[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Mon, 03 May 2021 13:10:40 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
74d67e27 by security tracker role at 2021-05-03T20:10:25+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,29 @@
+CVE-2021-3532
+       RESERVED
+CVE-2021-3531
+       RESERVED
+CVE-2021-3530
+       RESERVED
+CVE-2021-32011
+       RESERVED
+CVE-2021-32010
+       RESERVED
+CVE-2021-32009
+       RESERVED
+CVE-2021-32008
+       RESERVED
+CVE-2021-32007
+       RESERVED
+CVE-2021-32006
+       RESERVED
+CVE-2021-32005
+       RESERVED
+CVE-2021-32004
+       RESERVED
+CVE-2021-32003
+       RESERVED
+CVE-2021-32002
+       RESERVED
 CVE-2021-32001
        RESERVED
 CVE-2021-32000
@@ -6016,8 +6042,8 @@ CVE-2021-29371
        RESERVED
 CVE-2021-29370 (A UXSS was discovered in the Thanos-Soft Cheetah Browser in 
Android 1. ...)
        NOT-FOR-US: Thanos-Soft Cheetah Browser in Android
-CVE-2021-29369
-       RESERVED
+CVE-2021-29369 (The gnuplot package prior to version 0.1.0 for Node.js allows 
code exe ...)
+       TODO: check
 CVE-2021-29368
        RESERVED
 CVE-2021-29367
@@ -6307,16 +6333,16 @@ CVE-2021-29244
        RESERVED
 CVE-2021-29243
        RESERVED
-CVE-2021-29242
-       RESERVED
-CVE-2021-29241
-       RESERVED
+CVE-2021-29242 (CODESYS Control Runtime system before 3.5.17.0 has improper 
input vali ...)
+       TODO: check
+CVE-2021-29241 (CODESYS Gateway 3 before 3.5.17.0 has a NULL pointer 
dereference that  ...)
+       TODO: check
 CVE-2021-29240
        RESERVED
-CVE-2021-29239
-       RESERVED
-CVE-2021-29238
-       RESERVED
+CVE-2021-29239 (CODESYS Development System 3 before 3.5.17.0 displays or 
executes mali ...)
+       TODO: check
+CVE-2021-29238 (CODESYS Automation Server before 1.16.0 allows cross-site 
request forg ...)
+       TODO: check
 CVE-2021-29237
        RESERVED
 CVE-2021-29236
@@ -7161,8 +7187,8 @@ CVE-2021-28862
        RESERVED
 CVE-2021-28861
        RESERVED
-CVE-2021-28860
-       RESERVED
+CVE-2021-28860 (Node.js mixme 0.5.0, an attacker can add or alter properties 
of an obj ...)
+       TODO: check
 CVE-2021-28859
        RESERVED
 CVE-2021-28858
@@ -14997,8 +15023,7 @@ CVE-2021-25633
        RESERVED
 CVE-2021-25632
        RESERVED
-CVE-2021-25631
-       RESERVED
+CVE-2021-25631 (In the LibreOffice 7-1 series in versions prior to 7.1.2, and 
in the 7 ...)
        - libreoffice <not-affected> (Libreoffice on Windows)
        NOTE: https://positive.security/blog/url-open-rce#open-libreoffice
 CVE-2021-25630 ("loolforkit" is a privileged program that is supposed to be 
run by a s ...)
@@ -25916,8 +25941,8 @@ CVE-2021-21266 (openHAB is a vendor and technology 
agnostic open source automati
        NOT-FOR-US: openHAB
 CVE-2021-21265 (October is a free, open-source, self-hosted CMS platform based 
on the  ...)
        NOT-FOR-US: October CMS
-CVE-2021-21264
-       RESERVED
+CVE-2021-21264 (October is a free, open-source, self-hosted CMS platform based 
on the  ...)
+       TODO: check
 CVE-2021-21262
        RESERVED
 CVE-2021-21260 (Online Invoicing System (OIS) is open source software which is 
a lean  ...)
@@ -56473,8 +56498,8 @@ CVE-2020-20249
        RESERVED
 CVE-2020-20248
        RESERVED
-CVE-2020-20247
-       RESERVED
+CVE-2020-20247 (Mikrotik RouterOs before 6.46.5 (stable tree) suffers from a 
memory co ...)
+       TODO: check
 CVE-2020-20246
        RESERVED
 CVE-2020-20245
@@ -56531,8 +56556,8 @@ CVE-2020-20220
        RESERVED
 CVE-2020-20219
        RESERVED
-CVE-2020-20218
-       RESERVED
+CVE-2020-20218 (Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a 
memory corrup ...)
+       TODO: check
 CVE-2020-20217
        RESERVED
 CVE-2020-20216
@@ -72937,7 +72962,7 @@ CVE-2020-13287 (A vulnerability was discovered in 
GitLab versions before 13.1.10
 CVE-2020-13286 (For GitLab before 13.0.12, 13.1.6, 13.2.3 user controlled git 
configur ...)
        - gitlab <not-affected> (Only affects GitLab 12.7 and later)
        NOTE: 
https://about.gitlab.com/releases/2020/08/05/gitlab-13-2-3-released/
-CVE-2020-13285 (For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site 
scripting vulne ...)
+CVE-2020-13285 (For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site 
scripting (XSS) ...)
        - gitlab <not-affected> (Only affects GitLab 12.9 and later)
        NOTE: 
https://about.gitlab.com/releases/2020/08/05/gitlab-13-2-3-released/
 CVE-2020-13284 (A vulnerability was discovered in GitLab versions before 
13.1.10, 13.2 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74d67e27ead056353a02b793af390cac79b19233

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74d67e27ead056353a02b793af390cac79b19233
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to