[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sat Apr 24 09:10:24 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
feab9026 by security tracker role at 2021-04-24T08:10:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2021-31791 (In Hardware Sentry KM before 10.0.01 for BMC PATROL, a cleartext passw ...)
+	TODO: check
+CVE-2021-31790
+	RESERVED
+CVE-2021-31789
+	RESERVED
+CVE-2021-31788
+	RESERVED
+CVE-2021-31787
+	RESERVED
+CVE-2021-31786
+	RESERVED
+CVE-2021-31785
+	RESERVED
+CVE-2021-31784
+	RESERVED
+CVE-2021-31783
+	RESERVED
+CVE-2021-31782
+	RESERVED
+CVE-2021-31781
+	RESERVED
+CVE-2021-31780 (In app/Model/MispObject.php in MISP 2.4.141, an incorrect sharing grou ...)
+	TODO: check
+CVE-2021-31779
+	RESERVED
+CVE-2021-31778
+	RESERVED
+CVE-2021-31777
+	RESERVED
+CVE-2019-25030
+	RESERVED
+CVE-2019-25029
+	RESERVED
 CVE-2021-XXXX [SA-CORE-2021-002]
 	- drupal7 <removed>
 	[stretch] - drupal7 7.52-2+deb9u15
@@ -390,10 +424,10 @@ CVE-2021-31586
 	RESERVED
 CVE-2021-31585
 	RESERVED
-CVE-2021-31584
-	RESERVED
-CVE-2021-31583
-	RESERVED
+CVE-2021-31584 (Sipwise C5 NGCP CSC through CE_m39.3.1 allows call/click2dial CSRF att ...)
+	TODO: check
+CVE-2021-31583 (Sipwise C5 NGCP CSC through CE_m39.3.1 has multiple authenticated stor ...)
+	TODO: check
 CVE-2021-31582
 	RESERVED
 CVE-2021-31581
@@ -5819,8 +5853,8 @@ CVE-2021-29160
 	RESERVED
 CVE-2021-29159
 	RESERVED
-CVE-2021-29158
-	RESERVED
+CVE-2021-29158 (Sonatype Nexus Repository Manager 3 Pro up to and including 3.30.0 has ...)
+	TODO: check
 CVE-2021-29157
 	RESERVED
 CVE-2021-29156 (ForgeRock OpenAM before 13.5.1 allows LDAP injection via the Webfinger ...)
@@ -13747,10 +13781,10 @@ CVE-2021-3199 (Directory traversal with remote code execution can occur in /uplo
 	NOT-FOR-US: ONLYOFFICE Document Server
 CVE-2021-3198
 	RESERVED
-CVE-2021-25899
-	RESERVED
-CVE-2021-25898
-	RESERVED
+CVE-2021-25899 (An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0 ...)
+	TODO: check
+CVE-2021-25898 (An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0 ...)
+	TODO: check
 CVE-2021-25897
 	RESERVED
 CVE-2021-25896
@@ -29216,7 +29250,7 @@ CVE-2020-35316
 	RESERVED
 CVE-2020-35315
 	RESERVED
-CVE-2020-35314 (An OS command injection vulnerability in the installUpdateThemePluginA ...)
+CVE-2020-35314 (A remote code execution vulnerability in the installUpdateThemePluginA ...)
 	NOT-FOR-US: WonderCMS
 CVE-2020-35313 (A server-side request forgery (SSRF) vulnerability in the addCustomThe ...)
 	NOT-FOR-US: WonderCMS
@@ -30353,7 +30387,7 @@ CVE-2021-2162 (Vulnerability in the MySQL Server product of Oracle MySQL (compon
 	- mysql-5.7 <removed>
 	- mysql-8.0 <unfixed> (bug #987325)
 CVE-2021-2161 (Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterpr ...)
-	{DSA-4899-1}
+	{DSA-4899-1 DLA-2634-1}
 	- openjdk-17 17~19-1
 	- openjdk-11 11.0.11+9-1
 	- openjdk-8 <removed>
@@ -61169,8 +61203,8 @@ CVE-2020-17544
 	RESERVED
 CVE-2020-17543
 	RESERVED
-CVE-2020-17542
-	RESERVED
+CVE-2020-17542 (Cross Site Scripting (XSS) in dotCMS v5.1.5 allows remote attackers to ...)
+	TODO: check
 CVE-2020-17541
 	RESERVED
 CVE-2020-17540
@@ -89675,12 +89709,12 @@ CVE-2020-7038
 	RESERVED
 CVE-2020-7037
 	RESERVED
-CVE-2020-7036
-	RESERVED
-CVE-2020-7035
-	RESERVED
-CVE-2020-7034
-	RESERVED
+CVE-2020-7036 (An XML External Entities (XXE)vulnerability in Callback Assist could a ...)
+	TODO: check
+CVE-2020-7035 (An XML External Entities (XXE)vulnerability in the web-based user inte ...)
+	TODO: check
+CVE-2020-7034 (A command injection vulnerability in Avaya Session Border Controller f ...)
+	TODO: check
 CVE-2020-7033 (A Cross Site Scripting (XSS) Vulnerability on the Unified Portal Clien ...)
 	NOT-FOR-US: Avaya
 CVE-2020-7032 (An XML external entity (XXE) vulnerability in Avaya WebLM admin interf ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/feab90263c42793ad286992616a235e61eecfb15

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/feab90263c42793ad286992616a235e61eecfb15
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210424/9fe3cc7a/attachment.htm>

More information about the debian-security-tracker-commits mailing list