Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fdcc810c by security tracker role at 2021-10-08T08:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,39 @@
+CVE-2021-42100
+ RESERVED
+CVE-2021-42099
+ RESERVED
+CVE-2021-42098
+ RESERVED
+CVE-2021-42097
+ RESERVED
+CVE-2021-42096
+ RESERVED
+CVE-2021-42095 (Xshell before 7.0.0.76 allows attackers to cause a crash by
triggering ...)
+ TODO: check
+CVE-2021-42094 (An issue was discovered in Zammad before 4.1.1. Command
Injection can ...)
+ TODO: check
+CVE-2021-42093 (An issue was discovered in Zammad before 4.1.1. An admin can
execute c ...)
+ TODO: check
+CVE-2021-42092 (An issue was discovered in Zammad before 4.1.1. Stored XSS may
occur v ...)
+ TODO: check
+CVE-2021-42091 (An issue was discovered in Zammad before 4.1.1. SSRF can occur
via Git ...)
+ TODO: check
+CVE-2021-42090 (An issue was discovered in Zammad before 4.1.1. The Form
functionality ...)
+ TODO: check
+CVE-2021-42089 (An issue was discovered in Zammad before 4.1.1. The REST API
discloses ...)
+ TODO: check
+CVE-2021-42088 (An issue was discovered in Zammad before 4.1.1. The Chat
functionality ...)
+ TODO: check
+CVE-2021-42087 (An issue was discovered in Zammad before 4.1.1. An admin can
discover ...)
+ TODO: check
+CVE-2021-42086 (An issue was discovered in Zammad before 4.1.1. An Agent
account can m ...)
+ TODO: check
+CVE-2021-42085 (An issue was discovered in Zammad before 4.1.1. There is
stored XSS vi ...)
+ TODO: check
+CVE-2021-42084 (An issue was discovered in Zammad before 4.1.1. An attacker
with valid ...)
+ TODO: check
+CVE-2021-3869
+ RESERVED
CVE-2021-42083
RESERVED
CVE-2021-42082
@@ -2140,8 +2176,8 @@ CVE-2021-41132
RESERVED
CVE-2021-41131
RESERVED
-CVE-2021-41130
- RESERVED
+CVE-2021-41130 (Extensible Service Proxy, a.k.a. ESP is a proxy which enables
API mana ...)
+ TODO: check
CVE-2021-41129 (Pterodactyl is an open-source game server management panel
built with ...)
TODO: check
CVE-2021-41128 (Hygeia is an application for collecting and processing
personal and ca ...)
@@ -2173,8 +2209,8 @@ CVE-2021-41116 (Composer is an open source dependency
manager for the PHP langua
- composer <not-affected> (Only affects Windows)
NOTE:
https://github.com/composer/composer/security/advisories/GHSA-frqg-7g38-6gcf
NOTE:
https://github.com/composer/composer/commit/ca5e2f8d505fd3bfac6f7c85b82f2740becbc0aa
-CVE-2021-41115
- RESERVED
+CVE-2021-41115 (Zulip is an open source team chat server. In affected versions
Zulip a ...)
+ TODO: check
CVE-2021-41114 (TYPO3 is an open source PHP based web content management
system releas ...)
NOT-FOR-US: Typo3
CVE-2021-41113 (TYPO3 is an open source PHP based web content management
system releas ...)
@@ -8785,8 +8821,8 @@ CVE-2021-38300 (arch/mips/net/bpf_jit.c in the Linux
kernel through 5.14.6 can g
NOTE:
https://lore.kernel.org/bpf/[email protected]/
CVE-2021-38299 (Webauthn Framework 3.3.x before 3.3.4 has Incorrect Access
Control. An ...)
NOT-FOR-US: FIDO2/Webauthn Support for PHP
-CVE-2021-38298
- RESERVED
+CVE-2021-38298 (Zoho ManageEngine ADManager Plus before 7110 is vulnerable to
blind XX ...)
+ TODO: check
CVE-2021-38297
RESERVED
CVE-2021-38296
@@ -41054,10 +41090,10 @@ CVE-2021-25273 (Stored XSS can execute as
administrator in quarantined email det
NOT-FOR-US: Sophos
CVE-2021-25272
RESERVED
-CVE-2021-25271
- RESERVED
-CVE-2021-25270
- RESERVED
+CVE-2021-25271 (A local attacker could read or write arbitrary files with
administrato ...)
+ TODO: check
+CVE-2021-25270 (A local attacker could execute arbitrary code with
administrator privi ...)
+ TODO: check
CVE-2021-25269
RESERVED
CVE-2021-25268
@@ -79569,8 +79605,8 @@ CVE-2020-21867
RESERVED
CVE-2020-21866
RESERVED
-CVE-2020-21865
- RESERVED
+CVE-2020-21865 (ThinkPHP50-CMS v1.0 contains a remote code execution (RCE)
vulnerabili ...)
+ TODO: check
CVE-2020-21864
RESERVED
CVE-2020-21863
@@ -79841,16 +79877,16 @@ CVE-2020-21731 (Gazie 7.29 is affected by: Cross Site
Scripting (XSS) via http:/
NOT-FOR-US: Gazie
CVE-2020-21730
RESERVED
-CVE-2020-21729
- RESERVED
+CVE-2020-21729 (JEECMS x1.1 contains a stored cross-site scripting (XSS)
vulnerability ...)
+ TODO: check
CVE-2020-21728
RESERVED
CVE-2020-21727
RESERVED
-CVE-2020-21726
- RESERVED
-CVE-2020-21725
- RESERVED
+CVE-2020-21726 (OpenSNS v6.1.0 contains a blind SQL injection vulnerability in
/Contro ...)
+ TODO: check
+CVE-2020-21725 (OpenSNS v6.1.0 contains a blind SQL injection vulnerability in
/Contro ...)
+ TODO: check
CVE-2020-21724
RESERVED
CVE-2020-21723
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fdcc810c0e1792c34e8bd64f8b1926a12467333b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fdcc810c0e1792c34e8bd64f8b1926a12467333b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
