[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Sat, 01 May 2021 01:10:41 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
30e5593a by security tracker role at 2021-05-01T08:10:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,153 @@
+CVE-2021-3529
+       RESERVED
+CVE-2021-31995
+       RESERVED
+CVE-2021-31994
+       RESERVED
+CVE-2021-31993
+       RESERVED
+CVE-2021-31992
+       RESERVED
+CVE-2021-31991
+       RESERVED
+CVE-2021-31990
+       RESERVED
+CVE-2021-31989
+       RESERVED
+CVE-2021-31988
+       RESERVED
+CVE-2021-31987
+       RESERVED
+CVE-2021-31986
+       RESERVED
+CVE-2021-31985
+       RESERVED
+CVE-2021-31984
+       RESERVED
+CVE-2021-31983
+       RESERVED
+CVE-2021-31982
+       RESERVED
+CVE-2021-31981
+       RESERVED
+CVE-2021-31980
+       RESERVED
+CVE-2021-31979
+       RESERVED
+CVE-2021-31978
+       RESERVED
+CVE-2021-31977
+       RESERVED
+CVE-2021-31976
+       RESERVED
+CVE-2021-31975
+       RESERVED
+CVE-2021-31974
+       RESERVED
+CVE-2021-31973
+       RESERVED
+CVE-2021-31972
+       RESERVED
+CVE-2021-31971
+       RESERVED
+CVE-2021-31970
+       RESERVED
+CVE-2021-31969
+       RESERVED
+CVE-2021-31968
+       RESERVED
+CVE-2021-31967
+       RESERVED
+CVE-2021-31966
+       RESERVED
+CVE-2021-31965
+       RESERVED
+CVE-2021-31964
+       RESERVED
+CVE-2021-31963
+       RESERVED
+CVE-2021-31962
+       RESERVED
+CVE-2021-31961
+       RESERVED
+CVE-2021-31960
+       RESERVED
+CVE-2021-31959
+       RESERVED
+CVE-2021-31958
+       RESERVED
+CVE-2021-31957
+       RESERVED
+CVE-2021-31956
+       RESERVED
+CVE-2021-31955
+       RESERVED
+CVE-2021-31954
+       RESERVED
+CVE-2021-31953
+       RESERVED
+CVE-2021-31952
+       RESERVED
+CVE-2021-31951
+       RESERVED
+CVE-2021-31950
+       RESERVED
+CVE-2021-31949
+       RESERVED
+CVE-2021-31948
+       RESERVED
+CVE-2021-31947
+       RESERVED
+CVE-2021-31946
+       RESERVED
+CVE-2021-31945
+       RESERVED
+CVE-2021-31944
+       RESERVED
+CVE-2021-31943
+       RESERVED
+CVE-2021-31942
+       RESERVED
+CVE-2021-31941
+       RESERVED
+CVE-2021-31940
+       RESERVED
+CVE-2021-31939
+       RESERVED
+CVE-2021-31938
+       RESERVED
+CVE-2021-31937
+       RESERVED
+CVE-2021-31936
+       RESERVED
+CVE-2021-31935 (OX App Suite 7.10.4 and earlier allows XSS via a crafted 
distribution  ...)
+       TODO: check
+CVE-2021-31934 (OX App Suite 7.10.4 and earlier allows XSS via a crafted 
contact objec ...)
+       TODO: check
+CVE-2021-31933 (A remote code execution vulnerability exists in Chamilo 
through 1.11.1 ...)
+       TODO: check
+CVE-2021-31932
+       RESERVED
+CVE-2021-31931
+       RESERVED
+CVE-2021-31930
+       RESERVED
+CVE-2021-31929
+       RESERVED
+CVE-2021-31928
+       RESERVED
+CVE-2021-31927
+       RESERVED
+CVE-2021-31926 (AMP Application Deployment Service in CubeCoders AMP 2.1.x 
before 2.1. ...)
+       TODO: check
+CVE-2021-31925
+       RESERVED
+CVE-2021-31924
+       RESERVED
+CVE-2021-31923
+       RESERVED
+CVE-2021-31922
+       RESERVED
 CVE-2021-3528
        RESERVED
        NOT-FOR-US: noobaa
@@ -382,8 +532,8 @@ CVE-2021-31794 (Settings.aspx?view=About in Directum 5.8.2 
allows XSS via the HT
        NOT-FOR-US: Directum
 CVE-2021-31793
        RESERVED
-CVE-2021-31792
-       RESERVED
+CVE-2021-31792 (XSS in the client account page in SuiteCRM before 7.11.19 
allows an at ...)
+       TODO: check
 CVE-2021-31791 (In Hardware Sentry KM before 10.0.01 for BMC PATROL, a 
cleartext passw ...)
        NOT-FOR-US: Sentry KM
 CVE-2021-31790
@@ -23778,24 +23928,24 @@ CVE-2021-21549
        RESERVED
 CVE-2021-21548
        RESERVED
-CVE-2021-21547
-       RESERVED
+CVE-2021-21547 (Dell EMC Unity, UnityVSA, and Unity XT versions prior to 
5.0.7.0.5.008 ...)
+       TODO: check
 CVE-2021-21546
        RESERVED
 CVE-2021-21545 (Dell Peripheral Manager 1.3.1 or greater contains remediation 
for a lo ...)
        NOT-FOR-US: Dell
-CVE-2021-21544
-       RESERVED
-CVE-2021-21543
-       RESERVED
-CVE-2021-21542
-       RESERVED
-CVE-2021-21541
-       RESERVED
-CVE-2021-21540
-       RESERVED
-CVE-2021-21539
-       RESERVED
+CVE-2021-21544 (Dell EMC iDRAC9 versions prior to 4.40.00.00 contain an 
improper authe ...)
+       TODO: check
+CVE-2021-21543 (Dell EMC iDRAC9 versions prior to 4.40.00.00 contain multiple 
stored c ...)
+       TODO: check
+CVE-2021-21542 (Dell EMC iDRAC9 versions prior to 4.40.10.00 contain multiple 
stored c ...)
+       TODO: check
+CVE-2021-21541 (Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a 
DOM-based cross ...)
+       TODO: check
+CVE-2021-21540 (Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a 
stack-based ove ...)
+       TODO: check
+CVE-2021-21539 (Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a 
Time-of-check T ...)
+       TODO: check
 CVE-2021-21538
        RESERVED
 CVE-2021-21537 (Dell Hybrid Client versions prior to 1.5 contain an 
information exposu ...)
@@ -23810,10 +23960,10 @@ CVE-2021-21533 (Wyse Management Suite versions up to 
3.2 contains a vulnerabilit
        NOT-FOR-US: Wyse Management Suite
 CVE-2021-21532 (Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper 
manageme ...)
        NOT-FOR-US: Dell Wyse ThinOS
-CVE-2021-21531
-       RESERVED
-CVE-2021-21530
-       RESERVED
+CVE-2021-21531 (Dell Unisphere for PowerMax versions prior to 9.2.1.6 contain 
an Autho ...)
+       TODO: check
+CVE-2021-21530 (Dell OpenManage Enterprise-Modular (OME-M) versions prior to 
1.30.00 c ...)
+       TODO: check
 CVE-2021-21529 (Dell System Update (DSU) 1.9 and earlier versions contain a 
denial of  ...)
        NOT-FOR-US: Dell System Update (DSU)
 CVE-2021-21528
@@ -23858,8 +24008,8 @@ CVE-2021-21509
        RESERVED
 CVE-2021-21508
        RESERVED
-CVE-2021-21507
-       RESERVED
+CVE-2021-21507 (Dell EMC Networking X-Series firmware versions prior to 
3.0.1.8 and De ...)
+       TODO: check
 CVE-2021-21506 (PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper 
input sani ...)
        NOT-FOR-US: PowerScale OneFS
 CVE-2021-21505
@@ -25829,32 +25979,25 @@ CVE-2021-21234 (spring-boot-actuator-logview in a 
library that adds a simple log
        NOT-FOR-US: Spring actuator logview
 CVE-2020-35627 (Ultimate WooCommerce Gift Cards 3.0.2 is affected by a file 
upload vul ...)
        NOT-FOR-US: Ultimate WooCommerce Gift Cards
-CVE-2021-21233
-       RESERVED
+CVE-2021-21233 (Heap buffer overflow in ANGLE in Google Chrome on Windows 
prior to 90. ...)
        - chromium 90.0.4430.93-1 (bug #987715)
        [stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2021-21232
-       RESERVED
+CVE-2021-21232 (Use after free in Dev Tools in Google Chrome prior to 
90.0.4430.93 all ...)
        - chromium 90.0.4430.93-1 (bug #987715)
        [stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2021-21231
-       RESERVED
+CVE-2021-21231 (Insufficient data validation in V8 in Google Chrome prior to 
90.0.4430 ...)
        - chromium 90.0.4430.93-1 (bug #987715)
        [stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2021-21230
-       RESERVED
+CVE-2021-21230 (Type confusion in V8 in Google Chrome prior to 90.0.4430.93 
allowed a  ...)
        - chromium 90.0.4430.93-1 (bug #987715)
        [stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2021-21229
-       RESERVED
+CVE-2021-21229 (Incorrect security UI in downloads in Google Chrome on Android 
prior t ...)
        - chromium 90.0.4430.93-1 (bug #987715)
        [stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2021-21228
-       RESERVED
+CVE-2021-21228 (Insufficient policy enforcement in extensions in Google Chrome 
prior t ...)
        - chromium 90.0.4430.93-1 (bug #987715)
        [stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2021-21227
-       RESERVED
+CVE-2021-21227 (Insufficient data validation in V8 in Google Chrome prior to 
90.0.4430 ...)
        - chromium 90.0.4430.93-1 (bug #987715)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-21226 (Use after free in navigation in Google Chrome prior to 
90.0.4430.85 al ...)
@@ -33760,10 +33903,10 @@ CVE-2020-28946 (An improper webserver configuration 
on Plum IK-401 devices with
        NOT-FOR-US: Plum IK-401 devices
 CVE-2020-28945
        RESERVED
-CVE-2020-28944
-       RESERVED
-CVE-2020-28943
-       RESERVED
+CVE-2020-28944 (OX Guard 2.10.4 and earlier allows a Denial of Service via a 
WKS serve ...)
+       TODO: check
+CVE-2020-28943 (OX App Suite 7.10.4 and earlier allows SSRF via a snippet. ...)
+       TODO: check
 CVE-2020-28942 (An issue exists in PrimeKey EJBCA before 7.4.3 when enrolling 
with EST ...)
        NOT-FOR-US: PrimeKey EJBCA
 CVE-2020-28941 (An issue was discovered in 
drivers/accessibility/speakup/spk_ttyio.c i ...)
@@ -60638,8 +60781,8 @@ CVE-2020-18086
        RESERVED
 CVE-2020-18085
        RESERVED
-CVE-2020-18084
-       RESERVED
+CVE-2020-18084 (Cross Site Scripting (XSS) in yzmCMS v5.2 allows remote 
attackers to e ...)
+       TODO: check
 CVE-2020-18083
        RESERVED
 CVE-2020-18082



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30e5593a232067289088114c571618430cfcf3b9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30e5593a232067289088114c571618430cfcf3b9
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to