[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sat, 02 Oct 2021 01:13:04 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
eac75c55 by security tracker role at 2021-10-02T08:10:24+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,47 @@
+CVE-2021-41865
+       RESERVED
+CVE-2021-41864 (prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the 
Linux kern ...)
+       TODO: check
+CVE-2021-41863
+       RESERVED
+CVE-2021-41862 (AviatorScript through 5.2.7 allows code execution via an 
expression th ...)
+       TODO: check
+CVE-2021-41861
+       RESERVED
+CVE-2021-41860
+       RESERVED
+CVE-2021-41859
+       RESERVED
+CVE-2021-41858
+       RESERVED
+CVE-2021-41857
+       RESERVED
+CVE-2021-41856
+       RESERVED
+CVE-2021-41855
+       RESERVED
+CVE-2021-41854
+       RESERVED
+CVE-2021-41853
+       RESERVED
+CVE-2021-41852
+       RESERVED
+CVE-2021-41851
+       RESERVED
+CVE-2021-3851
+       RESERVED
+CVE-2021-3850
+       RESERVED
+CVE-2021-3849
+       RESERVED
 CVE-2021-41850
        RESERVED
 CVE-2021-41849
        RESERVED
 CVE-2021-41848
        RESERVED
-CVE-2021-41847
-       RESERVED
+CVE-2021-41847 (An issue was discovered in 3xLogic Infinias Access Control 
through 6.7 ...)
+       TODO: check
 CVE-2021-41846
        RESERVED
 CVE-2021-41845 (A SQL injection issue was discovered in ThycoticCentrify 
Secret Server ...)
@@ -310,7 +346,7 @@ CVE-2021-41722
        RESERVED
 CVE-2021-41721
        RESERVED
-CVE-2021-41720 (A command injection vulnerability in Lodash in 4.17.21 allows 
attacker ...)
+CVE-2021-41720 (** DISPUTED ** A command injection vulnerability in Lodash 
4.17.21 all ...)
        - node-lodash <unfixed> (unimportant)
        NOTE: https://github.com/lodash/lodash/issues/5261
        NOTE: Disputed security impact and validitity of the issue
@@ -8730,32 +8766,32 @@ CVE-2021-38112 (In the Amazon AWS WorkSpaces client 
3.0.10 through 3.1.8 on Wind
        NOT-FOR-US: Amazon AWS client for Windows
 CVE-2021-38111 (The DEF CON 27 badge allows remote attackers to exploit a 
buffer overf ...)
        NOT-FOR-US: DEF CON 27 badge
-CVE-2021-38110
-       RESERVED
-CVE-2021-38109
-       RESERVED
-CVE-2021-38108
-       RESERVED
-CVE-2021-38107
-       RESERVED
-CVE-2021-38106
-       RESERVED
-CVE-2021-38105
-       RESERVED
+CVE-2021-38110 (Word97Import200.dll in Corel WordPerfect 2020 20.0.0.200 is 
affected b ...)
+       TODO: check
+CVE-2021-38109 (Corel DrawStandard 2020 22.0.0.474 is affected by an 
Out-of-bounds Rea ...)
+       TODO: check
+CVE-2021-38108 (Word97Import200.dll in Corel WordPerfect 2020 20.0.0.200 is 
affected b ...)
+       TODO: check
+CVE-2021-38107 (CdrCore.dll in Corel DrawStandard 2020 22.0.0.474 is affected 
by an Ou ...)
+       TODO: check
+CVE-2021-38106 (UAX200.dll in Corel Presentations 2020 20.0.0.200 is affected 
by an Ou ...)
+       TODO: check
+CVE-2021-38105 (IPPP82.FLT in Corel Presentations 2020 20.0.0.200 is affected 
by an Ou ...)
+       TODO: check
 CVE-2021-38104 (IPPP72.FLT in Corel Presentations 2020 20.0.0.200 is affected 
by an Ou ...)
        NOT-FOR-US: Corel Presentations
 CVE-2021-38103 (IBJPG2.FLT in Corel Presentations 2020 20.0.0.200 is affected 
by an Ou ...)
        NOT-FOR-US: Corel Presentations
-CVE-2021-38102
-       RESERVED
-CVE-2021-38101
-       RESERVED
-CVE-2021-38100
-       RESERVED
+CVE-2021-38102 (IPPP82.FLT in Corel Presentations 2020 20.0.0.200 is affected 
by an Ou ...)
+       TODO: check
+CVE-2021-38101 (CDRRip.dll in Corel PhotoPaint Standard 2020 22.0.0.474 is 
affected by ...)
+       TODO: check
+CVE-2021-38100 (Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an 
Out-of-bou ...)
+       TODO: check
 CVE-2021-38099 (CDRRip.dll in Corel PhotoPaint Standard 2020 22.0.0.474 is 
affected by ...)
        NOT-FOR-US: Corel PhotoPaint Standard
-CVE-2021-38098
-       RESERVED
+CVE-2021-38098 (Corel PDF Fusion 2.6.2.0 is affected by a Heap Corruption 
vulnerabilit ...)
+       TODO: check
 CVE-2021-38097 (Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write 
vulnera ...)
        NOT-FOR-US: Corel PDF Fusion
 CVE-2021-38096 (Coreip.dll in Corel PDF Fusion 2.6.2.0 is affected by an 
Out-of-bounds ...)
@@ -12816,8 +12852,8 @@ CVE-2021-36311
        RESERVED
 CVE-2021-36310
        RESERVED
-CVE-2021-36309
-       RESERVED
+CVE-2021-36309 (Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains 
a sensi ...)
+       TODO: check
 CVE-2021-36308
        RESERVED
 CVE-2021-36307
@@ -12838,8 +12874,8 @@ CVE-2021-36300
        RESERVED
 CVE-2021-36299
        RESERVED
-CVE-2021-36298
-       RESERVED
+CVE-2021-36298 (Dell EMC InsightIQ, versions prior to 4.1.4, contain risky 
cryptograph ...)
+       TODO: check
 CVE-2021-36297 (SupportAssist Client version 3.8 and 3.9 contains an Untrusted 
search  ...)
        NOT-FOR-US: SupportAssist Client (Dell)
 CVE-2021-36296
@@ -80278,8 +80314,8 @@ CVE-2020-21230
        RESERVED
 CVE-2020-21229
        RESERVED
-CVE-2020-21228
-       RESERVED
+CVE-2020-21228 (JIZHICMS 1.5.1 contains a cross-site scripting (XSS) 
vulnerability in  ...)
+       TODO: check
 CVE-2020-21227
        RESERVED
 CVE-2020-21226



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eac75c55c8fb0fcd0d42875069bb4f25a82d49b5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eac75c55c8fb0fcd0d42875069bb4f25a82d49b5
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to