE-2021-28926
+ RESERVED
+CVE-2021-28925
+ RESERVED
+CVE-2021-28924
+ RESERVED
+CVE-2021-28923
+ RESERVED
+CVE-2021-28922
+ RESERVED
+CVE-2021-28921
+ RESERVED
+CVE-2021-28920
+ RESERVED
+CVE-2021-28919
+ RESERVED
+CVE-2021-28918
+ RESERVED
+CVE-2021-28917
+ RESERVED
+CVE-2021-28916
+ RESERVED
+CVE-2021-28915
+ RESERVED
+CVE-2021-28914
+ RESERVED
+CVE-2021-28913
+ RESERVED
+CVE-2021-28912
+ RESERVED
+CVE-2021-28911
+ RESERVED
+CVE-2021-28910
+ RESERVED
+CVE-2021-28909
+ RESERVED
+CVE-2021-28908
+ RESERVED
+CVE-2021-28907
+ RESERVED
+CVE-2021-28906
+ RESERVED
+CVE-2021-28905
+ RESERVED
+CVE-2021-28904
+ RESERVED
+CVE-2021-28903
+ RESERVED
+CVE-2021-28902
+ RESERVED
+CVE-2021-28901
+ RESERVED
+CVE-2021-28900
+ RESERVED
+CVE-2021-28899
+ RESERVED
+CVE-2021-28898
+ RESERVED
+CVE-2021-28897
+ RESERVED
+CVE-2021-28896
+ RESERVED
+CVE-2021-28895
+ RESERVED
+CVE-2021-28894
+ RESERVED
+CVE-2021-28893
+ RESERVED
+CVE-2021-28892
+ RESERVED
+CVE-2021-28891
+ RESERVED
+CVE-2021-28890
+ RESERVED
+CVE-2021-28889
+ RESERVED
+CVE-2021-28888
+ RESERVED
+CVE-2021-28887
+ RESERVED
+CVE-2021-28886
+ RESERVED
+CVE-2021-28885
+ RESERVED
+CVE-2021-28884
+ RESERVED
+CVE-2021-28883
+ RESERVED
+CVE-2021-28882
+ RESERVED
+CVE-2021-28881
+ RESERVED
+CVE-2021-28880
+ RESERVED
+CVE-2021-28879
+ RESERVED
+CVE-2021-28878
+ RESERVED
+CVE-2021-28877
+ RESERVED
+CVE-2021-28876
+ RESERVED
+CVE-2021-28875
+ RESERVED
+CVE-2021-28874
+ RESERVED
+CVE-2021-28873
+ RESERVED
+CVE-2021-28872
+ RESERVED
+CVE-2021-28871
+ RESERVED
+CVE-2021-28870
+ RESERVED
+CVE-2021-28869
+ RESERVED
+CVE-2021-28868
+ RESERVED
+CVE-2021-28867
+ RESERVED
+CVE-2021-28866
+ RESERVED
+CVE-2021-28865
+ RESERVED
+CVE-2021-28864
+ RESERVED
+CVE-2021-28863
+ RESERVED
+CVE-2021-28862
+ RESERVED
+CVE-2021-28861
+ RESERVED
+CVE-2021-28860
+ RESERVED
+CVE-2021-28859
+ RESERVED
+CVE-2021-28858
+ RESERVED
+CVE-2021-28857
+ RESERVED
+CVE-2021-28856
+ RESERVED
+CVE-2021-28855
+ RESERVED
+CVE-2021-28854
+ RESERVED
+CVE-2021-28853
+ RESERVED
+CVE-2021-28852
+ RESERVED
+CVE-2021-28851
+ RESERVED
+CVE-2021-28850
+ RESERVED
+CVE-2021-28849
+ RESERVED
+CVE-2021-28848
+ RESERVED
+CVE-2021-28847
+ RESERVED
+CVE-2021-28846
+ RESERVED
+CVE-2021-28845
+ RESERVED
+CVE-2021-28844
+ RESERVED
+CVE-2021-28843
+ RESERVED
+CVE-2021-28842
+ RESERVED
+CVE-2021-28841
+ RESERVED
+CVE-2021-28840
+ RESERVED
+CVE-2021-28839
+ RESERVED
+CVE-2021-28838
+ RESERVED
+CVE-2021-28837
+ RESERVED
+CVE-2021-28836
+ RESERVED
+CVE-2021-28835
+ RESERVED
CVE-2021-28834 (Kramdown before 2.3.1 does not restrict Rouge formatters to
the Rouge: ...)
TODO: check
CVE-2021-28833
@@ -1429,7 +1671,7 @@ CVE-2021-28162 (In Eclipse Theia versions up to and
including 0.16.0, in the not
NOT-FOR-US: Eclipse Theia
CVE-2021-28161 (In Eclipse Theia versions up to and including 1.8.0, in the
debug cons ...)
NOT-FOR-US: Eclipse Theia
-CVE-2021-28160 (Reflected XSS on Acexy (BoyaMicro) Wireless-N WiFi Repeater
28.08.06.1 ...)
+CVE-2021-28160 (Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) suffers from a
reflected ...)
NOT-FOR-US: Acexy (BoyaMicro) Wireless-N WiFi Repeater
CVE-2021-28159
RESERVED
@@ -2149,8 +2391,8 @@ CVE-2021-27908
RESERVED
CVE-2021-27907 (Apache Superset up to and including 0.38.0 allowed the
creation of a M ...)
NOT-FOR-US: Apache Superset
-CVE-2021-27906
- RESERVED
+CVE-2021-27906 (A carefully crafted PDF file can trigger an
OutOfMemory-Exception whil ...)
+ TODO: check
CVE-2021-27905
RESERVED
CVE-2021-27904 (An issue was discovered in app/Model/SharingGroupServer.php in
MISP 2. ...)
@@ -2352,8 +2594,8 @@ CVE-2021-27809
RESERVED
CVE-2021-27808
RESERVED
-CVE-2021-27807
- RESERVED
+CVE-2021-27807 (A carefully crafted PDF file can trigger an infinite loop
while loadin ...)
+ TODO: check
CVE-2021-27806
RESERVED
CVE-2021-27805
@@ -2967,10 +3209,10 @@ CVE-2021-27522
RESERVED
CVE-2021-27521
RESERVED
-CVE-2021-27520
- RESERVED
-CVE-2021-27519
- RESERVED
+CVE-2021-27520 (A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows
remote att ...)
+ TODO: check
+CVE-2021-27519 (A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows
remote att ...)
+ TODO: check
CVE-2021-27518
RESERVED
CVE-2021-27517
@@ -3005,8 +3247,8 @@ CVE-2021-27508
RESERVED
CVE-2021-27507
RESERVED
-CVE-2021-27506
- RESERVED
+CVE-2021-27506 (In Stormshield Network Security (SNS) 1.0 through 4.2.0, the
parsing o ...)
+ TODO: check
CVE-2021-27505
RESERVED
CVE-2021-27504
@@ -3486,6 +3728,7 @@ CVE-2021-27293
CVE-2021-27292 (ua-parser-js >= 0.7.14, fixed in 0.7.24, uses a regular
expression ...)
TODO: check
CVE-2021-27291 (In pygments 1.1+, fixed in 2.7.4, the lexers used to parse
programming ...)
+ {DLA-2600-1}
- pygments <unfixed>
NOTE: https://gist.github.com/b-c-ds/b1a2cc0c68a35c57188575eb496de5ce
NOTE:
https://github.com/pygments/pygments/commit/2e7e8c4a7b318f4032493773732754e418279a14
@@ -4140,12 +4383,12 @@ CVE-2021-26994
RESERVED
CVE-2021-26993
RESERVED
-CVE-2021-26992
- RESERVED
-CVE-2021-26991
- RESERVED
-CVE-2021-26990
- RESERVED
+CVE-2021-26992 (Cloud Manager versions prior to 3.9.4 are susceptible to a
vulnerabili ...)
+ TODO: check
+CVE-2021-26991 (Cloud Manager versions prior to 3.9.4 contain an insecure
Cross-Origin ...)
+ TODO: check
+CVE-2021-26990 (Cloud Manager versions prior to 3.9.4 are susceptible to a
vulnerabili ...)
+ TODO: check
CVE-2021-26989 (Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12,
9.7P9 a ...)
NOT-FOR-US: Clustered Data ONTAP
CVE-2021-26988 (Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12,
9.7P8 a ...)
@@ -8503,10 +8746,10 @@ CVE-2021-25280
RESERVED
CVE-2021-25279
RESERVED
-CVE-2021-25278
- RESERVED
-CVE-2021-25277
- RESERVED
+CVE-2021-25278 (FTAPI 4.0 through 4.10 allows XSS via an SVG document to the
Backgroun ...)
+ TODO: check
+CVE-2021-25277 (FTAPI 4.0 - 4.10 allows XSS via a crafted filename to the
alternative ...)
+ TODO: check
CVE-2021-25276 (In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a
directory cont ...)
NOT-FOR-US: SolarWinds
CVE-2021-25275 (SolarWinds Orion Platform before 2020.2.4, as used by various
SolarWin ...)
@@ -18014,14 +18257,14 @@ CVE-2021-21392
RESERVED
CVE-2021-21391
RESERVED
-CVE-2021-21390
- RESERVED
+CVE-2021-21390 (MinIO is an open-source high performance object storage
service and it ...)
+ TODO: check
CVE-2021-21389
RESERVED
CVE-2021-21388
RESERVED
-CVE-2021-21387
- RESERVED
+CVE-2021-21387 (Wrongthink peer-to-peer, end-to-end encrypted messenger with
PeerJS an ...)
+ TODO: check
CVE-2021-21386
RESERVED
CVE-2021-21385
@@ -21362,8 +21605,8 @@ CVE-2021-20079
RESERVED
CVE-2021-20078
RESERVED
-CVE-2021-20077
- RESERVED
+CVE-2021-20077 (Nessus Agent versions 7.2.0 through 8.2.2 were found to
inadvertently ...)
+ TODO: check
CVE-2021-20076 (Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0
were fou ...)
NOT-FOR-US: Tenable
CVE-2021-20075 (Racom's MIDGE Firmware 4.4.40.105 contains an issue that
allows for pr ...)
@@ -88718,8 +88961,8 @@ CVE-2020-4637
RESERVED
CVE-2020-4636 (IBM Resilient OnPrem 38.2 could allow a privileged user to
inject mali ...)
NOT-FOR-US: IBM
-CVE-2020-4635
- RESERVED
+CVE-2020-4635 (IBM Resilient SOAR 40 and earlier could disclose sensitive
information ...)
+ TODO: check
CVE-2020-4634
RESERVED
CVE-2020-4633 (IBM Resilient SOAR V38.0 could allow a remote attacker to
execute arbi ...)
@@ -111343,7 +111586,7 @@ CVE-2019-15564 (The Compassion Switzerland addons
10.01.4 for Odoo allow SQL inj
NOT-FOR-US: Compassion Switzerland addons for Odoo
CVE-2019-15563 (Observational Health Data Sciences and Informatics (OHDSI)
WebAPI befo ...)
NOT-FOR-US: Observational Health Data Sciences and Informatics
-CVE-2019-15562 (GORM before 1.9.10 allows SQL injection via incomplete
parentheses. ...)
+CVE-2019-15562 (** DISPUTED ** GORM before 1.9.10 allows SQL injection via
incomplete ...)
NOT-FOR-US: GORM
CVE-2019-15561 (FlashLingo before 2019-06-12 allows SQL injection, related to
flashlin ...)
NOT-FOR-US: FlashLingo
@@ -128790,8 +129033,7 @@ CVE-2019-10128
RESERVED
- postgresql-11 <not-affected> (Windows-specific)
NOTE: https://www.postgresql.org/about/news/1939/
-CVE-2019-10127
- RESERVED
+CVE-2019-10127 (A vulnerability was found in postgresql versions 11.x prior to
11.3. T ...)
- postgresql-11 <not-affected> (Windows-specific)
NOTE: https://www.postgresql.org/about/news/1939/
CVE-2019-10126 (A flaw was found in the Linux kernel. A heap based buffer
overflow in ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/efc1a1d91c7b70541dab731c7a454f4d5e62f265
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/efc1a1d91c7b70541dab731c7a454f4d5e62f265
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
