Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
63ad6f99 by security tracker role at 2021-07-13T08:10:23+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2021-36726
+ RESERVED
+CVE-2021-36725
+ RESERVED
+CVE-2021-36724
+ RESERVED
+CVE-2021-36723
+ RESERVED
+CVE-2021-36722
+ RESERVED
+CVE-2021-36721
+ RESERVED
+CVE-2021-36720
+ RESERVED
+CVE-2021-36719
+ RESERVED
+CVE-2021-36718
+ RESERVED
+CVE-2021-36717
+ RESERVED
+CVE-2021-36716
+ RESERVED
+CVE-2021-3643
+ RESERVED
CVE-2021-XXXX [RUSTSEC-2021-0074]
- rust-ammonia <unfixed>
NOTE:
https://github.com/rust-ammonia/ammonia/commit/4b8426b89b861d9bea20e126576b0febb9d13515
@@ -8885,8 +8909,8 @@ CVE-2021-32756
RESERVED
CVE-2021-32755
RESERVED
-CVE-2021-32754
- RESERVED
+CVE-2021-32754 (FlowDroid is a data flow analysis tool. FlowDroid versions
prior to 2. ...)
+ TODO: check
CVE-2021-32753 (EdgeX Foundry is an open source project for building a common
open fra ...)
NOT-FOR-US: EdgeX Foundry
CVE-2021-32752 (Ether Logs is a package that allows one to check one's logs in
the Cra ...)
@@ -8899,10 +8923,10 @@ CVE-2021-32749
RESERVED
CVE-2021-32748
RESERVED
-CVE-2021-32747
- RESERVED
-CVE-2021-32746
- RESERVED
+CVE-2021-32747 (Icinga Web 2 is an open source monitoring web interface,
framework, an ...)
+ TODO: check
+CVE-2021-32746 (Icinga Web 2 is an open source monitoring web interface,
framework and ...)
+ TODO: check
CVE-2021-32745
RESERVED
CVE-2021-32744
@@ -8911,8 +8935,8 @@ CVE-2021-32743
RESERVED
CVE-2021-32742 (Vapor is a web framework for Swift. In versions 4.47.1 and
prior, bug ...)
NOT-FOR-US: Vapor
-CVE-2021-32741
- RESERVED
+CVE-2021-32741 (Nextcloud Server is a Nextcloud package that handles data
storage. In ...)
+ TODO: check
CVE-2021-32740 (Addressable is an alternative implementation to the URI
implementation ...)
- ruby-addressable 2.7.0-2 (bug #990791)
NOTE:
https://github.com/sporkmonger/addressable/security/advisories/GHSA-jxhc-q857-3j6g
@@ -8927,10 +8951,10 @@ CVE-2021-32736 (think-helper defines a set of helper
functions for ThinkJS. In v
NOT-FOR-US: think-helper
CVE-2021-32735 (Kirby is a content management system. In Kirby CMS versions
3.5.5 and ...)
NOT-FOR-US: Kirby
-CVE-2021-32734
- RESERVED
-CVE-2021-32733
- RESERVED
+CVE-2021-32734 (Nextcloud Server is a Nextcloud package that handles data
storage. In ...)
+ TODO: check
+CVE-2021-32733 (Nextcloud Text is a collaborative document editing application
that us ...)
+ TODO: check
CVE-2021-32732
RESERVED
CVE-2021-32731 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
@@ -8941,12 +8965,12 @@ CVE-2021-32729 (XWiki Platform is a generic wiki
platform offering runtime servi
NOT-FOR-US: XWiki
CVE-2021-32728
RESERVED
-CVE-2021-32727
- RESERVED
-CVE-2021-32726
- RESERVED
-CVE-2021-32725
- RESERVED
+CVE-2021-32727 (Nextcloud Android Client is the Android client for Nextcloud.
Clients ...)
+ TODO: check
+CVE-2021-32726 (Nextcloud Server is a Nextcloud package that handles data
storage. In ...)
+ TODO: check
+CVE-2021-32725 (Nextcloud Server is a Nextcloud package that handles data
storage. In ...)
+ TODO: check
CVE-2021-32724
RESERVED
CVE-2021-32723 (Prism is a syntax highlighting library. Some languages before
1.24.0 a ...)
@@ -29140,8 +29164,8 @@ CVE-2021-24456
RESERVED
CVE-2021-24455
RESERVED
-CVE-2021-24454
- RESERVED
+CVE-2021-24454 (In the YOP Poll WordPress plugin before 6.2.8, when a pool is
created ...)
+ TODO: check
CVE-2021-24453
RESERVED
CVE-2021-24452
@@ -29164,14 +29188,14 @@ CVE-2021-24444
RESERVED
CVE-2021-24443
RESERVED
-CVE-2021-24442
- RESERVED
-CVE-2021-24441
- RESERVED
-CVE-2021-24440
- RESERVED
-CVE-2021-24439
- RESERVED
+CVE-2021-24442 (The Poll, Survey, Questionnaire and Voting system WordPress
plugin bef ...)
+ TODO: check
+CVE-2021-24441 (The Sign-up Sheets WordPress plugin before 1.0.14 does not not
sanitis ...)
+ TODO: check
+CVE-2021-24440 (The Sign-up Sheets WordPress plugin before 1.0.14 did not
sanitise or ...)
+ TODO: check
+CVE-2021-24439 (The Browser Screenshots WordPress plugin before 1.7.6 allowed
authenti ...)
+ TODO: check
CVE-2021-24438
RESERVED
CVE-2021-24437
@@ -29180,8 +29204,8 @@ CVE-2021-24436
RESERVED
CVE-2021-24435
RESERVED
-CVE-2021-24434
- RESERVED
+CVE-2021-24434 (The Glass WordPress plugin through 1.3.2 does not sanitise or
escape i ...)
+ TODO: check
CVE-2021-24433
RESERVED
CVE-2021-24432
@@ -29190,30 +29214,30 @@ CVE-2021-24431
RESERVED
CVE-2021-24430
RESERVED
-CVE-2021-24429
- RESERVED
+CVE-2021-24429 (The Salon booking system WordPress plugin before 6.3.1 does
not proper ...)
+ TODO: check
CVE-2021-24428
RESERVED
-CVE-2021-24427
- RESERVED
-CVE-2021-24426
- RESERVED
+CVE-2021-24427 (The W3 Total Cache WordPress plugin before 2.1.3 did not
sanitise or e ...)
+ TODO: check
+CVE-2021-24426 (The Backup by 10Web – Backup and Restore Plugin
WordPress plugin ...)
+ TODO: check
CVE-2021-24425
RESERVED
-CVE-2021-24424
- RESERVED
+CVE-2021-24424 (The WP Reset – Most Advanced WordPress Reset Tool
WordPress plug ...)
+ TODO: check
CVE-2021-24423
RESERVED
CVE-2021-24422
RESERVED
-CVE-2021-24421
- RESERVED
-CVE-2021-24420
- RESERVED
-CVE-2021-24419
- RESERVED
-CVE-2021-24418
- RESERVED
+CVE-2021-24421 (The WP JobSearch WordPress plugin before 1.7.4 did not
sanitise or esc ...)
+ TODO: check
+CVE-2021-24420 (The Request a Quote WordPress plugin before 2.3.4 did not
sanitise and ...)
+ TODO: check
+CVE-2021-24419 (The WP YouTube Lyte WordPress plugin before 1.7.16 did not
sanitise or ...)
+ TODO: check
+CVE-2021-24418 (The Smooth Scroll Page Up/Down Buttons WordPress plugin
through 1.4 do ...)
+ TODO: check
CVE-2021-24417
RESERVED
CVE-2021-24416
@@ -29230,10 +29254,10 @@ CVE-2021-24411
RESERVED
CVE-2021-24410
RESERVED
-CVE-2021-24409
- RESERVED
-CVE-2021-24408
- RESERVED
+CVE-2021-24409 (The Prismatic WordPress plugin before 2.8 does not escape the
'tab' GE ...)
+ TODO: check
+CVE-2021-24408 (The Prismatic WordPress plugin before 2.8 does not sanitise or
validat ...)
+ TODO: check
CVE-2021-24407 (The Jannah WordPress theme before 5.4.5 did not properly
sanitize the ...)
NOT-FOR-US: Wordpress theme
CVE-2021-24406 (The wpForo Forum WordPress plugin before 1.9.7 did not
validate the re ...)
@@ -29278,8 +29302,8 @@ CVE-2021-24387 (The WP Pro Real Estate 7 WordPress
theme before 3.1.1 did not pr
NOT-FOR-US: Wordpress theme
CVE-2021-24386 (The WP SVG images WordPress plugin before 3.4 did not sanitise
the SVG ...)
NOT-FOR-US: Wordpress plugin
-CVE-2021-24385
- RESERVED
+CVE-2021-24385 (The Filebird Plugin 4.7.3 introduced a SQL injection
vulnerability as ...)
+ TODO: check
CVE-2021-24384 (The joomsport_md_load AJAX action of the JoomSport WordPress
plugin be ...)
NOT-FOR-US: Wordpress plugin
CVE-2021-24383 (The WP Google Maps WordPress plugin before 8.1.12 did not
sanitise, va ...)
@@ -29318,8 +29342,8 @@ CVE-2021-24367 (The WP Config File Editor WordPress
plugin through 1.7.1 was aff
NOT-FOR-US: WordPress plugin
CVE-2021-24366 (The Admin Columns Free WordPress plugin before 4.3 and Admin
Columns P ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24365
- RESERVED
+CVE-2021-24365 (The Admin Columns WordPress plugin Free before 4.3.2 and Pro
before 5. ...)
+ TODO: check
CVE-2021-24364 (The Jannah WordPress theme before 5.4.4 did not properly
sanitize the ...)
NOT-FOR-US: WordPress theme
CVE-2021-24363
@@ -43236,8 +43260,8 @@ CVE-2021-1972
RESERVED
CVE-2021-1971
RESERVED
-CVE-2021-1970
- RESERVED
+CVE-2021-1970 (Possible out of bound read due to lack of length check of FT
sub-eleme ...)
+ TODO: check
CVE-2021-1969
RESERVED
CVE-2021-1968
@@ -43246,10 +43270,10 @@ CVE-2021-1967
RESERVED
CVE-2021-1966
RESERVED
-CVE-2021-1965
- RESERVED
-CVE-2021-1964
- RESERVED
+CVE-2021-1965 (Possible buffer overflow due to lack of parameter length check
during ...)
+ TODO: check
+CVE-2021-1964 (Possible buffer over read due to improper validation of IE size
while ...)
+ TODO: check
CVE-2021-1963
RESERVED
CVE-2021-1962
@@ -43266,12 +43290,12 @@ CVE-2021-1957
RESERVED
CVE-2021-1956
RESERVED
-CVE-2021-1955
- RESERVED
-CVE-2021-1954
- RESERVED
-CVE-2021-1953
- RESERVED
+CVE-2021-1955 (Denial of service in SAP case due to improper handling of
connections ...)
+ TODO: check
+CVE-2021-1954 (Possible buffer over read due to improper validation of data
pointer w ...)
+ TODO: check
+CVE-2021-1953 (Improper handling of received malformed FTMR request frame can
lead to ...)
+ TODO: check
CVE-2021-1952
RESERVED
CVE-2021-1951
@@ -43286,22 +43310,22 @@ CVE-2021-1947
RESERVED
CVE-2021-1946
RESERVED
-CVE-2021-1945
- RESERVED
+CVE-2021-1945 (Possible out of bound read due to lack of length check of
Bandwidth-NS ...)
+ TODO: check
CVE-2021-1944
RESERVED
-CVE-2021-1943
- RESERVED
+CVE-2021-1943 (Possible buffer out of bound read can occur due to improper
validation ...)
+ TODO: check
CVE-2021-1942
RESERVED
CVE-2021-1941
RESERVED
-CVE-2021-1940
- RESERVED
+CVE-2021-1940 (Use after free can occur due to improper handling of response
from fir ...)
+ TODO: check
CVE-2021-1939
RESERVED
-CVE-2021-1938
- RESERVED
+CVE-2021-1938 (Possible assertion due to improper verification while creating
and del ...)
+ TODO: check
CVE-2021-1937 (Reachable assertion is possible while processing peer
association WLAN ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-1936
@@ -43314,8 +43338,8 @@ CVE-2021-1933
RESERVED
CVE-2021-1932
RESERVED
-CVE-2021-1931
- RESERVED
+CVE-2021-1931 (Possible buffer overflow due to improper validation of buffer
length w ...)
+ TODO: check
CVE-2021-1930
RESERVED
CVE-2021-1929
@@ -43362,8 +43386,8 @@ CVE-2021-1909
RESERVED
CVE-2021-1908
RESERVED
-CVE-2021-1907
- RESERVED
+CVE-2021-1907 (Possible buffer overflow due to lack of length check in BA
request in ...)
+ TODO: check
CVE-2021-1906 (Improper handling of address deregistration on failure can lead
to new ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-1905 (Possible use after free due to improper handling of memory
mapping of ...)
@@ -43374,18 +43398,18 @@ CVE-2021-1903
RESERVED
CVE-2021-1902
RESERVED
-CVE-2021-1901
- RESERVED
+CVE-2021-1901 (Possible buffer over-read due to lack of length check while
flashing m ...)
+ TODO: check
CVE-2021-1900 (Possible use after free in Display due to race condition while
creatin ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2021-1899
- RESERVED
-CVE-2021-1898
- RESERVED
-CVE-2021-1897
- RESERVED
-CVE-2021-1896
- RESERVED
+CVE-2021-1899 (Possible buffer over read due to lack of length check while
flashing m ...)
+ TODO: check
+CVE-2021-1898 (Possible buffer over-read due to incorrect overflow check when
loading ...)
+ TODO: check
+CVE-2021-1897 (Possible Buffer Over-read due to lack of validation of boundary
checks ...)
+ TODO: check
+CVE-2021-1896 (Weak configuration in WLAN could cause forwarding of
unencrypted packe ...)
+ TODO: check
CVE-2021-1895 (Possible integer overflow due to improper length check while
flashing ...)
NOT-FOR-US: Snapdragon
CVE-2021-1894
@@ -43396,16 +43420,16 @@ CVE-2021-1892 (Memory corruption due to improper
input validation while processi
NOT-FOR-US: Snapdragon
CVE-2021-1891 (A possible use-after-free occurrence in audio driver can happen
when p ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2021-1890
- RESERVED
-CVE-2021-1889
- RESERVED
-CVE-2021-1888
- RESERVED
-CVE-2021-1887
- RESERVED
-CVE-2021-1886
- RESERVED
+CVE-2021-1890 (Improper length check of public exponent in RSA import key
function co ...)
+ TODO: check
+CVE-2021-1889 (Possible buffer overflow due to lack of length check in Trusted
Applic ...)
+ TODO: check
+CVE-2021-1888 (Memory corruption in key parsing and import function due to
double fre ...)
+ TODO: check
+CVE-2021-1887 (An assertion can be reached in the WLAN subsystem while using
the Wi-F ...)
+ TODO: check
+CVE-2021-1886 (Incorrect handling of pointers in trusted application key
import mecha ...)
+ TODO: check
CVE-2021-1885
RESERVED
CVE-2021-1884
@@ -69257,8 +69281,8 @@ CVE-2020-19909
RESERVED
CVE-2020-19908
RESERVED
-CVE-2020-19907
- RESERVED
+CVE-2020-19907 (A command injection vulnerability in the sandcat plugin of
Caldera 2.3 ...)
+ TODO: check
CVE-2020-19906
RESERVED
CVE-2020-19905
@@ -71122,7 +71146,7 @@ CVE-2020-18981
RESERVED
CVE-2020-18980 (Remote Code Executon vulnerability in Halo 0.4.3 via the
remoteAddr an ...)
TODO: check
-CVE-2020-18979 (Cross Siste Scripting (XSS) vulnerablity in Halo 0.4.3 via
theX-forwar ...)
+CVE-2020-18979 (Cross Siste Scripting (XSS) vulnerablity in Halo 0.4.3 via the
X-forwa ...)
TODO: check
CVE-2020-18978
RESERVED
@@ -71998,8 +72022,8 @@ CVE-2020-18546
RESERVED
CVE-2020-18545
RESERVED
-CVE-2020-18544
- RESERVED
+CVE-2020-18544 (SQL Injection in WMS v1.0 allows remote attackers to execute
arbitrary ...)
+ TODO: check
CVE-2020-18543
RESERVED
CVE-2020-18542
@@ -91409,8 +91433,8 @@ CVE-2020-11309 (Use after free in GPU driver while
mapping the user memory to GP
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11308 (Buffer overflow occurs when trying to convert ASCII string to
Unicode ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11307
- RESERVED
+CVE-2020-11307 (Buffer overflow in modem due to improper array index check
before copy ...)
+ TODO: check
CVE-2020-11306 (Possible integer overflow in RPMB counter due to lack of
length check ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11305 (Integer overflow in boot due to improper length check on
arguments rec ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/63ad6f9918ee0a0b50af67b61cbe81e7aab25825
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/63ad6f9918ee0a0b50af67b61cbe81e7aab25825
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
