[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sat, 31 Jul 2021 13:10:45 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
bb41cae6 by security tracker role at 2021-07-31T20:10:27+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2021-37760 (A Session ID leak in the audit log in Graylog before 4.1.2 
allows atta ...)
+       TODO: check
+CVE-2021-37759 (A Session ID leak in the DEBUG log file in Graylog before 
4.1.2 allows ...)
+       TODO: check
 CVE-2021-37758
        RESERVED
 CVE-2021-37757
@@ -9307,8 +9311,8 @@ CVE-2021-33619
        RESERVED
 CVE-2021-33618
        RESERVED
-CVE-2021-33617
-       RESERVED
+CVE-2021-33617 (Zoho ManageEngine Password Manager Pro before 11.2 11200 
allows login/ ...)
+       TODO: check
 CVE-2021-33616
        RESERVED
 CVE-2021-33615
@@ -57079,8 +57083,8 @@ CVE-2020-26808 (SAP AS ABAP(DMIS), versions - 
2011_1_620, 2011_1_640, 2011_1_700
        NOT-FOR-US: SAP
 CVE-2020-26807 (SAP ERP Client for E-Bilanz, version - 1.0, installation sets 
Incorrec ...)
        NOT-FOR-US: SAP
-CVE-2020-26806
-       RESERVED
+CVE-2020-26806 (admin/file.do in ObjectPlanet Opinio before 7.15 allows 
Unrestricted F ...)
+       TODO: check
 CVE-2020-26805 (In Sentrifugo 3.2, admin can edit employee's informations via 
this end ...)
        NOT-FOR-US: Sentrifugo
 CVE-2020-26804 (In Sentrifugo 3.2, users can share an announcement under 
"Organization ...)
@@ -57635,11 +57639,11 @@ CVE-2020-26566 (A Denial of Service condition in 
Motion-Project Motion 3.2 throu
        NOTE: 
https://github.com/Motion-Project/motion/security/advisories/GHSA-6f7x-grw7-fw24
        NOTE: 
https://github.com/Motion-Project/motion/issues/1227#issuecomment-715927776
        NOTE: https://github.com/Motion-Project/motion/pull/1232
-CVE-2020-26565
-       RESERVED
-CVE-2020-26564
-       RESERVED
-CVE-2020-26563 (ObjectPlanet Opinio before 7.13 allows reflected XSS via the 
survey/ad ...)
+CVE-2020-26565 (ObjectPlanet Opinio before 7.14 allows Expression Language 
Injection v ...)
+       TODO: check
+CVE-2020-26564 (ObjectPlanet Opinio before 7.15 allows XXE attacks via three 
steps: mo ...)
+       TODO: check
+CVE-2020-26563 (ObjectPlanet Opinio before 7.14 allows reflected XSS via the 
survey/ad ...)
        NOT-FOR-US: ObjectPlanet Opinio
 CVE-2020-26562
        RESERVED



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bb41cae6ba7fb840c33fac081ef093c8a6e5d346

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bb41cae6ba7fb840c33fac081ef093c8a6e5d346
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to