[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Dec 8 20:10:24 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7d8be238 by security tracker role at 2021-12-08T20:10:16+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -383,10 +383,10 @@ CVE-2021-44559
RESERVED
CVE-2021-44558
RESERVED
-CVE-2021-44557
- RESERVED
-CVE-2021-44556
- RESERVED
+CVE-2021-44557 (National Library of the Netherlands multiNER <= c0440948057afc6e3d6 ...)
+ TODO: check
+CVE-2021-44556 (National Library of the Netherlands digger < 6697d1269d981e35e11f24 ...)
+ TODO: check
CVE-2021-44555
RESERVED
CVE-2021-44554
@@ -489,8 +489,8 @@ CVE-2021-43353
RESERVED
CVE-2021-41836
RESERVED
-CVE-2021-4050
- RESERVED
+CVE-2021-4050 (livehelperchat is vulnerable to Improper Neutralization of Input Durin ...)
+ TODO: check
CVE-2021-4049 (livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) ...)
NOT-FOR-US: livehelperchat
CVE-2021-44539
@@ -6212,16 +6212,16 @@ CVE-2021-43069
RESERVED
CVE-2021-43068
RESERVED
-CVE-2021-43067
- RESERVED
+CVE-2021-43067 (A exposure of sensitive information to an unauthorized actor in Fortin ...)
+ TODO: check
CVE-2021-43066
RESERVED
CVE-2021-43065
RESERVED
-CVE-2021-43064
- RESERVED
-CVE-2021-43063
- RESERVED
+CVE-2021-43064 (A url redirection to untrusted site ('open redirect') in Fortinet Fort ...)
+ TODO: check
+CVE-2021-43063 (A improper neutralization of input during web page generation ('cross- ...)
+ TODO: check
CVE-2021-43062
RESERVED
CVE-2022-20621
@@ -6782,8 +6782,8 @@ CVE-2021-42836 (GJSON before 1.9.3 allows a ReDoS (regular expression denial of
NOTE: https://github.com/tidwall/gjson/commit/77a57fda87dca6d0d7d4627d512a630f89a91c96
NOTE: https://github.com/tidwall/gjson/issues/236
NOTE: https://github.com/tidwall/gjson/issues/237
-CVE-2021-42835
- RESERVED
+CVE-2021-42835 (An issue was discovered in Plex Media Server through 1.24.4.5081-e362d ...)
+ TODO: check
CVE-2021-42834
RESERVED
CVE-2021-42833
@@ -6942,14 +6942,14 @@ CVE-2021-42762 (BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1
NOTE: https://github.com/flatpak/flatpak/security/advisories/GHSA-67h7-w3jq-vh4q
CVE-2021-42761
RESERVED
-CVE-2021-42760
- RESERVED
+CVE-2021-42760 (A improper neutralization of special elements used in an sql command ( ...)
+ TODO: check
CVE-2021-42759
RESERVED
-CVE-2021-42758
- RESERVED
-CVE-2021-42757
- RESERVED
+CVE-2021-42758 (An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 a ...)
+ TODO: check
+CVE-2021-42757 (A buffer overflow [CWE-121] in the TFTP client library of FortiOS befo ...)
+ TODO: check
CVE-2021-42756
RESERVED
CVE-2021-42755
@@ -6958,8 +6958,8 @@ CVE-2021-42754 (An improper control of generation of code vulnerability [CWE-94]
NOT-FOR-US: Fortiguard
CVE-2021-42753
RESERVED
-CVE-2021-42752
- RESERVED
+CVE-2021-42752 (A improper neutralization of input during web page generation ('cross- ...)
+ TODO: check
CVE-2021-42751
RESERVED
CVE-2021-42750
@@ -9674,8 +9674,8 @@ CVE-2021-42112 (The "File upload question" functionality in LimeSurvey 3.x-LTS t
- limesurvey <itp> (bug #472802)
CVE-2021-42111 (An issue was discovered in the RCDevs OpenOTP app 1.4.13 and 1.4.14 fo ...)
NOT-FOR-US: RCDevs OpenOTP app
-CVE-2021-42110
- RESERVED
+CVE-2021-42110 (An issue was discovered in Allegro Windows (formerly Popsy Windows) be ...)
+ TODO: check
CVE-2021-3874 (bookstack is vulnerable to Improper Limitation of a Pathname to a Rest ...)
NOT-FOR-US: bookstack
CVE-2021-3873
@@ -11307,8 +11307,8 @@ CVE-2021-41452
RESERVED
CVE-2021-41451
RESERVED
-CVE-2021-41450
- RESERVED
+CVE-2021-41450 (An HTTP request smuggling attack in TP-Link AX10v1 before v1_211117 al ...)
+ TODO: check
CVE-2021-41449
RESERVED
CVE-2021-41448
@@ -11582,8 +11582,8 @@ CVE-2021-41316 (The Device42 Main Appliance before 17.05.01 does not sanitize us
NOT-FOR-US: Device42 Main Appliance
CVE-2021-41315 (The Device42 Remote Collector before 17.05.01 does not sanitize user i ...)
NOT-FOR-US: Device42 Remote Collector
-CVE-2021-3815
- RESERVED
+CVE-2021-3815 (utils.js is vulnerable to Improperly Controlled Modification of Object ...)
+ TODO: check
CVE-2021-3814
RESERVED
CVE-2021-3813
@@ -12164,8 +12164,8 @@ CVE-2021-41091 (Moby is an open-source project created by Docker to enable softw
[buster] - docker.io <no-dsa> (Minor issue)
NOTE: https://github.com/moby/moby/security/advisories/GHSA-3fwx-pjgw-3558
NOTE: https://github.com/moby/moby/commit/f0ab919f518c47240ea0e72d0999576bb8008e64
-CVE-2021-41090
- RESERVED
+CVE-2021-41090 (Grafana Agent is a telemetry collector for sending metrics, logs, and ...)
+ TODO: check
CVE-2021-41089 (Moby is an open-source project created by Docker to enable software co ...)
- docker.io 20.10.10+dfsg1-1
[bullseye] - docker.io <no-dsa> (Minor issue)
@@ -12255,8 +12255,8 @@ CVE-2021-41065
RESERVED
CVE-2021-41064
RESERVED
-CVE-2021-41063
- RESERVED
+CVE-2021-41063 (SQL injection vulnerability was discovered in Aanderaa GeoView Webserv ...)
+ TODO: check
CVE-2021-41062
RESERVED
CVE-2021-41061 (In RIOT-OS 2021.01, nonce reuse in 802.15.4 encryption in the ieee8201 ...)
@@ -12328,26 +12328,26 @@ CVE-2021-41032
RESERVED
CVE-2021-41031
RESERVED
-CVE-2021-41030
- RESERVED
-CVE-2021-41029
- RESERVED
+CVE-2021-41030 (An authentication bypass by capture-replay vulnerability [CWE-294] in ...)
+ TODO: check
+CVE-2021-41029 (A improper neutralization of input during web page generation ('cross- ...)
+ TODO: check
CVE-2021-41028
RESERVED
-CVE-2021-41027
- RESERVED
+CVE-2021-41027 (A stack-based buffer overflow in Fortinet FortiWeb version 6.4.1 and 6 ...)
+ TODO: check
CVE-2021-41026
RESERVED
CVE-2021-41025
RESERVED
-CVE-2021-41024
- RESERVED
+CVE-2021-41024 (A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7 ...)
+ TODO: check
CVE-2021-41023 (A unprotected storage of credentials in Fortinet FortiSIEM Windows Age ...)
NOT-FOR-US: Fortiguard
CVE-2021-41022 (A improper privilege management in Fortinet FortiSIEM Windows Agent ve ...)
NOT-FOR-US: Fortiguard
-CVE-2021-41021
- RESERVED
+CVE-2021-41021 (A privilege escalation vulnerability in FortiNAC versions 8.8.8 and be ...)
+ TODO: check
CVE-2021-41020
RESERVED
CVE-2021-41019 (An improper validation of certificate with host mismatch [CWE-297] vul ...)
@@ -12358,12 +12358,12 @@ CVE-2021-41017
RESERVED
CVE-2021-41016
RESERVED
-CVE-2021-41015
- RESERVED
-CVE-2021-41014
- RESERVED
-CVE-2021-41013
- RESERVED
+CVE-2021-41015 (A improper neutralization of input during web page generation ('cross- ...)
+ TODO: check
+CVE-2021-41014 (A uncontrolled resource consumption in Fortinet FortiWeb version 6.4.1 ...)
+ TODO: check
+CVE-2021-41013 (An improper access control vulnerability [CWE-284] in FortiWeb version ...)
+ TODO: check
CVE-2021-41012
RESERVED
CVE-2021-41011 (LINE client for iOS before 11.15.0 might expose authentication informa ...)
@@ -12715,10 +12715,10 @@ CVE-2021-40863
RESERVED
CVE-2021-40862 (HashiCorp Terraform Enterprise up to v202108-1 contained an API endpoi ...)
NOT-FOR-US: HashiCorp Terraform Enterprise
-CVE-2021-40861
- RESERVED
-CVE-2021-40860
- RESERVED
+CVE-2021-40861 (A SQL Injection in the custom filter query component in Genesys intell ...)
+ TODO: check
+CVE-2021-40860 (A SQL Injection in the custom filter query component in Genesys intell ...)
+ TODO: check
CVE-2021-40859 (Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B dev ...)
NOT-FOR-US: Auerswald
CVE-2021-40858
@@ -21911,18 +21911,18 @@ CVE-2021-37099 (There is a Path Traversal vulnerability in Huawei Smartphone.Suc
NOT-FOR-US: Huawei
CVE-2021-37098
RESERVED
-CVE-2021-37097
- RESERVED
+CVE-2021-37097 (There is a Code Injection vulnerability in Huawei Smartphone.Successfu ...)
+ TODO: check
CVE-2021-37096 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...)
NOT-FOR-US: Huawei
CVE-2021-37095 (There is a Integer Overflow or Wraparound vulnerability in Huawei Smar ...)
NOT-FOR-US: Huawei
CVE-2021-37094 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...)
NOT-FOR-US: Huawei
-CVE-2021-37093
- RESERVED
-CVE-2021-37092
- RESERVED
+CVE-2021-37093 (There is a Improper Access Control vulnerability in Huawei Smartphone. ...)
+ TODO: check
+CVE-2021-37092 (There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Succe ...)
+ TODO: check
CVE-2021-37091 (There is a Permissions,Privileges,and Access Controls vulnerability in ...)
NOT-FOR-US: Huawei
CVE-2021-37090 (There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Succe ...)
@@ -21955,10 +21955,10 @@ CVE-2021-37077 (There is a NULL Pointer Dereference vulnerability in Huawei Smar
NOT-FOR-US: Huawei
CVE-2021-37076 (There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Succe ...)
NOT-FOR-US: Huawei
-CVE-2021-37075
- RESERVED
-CVE-2021-37074
- RESERVED
+CVE-2021-37075 (There is a Credentials Management Errors vulnerability in Huawei Smart ...)
+ TODO: check
+CVE-2021-37074 (There is a Race Condition vulnerability in Huawei Smartphone.Successfu ...)
+ TODO: check
CVE-2021-37073 (There is a Race Condition vulnerability in Huawei Smartphone.Successfu ...)
NOT-FOR-US: Huawei
CVE-2021-37072 (There is a Incorrect Calculation of Buffer Size vulnerability in Huawe ...)
@@ -21967,8 +21967,8 @@ CVE-2021-37071 (There is a Business Logic Errors vulnerability in Huawei Smartph
NOT-FOR-US: Huawei
CVE-2021-37070 (There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Succe ...)
NOT-FOR-US: Huawei
-CVE-2021-37069
- RESERVED
+CVE-2021-37069 (There is a Race Condition vulnerability in Huawei Smartphone.Successfu ...)
+ TODO: check
CVE-2021-37068 (There is a Resource Management Errors vulnerability in Huawei Smartpho ...)
NOT-FOR-US: Huawei
CVE-2021-37067 (There is a Exposure of Sensitive Information to an Unauthorized Actor ...)
@@ -21997,42 +21997,42 @@ CVE-2021-37056 (There is an Improper permission control vulnerability in Huawei
NOT-FOR-US: Huawei
CVE-2021-37055 (There is a Logic bypass vulnerability in Huawei Smartphone.Successful ...)
NOT-FOR-US: Huawei
-CVE-2021-37054
- RESERVED
-CVE-2021-37053
- RESERVED
-CVE-2021-37052
- RESERVED
-CVE-2021-37051
- RESERVED
-CVE-2021-37050
- RESERVED
-CVE-2021-37049
- RESERVED
+CVE-2021-37054 (There is an Identity spoofing and authentication bypass vulnerability ...)
+ TODO: check
+CVE-2021-37053 (There is a Service logic vulnerability in Huawei Smartphone.Successful ...)
+ TODO: check
+CVE-2021-37052 (There is an Exception log vulnerability in Huawei Smartphone.Successfu ...)
+ TODO: check
+CVE-2021-37051 (There is an Out-of-bounds read vulnerability in Huawei Smartphone.Succ ...)
+ TODO: check
+CVE-2021-37050 (There is a Missing sensitive data encryption vulnerability in Huawei S ...)
+ TODO: check
+CVE-2021-37049 (There is a Heap-based buffer overflow vulnerability in Huawei Smartpho ...)
+ TODO: check
CVE-2021-37048 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...)
NOT-FOR-US: Huawei
CVE-2021-37047 (There is an Input verification vulnerability in Huawei Smartphone.Succ ...)
NOT-FOR-US: Huawei
CVE-2021-37046 (There is a Memory leak vulnerability with the codec detection module i ...)
NOT-FOR-US: Huawei
-CVE-2021-37045
- RESERVED
-CVE-2021-37044
- RESERVED
+CVE-2021-37045 (There is an UAF vulnerability in Huawei Smartphone.Successful exploita ...)
+ TODO: check
+CVE-2021-37044 (There is a Permission control vulnerability in Huawei Smartphone.Succe ...)
+ TODO: check
CVE-2021-37043 (There is a Stack-based Buffer Overflow vulnerability in Huawei Smartph ...)
NOT-FOR-US: Huawei
CVE-2021-37042 (There is an Improper verification vulnerability in Huawei Smartphone.S ...)
NOT-FOR-US: Huawei
CVE-2021-37041 (There is an Improper verification vulnerability in Huawei Smartphone.S ...)
NOT-FOR-US: Huawei
-CVE-2021-37040
- RESERVED
-CVE-2021-37039
- RESERVED
+CVE-2021-37040 (There is a Parameter injection vulnerability in Huawei Smartphone.Succ ...)
+ TODO: check
+CVE-2021-37039 (There is an Input verification vulnerability in Huawei Smartphone.Succ ...)
+ TODO: check
CVE-2021-37038 (There is an Improper access control vulnerability in Huawei Smartphone ...)
NOT-FOR-US: Huawei
-CVE-2021-37037
- RESERVED
+CVE-2021-37037 (There is an Invalid address access vulnerability in Huawei Smartphone. ...)
+ TODO: check
CVE-2021-37036 (There is an information leakage vulnerability in FusionCompute 6.5.1, ...)
NOT-FOR-US: Huawei
CVE-2021-37035 (There is a Remote DoS vulnerability in Huawei Smartphone.Successful ex ...)
@@ -23984,14 +23984,14 @@ CVE-2021-36193
RESERVED
CVE-2021-36192 (An exposure of sensitive information to an unauthorized actor [CWE-200 ...)
NOT-FOR-US: Fortiguard
-CVE-2021-36191
- RESERVED
-CVE-2021-36190
- RESERVED
+CVE-2021-36191 (A url redirection to untrusted site ('open redirect') in Fortinet Fort ...)
+ TODO: check
+CVE-2021-36190 (A unintended proxy or intermediary ('confused deputy') in Fortinet For ...)
+ TODO: check
CVE-2021-36189
RESERVED
-CVE-2021-36188
- RESERVED
+CVE-2021-36188 (A improper neutralization of input during web page generation ('cross- ...)
+ TODO: check
CVE-2021-36187 (A uncontrolled resource consumption in Fortinet FortiWeb version 6.4.0 ...)
NOT-FOR-US: Fortiguard
CVE-2021-36186 (A stack-based buffer overflow in Fortinet FortiWeb version 6.4.0, vers ...)
@@ -24006,8 +24006,8 @@ CVE-2021-36182 (A Improper neutralization of special elements used in a command
NOT-FOR-US: FortiGuard
CVE-2021-36181 (A concurrent execution using shared resource with improper Synchroniza ...)
NOT-FOR-US: Fortiguard
-CVE-2021-36180
- RESERVED
+CVE-2021-36180 (Multiple improper neutralization of special elements used in a command ...)
+ TODO: check
CVE-2021-36179 (A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and ...)
NOT-FOR-US: FortiGuard
CVE-2021-36178 (A insufficiently protected credentials in Fortinet FortiSDNConnector v ...)
@@ -28745,7 +28745,8 @@ CVE-2021-34185 (Miniaudio 0.10.35 has an integer-based buffer overflow caused by
NOT-FOR-US: Miniaudio
CVE-2021-34184 (Miniaudio 0.10.35 has a Double free vulnerability that could cause a b ...)
NOT-FOR-US: Miniaudio
-CVE-2021-34183 (ImageMagick 7.0.11-14 has a memory leak in AcquireSemaphoreMemory in s ...)
+CVE-2021-34183
+ REJECTED
- imagemagick <unfixed> (unimportant)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/3767
CVE-2021-34182
@@ -32691,8 +32692,8 @@ CVE-2021-32593
RESERVED
CVE-2021-32592 (An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 ...)
NOT-FOR-US: FortiGuard
-CVE-2021-32591
- RESERVED
+CVE-2021-32591 (A missing cryptographic steps vulnerability in the function that encry ...)
+ TODO: check
CVE-2021-32590 (Multiple improper neutralization of special elements used in an SQL co ...)
NOT-FOR-US: FortiPortal
CVE-2021-32589
@@ -34673,8 +34674,8 @@ CVE-2021-31852 (A Reflected Cross-Site Scripting vulnerability in McAfee Policy
NOT-FOR-US: McAfee
CVE-2021-31851 (A Reflected Cross-Site Scripting vulnerability in McAfee Policy Audito ...)
NOT-FOR-US: McAfee
-CVE-2021-31850
- RESERVED
+CVE-2021-31850 (A denial-of-service vulnerability in Database Security (DBS) prior to ...)
+ TODO: check
CVE-2021-31849 (SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO e ...)
NOT-FOR-US: McAfee
CVE-2021-31848 (Cross site scripting (XSS) vulnerability in McAfee Data Loss Preventio ...)
@@ -45026,8 +45027,8 @@ CVE-2021-27862
RESERVED
CVE-2021-27861
RESERVED
-CVE-2021-27860
- RESERVED
+CVE-2021-27860 (A vulnerability in the web management interface of FatPipe WARP, IPVPN ...)
+ TODO: check
CVE-2021-27859
RESERVED
CVE-2021-27858
@@ -49305,12 +49306,12 @@ CVE-2021-26112
RESERVED
CVE-2021-26111 (A missing release of memory after effective lifetime vulnerability in ...)
NOT-FOR-US: Fortiguard
-CVE-2021-26110
- RESERVED
-CVE-2021-26109
- RESERVED
-CVE-2021-26108
- RESERVED
+CVE-2021-26110 (An improper access control vulnerability [CWE-284] in FortiOS autod da ...)
+ TODO: check
+CVE-2021-26109 (An integer overflow or wraparound vulnerability in the memory allocato ...)
+ TODO: check
+CVE-2021-26108 (A use of hard-coded cryptographic key vulnerability in the SSLVPN of F ...)
+ TODO: check
CVE-2021-26107 (An improper access control vulnerability [CWE-284] in FortiManager ver ...)
NOT-FOR-US: Fortiguard
CVE-2021-26106 (An improper neutralization of special elements used in an OS Command v ...)
@@ -49319,8 +49320,8 @@ CVE-2021-26105
RESERVED
CVE-2021-26104
RESERVED
-CVE-2021-26103
- RESERVED
+CVE-2021-26103 (An insufficient verification of data authenticity vulnerability (CWE-3 ...)
+ TODO: check
CVE-2021-26102
RESERVED
CVE-2021-26101
@@ -50869,42 +50870,42 @@ CVE-2021-25529
RESERVED
CVE-2021-25528
RESERVED
-CVE-2021-25527
- RESERVED
-CVE-2021-25526
- RESERVED
-CVE-2021-25525
- RESERVED
-CVE-2021-25524
- RESERVED
-CVE-2021-25523
- RESERVED
-CVE-2021-25522
- RESERVED
-CVE-2021-25521
- RESERVED
-CVE-2021-25520
- RESERVED
-CVE-2021-25519
- RESERVED
-CVE-2021-25518
- RESERVED
-CVE-2021-25517
- RESERVED
-CVE-2021-25516
- RESERVED
-CVE-2021-25515
- RESERVED
-CVE-2021-25514
- RESERVED
-CVE-2021-25513
- RESERVED
-CVE-2021-25512
- RESERVED
-CVE-2021-25511
- RESERVED
-CVE-2021-25510
- RESERVED
+CVE-2021-25527 (Improper export of Android application components vulnerability in Sam ...)
+ TODO: check
+CVE-2021-25526 (Intent redirection vulnerability in Samsung Blockchain Wallet prior to ...)
+ TODO: check
+CVE-2021-25525 (Improper check or handling of exception conditions vulnerability in Sa ...)
+ TODO: check
+CVE-2021-25524 (Insecure storage of device information in Contacts prior to version 12 ...)
+ TODO: check
+CVE-2021-25523 (Insecure storage of device information in Samsung Dialer prior to vers ...)
+ TODO: check
+CVE-2021-25522 (Insecure storage of sensitive information vulnerability in Smart Captu ...)
+ TODO: check
+CVE-2021-25521 (Insecure caller check in sharevia deeplink logic prior to Samsung Inte ...)
+ TODO: check
+CVE-2021-25520 (Insecure caller check and input validation vulnerabilities in SearchKe ...)
+ TODO: check
+CVE-2021-25519 (An improper access control vulnerability in CPLC prior to SMR Dec-2021 ...)
+ TODO: check
+CVE-2021-25518 (An improper boundary check in secure_log of LDFW and BL31 prior to SMR ...)
+ TODO: check
+CVE-2021-25517 (An improper input validation vulnerability in LDFW prior to SMR Dec-20 ...)
+ TODO: check
+CVE-2021-25516 (An improper check or handling of exceptional conditions in Exynos base ...)
+ TODO: check
+CVE-2021-25515 (An improper usage of implicit intent in SemRewardManager prior to SMR ...)
+ TODO: check
+CVE-2021-25514 (An improper intent redirection handling in Tags prior to SMR Dec-2021 ...)
+ TODO: check
+CVE-2021-25513 (An improper privilege management vulnerability in Apps Edge applicatio ...)
+ TODO: check
+CVE-2021-25512 (An improper validation vulnerability in telephony prior to SMR Dec-202 ...)
+ TODO: check
+CVE-2021-25511 (An improper validation vulnerability in FilterProvider prior to SMR De ...)
+ TODO: check
+CVE-2021-25510 (An improper validation vulnerability in FilterProvider prior to SMR De ...)
+ TODO: check
CVE-2021-25509 (A missing input validation in Samsung Flow Windows application prior t ...)
NOT-FOR-US: Samsung
CVE-2021-25508 (Improper privilege management vulnerability in API Key used in SmartTh ...)
@@ -65765,26 +65766,26 @@ CVE-2021-20049
RESERVED
CVE-2021-20048
RESERVED
-CVE-2021-20047
- RESERVED
+CVE-2021-20047 (SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit) and ear ...)
+ TODO: check
CVE-2021-20046
RESERVED
-CVE-2021-20045
- RESERVED
-CVE-2021-20044
- RESERVED
-CVE-2021-20043
- RESERVED
-CVE-2021-20042
- RESERVED
-CVE-2021-20041
- RESERVED
-CVE-2021-20040
- RESERVED
-CVE-2021-20039
- RESERVED
-CVE-2021-20038
- RESERVED
+CVE-2021-20045 (A buffer overflow vulnerability in SMA100 sonicfiles RAC_COPY_TO (RacN ...)
+ TODO: check
+CVE-2021-20044 (A post-authentication remote command injection vulnerability in SonicW ...)
+ TODO: check
+CVE-2021-20043 (A Heap-based buffer overflow vulnerability in SonicWall SMA100 getBook ...)
+ TODO: check
+CVE-2021-20042 (An unauthenticated remote attacker can use SMA 100 as an unintended pr ...)
+ TODO: check
+CVE-2021-20041 (An unauthenticated and remote adversary can consume all of the device' ...)
+ TODO: check
+CVE-2021-20040 (A relative path traversal vulnerability in the SMA100 upload funtion a ...)
+ TODO: check
+CVE-2021-20039 (Improper neutralization of special elements in the SMA100 management i ...)
+ TODO: check
+CVE-2021-20038 (A Stack-based buffer overflow vulnerability in SMA100 Apache httpd ser ...)
+ TODO: check
CVE-2021-20037 (SonicWall Global VPN Client 4.10.5 installer (32-bit and 64-bit) incor ...)
NOT-FOR-US: SonicWall
CVE-2021-20036
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d8be238e476e64d85230fe1826bfc7ae532d7d4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d8be238e476e64d85230fe1826bfc7ae532d7d4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211208/2c246fcb/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list