[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Tue, 15 Jun 2021 01:10:36 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
5e93f1f5 by security tracker role at 2021-06-15T08:10:14+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,21 @@
+CVE-2021-34695
+       RESERVED
+CVE-2021-34694
+       RESERVED
+CVE-2021-34693 (net/can/bcm.c in the Linux kernel through 5.12.10 allows local 
users t ...)
+       TODO: check
+CVE-2021-34692
+       RESERVED
+CVE-2021-34691
+       RESERVED
+CVE-2021-34690
+       RESERVED
+CVE-2021-34689
+       RESERVED
+CVE-2021-34688
+       RESERVED
+CVE-2021-34687
+       RESERVED
 CVE-2021-3601
        RESERVED
 CVE-2021-34686
@@ -4445,8 +4463,8 @@ CVE-2021-32686
        RESERVED
 CVE-2021-32685
        RESERVED
-CVE-2021-32684
-       RESERVED
+CVE-2021-32684 (magento-scripts contains scripts and configuration used by 
Create Mage ...)
+       TODO: check
 CVE-2021-32683
        RESERVED
 CVE-2021-32682 (elFinder is an open-source file manager for web, written in 
JavaScript ...)
@@ -16239,8 +16257,8 @@ CVE-2021-27889 (Cross-site Scripting (XSS) 
vulnerability in MyBB before 1.8.26 v
        NOT-FOR-US: MyBB
 CVE-2021-27888 (ZendTo before 6.06-4 Beta allows XSS during the display of a 
drop-off  ...)
        NOT-FOR-US: ZendTo
-CVE-2021-27887
-       RESERVED
+CVE-2021-27887 (Cross-site Scripting (XSS) vulnerability in the main dashboard 
of Elli ...)
+       TODO: check
 CVE-2021-27886 (rakibtg Docker Dashboard before 2021-02-28 allows command 
injection in ...)
        NOT-FOR-US: rakibtg Docker Dashboard
 CVE-2021-27885 (usersettings.php in e107 through 2.3.0 lacks a certain e_TOKEN 
protect ...)
@@ -17778,8 +17796,8 @@ CVE-2021-27198 (An issue was discovered in Visualware 
MyConnection Server throug
        NOT-FOR-US: Visualware MyConnection Server
 CVE-2021-27197 (DSUtility.dll in Pelco Digital Sentry Server before 7.19.67 
has an arb ...)
        NOT-FOR-US: Pelco Digital Sentry Server
-CVE-2021-27196
-       RESERVED
+CVE-2021-27196 (Improper Input Validation vulnerability in Hitachi ABB Power 
Grids Rel ...)
+       TODO: check
 CVE-2021-27195 (Improper Authorization vulnerability in Netop Vision Pro up to 
and inc ...)
        NOT-FOR-US: Netop Vision Pro
 CVE-2021-27194 (Cleartext transmission of sensitive information in Netop 
Vision Pro up ...)
@@ -18595,8 +18613,8 @@ CVE-2021-26847
        RESERVED
 CVE-2021-26846
        RESERVED
-CVE-2021-26845
-       RESERVED
+CVE-2021-26845 (Information Exposure vulnerability in Hitachi ABB Power Grids 
eSOMS al ...)
+       TODO: check
 CVE-2021-26844
        RESERVED
 CVE-2021-26843 (An issue was discovered in sthttpd through 2.27.1. On systems 
where th ...)
@@ -30828,14 +30846,14 @@ CVE-2021-21559 (Dell EMC NetWorker, versions 18.x, 
19.1.x, 19.2.x 19.3.x, 19.4,
        NOT-FOR-US: EMC
 CVE-2021-21558 (Dell EMC NetWorker, 18.x, 19.1.x, 19.2.x 19.3.x, 19.4 and 
19.4.0.1, co ...)
        NOT-FOR-US: EMC
-CVE-2021-21557
-       RESERVED
-CVE-2021-21556
-       RESERVED
-CVE-2021-21555
-       RESERVED
-CVE-2021-21554
-       RESERVED
+CVE-2021-21557 (Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS 
contain ...)
+       TODO: check
+CVE-2021-21556 (Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, 
MX840c, ...)
+       TODO: check
+CVE-2021-21555 (Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, 
MX840c, ...)
+       TODO: check
+CVE-2021-21554 (Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, 
MX840c, ...)
+       TODO: check
 CVE-2021-21553
        RESERVED
 CVE-2021-21552 (Dell Wyse Windows Embedded System versions WIE10 LTSC 2019 and 
earlier ...)
@@ -36405,8 +36423,8 @@ CVE-2021-20029
        RESERVED
 CVE-2021-20028
        RESERVED
-CVE-2021-20027
-       RESERVED
+CVE-2021-20027 (A buffer overflow vulnerability in SonicOS allows a remote 
attacker to ...)
+       TODO: check
 CVE-2021-20026 (A vulnerability in the SonicWall NSM On-Prem product allows an 
authent ...)
        NOT-FOR-US: SonicWall
 CVE-2021-20025 (SonicWall Email Security Virtual Appliance version 10.0.9 and 
earlier  ...)
@@ -44661,8 +44679,7 @@ CVE-2021-0469
        RESERVED
 CVE-2021-0468 (In LK, there is a possible escalation of privilege due to an 
insecure  ...)
        NOT-FOR-US: MediaTek components for Android
-CVE-2021-0467
-       RESERVED
+CVE-2021-0467 (In Chromecast bootROM, there is a possible out of bounds write 
due to  ...)
        NOT-FOR-US: AMLogic
 CVE-2021-0466 (In startIpClient of ClientModeImpl.java, there is a possible 
identifie ...)
        NOT-FOR-US: Android
@@ -44959,8 +44976,7 @@ CVE-2021-0326 (In p2p_copy_client_info of p2p.c, there 
is a possible out of boun
        NOTE: 
https://w1.fi/cgit/hostap/commit/?id=947272febe24a8f0ea828b5b2f35f13c3821901e
 CVE-2021-0325 (In ih264d_parse_pslice of ih264d_parse_pslice.c, there is a 
possible o ...)
        NOT-FOR-US: Android media framework
-CVE-2021-0324
-       RESERVED
+CVE-2021-0324 (Product: AndroidVersions: Android SoCAndroid ID: A-175402462 
...)
        NOT-FOR-US: UniSoc components for Android
 CVE-2021-0323
        RESERVED



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e93f1f5018f7a95cc9e4a9bb92c7c69c1d015d3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e93f1f5018f7a95cc9e4a9bb92c7c69c1d015d3
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to