Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
75382631 by security tracker role at 2021-11-15T08:10:14+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,258 @@
-CVE-2021-43618 [integer overflow and resultant buffer overflow via crafted
input]
+CVE-2021-43745
+ RESERVED
+CVE-2021-43744
+ RESERVED
+CVE-2021-43743
+ RESERVED
+CVE-2021-43742
+ RESERVED
+CVE-2021-43741
+ RESERVED
+CVE-2021-43740
+ RESERVED
+CVE-2021-43739
+ RESERVED
+CVE-2021-43738
+ RESERVED
+CVE-2021-43737
+ RESERVED
+CVE-2021-43736
+ RESERVED
+CVE-2021-43735
+ RESERVED
+CVE-2021-43734
+ RESERVED
+CVE-2021-43733
+ RESERVED
+CVE-2021-43732
+ RESERVED
+CVE-2021-43731
+ RESERVED
+CVE-2021-43730
+ RESERVED
+CVE-2021-43729
+ RESERVED
+CVE-2021-43728
+ RESERVED
+CVE-2021-43727
+ RESERVED
+CVE-2021-43726
+ RESERVED
+CVE-2021-43725
+ RESERVED
+CVE-2021-43724
+ RESERVED
+CVE-2021-43723
+ RESERVED
+CVE-2021-43722
+ RESERVED
+CVE-2021-43721
+ RESERVED
+CVE-2021-43720
+ RESERVED
+CVE-2021-43719
+ RESERVED
+CVE-2021-43718
+ RESERVED
+CVE-2021-43717
+ RESERVED
+CVE-2021-43716
+ RESERVED
+CVE-2021-43715
+ RESERVED
+CVE-2021-43714
+ RESERVED
+CVE-2021-43713
+ RESERVED
+CVE-2021-43712
+ RESERVED
+CVE-2021-43711
+ RESERVED
+CVE-2021-43710
+ RESERVED
+CVE-2021-43709
+ RESERVED
+CVE-2021-43708
+ RESERVED
+CVE-2021-43707
+ RESERVED
+CVE-2021-43706
+ RESERVED
+CVE-2021-43705
+ RESERVED
+CVE-2021-43704
+ RESERVED
+CVE-2021-43703
+ RESERVED
+CVE-2021-43702
+ RESERVED
+CVE-2021-43701
+ RESERVED
+CVE-2021-43700
+ RESERVED
+CVE-2021-43699
+ RESERVED
+CVE-2021-43698
+ RESERVED
+CVE-2021-43697
+ RESERVED
+CVE-2021-43696
+ RESERVED
+CVE-2021-43695
+ RESERVED
+CVE-2021-43694
+ RESERVED
+CVE-2021-43693
+ RESERVED
+CVE-2021-43692
+ RESERVED
+CVE-2021-43691
+ RESERVED
+CVE-2021-43690
+ RESERVED
+CVE-2021-43689
+ RESERVED
+CVE-2021-43688
+ RESERVED
+CVE-2021-43687
+ RESERVED
+CVE-2021-43686
+ RESERVED
+CVE-2021-43685
+ RESERVED
+CVE-2021-43684
+ RESERVED
+CVE-2021-43683
+ RESERVED
+CVE-2021-43682
+ RESERVED
+CVE-2021-43681
+ RESERVED
+CVE-2021-43680
+ RESERVED
+CVE-2021-43679
+ RESERVED
+CVE-2021-43678
+ RESERVED
+CVE-2021-43677
+ RESERVED
+CVE-2021-43676
+ RESERVED
+CVE-2021-43675
+ RESERVED
+CVE-2021-43674
+ RESERVED
+CVE-2021-43673
+ RESERVED
+CVE-2021-43672
+ RESERVED
+CVE-2021-43671
+ RESERVED
+CVE-2021-43670
+ RESERVED
+CVE-2021-43669
+ RESERVED
+CVE-2021-43668
+ RESERVED
+CVE-2021-43667
+ RESERVED
+CVE-2021-43666
+ RESERVED
+CVE-2021-43665
+ RESERVED
+CVE-2021-43664
+ RESERVED
+CVE-2021-43663
+ RESERVED
+CVE-2021-43662
+ RESERVED
+CVE-2021-43661
+ RESERVED
+CVE-2021-43660
+ RESERVED
+CVE-2021-43659
+ RESERVED
+CVE-2021-43658
+ RESERVED
+CVE-2021-43657
+ RESERVED
+CVE-2021-43656
+ RESERVED
+CVE-2021-43655
+ RESERVED
+CVE-2021-43654
+ RESERVED
+CVE-2021-43653
+ RESERVED
+CVE-2021-43652
+ RESERVED
+CVE-2021-43651
+ RESERVED
+CVE-2021-43650
+ RESERVED
+CVE-2021-43649
+ RESERVED
+CVE-2021-43648
+ RESERVED
+CVE-2021-43647
+ RESERVED
+CVE-2021-43646
+ RESERVED
+CVE-2021-43645
+ RESERVED
+CVE-2021-43644
+ RESERVED
+CVE-2021-43643
+ RESERVED
+CVE-2021-43642
+ RESERVED
+CVE-2021-43641
+ RESERVED
+CVE-2021-43640
+ RESERVED
+CVE-2021-43639
+ RESERVED
+CVE-2021-43638
+ RESERVED
+CVE-2021-43637
+ RESERVED
+CVE-2021-43636
+ RESERVED
+CVE-2021-43635
+ RESERVED
+CVE-2021-43634
+ RESERVED
+CVE-2021-43633
+ RESERVED
+CVE-2021-43632
+ RESERVED
+CVE-2021-43631
+ RESERVED
+CVE-2021-43630
+ RESERVED
+CVE-2021-43629
+ RESERVED
+CVE-2021-43628
+ RESERVED
+CVE-2021-43627
+ RESERVED
+CVE-2021-43626
+ RESERVED
+CVE-2021-43625
+ RESERVED
+CVE-2021-43624
+ RESERVED
+CVE-2021-43623
+ RESERVED
+CVE-2021-43622
+ RESERVED
+CVE-2021-43621
+ RESERVED
+CVE-2021-43620 (An issue was discovered in the fruity crate through 0.2.0 for
Rust. Se ...)
+ TODO: check
+CVE-2021-43619
+ RESERVED
+CVE-2021-43618 (GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1
has an m ...)
- gmp <unfixed> (bug #994405)
NOTE:
https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html
NOTE: https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e
@@ -587,10 +841,10 @@ CVE-2021-43396 (** DISPUTED ** In
iconvdata/iso-2022-jp-3.c in the GNU C Library
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=28524
NOTE: Fixed by:
https://sourceware.org/git/?p=glibc.git;a=commit;h=ff012870b2c02a62598c04daa1e54632e020fd7d
NOTE: Introduced by the fix for CVE-2021-3326 / BZ#27256:
https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888
-CVE-2021-43391
- RESERVED
-CVE-2021-43390
- RESERVED
+CVE-2021-43391 (An Out-of-Bounds Read vulnerability exists when reading a DXF
file usi ...)
+ TODO: check
+CVE-2021-43390 (An Out-of-Bounds Write vulnerability exists when reading a DGN
file us ...)
+ TODO: check
CVE-2021-43389 (An issue was discovered in the Linux kernel before 5.14.15.
There is a ...)
- linux 5.14.16-1
NOTE: https://www.openwall.com/lists/oss-security/2021/10/19/1
@@ -707,8 +961,8 @@ CVE-2021-31559
RESERVED
CVE-2021-26253
RESERVED
-CVE-2021-43336
- RESERVED
+CVE-2021-43336 (An Out-of-Bounds Write vulnerability exists when reading a DXF
file us ...)
+ TODO: check
CVE-2021-43335
RESERVED
CVE-2021-43334
@@ -843,24 +1097,24 @@ CVE-2021-43282
RESERVED
CVE-2021-43281 (MyBB before 1.8.29 allows Remote Code Injection by an admin
with the " ...)
NOT-FOR-US: MyBB
-CVE-2021-43280
- RESERVED
-CVE-2021-43279
- RESERVED
-CVE-2021-43278
- RESERVED
-CVE-2021-43277
- RESERVED
-CVE-2021-43276
- RESERVED
-CVE-2021-43275
- RESERVED
-CVE-2021-43274
- RESERVED
-CVE-2021-43273
- RESERVED
-CVE-2021-43272
- RESERVED
+CVE-2021-43280 (A stack-based buffer overflow vulnerability exists in the DWF
file rea ...)
+ TODO: check
+CVE-2021-43279 (An out-of-bounds write vulnerability exists in the U3D file
reading pr ...)
+ TODO: check
+CVE-2021-43278 (An Out-of-bounds Read vulnerability exists in the OBJ file
reading pro ...)
+ TODO: check
+CVE-2021-43277 (An out-of-bounds read vulnerability exists in the U3D file
reading pro ...)
+ TODO: check
+CVE-2021-43276 (An Out-of-bounds Read vulnerability exists in Open Design
Alliance ODA ...)
+ TODO: check
+CVE-2021-43275 (A Use After Free vulnerability exists in the DGN file reading
procedur ...)
+ TODO: check
+CVE-2021-43274 (A Use After Free Vulnerability exists in the Open Design
Alliance Draw ...)
+ TODO: check
+CVE-2021-43273 (An Out-of-bounds Read vulnerability exists in the DGN file
reading pro ...)
+ TODO: check
+CVE-2021-43272 (An improper handling of exceptional conditions vulnerability
exists in ...)
+ TODO: check
CVE-2021-43271
RESERVED
CVE-2021-43270 (Datalust Seq.App.EmailPlus (aka seq-app-htmlemail)
3.1.0-dev-00148, 3. ...)
@@ -8277,8 +8531,8 @@ CVE-2021-41059
RESERVED
CVE-2021-41058
RESERVED
-CVE-2021-41057
- RESERVED
+CVE-2021-41057 (In WIBU CodeMeter Runtime before 7.30a, creating a crafted
CmDongles s ...)
+ TODO: check
CVE-2021-41056
RESERVED
CVE-2021-41055 (Gajim 1.2.x and 1.3.x before 1.3.3 allows remote attackers to
cause a ...)
@@ -43345,8 +43599,8 @@ CVE-2021-26797 (An access control vulnerability in Hame
SD1 Wi-Fi firmware <=
NOT-FOR-US: Hame SD1 Wi-Fi firmware
CVE-2021-26796
RESERVED
-CVE-2021-26795
- RESERVED
+CVE-2021-26795 (A SQL Injection vulnerability in /appliance/shiftmgn.php in
TalariaX s ...)
+ TODO: check
CVE-2021-26794 (Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5
allows ...)
NOT-FOR-US: FrogCMS SentCMS
CVE-2021-26793
@@ -98139,8 +98393,8 @@ CVE-2020-16154
RESERVED
CVE-2020-16153
RESERVED
-CVE-2020-16152
- RESERVED
+CVE-2020-16152 (The NetConfig UI administrative interface in Extreme Networks
ExtremeW ...)
+ TODO: check
CVE-2020-16151
RESERVED
CVE-2020-16150 (A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in
library/s ...)
@@ -102919,8 +103173,8 @@ CVE-2020-14426 (Certain NETGEAR devices are affected
by disclosure of administra
NOT-FOR-US: NETGEAR
CVE-2020-14425 (Foxit Reader before 10.0 allows Remote Command Execution via
the app.o ...)
NOT-FOR-US: Foxit Reader
-CVE-2020-14424
- RESERVED
+CVE-2020-14424 (Cacti before 1.2.18 allows remote attackers to trigger XSS via
templat ...)
+ TODO: check
CVE-2020-14423 (Convos before 4.20 does not properly generate a random secret
in Core/ ...)
NOT-FOR-US: Convos
CVE-2020-14422 (Lib/ipaddress.py in Python through 3.8.3 improperly computes
hash valu ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/753826311544ed53396ee527e333d9387073d9ae
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/753826311544ed53396ee527e333d9387073d9ae
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
