[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Thu, 03 Jun 2021 01:10:40 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
da499822 by security tracker role at 2021-06-03T08:10:25+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,11 @@
+CVE-2021-3579
+       RESERVED
+CVE-2021-3578
+       RESERVED
+CVE-2021-33806
+       RESERVED
+CVE-2021-33805 (In the reference implementation of FUSE before 2.9.8, local 
attackers  ...)
+       TODO: check
 CVE-2021-3577
        RESERVED
 CVE-2021-3576
@@ -2621,8 +2629,7 @@ CVE-2021-32627
        RESERVED
 CVE-2021-32626
        RESERVED
-CVE-2021-32625 [integer overflow in STRALGO LCS]
-       RESERVED
+CVE-2021-32625 (Redis is an open source (BSD licensed), in-memory data 
structure store ...)
        - redis 5:6.0.14-1 (bug #989351)
        [buster] - redis <not-affected> (Vulnerable code not present)
        [stretch] - redis <not-affected> (Vulnerable code not present)
@@ -9050,7 +9057,7 @@ CVE-2021-29968
        RESERVED
 CVE-2021-29967
        RESERVED
-       {DSA-4925-1}
+       {DSA-4925-1 DLA-2673-1}
        - firefox-esr 78.11.0esr-1
        - firefox 89.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2021-24/#CVE-2021-29967
@@ -9741,12 +9748,12 @@ CVE-2021-29672 (IBM Spectrum Protect Client 8.1.0.0-8 
through 1.11.0 is vulnerab
        NOT-FOR-US: IBM
 CVE-2021-29671 (IBM Spectrum Scale 5.1.0.1 could allow a local attacker to 
bypass the  ...)
        NOT-FOR-US: IBM
-CVE-2021-29670
-       RESERVED
+CVE-2021-29670 (IBM Jazz Foundation and IBM Engineering products are 
vulnerable to cro ...)
+       TODO: check
 CVE-2021-29669
        RESERVED
-CVE-2021-29668
-       RESERVED
+CVE-2021-29668 (IBM Jazz Foundation and IBM Engineering products are 
vulnerable to cro ...)
+       TODO: check
 CVE-2021-29667 (IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 
5.1.0.2 is  ...)
        NOT-FOR-US: IBM
 CVE-2021-29666 (IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 
5.1.0.2 is  ...)
@@ -11896,8 +11903,8 @@ CVE-2021-28814
        RESERVED
 CVE-2021-28813
        RESERVED
-CVE-2021-28812
-       RESERVED
+CVE-2021-28812 (A command injection vulnerability has been reported to affect 
certain  ...)
+       TODO: check
 CVE-2021-28811
        RESERVED
 CVE-2021-28810
@@ -11906,10 +11913,10 @@ CVE-2021-28809
        RESERVED
 CVE-2021-28808
        RESERVED
-CVE-2021-28807
-       RESERVED
-CVE-2021-28806
-       RESERVED
+CVE-2021-28807 (A post-authentication reflected XSS vulnerability has been 
reported to ...)
+       TODO: check
+CVE-2021-28806 (A DOM-based XSS vulnerability has been reported to affect QNAP 
NAS run ...)
+       TODO: check
 CVE-2021-28805
        RESERVED
 CVE-2021-28804
@@ -32924,8 +32931,8 @@ CVE-2021-20373
        RESERVED
 CVE-2021-20372
        RESERVED
-CVE-2021-20371
-       RESERVED
+CVE-2021-20371 (IBM Jazz Foundation and IBM Engineering products could allow a 
remote  ...)
+       TODO: check
 CVE-2021-20370
        RESERVED
 CVE-2021-20369
@@ -32970,18 +32977,18 @@ CVE-2021-20350 (IBM Engineering products are 
vulnerable to cross-site scripting.
        NOT-FOR-US: IBM
 CVE-2021-20349
        RESERVED
-CVE-2021-20348
-       RESERVED
-CVE-2021-20347
-       RESERVED
-CVE-2021-20346
-       RESERVED
-CVE-2021-20345
-       RESERVED
+CVE-2021-20348 (IBM Jazz Foundation and IBM Engineering products are 
vulnerable to ser ...)
+       TODO: check
+CVE-2021-20347 (IBM Jazz Foundation and IBM Engineering products are 
vulnerable to ser ...)
+       TODO: check
+CVE-2021-20346 (IBM Jazz Foundation and IBM Engineering products are 
vulnerable to ser ...)
+       TODO: check
+CVE-2021-20345 (IBM Jazz Foundation and IBM Engineering products are 
vulnerable to ser ...)
+       TODO: check
 CVE-2021-20344
        RESERVED
-CVE-2021-20343
-       RESERVED
+CVE-2021-20343 (IBM Jazz Foundation and IBM Engineering products are 
vulnerable to ser ...)
+       TODO: check
 CVE-2021-20342
        RESERVED
 CVE-2021-20341 (IBM Cloud Pak for Multicloud Management Monitoring 2.2 returns 
potenti ...)
@@ -32990,8 +32997,8 @@ CVE-2021-20340 (IBM Engineering products are vulnerable 
to cross-site scripting.
        NOT-FOR-US: IBM
 CVE-2021-20339
        RESERVED
-CVE-2021-20338
-       RESERVED
+CVE-2021-20338 (IBM Jazz Foundation and IBM Engineering products are 
vulnerable to cro ...)
+       TODO: check
 CVE-2021-20337
        RESERVED
 CVE-2021-20336 (IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored 
cross-sit ...)
@@ -34442,10 +34449,10 @@ CVE-2020-35444
        RESERVED
 CVE-2020-35443
        RESERVED
-CVE-2020-35442
-       RESERVED
-CVE-2020-35441
-       RESERVED
+CVE-2020-35442 (FDCMS (also known as Fangfa Content Management System) 4.0 
allows remo ...)
+       TODO: check
+CVE-2020-35441 (FDCMS (aka Fangfa Content Management System) 4.0 contains a 
front-end  ...)
+       TODO: check
 CVE-2020-35440
        RESERVED
 CVE-2020-35439
@@ -101003,8 +101010,8 @@ CVE-2020-5032 (IBM QRadar SIEM 7.3 and 7.4 in some 
configurations may be vulnera
        NOT-FOR-US: IBM
 CVE-2020-5031
        RESERVED
-CVE-2020-5030
-       RESERVED
+CVE-2020-5030 (IBM Jazz Foundation and IBM Engineering products are vulnerable 
to cro ...)
+       TODO: check
 CVE-2020-5029
        RESERVED
 CVE-2020-5028
@@ -101109,8 +101116,8 @@ CVE-2020-4979 (IBM QRadar SIEM 7.3 and 7.4 is 
vulnerable to insecure inter-deplo
        NOT-FOR-US: IBM
 CVE-2020-4978
        RESERVED
-CVE-2020-4977
-       RESERVED
+CVE-2020-4977 (IBM Engineering Lifecycle Optimization - Publishing is 
vulnerable to s ...)
+       TODO: check
 CVE-2020-4976 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect 
Server) 9.7, ...)
        NOT-FOR-US: IBM
 CVE-2020-4975 (IBM Engineering products are vulnerable to cross-site 
scripting. This  ...)
@@ -101602,8 +101609,8 @@ CVE-2020-4734
        RESERVED
 CVE-2020-4733 (IBM Jazz Foundation products are vulnerable to cross-site 
scripting. T ...)
        NOT-FOR-US: IBM
-CVE-2020-4732
-       RESERVED
+CVE-2020-4732 (IBM Jazz Foundation and IBM Engineering products could allow an 
authen ...)
+       TODO: check
 CVE-2020-4731 (IBM Aspera Web Application 1.9.14 PL1 is vulnerable to 
cross-site scri ...)
        NOT-FOR-US: IBM
 CVE-2020-4730
@@ -102076,8 +102083,8 @@ CVE-2020-4497
        RESERVED
 CVE-2020-4496
        RESERVED
-CVE-2020-4495
-       RESERVED
+CVE-2020-4495 (IBM Jazz Foundation and IBM Engineering products could allow a 
remote  ...)
+       TODO: check
 CVE-2020-4494 (IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and 
Windows ...)
        NOT-FOR-US: IBM
 CVE-2020-4493 (IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow an 
attacker to ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/da499822b0a906a41313bf3b44f64f43950cbbe0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/da499822b0a906a41313bf3b44f64f43950cbbe0
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to