[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3b245c83 by security tracker role at 2021-11-23T08:10:14+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,46 @@
-CVE-2021-44143 [malicious or compromised IMAP server could use a crafted mail 
message that lacks headers to provoke a heap overflow]
+CVE-2022-0009
+       RESERVED
+CVE-2022-0008
+       RESERVED
+CVE-2022-0007
+       RESERVED
+CVE-2022-0006
+       RESERVED
+CVE-2021-44157
+       RESERVED
+CVE-2021-44156
+       RESERVED
+CVE-2021-44155
+       RESERVED
+CVE-2021-44154
+       RESERVED
+CVE-2021-44153
+       RESERVED
+CVE-2021-44152
+       RESERVED
+CVE-2021-44151
+       RESERVED
+CVE-2021-44150 (The client in tusdotnet through 2.5.0 relies on SHA-1 to 
prevent spoof ...)
+       TODO: check
+CVE-2021-44149
+       RESERVED
+CVE-2021-44148
+       RESERVED
+CVE-2021-44147 (An XML External Entity issue in Claris FileMaker Pro and 
Server (inclu ...)
+       TODO: check
+CVE-2021-44146
+       RESERVED
+CVE-2021-44145
+       RESERVED
+CVE-2021-44144 (Croatia Control Asterix 2.8.1 has a heap-based buffer 
over-read, with  ...)
+       TODO: check
+CVE-2021-4004
+       RESERVED
+CVE-2021-4003
+       RESERVED
+CVE-2021-4002
+       RESERVED
+CVE-2021-44143 (A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due 
to an unc ...)
        - isync <unfixed> (bug #999804)
 CVE-2021-44142
        RESERVED
@@ -2749,9 +2791,9 @@ CVE-2021-43410
        RESERVED
 CVE-2021-3932 (twill is vulnerable to Cross-Site Request Forgery (CSRF) ...)
        NOT-FOR-US: twill
-CVE-2021-43409 (The "WPO365 | LOGIN" WordPress plugin (up to and including 
version 15. ...)
+CVE-2021-43409 (The &#8220;WPO365 | LOGIN&#8221; WordPress plugin (up to and 
including ...)
        NOT-FOR-US: WordPress plugin
-CVE-2021-43408 (The Duplicate Post WordPress plugin up to and including 
version 1.1.9  ...)
+CVE-2021-43408 (The "Duplicate Post" WordPress plugin up to and including 
version 1.1. ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-43407
        RESERVED
@@ -11027,14 +11069,14 @@ CVE-2021-40833
        RESERVED
 CVE-2021-40832 (A Denial-of-Service (DoS) vulnerability was discovered in 
F-Secure Atl ...)
        NOT-FOR-US: F-Secure
-CVE-2021-40831
-       RESERVED
-CVE-2021-40830
-       RESERVED
-CVE-2021-40829
-       RESERVED
-CVE-2021-40828
-       RESERVED
+CVE-2021-40831 (The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js 
appends a  ...)
+       TODO: check
+CVE-2021-40830 (The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js 
appends a  ...)
+       TODO: check
+CVE-2021-40829 (Connections initialized by the AWS IoT Device SDK v2 for Java 
(version ...)
+       TODO: check
+CVE-2021-40828 (Connections initialized by the AWS IoT Device SDK v2 for Java 
(version ...)
+       TODO: check
 CVE-2021-40827
        RESERVED
 CVE-2021-40826
@@ -19530,7 +19572,7 @@ CVE-2021-37336
        RESERVED
 CVE-2021-37335
        RESERVED
-CVE-2021-37334 (A security issue in Umbraco Forms 4.0.0 to and including 8.7.5 
could l ...)
+CVE-2021-37334 (Umbraco Forms version 4.0.0 up to and including 8.7.5 and 
below are vu ...)
        NOT-FOR-US: Umbraco Forms
 CVE-2021-37333 (Laravel Booking System Booking Core 2.0 is vulnerable to 
Session Manag ...)
        NOT-FOR-US: Laravel Booking System Booking Core
@@ -32420,8 +32462,8 @@ CVE-2021-32006
        RESERVED
 CVE-2021-32005
        RESERVED
-CVE-2021-32004
-       RESERVED
+CVE-2021-32004 (This issue affects: Secomea GateManager All versions prior to 
9.6. Imp ...)
+       TODO: check
 CVE-2021-32003 (Unprotected Transport of Credentials vulnerability in 
SiteManager prov ...)
        NOT-FOR-US: Secomea SiteManager
 CVE-2021-32002 (Improper Access Control vulnerability in web service of 
Secomea SiteMa ...)
@@ -86479,8 +86521,8 @@ CVE-2020-22721 (A File Upload Vulnerability in PNotes - 
Andrey Gruber PNotes.NET
        NOT-FOR-US: PNotes - Andrey Gruber PNotes.NET
 CVE-2020-22720
        REJECTED
-CVE-2020-22719
-       RESERVED
+CVE-2020-22719 (Shimo Document v2.0.1 contains a cross-site scripting (XSS) 
vulnerabil ...)
+       TODO: check
 CVE-2020-22718
        RESERVED
 CVE-2020-22717



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b245c835a0a0917b0583784f7400e88d3956fce

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b245c835a0a0917b0583784f7400e88d3956fce
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits