Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
23b0caaa by Moritz Muehlenhoff at 2021-10-15T13:10:26+02:00
new gitlab issues
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -50146,9 +50146,9 @@ CVE-2021-22264 (An issue has been discovered in GitLab
affecting all versions st
CVE-2021-22263 (An issue has been discovered in GitLab affecting all versions
starting ...)
- gitlab <unfixed>
CVE-2021-22262 (Missing access control in GitLab version 13.10 and above with
Jira Clo ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2021-22261 (A stored Cross-Site Scripting vulnerability in the Jira
integration in ...)
- TODO: check
+ - gitlab <unfixed>
CVE-2021-22260
RESERVED
CVE-2021-22259 (A potential DOS vulnerability was discovered in GitLab EE
starting wit ...)
@@ -57104,19 +57104,19 @@ CVE-2021-20131 (ManageEngine ADManager Plus Build
7111 contains a post-authentic
CVE-2021-20130 (ManageEngine ADManager Plus Build 7111 contains a
post-authentication ...)
NOT-FOR-US: ManageEngine ADManager Plus
CVE-2021-20129 (An information disclosure vulnerability exists in Draytek
VigorConnect ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2021-20128 (The Profile Name field in the floor plan (Network Menu) page
in Drayte ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2021-20127 (An arbitrary file deletion vulnerability exists in the file
delete fun ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2021-20126 (Draytek VigorConnect 1.6.0-B3 lacks cross-site request forgery
protect ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2021-20125 (An arbitrary file upload and directory traversal vulnerability
exists ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2021-20124 (A local file inclusion vulnerability exists in Draytek
VigorConnect 1. ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2021-20123 (A local file inclusion vulnerability exists in Draytek
VigorConnect 1. ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2021-20122 (The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version
3.00.20 is ...)
NOT-FOR-US: Telus Wi-Fi Hub
CVE-2021-20121 (The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version
3.00.20 is ...)
@@ -65478,7 +65478,7 @@ CVE-2021-0690 (In ih264d_mark_err_slice_skip of
ih264d_parse_pslice.c, there is
CVE-2021-0689 (In RGB_to_BGR1_portable of SkSwizzler_opts.h, there is a
possible out ...)
NOT-FOR-US: Android media framework
CVE-2021-0688 (In lockNow of PhoneWindowManager.java, there is a possible lock
screen ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-0687 (In ellipsize of Layout.java, there is a possible ANR due to
improper i ...)
NOT-FOR-US: Android
CVE-2021-0686 (In getDefaultSmsPackage of RoleManagerService.java, there is a
possibl ...)
@@ -65695,7 +65695,7 @@ CVE-2021-0585 (In beginWrite and beginRead of
MessageQueueBase.h, there is a pos
CVE-2021-0584 (In verifyBufferObject of Parcel.cpp, there is a possible out of
bounds ...)
NOT-FOR-US: Android
CVE-2021-0583 (In onCreate of BluetoothPairingDialog, there is a possible way
to enab ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-0582 (In wifi driver, there is a possible out of bounds read due to a
missin ...)
NOT-FOR-US: MediaTek components for Android
CVE-2021-0581 (In wifi driver, there is a possible out of bounds read due to a
missin ...)
@@ -80102,7 +80102,7 @@ CVE-2020-22726
CVE-2020-22725
RESERVED
CVE-2020-22724 (A remote command execution vulnerability exists in
add_server_service ...)
- TODO: check
+ NOT-FOR-US: Mercury Router MER1200
CVE-2020-22723 (A cross-site scripting (XSS) vulnerability in Beijing
Liangjing Zhiche ...)
NOT-FOR-US: Beijing Liangjing Zhicheng Technology Co., Ltd ljcmsshop
CVE-2020-22722 (Rapid Software LLC Rapid SCADA 5.8.0 is affected by a local
privilege ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23b0caaa943ad1ccd66f6445badff794584a258b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23b0caaa943ad1ccd66f6445badff794584a258b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
