Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
08a97479 by security tracker role at 2021-12-02T08:10:14+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2021-44520
+ RESERVED
+CVE-2021-44519
+ RESERVED
+CVE-2021-44518
+ RESERVED
+CVE-2021-44517
+ RESERVED
+CVE-2021-44516
+ RESERVED
+CVE-2021-44515
+ RESERVED
+CVE-2021-44514
+ RESERVED
+CVE-2021-44513
+ RESERVED
+CVE-2021-44512
+ RESERVED
+CVE-2015-20106
+ RESERVED
+CVE-2015-20105
+ RESERVED
CVE-2021-44511
RESERVED
CVE-2021-44510
@@ -724,8 +746,8 @@ CVE-2021-4024 [podman: podman machine spawns gvproxy with
port binded to all IPs
NOTE: https://github.com/containers/podman/pull/12283
NOTE: Introduced by:
https://github.com/containers/podman/commit/7ef3981abe2412727840a2886489a08c03a05299
(v3.3.0-rc1)
NOTE: Fixed by:
https://github.com/containers/podman/commit/295d87bb0b028e57dc2739791dee4820fe5fcc48
-CVE-2021-44227
- RESERVED
+CVE-2021-44227 (In GNU Mailman before 2.1.38, a list member or moderator can
get a CSR ...)
+ TODO: check
CVE-2021-44226
RESERVED
CVE-2021-4023
@@ -1977,14 +1999,14 @@ CVE-2021-43796
RESERVED
CVE-2021-43795
RESERVED
-CVE-2021-43794
- RESERVED
-CVE-2021-43793
- RESERVED
-CVE-2021-43792
- RESERVED
-CVE-2021-43791
- RESERVED
+CVE-2021-43794 (Discourse is an open source discussion platform. In affected
versions ...)
+ TODO: check
+CVE-2021-43793 (Discourse is an open source discussion platform. In affected
versions ...)
+ TODO: check
+CVE-2021-43792 (Discourse is an open source discussion platform. In affected
versions ...)
+ TODO: check
+CVE-2021-43791 (Zulip is an open source group chat application that combines
real-time ...)
+ TODO: check
CVE-2021-43790 (Lucet is a native WebAssembly compiler and runtime. There is a
bug in ...)
NOT-FOR-US: Lucet
CVE-2021-43789
@@ -3454,6 +3476,7 @@ CVE-2021-43528
RESERVED
CVE-2021-43527 [Heap overflow in NSS when verifying DSA/RSA-PSS DER-encoded
signatures]
RESERVED
+ {DSA-5016-1}
- nss 2:3.73-1
NOTE: https://www.openwall.com/lists/oss-security/2021/12/01/4
NOTE:
https://hg.mozilla.org/projects/nss/rev/6b3dc97a8767d9dc5c4c181597d1341d0899aa58
(NSS_3_73_BRANCH)
@@ -5379,8 +5402,8 @@ CVE-2021-43139
RESERVED
CVE-2021-43138
RESERVED
-CVE-2021-43137
- RESERVED
+CVE-2021-43137 (Cross-Site Scripting (XSS) and Cross-Site Request Forgery
(CSRF) vulne ...)
+ TODO: check
CVE-2021-43136 (An authentication bypass issue in FormaLMS <= 2.4.4 allows
an attac ...)
NOT-FOR-US: FormaLMS
CVE-2021-43135
@@ -6416,8 +6439,8 @@ CVE-2021-42713
RESERVED
CVE-2021-42712
RESERVED
-CVE-2021-42711
- RESERVED
+CVE-2021-42711 (Barracuda Network Access Client before 5.2.2 creates a
Temporary File ...)
+ TODO: check
CVE-2021-42710
RESERVED
CVE-2021-42709
@@ -11611,8 +11634,8 @@ CVE-2021-41041
RESERVED
CVE-2021-41040
RESERVED
-CVE-2021-41039
- RESERVED
+CVE-2021-41039 (In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5
client conn ...)
+ TODO: check
CVE-2021-41038 (In versions of the @theia/plugin-ext component of Eclipse
Theia prior ...)
NOT-FOR-US: Eclipse Theia
CVE-2021-41037
@@ -30164,26 +30187,26 @@ CVE-2021-33276
RESERVED
CVE-2021-33275
RESERVED
-CVE-2021-33274
- RESERVED
+CVE-2021-33274 (D-Link DIR-809 devices with firmware through
DIR-809Ax_FW1.12WWB03_201 ...)
+ TODO: check
CVE-2021-33273
RESERVED
CVE-2021-33272
RESERVED
-CVE-2021-33271
- RESERVED
-CVE-2021-33270
- RESERVED
-CVE-2021-33269
- RESERVED
-CVE-2021-33268
- RESERVED
-CVE-2021-33267
- RESERVED
-CVE-2021-33266
- RESERVED
-CVE-2021-33265
- RESERVED
+CVE-2021-33271 (D-Link DIR-809 devices with firmware through
DIR-809Ax_FW1.12WWB03_201 ...)
+ TODO: check
+CVE-2021-33270 (D-Link DIR-809 devices with firmware through
DIR-809Ax_FW1.12WWB03_201 ...)
+ TODO: check
+CVE-2021-33269 (D-Link DIR-809 devices with firmware through
DIR-809Ax_FW1.12WWB03_201 ...)
+ TODO: check
+CVE-2021-33268 (D-Link DIR-809 devices with firmware through
DIR-809Ax_FW1.12WWB03_201 ...)
+ TODO: check
+CVE-2021-33267 (D-Link DIR-809 devices with firmware through
DIR-809Ax_FW1.12WWB03_201 ...)
+ TODO: check
+CVE-2021-33266 (D-Link DIR-809 devices with firmware through
DIR-809Ax_FW1.12WWB03_201 ...)
+ TODO: check
+CVE-2021-33265 (D-Link DIR-809 devices with firmware through
DIR-809Ax_FW1.12WWB03_201 ...)
+ TODO: check
CVE-2021-33264
RESERVED
CVE-2021-33263
@@ -46742,8 +46765,8 @@ CVE-2021-26779
RESERVED
CVE-2021-26778
RESERVED
-CVE-2021-26777
- RESERVED
+CVE-2021-26777 (Buffer overflow vulnerability in function SetFirewall in
index.cgi in ...)
+ TODO: check
CVE-2021-26776 (CSZ CMS 1.2.9 is affected by a cross-site scripting (XSS)
vulnerabilit ...)
NOT-FOR-US: CSZ CMS
CVE-2021-26775
@@ -65878,15 +65901,13 @@ CVE-2020-35076
REJECTED
CVE-2020-35061
RESERVED
-CVE-2020-35037
- RESERVED
+CVE-2020-35037 (The Events Manager WordPress plugin before 5.9.8 does not
sanitise and ...)
NOT-FOR-US: WordPress plugin events-manager
CVE-2020-35030
RESERVED
CVE-2020-35017
RESERVED
-CVE-2020-35012
- RESERVED
+CVE-2020-35012 (The Events Manager WordPress plugin before 5.9.8 does not
sanitise and ...)
NOT-FOR-US: WordPress plugin events-manager
CVE-2020-35001
RESERVED
@@ -76695,8 +76716,8 @@ CVE-2020-27416
RESERVED
CVE-2020-27415
RESERVED
-CVE-2020-27414
- RESERVED
+CVE-2020-27414 (Mahavitaran android application 7.50 and prior transmit
sensitive info ...)
+ TODO: check
CVE-2020-27413
RESERVED
CVE-2020-27412
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08a97479486fee61eb82d71a7995cf69e0b3023d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08a97479486fee61eb82d71a7995cf69e0b3023d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
