Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cbb522a1 by security tracker role at 2021-04-07T08:10:30+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2,7 +2,7 @@ CVE-2021-3484
RESERVED
CVE-2021-3483
RESERVED
-CVE-2021-30178 [KVM: x86: hyper-v: Fix Hyper-V context null-ptr-deref]
+CVE-2021-30178 (An issue was discovered in the Linux kernel through 5.11.11.
synic_get ...)
- linux <unfixed>
NOTE:
https://git.kernel.org/linus/919f4ebc598701670e80e31573a58f1f2d2bf918
CVE-2021-30177
@@ -57,18 +57,18 @@ CVE-2021-23165
RESERVED
CVE-2021-23158
RESERVED
-CVE-2020-36313
+CVE-2020-36313 (An issue was discovered in the Linux kernel before 5.7. The
KVM subsys ...)
- linux 5.7.6-1
NOTE:
https://git.kernel.org/linus/0774a964ef561b7170d8d1b1bfe6f88002b6d219
-CVE-2020-36312
+CVE-2020-36312 (An issue was discovered in the Linux kernel before 5.8.10.
virt/kvm/kv ...)
- linux 5.8.10-1
[buster] - linux 4.19.152-1
[stretch] - linux 4.9.240-1
NOTE:
https://git.kernel.org/linus/f65886606c2d3b562716de030706dfe1bea4ed5e
-CVE-2020-36311
+CVE-2020-36311 (An issue was discovered in the Linux kernel before 5.9.
arch/x86/kvm/s ...)
- linux 5.9.1-1
NOTE:
https://git.kernel.org/linus/7be74942f184fdfba34ddd19a0d995deb34d4a03
-CVE-2020-36310
+CVE-2020-36310 (An issue was discovered in the Linux kernel before 5.8.
arch/x86/kvm/s ...)
- linux 5.8.7-1
NOTE:
https://git.kernel.org/linus/e72436bc3a5206f95bb384e741154166ddb3202e
CVE-2020-36309 (ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in
OpenResty ...)
@@ -118,8 +118,8 @@ CVE-2021-30149 (Composr 10.0.36 allows upload and execution
of PHP files. ...)
NOT-FOR-US: Composr
CVE-2021-30148
RESERVED
-CVE-2021-30147
- RESERVED
+CVE-2021-30147 (DMA Softlab Radius Manager 4.4.0 allows CSRF with impacts such
as addi ...)
+ TODO: check
CVE-2021-30146 (Seafile 7.0.5 (2019) allows Persistent XSS via the "share of
library f ...)
- seafile-client <undetermined>
NOTE: https://github.com/Security-AVS/CVE-2021-30146
@@ -5207,10 +5207,10 @@ CVE-2021-27902
RESERVED
CVE-2021-27901 (An issue was discovered on LG mobile devices with Android OS
11 softwa ...)
NOT-FOR-US: LG mobile devices
-CVE-2021-27900
- RESERVED
-CVE-2021-27899
- RESERVED
+CVE-2021-27900 (The Proofpoint Insider Threat Management Server (formerly
ObserveIT Se ...)
+ TODO: check
+CVE-2021-27899 (The Proofpoint Insider Threat Management Agents (formerly
ObserveIT Ag ...)
+ TODO: check
CVE-2021-27898
RESERVED
CVE-2021-27897
@@ -10555,8 +10555,8 @@ CVE-2021-25694
RESERVED
CVE-2021-25693
RESERVED
-CVE-2021-25692
- RESERVED
+CVE-2021-25692 (Sensitive smart card data is logged in default INFO logs by
Teradici's ...)
+ TODO: check
CVE-2021-25691
RESERVED
CVE-2021-25690 (A null pointer dereference in Teradici PCoIP Soft Client
versions prio ...)
@@ -18318,10 +18318,10 @@ CVE-2021-3015
RESERVED
CVE-2021-22159 (Insider Threat Management Windows Agent Local Privilege
Escalation Vul ...)
NOT-FOR-US: The Proofpoint Insider Threat Management
-CVE-2021-22158
- RESERVED
-CVE-2021-22157
- RESERVED
+CVE-2021-22158 (The Proofpoint Insider Threat Management Server (formerly
ObserveIT Se ...)
+ TODO: check
+CVE-2021-22157 (Proofpoint Insider Threat Management Server (formerly
ObserveIT Server ...)
+ TODO: check
CVE-2021-22156
RESERVED
CVE-2021-22155
@@ -21116,8 +21116,8 @@ CVE-2021-21406
RESERVED
CVE-2021-21405
RESERVED
-CVE-2021-21404
- RESERVED
+CVE-2021-21404 (Syncthing is a continuous file synchronization program. In
Syncthing b ...)
+ TODO: check
CVE-2021-21403 (In github.com/kongchuanhujiao/server before version 1.3.21
there is an ...)
TODO: check
CVE-2021-21402 (Jellyfin is a Free Software Media System. In Jellyfin before
version 1 ...)
@@ -67927,16 +67927,16 @@ CVE-2020-13424 (The XCloner component before 3.5.4
for Joomla! allows Authentica
NOT-FOR-US: Joomla addon
CVE-2020-13423 (Form Builder 2.1.0 for Magento has multiple XSS issues that
can be exp ...)
NOT-FOR-US: Form Builder for Magento
-CVE-2020-13422
- RESERVED
-CVE-2020-13421
- RESERVED
-CVE-2020-13420
- RESERVED
-CVE-2020-13419
- RESERVED
-CVE-2020-13418
- RESERVED
+CVE-2020-13422 (OpenIAM before 4.2.0.3 does not verify if a user has
permissions to pe ...)
+ TODO: check
+CVE-2020-13421 (OpenIAM before 4.2.0.3 has Incorrect Access Control for the
Create Use ...)
+ TODO: check
+CVE-2020-13420 (OpenIAM before 4.2.0.3 allows remote attackers to execute
arbitrary co ...)
+ TODO: check
+CVE-2020-13419 (OpenIAM before 4.2.0.3 allows Directory Traversal in the Batch
task. ...)
+ TODO: check
+CVE-2020-13418 (OpenIAM before 4.2.0.3 allows XSS in the Add New User feature.
...)
+ TODO: check
CVE-2020-13417 (An Elevation of Privilege issue was discovered in Aviatrix VPN
Client ...)
NOT-FOR-US: Aviatrix
CVE-2020-13416 (An issue was discovered in Aviatrix Controller before
5.4.1066. A Cont ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbb522a15ebdf78906be2c3f38a11b3f4c9397a7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbb522a15ebdf78906be2c3f38a11b3f4c9397a7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
