Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8b265d63 by security tracker role at 2021-10-28T08:10:10+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,26 @@
-CVE-2021-43056 [KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if
it went to guest]
+CVE-2021-43057 (An issue was discovered in the Linux kernel before 5.14.8. A
use-after ...)
+ TODO: check
+CVE-2021-43055
+ RESERVED
+CVE-2021-43054
+ RESERVED
+CVE-2021-43053
+ RESERVED
+CVE-2021-43052
+ RESERVED
+CVE-2021-43051
+ RESERVED
+CVE-2021-43050
+ RESERVED
+CVE-2021-43049
+ RESERVED
+CVE-2021-43048
+ RESERVED
+CVE-2021-43047
+ RESERVED
+CVE-2021-43046
+ RESERVED
+CVE-2021-43056 (An issue was discovered in the Linux kernel for powerpc before
5.14.15 ...)
- linux <unfixed>
[buster] - linux <not-affected> (Vulnerable code introduced later)
[stretch] - linux <not-affected> (Vulnerable code introduced later)
@@ -43,8 +65,8 @@ CVE-2021-3908
RESERVED
CVE-2021-3907
RESERVED
-CVE-2021-3906
- RESERVED
+CVE-2021-3906 (bookstack is vulnerable to Unrestricted Upload of File with
Dangerous ...)
+ TODO: check
CVE-2018-25019
RESERVED
CVE-2015-20067
@@ -97,10 +119,10 @@ CVE-2021-43011
RESERVED
CVE-2021-3905
RESERVED
-CVE-2021-3904
- RESERVED
-CVE-2021-3903
- RESERVED
+CVE-2021-3904 (grav is vulnerable to Improper Neutralization of Input During
Web Page ...)
+ TODO: check
+CVE-2021-3903 (vim is vulnerable to Heap-based Buffer Overflow ...)
+ TODO: check
CVE-2020-36503
RESERVED
CVE-2021-43010
@@ -421,8 +443,8 @@ CVE-2021-42853
RESERVED
CVE-2021-3902
RESERVED
-CVE-2021-3901
- RESERVED
+CVE-2021-3901 (firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
...)
+ TODO: check
CVE-2021-3900 (firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
...)
NOT-FOR-US: firefly-iii
CVE-2021-42852
@@ -5420,8 +5442,8 @@ CVE-2021-41193
RESERVED
CVE-2021-41192
RESERVED
-CVE-2021-41191
- RESERVED
+CVE-2021-41191 (Roblox-Purchasing-Hub is an open source Roblox product
purchasing hub. ...)
+ TODO: check
CVE-2021-41190
RESERVED
CVE-2021-41189
@@ -44824,8 +44846,7 @@ CVE-2021-25221
RESERVED
CVE-2021-25220
RESERVED
-CVE-2021-25219 [Lame cache can be abused to severely degrade resolver
performance]
- RESERVED
+CVE-2021-25219 (In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and
versions 9.9.3- ...)
- bind9 1:9.17.19-1
NOTE: https://kb.isc.org/docs/cve-2021-25219
CVE-2021-25218 (In BIND 9.16.19, 9.17.16. Also, version 9.16.19-S1 of BIND
Supported P ...)
@@ -65273,12 +65294,12 @@ CVE-2021-1119
RESERVED
CVE-2021-1118
RESERVED
-CVE-2021-1117
- RESERVED
-CVE-2021-1116
- RESERVED
-CVE-2021-1115
- RESERVED
+CVE-2021-1117 (Windows contains a vulnerability in the kernel mode layer
(nvlddmkm.sy ...)
+ TODO: check
+CVE-2021-1116 (NVIDIA GPU Display Driver for Windows contains a vulnerability
in the ...)
+ TODO: check
+CVE-2021-1115 (NVIDIA GPU Display Driver for Windows contains a vulnerability
in the ...)
+ TODO: check
CVE-2021-1114 (NVIDIA Linux kernel distributions contain a vulnerability in
the kerne ...)
NOT-FOR-US: NVIDIA
CVE-2021-1113 (NVIDIA camera firmware contains a vulnerability where an
unauthorized ...)
@@ -100703,7 +100724,7 @@ CVE-2020-14275 (Security vulnerability in HCL
Commerce 9.0.0.5 through 9.0.0.13,
NOT-FOR-US: HCL
CVE-2020-14274 (Information disclosure vulnerability in HCL Commerce 9.0.1.9
through 9 ...)
NOT-FOR-US: HCL
-CVE-2020-14273 (HCL Domino v10 and v11 is susceptible to a Denial of Service
(DoS) vul ...)
+CVE-2020-14273 (HCL Domino is susceptible to a Denial of Service (DoS)
vulnerability d ...)
NOT-FOR-US: HCL Domino
CVE-2020-14272
RESERVED
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b265d639edbfc52900af12b23db6b03956b87e0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b265d639edbfc52900af12b23db6b03956b87e0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
