Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9cc1ca90 by security tracker role at 2021-05-21T08:10:24+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,15 @@
+CVE-2021-3562
+ RESERVED
+CVE-2021-33484
+ RESERVED
+CVE-2021-33483
+ RESERVED
+CVE-2021-33482
+ RESERVED
+CVE-2021-33478
+ RESERVED
CVE-2021-3561 [Global buffer overflow in fig2dev/read.c in function
read_objects]
+ RESERVED
- fig2dev 1:3.2.8-3
[buster] - fig2dev <no-dsa> (Minor issue)
- transfig <removed>
@@ -602,19 +613,22 @@ CVE-2020-36365 (Smartstore (aka SmartStoreNET) before
4.1.0 allows CommonControl
CVE-2020-36364 (An issue was discovered in Smartstore (aka SmartStoreNET)
before 4.1.0 ...)
NOT-FOR-US: Smartstore (aka SmartStoreNET)
CVE-2021-33481 [stack-based buffer overflow in try_to_divide_boxes() in
pgm2asc.c]
+ RESERVED
- gocr <unfixed> (unimportant)
NOTE: https://sourceforge.net/p/jocr/bugs/42/
NOTE: Crash in CLI tool, no security impact
CVE-2021-33480 [use-after-free in context_correction() in pgm2asc.c]
+ RESERVED
- gocr <unfixed> (unimportant)
NOTE: https://sourceforge.net/p/jocr/bugs/40/
NOTE: https://sourceforge.net/p/jocr/bugs/41/
NOTE: Crash in CLI tool, no security impact
CVE-2021-33479 [stack-based buffer overflow in measure_pitch() in pgm2asc.c]
+ RESERVED
- gocr <unfixed> (unimportant)
NOTE: https://sourceforge.net/p/jocr/bugs/39/
NOTE: Crash in CLI tool, no security impact
-CVE-2021-33477 [(remote) code execution via ESC G Q]
+CVE-2021-33477 (rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7
allow (po ...)
- rxvt <removed>
- rxvt-unicode <unfixed> (bug #988763)
- mrxvt <removed>
@@ -3100,8 +3114,8 @@ CVE-2021-32034
RESERVED
CVE-2021-32033
RESERVED
-CVE-2021-32032
- RESERVED
+CVE-2021-32032 (In Trusted Firmware-M through 1.3.0, cleaning up the memory
allocated ...)
+ TODO: check
CVE-2021-32031
RESERVED
CVE-2020-36362
@@ -10931,8 +10945,8 @@ CVE-2021-28800
RESERVED
CVE-2021-28799 (An improper authorization vulnerability has been reported to
affect QN ...)
NOT-FOR-US: QNAP
-CVE-2021-28798
- RESERVED
+CVE-2021-28798 (A relative path traversal vulnerability has been reported to
affect QN ...)
+ TODO: check
CVE-2021-28797 (A stack-based buffer overflow vulnerability has been reported
to affec ...)
NOT-FOR-US: QNAP NAS devices
CVE-2021-28796 (Increments Qiita::Markdown before 0.33.0 allows XSS in
transformers. ...)
@@ -25887,8 +25901,8 @@ CVE-2021-22411
RESERVED
CVE-2021-22410
RESERVED
-CVE-2021-22409
- RESERVED
+CVE-2021-22409 (There is a denial of service vulnerability in some versions of
ManageO ...)
+ TODO: check
CVE-2021-22408
RESERVED
CVE-2021-22407
@@ -26027,8 +26041,8 @@ CVE-2021-22341
RESERVED
CVE-2021-22340
RESERVED
-CVE-2021-22339
- RESERVED
+CVE-2021-22339 (There is a denial of service vulnerability in some versions of
ManageO ...)
+ TODO: check
CVE-2021-22338
RESERVED
CVE-2021-22337
@@ -45222,8 +45236,8 @@ CVE-2020-27211
RESERVED
CVE-2020-27210
RESERVED
-CVE-2020-27209
- RESERVED
+CVE-2020-27209 (The ECDSA operation of the micro-ecc library 1.0 is vulnerable
to simp ...)
+ TODO: check
CVE-2020-27208
RESERVED
CVE-2020-27207 (Zetetic SQLCipher 4.x before 4.4.1 has a use-after-free,
related to sq ...)
@@ -64428,8 +64442,8 @@ CVE-2020-18222
RESERVED
CVE-2020-18221
RESERVED
-CVE-2020-18220
- RESERVED
+CVE-2020-18220 (Weak Encoding for Password in DoraCMS v2.1.1 and earlier
allows attack ...)
+ TODO: check
CVE-2020-18219
RESERVED
CVE-2020-18218
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9cc1ca90114f70644fff50a8beea1489c37c5f2d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9cc1ca90114f70644fff50a8beea1489c37c5f2d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
