Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f1f98fc0 by security tracker role at 2021-12-07T20:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2021-44695
+ RESERVED
+CVE-2021-44694
+ RESERVED
+CVE-2021-44693
+ RESERVED
+CVE-2021-4079
+ RESERVED
+CVE-2021-4078
+ RESERVED
+CVE-2021-4077
+ RESERVED
+CVE-2021-4076
+ RESERVED
CVE-2021-44692
RESERVED
CVE-2021-44691
@@ -391,8 +405,8 @@ CVE-2021-41836
RESERVED
CVE-2021-4050
RESERVED
-CVE-2021-4049
- RESERVED
+CVE-2021-4049 (livehelperchat is vulnerable to Cross-Site Request Forgery
(CSRF) ...)
+ TODO: check
CVE-2021-44539
RESERVED
CVE-2021-44538
@@ -417,8 +431,8 @@ CVE-2021-44529
RESERVED
CVE-2021-44528
RESERVED
-CVE-2021-44527
- RESERVED
+CVE-2021-44527 (A vulnerability found in UniFi Switch firmware Version 5.43.35
and ear ...)
+ TODO: check
CVE-2021-44526
RESERVED
CVE-2021-44525
@@ -842,7 +856,7 @@ CVE-2019-25053
RESERVED
CVE-2021-44353
RESERVED
-CVE-2021-44352 (A Stack-based Buffer Overflow vlnerability exists in the Tenda
AC15 V1 ...)
+CVE-2021-44352 (A Stack-based Buffer Overflow vulnerability exists in the
Tenda AC15 V ...)
NOT-FOR-US: Tenda
CVE-2021-44351
RESERVED
@@ -1350,12 +1364,12 @@ CVE-2021-44189
RESERVED
CVE-2021-44188
RESERVED
-CVE-2021-44187
- RESERVED
-CVE-2021-44186
- RESERVED
-CVE-2021-44185
- RESERVED
+CVE-2021-44187 (Adobe Bridge versions 11.1.1 (and earlier) are affected by an
out-of-b ...)
+ TODO: check
+CVE-2021-44186 (Adobe Bridge versions 11.1.1 (and earlier) are affected by an
out-of-b ...)
+ TODO: check
+CVE-2021-44185 (Adobe Bridge versions 11.1.1 (and earlier) are affected by an
out-of-b ...)
+ TODO: check
CVE-2021-44184
RESERVED
CVE-2021-44183
@@ -2459,8 +2473,8 @@ CVE-2021-43807
RESERVED
CVE-2021-43806
RESERVED
-CVE-2021-43805
- RESERVED
+CVE-2021-43805 (Solidus is a free, open-source ecommerce platform built on
Rails. Vers ...)
+ TODO: check
CVE-2021-43804
RESERVED
CVE-2021-43803
@@ -2473,8 +2487,7 @@ CVE-2021-43800 (Wiki.js is a wiki app built on Node.js.
Prior to version 2.5.254
NOT-FOR-US: Wiki.js
CVE-2021-43799
RESERVED
-CVE-2021-43798
- RESERVED
+CVE-2021-43798 (Grafana is an open-source platform for monitoring and
observability. G ...)
- grafana <removed>
CVE-2021-43797
RESERVED
@@ -2492,8 +2505,8 @@ CVE-2021-43791 (Zulip is an open source group chat
application that combines rea
- zulip-server <itp> (bug #800052)
CVE-2021-43790 (Lucet is a native WebAssembly compiler and runtime. There is a
bug in ...)
NOT-FOR-US: Lucet
-CVE-2021-43789
- RESERVED
+CVE-2021-43789 (PrestaShop is an Open Source e-commerce web application.
Versions of P ...)
+ TODO: check
CVE-2021-43788 (Nodebb is an open source Node.js based forum software. Prior
to v1.18. ...)
NOT-FOR-US: Nodebb
CVE-2021-43787 (Nodebb is an open source Node.js based forum software. In
affected ver ...)
@@ -5867,10 +5880,10 @@ CVE-2021-43178
RESERVED
CVE-2021-43177
RESERVED
-CVE-2021-43176
- RESERVED
-CVE-2021-43175
- RESERVED
+CVE-2021-43176 (The GOautodial API prior to commit 3c3a979 made on October
13th, 2021 ...)
+ TODO: check
+CVE-2021-43175 (The GOautodial API prior to commit 3c3a979 made on October
13th, 2021 ...)
+ TODO: check
CVE-2021-3918 (json-schema is vulnerable to Improperly Controlled Modification
of Obj ...)
- node-json-schema 0.4.0+~7.0.9-1 (bug #999765)
[bullseye] - node-json-schema <no-dsa> (Minor issue)
@@ -9525,26 +9538,26 @@ CVE-2021-3875 (vim is vulnerable to Heap-based Buffer
Overflow ...)
NOTE: https://huntr.dev/bounties/5cdbc168-6ba1-4bc2-ba6c-28be12166a53/
NOTE: Search from cursor position introduced in:
https://github.com/vim/vim/commit/04db26b36000a4677b95403ec94bd11f6cc73975
(v8.2.3110)
NOTE: Fixed by:
https://github.com/vim/vim/commit/35a319b77f897744eec1155b736e9372c9c5575f
(v8.2.3489)
-CVE-2021-42133
- RESERVED
-CVE-2021-42132
- RESERVED
-CVE-2021-42131
- RESERVED
-CVE-2021-42130
- RESERVED
-CVE-2021-42129
- RESERVED
-CVE-2021-42128
- RESERVED
-CVE-2021-42127
- RESERVED
-CVE-2021-42126
- RESERVED
-CVE-2021-42125
- RESERVED
-CVE-2021-42124
- RESERVED
+CVE-2021-42133 (An exposed dangerous function vulnerability exists in Ivanti
Avalanche ...)
+ TODO: check
+CVE-2021-42132 (A command Injection vulnerability exists in Ivanti Avalanche
before 6. ...)
+ TODO: check
+CVE-2021-42131 (A SQL Injection vulnerability exists in Ivanti Avalance before
6.3.3 a ...)
+ TODO: check
+CVE-2021-42130 (A deserialization of untrusted data vulnerability exists in
Ivanti Ava ...)
+ TODO: check
+CVE-2021-42129 (A command injection vulnerability exists in Ivanti Avalanche
before 6. ...)
+ TODO: check
+CVE-2021-42128 (An exposed dangerous function vulnerability exists in Ivanti
Avalanche ...)
+ TODO: check
+CVE-2021-42127 (A deserialization of untrusted data vulnerability exists in
Ivanti Ava ...)
+ TODO: check
+CVE-2021-42126 (An improper authorization control vulnerability exists in
Ivanti Avala ...)
+ TODO: check
+CVE-2021-42125 (An unrestricted file upload vulnerability exists in Ivanti
Avalanche b ...)
+ TODO: check
+CVE-2021-42124 (An improper access control vulnerability exists in Ivanti
Avalanche be ...)
+ TODO: check
CVE-2021-42123 (Unrestricted File Upload in Web Applications operating on
Business-DNA ...)
NOT-FOR-US: Business-DNA Solutions
CVE-2021-42122 (Insufficient Input Validation in Web Applications operating on
Busines ...)
@@ -10605,8 +10618,8 @@ CVE-2021-41718
RESERVED
CVE-2021-41717
RESERVED
-CVE-2021-41716
- RESERVED
+CVE-2021-41716 (Maharashtra State Electricity Board Mahavitara Android
Application 8.2 ...)
+ TODO: check
CVE-2021-41715
RESERVED
CVE-2021-41714
@@ -12618,8 +12631,8 @@ CVE-2021-40861
RESERVED
CVE-2021-40860
RESERVED
-CVE-2021-40859
- RESERVED
+CVE-2021-40859 (Backdoors were discovered in Auerswald COMpact 5500R 7.8A and
8.0B dev ...)
+ TODO: check
CVE-2021-40858
RESERVED
CVE-2021-40857
@@ -14488,16 +14501,16 @@ CVE-2021-40098 (An issue was discovered in Concrete
CMS through 8.5.5. Path Trav
NOT-FOR-US: Concrete CMS
CVE-2021-40097 (An issue was discovered in Concrete CMS through 8.5.5.
Authenticated p ...)
NOT-FOR-US: Concrete CMS
-CVE-2021-40096
- RESERVED
-CVE-2021-40095
- RESERVED
-CVE-2021-40094
- RESERVED
-CVE-2021-40093
- RESERVED
-CVE-2021-40092
- RESERVED
+CVE-2021-40096 (A cross-site scripting (XSS) vulnerability in integration
configuratio ...)
+ TODO: check
+CVE-2021-40095 (An issue was discovered in SquaredUp for SCOM 5.2.1.6654. The
Download ...)
+ TODO: check
+CVE-2021-40094 (A DOM-based XSS vulnerability affects SquaredUp for SCOM
5.2.1.6654. I ...)
+ TODO: check
+CVE-2021-40093 (A cross-site scripting (XSS) vulnerability in integration
configuratio ...)
+ TODO: check
+CVE-2021-40092 (A cross-site scripting (XSS) vulnerability in Image Tile in
SquaredUp ...)
+ TODO: check
CVE-2021-40091 (An SSRF issue was discovered in SquaredUp for SCOM 5.2.1.6654.
...)
NOT-FOR-US: SquaredUp for SCOM
CVE-2021-40090
@@ -14879,7 +14892,7 @@ CVE-2021-39924 (Large loop in the Bluetooth DHT
dissector in Wireshark 3.4.0 to
- wireshark 3.6.0-1
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17677
NOTE: https://www.wireshark.org/security/wnpa-sec-2021-10.html
-CVE-2021-39923 (NULL pointer exception in the IPPUSB dissector in Wireshark
3.4.0 to 3 ...)
+CVE-2021-39923 (Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9
and 3.2.0 ...)
- wireshark 3.6.0-1
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17705
NOTE: https://www.wireshark.org/security/wnpa-sec-2021-15.html
@@ -19835,8 +19848,8 @@ CVE-2021-37942
RESERVED
CVE-2021-37941
RESERVED
-CVE-2021-37940
- RESERVED
+CVE-2021-37940 (An information disclosure via GET request server-side request
forgery ...)
+ TODO: check
CVE-2021-37939 (It was discovered that Kibana’s JIRA connector & IBM
Resilie ...)
NOT-FOR-US: IBM
CVE-2021-37938 (It was discovered that on Windows operating systems
specifically, Kiba ...)
@@ -21804,98 +21817,98 @@ CVE-2021-37102 (There is a command injection
vulnerability in CMA service module
NOT-FOR-US: Huawei
CVE-2021-37101 (There is an improper authorization vulnerability in
AIS-BW50-00 9.0.6. ...)
NOT-FOR-US: Huawei
-CVE-2021-37100
- RESERVED
-CVE-2021-37099
- RESERVED
+CVE-2021-37100 (There is a Improper Authentication vulnerability in Huawei
Smartphone. ...)
+ TODO: check
+CVE-2021-37099 (There is a Path Traversal vulnerability in Huawei
Smartphone.Successfu ...)
+ TODO: check
CVE-2021-37098
RESERVED
CVE-2021-37097
RESERVED
-CVE-2021-37096
- RESERVED
-CVE-2021-37095
- RESERVED
-CVE-2021-37094
- RESERVED
+CVE-2021-37096 (There is a Improper Input Validation vulnerability in Huawei
Smartphon ...)
+ TODO: check
+CVE-2021-37095 (There is a Integer Overflow or Wraparound vulnerability in
Huawei Smar ...)
+ TODO: check
+CVE-2021-37094 (There is a Improper Input Validation vulnerability in Huawei
Smartphon ...)
+ TODO: check
CVE-2021-37093
RESERVED
CVE-2021-37092
RESERVED
-CVE-2021-37091
- RESERVED
-CVE-2021-37090
- RESERVED
-CVE-2021-37089
- RESERVED
-CVE-2021-37088
- RESERVED
-CVE-2021-37087
- RESERVED
-CVE-2021-37086
- RESERVED
-CVE-2021-37085
- RESERVED
-CVE-2021-37084
- RESERVED
-CVE-2021-37083
- RESERVED
-CVE-2021-37082
- RESERVED
-CVE-2021-37081
- RESERVED
-CVE-2021-37080
- RESERVED
-CVE-2021-37079
- RESERVED
-CVE-2021-37078
- RESERVED
-CVE-2021-37077
- RESERVED
-CVE-2021-37076
- RESERVED
+CVE-2021-37091 (There is a Permissions,Privileges,and Access Controls
vulnerability in ...)
+ TODO: check
+CVE-2021-37090 (There is a Out-of-bounds Read vulnerability in Huawei
Smartphone.Succe ...)
+ TODO: check
+CVE-2021-37089 (There is a Incomplete Cleanup vulnerability in Huawei
Smartphone.Succe ...)
+ TODO: check
+CVE-2021-37088 (There is a Path Traversal vulnerability in Huawei
Smartphone.Successfu ...)
+ TODO: check
+CVE-2021-37087 (There is a Path Traversal vulnerability in Huawei
Smartphone.Successfu ...)
+ TODO: check
+CVE-2021-37086 (There is a Improper Preservation of Permissions vulnerability
in Huawe ...)
+ TODO: check
+CVE-2021-37085 (There is a Encoding timing vulnerability in Huawei
Smartphone.Successf ...)
+ TODO: check
+CVE-2021-37084 (There is a Improper Input Validation vulnerability in Huawei
Smartphon ...)
+ TODO: check
+CVE-2021-37083 (There is a NULL Pointer Dereference vulnerability in Huawei
Smartphone ...)
+ TODO: check
+CVE-2021-37082 (There is a Race Condition vulnerability in Huawei
Smartphone.Successfu ...)
+ TODO: check
+CVE-2021-37081 (There is a Improper Input Validation vulnerability in Huawei
Smartphon ...)
+ TODO: check
+CVE-2021-37080 (There is a Incomplete Cleanup vulnerability in Huawei
Smartphone.Succe ...)
+ TODO: check
+CVE-2021-37079 (There is a Improper Input Validation vulnerability in Huawei
Smartphon ...)
+ TODO: check
+CVE-2021-37078 (There is a Uncaught Exception vulnerability in Huawei
Smartphone.Succe ...)
+ TODO: check
+CVE-2021-37077 (There is a NULL Pointer Dereference vulnerability in Huawei
Smartphone ...)
+ TODO: check
+CVE-2021-37076 (There is a Out-of-bounds Read vulnerability in Huawei
Smartphone.Succe ...)
+ TODO: check
CVE-2021-37075
RESERVED
CVE-2021-37074
RESERVED
-CVE-2021-37073
- RESERVED
-CVE-2021-37072
- RESERVED
-CVE-2021-37071
- RESERVED
-CVE-2021-37070
- RESERVED
+CVE-2021-37073 (There is a Race Condition vulnerability in Huawei
Smartphone.Successfu ...)
+ TODO: check
+CVE-2021-37072 (There is a Incorrect Calculation of Buffer Size vulnerability
in Huawe ...)
+ TODO: check
+CVE-2021-37071 (There is a Business Logic Errors vulnerability in Huawei
Smartphone.Su ...)
+ TODO: check
+CVE-2021-37070 (There is a Out-of-bounds Read vulnerability in Huawei
Smartphone.Succe ...)
+ TODO: check
CVE-2021-37069
RESERVED
-CVE-2021-37068
- RESERVED
-CVE-2021-37067
- RESERVED
-CVE-2021-37066
- RESERVED
-CVE-2021-37065
- RESERVED
-CVE-2021-37064
- RESERVED
-CVE-2021-37063
- RESERVED
-CVE-2021-37062
- RESERVED
-CVE-2021-37061
- RESERVED
-CVE-2021-37060
- RESERVED
-CVE-2021-37059
- RESERVED
-CVE-2021-37058
- RESERVED
-CVE-2021-37057
- RESERVED
-CVE-2021-37056
- RESERVED
-CVE-2021-37055
- RESERVED
+CVE-2021-37068 (There is a Resource Management Errors vulnerability in Huawei
Smartpho ...)
+ TODO: check
+CVE-2021-37067 (There is a Exposure of Sensitive Information to an
Unauthorized Actor ...)
+ TODO: check
+CVE-2021-37066 (There is a Out-of-bounds Read vulnerability in Huawei
Smartphone.Succe ...)
+ TODO: check
+CVE-2021-37065 (There is a Integer Overflow or Wraparound vulnerability in
Huawei Smar ...)
+ TODO: check
+CVE-2021-37064 (There is a Improper Limitation of a Pathname to a Restricted
Directory ...)
+ TODO: check
+CVE-2021-37063 (There is a Cryptographic Issues vulnerability in Huawei
Smartphone.Suc ...)
+ TODO: check
+CVE-2021-37062 (There is a Improper Validation of Array Index vulnerability in
Huawei ...)
+ TODO: check
+CVE-2021-37061 (There is a Uncontrolled Resource Consumption vulnerability in
Huawei S ...)
+ TODO: check
+CVE-2021-37060 (There is a Improper Input Validation vulnerability in Huawei
Smartphon ...)
+ TODO: check
+CVE-2021-37059 (There is a Weaknesses Introduced During Design ...)
+ TODO: check
+CVE-2021-37058 (There is a Permissions,Privileges,and Access Controls
vulnerability in ...)
+ TODO: check
+CVE-2021-37057 (There is a Improper Validation of Array Index vulnerability in
Huawei ...)
+ TODO: check
+CVE-2021-37056 (There is an Improper permission control vulnerability in
Huawei Smartp ...)
+ TODO: check
+CVE-2021-37055 (There is a Logic bypass vulnerability in Huawei
Smartphone.Successful ...)
+ TODO: check
CVE-2021-37054
RESERVED
CVE-2021-37053
@@ -21908,28 +21921,28 @@ CVE-2021-37050
RESERVED
CVE-2021-37049
RESERVED
-CVE-2021-37048
- RESERVED
-CVE-2021-37047
- RESERVED
-CVE-2021-37046
- RESERVED
+CVE-2021-37048 (There is a Improper Input Validation vulnerability in Huawei
Smartphon ...)
+ TODO: check
+CVE-2021-37047 (There is an Input verification vulnerability in Huawei
Smartphone.Succ ...)
+ TODO: check
+CVE-2021-37046 (There is a Memory leak vulnerability with the codec detection
module i ...)
+ TODO: check
CVE-2021-37045
RESERVED
CVE-2021-37044
RESERVED
-CVE-2021-37043
- RESERVED
-CVE-2021-37042
- RESERVED
-CVE-2021-37041
- RESERVED
+CVE-2021-37043 (There is a Stack-based Buffer Overflow vulnerability in Huawei
Smartph ...)
+ TODO: check
+CVE-2021-37042 (There is an Improper verification vulnerability in Huawei
Smartphone.S ...)
+ TODO: check
+CVE-2021-37041 (There is an Improper verification vulnerability in Huawei
Smartphone.S ...)
+ TODO: check
CVE-2021-37040
RESERVED
CVE-2021-37039
RESERVED
-CVE-2021-37038
- RESERVED
+CVE-2021-37038 (There is an Improper access control vulnerability in Huawei
Smartphone ...)
+ TODO: check
CVE-2021-37037
RESERVED
CVE-2021-37036 (There is an information leakage vulnerability in FusionCompute
6.5.1, ...)
@@ -21962,10 +21975,10 @@ CVE-2021-37023 (There is a Improper Access Control
vulnerability in Huawei Smart
NOT-FOR-US: Huawei
CVE-2021-37022 (There is a Heap-based Buffer Overflow vulnerability in Huawei
Smartpho ...)
NOT-FOR-US: Huawei
-CVE-2021-37021
- RESERVED
-CVE-2021-37020
- RESERVED
+CVE-2021-37021 (There is a Stack-based Buffer Overflow vulnerability in Huawei
Smartph ...)
+ TODO: check
+CVE-2021-37020 (There is a Stack-based Buffer Overflow vulnerability in Huawei
Smartph ...)
+ TODO: check
CVE-2021-37019 (There is a Improper Input Validation vulnerability in Huawei
Smartphon ...)
NOT-FOR-US: Huawei
CVE-2021-37018 (There is a Data Processing Errors vulnerability in Huawei
Smartphone.S ...)
@@ -21976,14 +21989,14 @@ CVE-2021-37016 (There is a Out-of-bounds Read
vulnerability in Huawei Smartphone
NOT-FOR-US: Huawei
CVE-2021-37015 (There is a Out-of-bounds Read vulnerability in Huawei
Smartphone.Succe ...)
NOT-FOR-US: Huawei
-CVE-2021-37014
- RESERVED
+CVE-2021-37014 (There is a Stack-based Buffer Overflow vulnerability in Huawei
Smartph ...)
+ TODO: check
CVE-2021-37013 (There is a Improper Input Validation vulnerability in Huawei
Smartphon ...)
NOT-FOR-US: Huawei
CVE-2021-37012 (There is a Data Processing Errors vulnerability in Huawei
Smartphone.S ...)
NOT-FOR-US: Huawei
-CVE-2021-37011
- RESERVED
+CVE-2021-37011 (There is a Stack-based Buffer Overflow vulnerability in Huawei
Smartph ...)
+ TODO: check
CVE-2021-37010 (There is a Exposure of Sensitive Information to an
Unauthorized Actor ...)
NOT-FOR-US: Huawei
CVE-2021-37009 (There is a Configuration vulnerability in Huawei
Smartphone.Successful ...)
@@ -41636,7 +41649,7 @@ CVE-2021-3467 (A NULL pointer dereference flaw was
found in the way Jasper versi
- jasper <removed>
NOTE: https://github.com/jasper-software/jasper/issues/268
NOTE:
https://github.com/jasper-software/jasper/commit/c4144a6fdb2660794136d1daaa80682ee40b138b
-CVE-2021-3466 (A flaw was found in libmicrohttpd in versions before 0.9.71. A
missing ...)
+CVE-2021-3466 (A flaw was found in libmicrohttpd. A missing bounds check in
the post_ ...)
- libmicrohttpd 0.9.71-1
[buster] - libmicrohttpd <not-affected> (Vulnerable code introduced
later)
[stretch] - libmicrohttpd <not-affected> (Vulnerable code introduced
later)
@@ -41729,14 +41742,14 @@ CVE-2021-29118
RESERVED
CVE-2021-29117
RESERVED
-CVE-2021-29116
- RESERVED
-CVE-2021-29115
- RESERVED
-CVE-2021-29114
- RESERVED
-CVE-2021-29113
- RESERVED
+CVE-2021-29116 (A stored Cross Site Scripting (XSS) vulnerability in Esri
ArcGIS Serve ...)
+ TODO: check
+CVE-2021-29115 (An information disclosure vulnerability in the ArcGIS Service
Director ...)
+ TODO: check
+CVE-2021-29114 (A SQL injection vulnerability in feature services provided by
Esri Arc ...)
+ TODO: check
+CVE-2021-29113 (A remote file inclusion vulnerability in the ArcGIS Server
help docume ...)
+ TODO: check
CVE-2021-29112
RESERVED
CVE-2021-29111
@@ -42711,8 +42724,7 @@ CVE-2021-28704 (PoD operations on misaligned GFNs T[his
CNA information record r
[buster] - xen <end-of-life> (DSA 4677-1)
[stretch] - xen <end-of-life> (DSA 4602-1)
NOTE: https://xenbits.xen.org/xsa/advisory-388.html
-CVE-2021-28703
- RESERVED
+CVE-2021-28703 (grant table v2 status pages may remain accessible after
de-allocation ...)
- xen 4.14.0+80-gd101b417b7-1
[buster] - xen <end-of-life> (DSA 4677-1)
[stretch] - xen <end-of-life> (DSA 4602-1)
@@ -52260,7 +52272,7 @@ CVE-2021-24893
RESERVED
CVE-2021-24892 (Insecure Direct Object Reference in edit function of Advanced
Forms (F ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24891 (The Elementor Website Builder WordPress plugin before 3.1.4
does not s ...)
+CVE-2021-24891 (The Elementor Website Builder WordPress plugin before 3.4.8
does not s ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24890
RESERVED
@@ -56509,10 +56521,10 @@ CVE-2021-22958 (A Server-Side Request Forgery
vulnerability was found in concret
NOT-FOR-US: Concrete CMS
CVE-2021-22957 (A Cross-Origin Resource Sharing (CORS) vulnerability found in
UniFi Pr ...)
NOT-FOR-US: UniFi Protect
-CVE-2021-22956
- RESERVED
-CVE-2021-22955
- RESERVED
+CVE-2021-22956 (An uncontrolled resource consumption vulnerability exists in
Citrix AD ...)
+ TODO: check
+CVE-2021-22955 (A unauthenticated denial of service vulnerability exists in
Citrix ADC ...)
+ TODO: check
CVE-2021-22954
RESERVED
CVE-2021-22953 (A CSRF in Concrete CMS version 8.5.5 and below allows an
attacker to c ...)
@@ -77458,8 +77470,8 @@ CVE-2020-27415
RESERVED
CVE-2020-27414 (Mahavitaran android application 7.50 and prior transmit
sensitive info ...)
NOT-FOR-US: Mahavitaran android application
-CVE-2020-27413
- RESERVED
+CVE-2020-27413 (An issue was discovered in Mahavitaran android application
7.50 and be ...)
+ TODO: check
CVE-2020-27412
RESERVED
CVE-2020-27411
@@ -95016,8 +95028,8 @@ CVE-2020-19613 (Server Side Request Forgery (SSRF)
vulnerability in saveUrlAs fu
NOT-FOR-US: sunkaifei FlyCMS
CVE-2020-19612
RESERVED
-CVE-2020-19611
- RESERVED
+CVE-2020-19611 (Cross Site Scripting (XSS) in redirect module of Racktables
version 0. ...)
+ TODO: check
CVE-2020-19610
RESERVED
CVE-2020-19609 (Artifex MuPDF before 1.18.0 has a heap based buffer over-write
in tiff ...)
@@ -113434,8 +113446,8 @@ CVE-2020-12142 (1. IPSec UDP key material can be
retrieved from machine-to-machi
NOT-FOR-US: EdgeConnect
CVE-2020-12141 (An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and
earlier ...)
NOT-FOR-US: SNMP stack in Contiki-NG
-CVE-2020-12140
- RESERVED
+CVE-2020-12140 (A buffer overflow in os/net/mac/ble/ble-l2cap.c in the BLE
stack in Co ...)
+ TODO: check
CVE-2020-12139
RESERVED
CVE-2020-12138 (AMD ATI atillk64.sys 5.11.9.0 allows low-privileged users to
interact ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f1f98fc005baaaab7812b8437b3c8a72e24eddae
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f1f98fc005baaaab7812b8437b3c8a72e24eddae
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
