Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
462d67da by security tracker role at 2021-08-21T08:10:22+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -23886,6 +23886,7 @@ CVE-2021-29378
CVE-2021-29377 (Pear Admin Think through 2.1.2 has an arbitrary file upload
vulnerabil ...)
NOT-FOR-US: Pear Admin Think
CVE-2021-29376 (ircII before 20210314 allows remote attackers to cause a
denial of ser ...)
+ {DLA-2746-1}
- ircii-pana <removed>
- ircii 20210314-1 (bug #986214)
[buster] - ircii 20190117-1+deb10u1
@@ -41839,12 +41840,12 @@ CVE-2021-21830 (A heap-based buffer overflow
vulnerability exists in the XML Dec
NOT-FOR-US: Xmill (AT&T Labs)
CVE-2021-21829 (A heap-based buffer overflow vulnerability exists in the XML
Decompres ...)
NOT-FOR-US: Xmill (AT&T Labs)
-CVE-2021-21828
- RESERVED
-CVE-2021-21827
- RESERVED
-CVE-2021-21826
- RESERVED
+CVE-2021-21828 (A heap-based buffer overflow vulnerability exists in the XML
Decompres ...)
+ TODO: check
+CVE-2021-21827 (A heap-based buffer overflow vulnerability exists in the XML
Decompres ...)
+ TODO: check
+CVE-2021-21826 (A heap-based buffer overflow vulnerability exists in the XML
Decompres ...)
+ TODO: check
CVE-2021-21825 (A heap-based buffer overflow vulnerability exists in the XML
Decompres ...)
NOT-FOR-US: AT&T Labs Xmill
CVE-2021-21824 (An out-of-bounds write vulnerability exists in the JPG
Handle_JPEG420 ...)
@@ -67625,8 +67626,8 @@ CVE-2020-24132
RESERVED
CVE-2020-24131
RESERVED
-CVE-2020-24130
- RESERVED
+CVE-2020-24130 (A cross site request forgery (CSRF) vulnerability in the
configure.htm ...)
+ TODO: check
CVE-2020-24129
RESERVED
CVE-2020-24128
@@ -189425,7 +189426,7 @@ CVE-2018-17990 (An issue was discovered on D-Link
DSL-3782 devices with firmware
NOT-FOR-US: D-Link
CVE-2018-17989 (A stored XSS vulnerability exists in the web interface on
D-Link DSL-3 ...)
NOT-FOR-US: D-Link
-CVE-2018-17988 (LayerBB 1.1.1 has SQL Injection via the search.php
search_query parame ...)
+CVE-2018-17988 (LayerBB 1.1.1 and 1.1.3 has SQL Injection via the search.php
search_qu ...)
NOT-FOR-US: LayerBB
CVE-2018-17987 (The determineWinner function of a smart contract
implementation for Ha ...)
NOT-FOR-US: Some Ethereum application
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/462d67da8b4f8c0ad4ad120d6ceaf50b1e4acf50
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/462d67da8b4f8c0ad4ad120d6ceaf50b1e4acf50
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
