[Git][security-tracker-team/security-tracker][master] automatic update

Sat Dec 4 08:10:27 GMT 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a8a6365a by security tracker role at 2021-12-04T08:10:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,41 @@
+CVE-2021-44548
+	RESERVED
+CVE-2021-4068
+	RESERVED
+CVE-2021-4067
+	RESERVED
+CVE-2021-4066
+	RESERVED
+CVE-2021-4065
+	RESERVED
+CVE-2021-4064
+	RESERVED
+CVE-2021-4063
+	RESERVED
+CVE-2021-4062
+	RESERVED
+CVE-2021-4061
+	RESERVED
+CVE-2021-4060
+	RESERVED
+CVE-2021-4059
+	RESERVED
+CVE-2021-4058
+	RESERVED
+CVE-2021-4057
+	RESERVED
+CVE-2021-4056
+	RESERVED
+CVE-2021-4055
+	RESERVED
+CVE-2021-4054
+	RESERVED
+CVE-2021-4053
+	RESERVED
+CVE-2021-4052
+	RESERVED
+CVE-2021-4051
+	RESERVED
 CVE-2021-44543
 	RESERVED
 CVE-2021-44542
@@ -3842,8 +3880,8 @@ CVE-2021-43417
 	RESERVED
 CVE-2021-43416
 	RESERVED
-CVE-2021-43415
-	RESERVED
+CVE-2021-43415 (HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 1.2.0, w ...)
+	TODO: check
 CVE-2021-43414 (An issue was discovered in GNU Hurd before 0.9 20210404-9. The use of  ...)
 	- hurd 1:0.9.git20210404-9
 CVE-2021-43413 (An issue was discovered in GNU Hurd before 0.9 20210404-9. A single pa ...)
@@ -25308,12 +25346,12 @@ CVE-2021-35417
 	RESERVED
 CVE-2021-35416
 	RESERVED
-CVE-2021-35415
-	RESERVED
-CVE-2021-35414
-	RESERVED
-CVE-2021-35413
-	RESERVED
+CVE-2021-35415 (A stored cross-site scripting (XSS) vulnerability allows attackers to  ...)
+	TODO: check
+CVE-2021-35414 (Chamilo LMS v1.11.x was discovered to contain a SQL injection via the  ...)
+	TODO: check
+CVE-2021-35413 (A remote code execution (RCE) vulnerability in course_intro_pdf_import ...)
+	TODO: check
 CVE-2021-35412
 	RESERVED
 CVE-2021-35411
@@ -25453,12 +25491,12 @@ CVE-2021-35348
 	RESERVED
 CVE-2021-35347
 	RESERVED
-CVE-2021-35346
-	RESERVED
+CVE-2021-35346 (tsMuxer v2.6.16 was discovered to contain a heap-based buffer overflow ...)
+	TODO: check
 CVE-2021-35345
 	RESERVED
-CVE-2021-35344
-	RESERVED
+CVE-2021-35344 (tsMuxer v2.6.16 was discovered to contain a heap-based buffer overflow ...)
+	TODO: check
 CVE-2021-35343 (Cross-Site Request Forgery (CSRF) vulnerability in the /op/op.Ajax.php ...)
 	NOT-FOR-US: SeedDMS
 CVE-2021-35342 (The useradm service 1.14.0 (in Northern.tech Mender Enterprise 2.7.x b ...)
@@ -54277,8 +54315,8 @@ CVE-2021-23760
 	RESERVED
 CVE-2021-23759
 	RESERVED
-CVE-2021-23758
-	RESERVED
+CVE-2021-23758 (All versions of package ajaxpro.2 are vulnerable to Deserialization of ...)
+	TODO: check
 CVE-2021-23757
 	RESERVED
 CVE-2021-23756
@@ -54669,8 +54707,8 @@ CVE-2021-23564
 	RESERVED
 CVE-2021-23563
 	RESERVED
-CVE-2021-23562
-	RESERVED
+CVE-2021-23562 (This affects the package plupload before 2.3.9. A file name containing ...)
+	TODO: check
 CVE-2021-23561
 	RESERVED
 CVE-2021-23560



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a8a6365ac823e93848a73f447cfd09f62a1233e1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a8a6365ac823e93848a73f447cfd09f62a1233e1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211204/39c6da06/attachment-0001.htm>
