[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Thu, 07 Oct 2021 01:10:48 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d7c60877 by security tracker role at 2021-10-07T08:10:26+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,47 @@
+CVE-2021-42060
+       RESERVED
+CVE-2021-42059
+       RESERVED
+CVE-2021-42058
+       RESERVED
+CVE-2021-42057
+       RESERVED
+CVE-2021-42056
+       RESERVED
+CVE-2021-42055
+       RESERVED
+CVE-2021-42054 (ACCEL-PPP 1.12.0 has an out-of-bounds read in 
triton_context_schedule  ...)
+       TODO: check
+CVE-2021-42053 (The Unicorn framework through 0.35.3 for Django allows XSS via 
compone ...)
+       TODO: check
+CVE-2021-42052
+       RESERVED
+CVE-2021-42051
+       RESERVED
+CVE-2021-42050
+       RESERVED
+CVE-2021-42049 (An issue was discovered in the Translate extension in 
MediaWiki throug ...)
+       TODO: check
+CVE-2021-42048 (An issue was discovered in the Growth extension in MediaWiki 
through 1 ...)
+       TODO: check
+CVE-2021-42047 (An issue was discovered in the Growth extension in MediaWiki 
through 1 ...)
+       TODO: check
+CVE-2021-42046 (An issue was discovered in the GlobalWatchlist extension in 
MediaWiki  ...)
+       TODO: check
+CVE-2021-42045 (An issue was discovered in SecurePoll in the Growth extension 
in Media ...)
+       TODO: check
+CVE-2021-42044 (An issue was discovered in the Mentor dashboard in the 
GrowthExperimen ...)
+       TODO: check
+CVE-2021-42043 (An issue was discovered in Special:MediaSearch in the 
MediaSearch exte ...)
+       TODO: check
+CVE-2021-42042 (An issue was discovered in SpecialEditGrowthConfig in the 
GrowthExperi ...)
+       TODO: check
+CVE-2021-42041 (An issue was discovered in CentralAuth in MediaWiki through 
1.36.2. Th ...)
+       TODO: check
+CVE-2021-42040 (An issue was discovered in MediaWiki through 1.36.2. A parser 
function ...)
+       TODO: check
+CVE-2021-3865
+       RESERVED
 CVE-2022-20011
        RESERVED
 CVE-2022-20010
@@ -638,8 +682,8 @@ CVE-2021-41772
        RESERVED
 CVE-2021-41771
        RESERVED
-CVE-2021-41770
-       RESERVED
+CVE-2021-41770 (Ping Identity PingFederate before 10.3.1 mishandles 
pre-parsing valida ...)
+       TODO: check
 CVE-2021-3838
        RESERVED
 CVE-2021-41769
@@ -2036,8 +2080,8 @@ CVE-2021-41131
        RESERVED
 CVE-2021-41130
        RESERVED
-CVE-2021-41129
-       RESERVED
+CVE-2021-41129 (Pterodactyl is an open-source game server management panel 
built with  ...)
+       TODO: check
 CVE-2021-41128 (Hygeia is an application for collecting and processing 
personal and ca ...)
        NOT-FOR-US: Hygeia
 CVE-2021-41127
@@ -16888,8 +16932,8 @@ CVE-2021-34790
        RESERVED
 CVE-2021-34789
        RESERVED
-CVE-2021-34788
-       RESERVED
+CVE-2021-34788 (A vulnerability in the shared library loading mechanism of 
Cisco AnyCo ...)
+       TODO: check
 CVE-2021-34787
        RESERVED
 CVE-2021-34786 (Multiple vulnerabilities in Cisco BroadWorks CommPilot 
Application Sof ...)
@@ -16900,28 +16944,28 @@ CVE-2021-34784
        RESERVED
 CVE-2021-34783
        RESERVED
-CVE-2021-34782
-       RESERVED
+CVE-2021-34782 (A vulnerability in the API endpoints for Cisco DNA Center 
could allow  ...)
+       TODO: check
 CVE-2021-34781
        RESERVED
-CVE-2021-34780
-       RESERVED
-CVE-2021-34779
-       RESERVED
-CVE-2021-34778
-       RESERVED
-CVE-2021-34777
-       RESERVED
-CVE-2021-34776
-       RESERVED
-CVE-2021-34775
-       RESERVED
+CVE-2021-34780 (Multiple vulnerabilities exist in the Link Layer Discovery 
Protocol (L ...)
+       TODO: check
+CVE-2021-34779 (Multiple vulnerabilities exist in the Link Layer Discovery 
Protocol (L ...)
+       TODO: check
+CVE-2021-34778 (Multiple vulnerabilities exist in the Link Layer Discovery 
Protocol (L ...)
+       TODO: check
+CVE-2021-34777 (Multiple vulnerabilities exist in the Link Layer Discovery 
Protocol (L ...)
+       TODO: check
+CVE-2021-34776 (Multiple vulnerabilities exist in the Link Layer Discovery 
Protocol (L ...)
+       TODO: check
+CVE-2021-34775 (Multiple vulnerabilities exist in the Link Layer Discovery 
Protocol (L ...)
+       TODO: check
 CVE-2021-34774
        RESERVED
 CVE-2021-34773
        RESERVED
-CVE-2021-34772
-       RESERVED
+CVE-2021-34772 (A vulnerability in the web-based management interface of Cisco 
Orbital ...)
+       TODO: check
 CVE-2021-34771 (A vulnerability in the Cisco IOS XR Software CLI could allow 
an authen ...)
        NOT-FOR-US: Cisco
 CVE-2021-34770 (A vulnerability in the Control and Provisioning of Wireless 
Access Poi ...)
@@ -16932,8 +16976,8 @@ CVE-2021-34768 (Multiple vulnerabilities in the Control 
and Provisioning of Wire
        NOT-FOR-US: Cisco
 CVE-2021-34767 (A vulnerability in IPv6 traffic processing of Cisco IOS XE 
Wireless Co ...)
        NOT-FOR-US: Cisco
-CVE-2021-34766
-       RESERVED
+CVE-2021-34766 (A vulnerability in the web UI of Cisco Smart Software Manager 
On-Prem  ...)
+       TODO: check
 CVE-2021-34765 (A vulnerability in the web UI for Cisco Nexus Insights could 
allow an  ...)
        NOT-FOR-US: Cisco
 CVE-2021-34764
@@ -16948,10 +16992,10 @@ CVE-2021-34760
        RESERVED
 CVE-2021-34759 (A vulnerability in the web-based management interface of Cisco 
Identit ...)
        NOT-FOR-US: Cisco
-CVE-2021-34758
-       RESERVED
-CVE-2021-34757
-       RESERVED
+CVE-2021-34758 (A vulnerability in the memory management of Cisco TelePresence 
Collabo ...)
+       TODO: check
+CVE-2021-34757 (Multiple vulnerabilities in Cisco Business 220 Series Smart 
Switches f ...)
+       TODO: check
 CVE-2021-34756
        RESERVED
 CVE-2021-34755
@@ -16968,20 +17012,20 @@ CVE-2021-34750
        RESERVED
 CVE-2021-34749 (A vulnerability in Server Name Identification (SNI) request 
filtering  ...)
        NOT-FOR-US: Cisco
-CVE-2021-34748
-       RESERVED
+CVE-2021-34748 (A vulnerability in the web-based management interface of Cisco 
Intersi ...)
+       TODO: check
 CVE-2021-34747
        RESERVED
 CVE-2021-34746 (A vulnerability in the TACACS+ authentication, authorization 
and accou ...)
        NOT-FOR-US: Cisco
 CVE-2021-34745 (A vulnerability in the AppDynamics .NET Agent for Windows 
could allow  ...)
        NOT-FOR-US: .NET Agent for Windows
-CVE-2021-34744
-       RESERVED
+CVE-2021-34744 (Multiple vulnerabilities in Cisco Business 220 Series Smart 
Switches f ...)
+       TODO: check
 CVE-2021-34743
        RESERVED
-CVE-2021-34742
-       RESERVED
+CVE-2021-34742 (A vulnerability in the web-based management interface of Cisco 
Vision  ...)
+       TODO: check
 CVE-2021-34741
        RESERVED
 CVE-2021-34740 (A vulnerability in the WLAN Control Protocol (WCP) 
implementation for  ...)
@@ -16994,8 +17038,8 @@ CVE-2021-34737 (A vulnerability in the DHCP version 4 
(DHCPv4) server feature of
        NOT-FOR-US: Cisco
 CVE-2021-34736
        RESERVED
-CVE-2021-34735
-       RESERVED
+CVE-2021-34735 (Multiple vulnerabilities in the Cisco ATA 190 Series Analog 
Telephone  ...)
+       TODO: check
 CVE-2021-34734 (A vulnerability in the Link Layer Discovery Protocol (LLDP) 
implementa ...)
        NOT-FOR-US: Cisco
 CVE-2021-34733 (A vulnerability in the CLI of Cisco Prime Infrastructure and 
Cisco Evo ...)
@@ -17042,34 +17086,34 @@ CVE-2021-34713 (A vulnerability in the Layer 2 punt 
code of Cisco IOS XR Softwar
        NOT-FOR-US: Cisco
 CVE-2021-34712 (A vulnerability in the web-based management interface of Cisco 
SD-WAN  ...)
        NOT-FOR-US: Cisco
-CVE-2021-34711
-       RESERVED
-CVE-2021-34710
-       RESERVED
+CVE-2021-34711 (A vulnerability in the debug shell of Cisco IP Phone software 
could al ...)
+       TODO: check
+CVE-2021-34710 (Multiple vulnerabilities in the Cisco ATA 190 Series Analog 
Telephone  ...)
+       TODO: check
 CVE-2021-34709 (Multiple vulnerabilities in image verification checks of Cisco 
Network ...)
        NOT-FOR-US: Cisco
 CVE-2021-34708 (Multiple vulnerabilities in image verification checks of Cisco 
Network ...)
        NOT-FOR-US: Cisco
 CVE-2021-34707 (A vulnerability in the REST API of Cisco Evolved Programmable 
Network  ...)
        NOT-FOR-US: Cisco
-CVE-2021-34706
-       RESERVED
+CVE-2021-34706 (A vulnerability in the web-based management interface of Cisco 
Identit ...)
+       TODO: check
 CVE-2021-34705 (A vulnerability in the Voice Telephony Service Provider (VTSP) 
service ...)
        NOT-FOR-US: Cisco
 CVE-2021-34704
        RESERVED
 CVE-2021-34703 (A vulnerability in the Link Layer Discovery Protocol (LLDP) 
message pa ...)
        NOT-FOR-US: Cisco
-CVE-2021-34702
-       RESERVED
+CVE-2021-34702 (A vulnerability in the web-based management interface of Cisco 
Identit ...)
+       TODO: check
 CVE-2021-34701
        RESERVED
 CVE-2021-34700 (A vulnerability in the CLI interface of Cisco SD-WAN vManage 
Software  ...)
        NOT-FOR-US: Cisco
 CVE-2021-34699 (A vulnerability in the TrustSec CLI parser of Cisco IOS and 
Cisco IOS  ...)
        NOT-FOR-US: Cisco
-CVE-2021-34698
-       RESERVED
+CVE-2021-34698 (A vulnerability in the proxy service of Cisco AsyncOS for 
Cisco Web Se ...)
+       TODO: check
 CVE-2021-34697 (A vulnerability in the Protection Against Distributed Denial 
of Servic ...)
        NOT-FOR-US: Cisco
 CVE-2021-34696 (A vulnerability in the access control list (ACL) programming 
of Cisco  ...)
@@ -37478,10 +37522,10 @@ CVE-2021-3388
        RESERVED
 CVE-2021-3387
        RESERVED
-CVE-2021-26557
-       RESERVED
-CVE-2021-26556
-       RESERVED
+CVE-2021-26557 (When Octopus Tentacle is installed using a custom folder 
location, fol ...)
+       TODO: check
+CVE-2021-26556 (When Octopus Server is installed using a custom folder 
location, folde ...)
+       TODO: check
 CVE-2021-26555
        RESERVED
 CVE-2021-26554
@@ -49135,12 +49179,12 @@ CVE-2021-21686
        RESERVED
 CVE-2021-21685
        RESERVED
-CVE-2021-21684
-       RESERVED
-CVE-2021-21683
-       RESERVED
-CVE-2021-21682
-       RESERVED
+CVE-2021-21684 (Jenkins Git Plugin 4.8.2 and earlier does not escape the Git 
SHA-1 che ...)
+       TODO: check
+CVE-2021-21683 (The file browser in Jenkins 2.314 and earlier, LTS 2.303.1 and 
earlier ...)
+       TODO: check
+CVE-2021-21682 (Jenkins 2.314 and earlier, LTS 2.303.1 and earlier accepts 
names of jo ...)
+       TODO: check
 CVE-2021-21681 (Jenkins Nomad Plugin 0.7.4 and earlier stores Docker passwords 
unencry ...)
        NOT-FOR-US: Jenkins plugin
 CVE-2021-21680 (Jenkins Nested View Plugin 1.20 and earlier does not configure 
its XML ...)
@@ -60317,8 +60361,8 @@ CVE-2021-1596 (Multiple vulnerabilities in the Link 
Layer Discovery Protocol (LL
        NOT-FOR-US: Cisco
 CVE-2021-1595 (Multiple vulnerabilities in the Link Layer Discovery Protocol 
(LLDP) i ...)
        NOT-FOR-US: Cisco
-CVE-2021-1594
-       RESERVED
+CVE-2021-1594 (A vulnerability in the REST API of Cisco Identity Services 
Engine (ISE ...)
+       TODO: check
 CVE-2021-1593 (A vulnerability in Cisco Packet Tracer for Windows could allow 
an auth ...)
        NOT-FOR-US: Cisco
 CVE-2021-1592 (A vulnerability in the way Cisco UCS Manager software handles 
SSH sess ...)
@@ -60437,8 +60481,8 @@ CVE-2021-1536 (A vulnerability in Cisco Webex Meetings 
Desktop App for Windows,
        NOT-FOR-US: Cisco
 CVE-2021-1535 (A vulnerability in the cluster management interface of Cisco 
SD-WAN vM ...)
        NOT-FOR-US: Cisco
-CVE-2021-1534
-       RESERVED
+CVE-2021-1534 (A vulnerability in the antispam protection mechanisms of Cisco 
AsyncOS ...)
+       TODO: check
 CVE-2021-1533
        RESERVED
 CVE-2021-1532 (A vulnerability in the video endpoint API (xAPI) of Cisco 
TelePresence ...)
@@ -79884,28 +79928,28 @@ CVE-2020-21660
        RESERVED
 CVE-2020-21659
        RESERVED
-CVE-2020-21658
-       RESERVED
+CVE-2020-21658 (A Cross-Site Request Forgery (CSRF) in WDJA CMS v1.5.2 allows 
attacker ...)
+       TODO: check
 CVE-2020-21657
        RESERVED
-CVE-2020-21656
-       RESERVED
+CVE-2020-21656 (XYHCMS v3.6 contains a stored cross-site scripting (XSS) 
vulnerability ...)
+       TODO: check
 CVE-2020-21655
        RESERVED
-CVE-2020-21654
-       RESERVED
-CVE-2020-21653
-       RESERVED
-CVE-2020-21652
-       RESERVED
-CVE-2020-21651
-       RESERVED
-CVE-2020-21650
-       RESERVED
-CVE-2020-21649
-       RESERVED
-CVE-2020-21648
-       RESERVED
+CVE-2020-21654 (emlog v6.0 contains a vulnerability in the component 
admin\template.ph ...)
+       TODO: check
+CVE-2020-21653 (Myucms v2.2.1 contains a server-side request forgery (SSRF) in 
the com ...)
+       TODO: check
+CVE-2020-21652 (Myucms v2.2.1 contains a remote code execution (RCE) 
vulnerability in  ...)
+       TODO: check
+CVE-2020-21651 (Myucms v2.2.1 contains a remote code execution (RCE) 
vulnerability in  ...)
+       TODO: check
+CVE-2020-21650 (Myucms v2.2.1 contains a remote code execution (RCE) 
vulnerability in  ...)
+       TODO: check
+CVE-2020-21649 (Myucms v2.2.1 contains a server-side request forgery (SSRF) in 
the com ...)
+       TODO: check
+CVE-2020-21648 (WDJA CMS v1.5.2 contains an arbitrary file deletion 
vulnerability in t ...)
+       TODO: check
 CVE-2020-21647
        RESERVED
 CVE-2020-21646



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7c60877cfa9c85b2fb6293b4f409d8f8045803d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7c60877cfa9c85b2fb6293b4f409d8f8045803d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to