Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cef1945e by security tracker role at 2021-05-22T08:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2021-33514 (Certain NETGEAR devices are affected by command injection by
an unauth ...)
+ TODO: check
+CVE-2021-33513 (Plone through 5.2.4 allows XSS via the inline_diff methods in
Products ...)
+ TODO: check
+CVE-2021-33512 (Plone through 5.2.4 allows stored XSS attacks (by a
Contributor) by up ...)
+ TODO: check
+CVE-2021-33511 (Plone though 5.2.4 allows SSRF via the lxml parser. This
affects Diazo ...)
+ TODO: check
+CVE-2021-33510 (Plone through 5.2.4 allows remote authenticated managers to
conduct SS ...)
+ TODO: check
+CVE-2021-33509 (Plone through 5.2.4 allows remote authenticated managers to
perform di ...)
+ TODO: check
+CVE-2021-33508 (Plone through 5.2.4 allows XSS via a full name that is
mishandled duri ...)
+ TODO: check
+CVE-2021-33507 (Zope Products.CMFCore before 2.5.1 and
Products.PluggableAuthService b ...)
+ TODO: check
+CVE-2021-33506
+ RESERVED
+CVE-2021-33505
+ RESERVED
+CVE-2021-33504
+ RESERVED
+CVE-2021-33503
+ RESERVED
+CVE-2021-33502
+ RESERVED
+CVE-2021-33501
+ RESERVED
+CVE-2021-33500 (PuTTY before 0.75 on Windows allows remote servers to cause a
denial o ...)
+ TODO: check
+CVE-2021-33499
+ RESERVED
+CVE-2021-33498
+ RESERVED
CVE-2021-3563
RESERVED
- keystone <undetermined>
@@ -27729,14 +27763,14 @@ CVE-2021-21554
RESERVED
CVE-2021-21553
RESERVED
-CVE-2021-21552
- RESERVED
+CVE-2021-21552 (Dell Wyse Windows Embedded System versions WIE10 LTSC 2019 and
earlier ...)
+ TODO: check
CVE-2021-21551 (Dell dbutil_2_3.sys driver contains an insufficient access
control vul ...)
NOT-FOR-US: Dell
CVE-2021-21550 (Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper
neutralizati ...)
NOT-FOR-US: EMC
-CVE-2021-21549
- RESERVED
+CVE-2021-21549 (Dell EMC XtremIO Versions prior to 6.3.3-8, contain a
Cross-Site Reque ...)
+ TODO: check
CVE-2021-21548
RESERVED
CVE-2021-21547 (Dell EMC Unity, UnityVSA, and Unity XT versions prior to
5.0.7.0.5.008 ...)
@@ -38561,34 +38595,34 @@ CVE-2021-1562
RESERVED
CVE-2021-1561
RESERVED
-CVE-2021-1560
- RESERVED
-CVE-2021-1559
- RESERVED
-CVE-2021-1558
- RESERVED
-CVE-2021-1557
- RESERVED
+CVE-2021-1560 (Multiple vulnerabilities in Cisco DNA Spaces Connector could
allow an ...)
+ TODO: check
+CVE-2021-1559 (Multiple vulnerabilities in Cisco DNA Spaces Connector could
allow an ...)
+ TODO: check
+CVE-2021-1558 (Multiple vulnerabilities in Cisco DNA Spaces Connector could
allow an ...)
+ TODO: check
+CVE-2021-1557 (Multiple vulnerabilities in Cisco DNA Spaces Connector could
allow an ...)
+ TODO: check
CVE-2021-1556
RESERVED
-CVE-2021-1555
- RESERVED
-CVE-2021-1554
- RESERVED
-CVE-2021-1553
- RESERVED
-CVE-2021-1552
- RESERVED
-CVE-2021-1551
- RESERVED
-CVE-2021-1550
- RESERVED
-CVE-2021-1549
- RESERVED
-CVE-2021-1548
- RESERVED
-CVE-2021-1547
- RESERVED
+CVE-2021-1555 (Multiple vulnerabilities in the web-based management interface
of cert ...)
+ TODO: check
+CVE-2021-1554 (Multiple vulnerabilities in the web-based management interface
of cert ...)
+ TODO: check
+CVE-2021-1553 (Multiple vulnerabilities in the web-based management interface
of cert ...)
+ TODO: check
+CVE-2021-1552 (Multiple vulnerabilities in the web-based management interface
of cert ...)
+ TODO: check
+CVE-2021-1551 (Multiple vulnerabilities in the web-based management interface
of cert ...)
+ TODO: check
+CVE-2021-1550 (Multiple vulnerabilities in the web-based management interface
of cert ...)
+ TODO: check
+CVE-2021-1549 (Multiple vulnerabilities in the web-based management interface
of cert ...)
+ TODO: check
+CVE-2021-1548 (Multiple vulnerabilities in the web-based management interface
of cert ...)
+ TODO: check
+CVE-2021-1547 (Multiple vulnerabilities in the web-based management interface
of cert ...)
+ TODO: check
CVE-2021-1546
RESERVED
CVE-2021-1545
@@ -38619,8 +38653,8 @@ CVE-2021-1533
RESERVED
CVE-2021-1532 (A vulnerability in the video endpoint API (xAPI) of Cisco
TelePresence ...)
NOT-FOR-US: Cisco
-CVE-2021-1531
- RESERVED
+CVE-2021-1531 (A vulnerability in the web UI of Cisco Modeling Labs could
allow an au ...)
+ TODO: check
CVE-2021-1530 (A vulnerability in the web-based management interface of Cisco
BroadWo ...)
NOT-FOR-US: Cisco
CVE-2021-1529
@@ -38707,8 +38741,8 @@ CVE-2021-1489 (A vulnerability in filesystem usage
management for Cisco Firepowe
NOT-FOR-US: Cisco
CVE-2021-1488 (A vulnerability in the upgrade process of Cisco Adaptive
Security Appl ...)
NOT-FOR-US: Cisco
-CVE-2021-1487
- RESERVED
+CVE-2021-1487 (A vulnerability in the web-based management interface of Cisco
Prime I ...)
+ TODO: check
CVE-2021-1486 (A vulnerability in Cisco SD-WAN vManage Software could allow an
unauth ...)
NOT-FOR-US: Cisco
CVE-2021-1485 (A vulnerability in the CLI of Cisco IOS XR Software could allow
an aut ...)
@@ -38971,8 +39005,8 @@ CVE-2021-1360 (Multiple vulnerabilities in the
web-based management interface of
NOT-FOR-US: Cisco
CVE-2021-1359
RESERVED
-CVE-2021-1358
- RESERVED
+CVE-2021-1358 (A vulnerability in the web-based management interface of Cisco
Finesse ...)
+ TODO: check
CVE-2021-1357 (Multiple vulnerabilities in Cisco Unified Communications
Manager IM &a ...)
NOT-FOR-US: Cisco
CVE-2021-1356 (Multiple vulnerabilities in the web UI of Cisco IOS XE Software
could ...)
@@ -39075,8 +39109,8 @@ CVE-2021-1308 (Multiple vulnerabilities exist in the
Link Layer Discovery Protoc
NOT-FOR-US: Cisco
CVE-2021-1307 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
NOT-FOR-US: Cisco
-CVE-2021-1306
- RESERVED
+CVE-2021-1306 (A vulnerability in the restricted shell of Cisco Evolved
Programmable ...)
+ TODO: check
CVE-2021-1305 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
NOT-FOR-US: Cisco
CVE-2021-1304 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
@@ -39179,8 +39213,8 @@ CVE-2021-1256 (A vulnerability in the CLI of Cisco
Firepower Threat Defense (FTD
NOT-FOR-US: Cisco
CVE-2021-1255 (Multiple vulnerabilities in the REST API endpoint of Cisco Data
Center ...)
NOT-FOR-US: Cisco
-CVE-2021-1254
- RESERVED
+CVE-2021-1254 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
+ TODO: check
CVE-2021-1253 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
NOT-FOR-US: Cisco
CVE-2021-1252 (A vulnerability in the Excel XLM macro parsing module in Clam
AntiViru ...)
@@ -443172,8 +443206,8 @@ CVE-2008-3281 (libxml2 2.6.32 and earlier does not
properly detect recursion dur
{DSA-1631-1 DTSA-158-1}
- libxml2 2.6.32.dfsg-3 (medium)
- chromium-browser 5.0.375.29~r46008-1
-CVE-2008-3280
- RESERVED
+CVE-2008-3280 (It was found that various OpenID Providers (OPs) had TLS Server
Certif ...)
+ TODO: check
CVE-2008-3279 (Untrusted search path vulnerability in libbrlttybba.so in
brltty 3.7.2 ...)
- brltty <not-affected> (RedHat-specific)
CVE-2008-3278 (frysk packages through 2008-08-05 as shipped in Red Hat
Enterprise Lin ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cef1945e00547dcaf7562eec3efee4122ece8bd7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cef1945e00547dcaf7562eec3efee4122ece8bd7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
