[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Thu Feb 4 08:10:26 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5424d16e by security tracker role at 2021-02-04T08:10:19+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2021-3401 (Bitcoin Core before 0.19.0 might allow remote attackers to execute arb ...)
+	TODO: check
+CVE-2021-3400
+	RESERVED
+CVE-2021-26689 (An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, ...)
+	TODO: check
+CVE-2021-26688 (An issue was discovered on LG Wing mobile devices with Android OS 10 s ...)
+	TODO: check
+CVE-2021-26687 (An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, ...)
+	TODO: check
+CVE-2021-26686
+	RESERVED
+CVE-2021-26685
+	RESERVED
+CVE-2021-26684
+	RESERVED
+CVE-2021-26683
+	RESERVED
+CVE-2021-26682
+	RESERVED
+CVE-2021-26681
+	RESERVED
+CVE-2021-26680
+	RESERVED
+CVE-2021-26679
+	RESERVED
+CVE-2021-26678
+	RESERVED
+CVE-2021-26677
+	RESERVED
 CVE-2021-3399
 	RESERVED
 CVE-2021-3398
@@ -1605,10 +1635,10 @@ CVE-2021-3281 (In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.
 	NOTE: https://www.djangoproject.com/weblog/2021/feb/01/security-releases/
 	NOTE: https://github.com/django/django/commit/05413afa8c18cdb978fcdf470e09f7a12b234a23 (master)
 	NOTE: https://github.com/django/django/commit/21e7622dec1f8612c85c2fc37fe8efbfd3311e37 (2.2.18)
-CVE-2021-26024
-	RESERVED
-CVE-2021-26023
-	RESERVED
+CVE-2021-26024 (The Favorites component before 1.0.2 for Nagios XI 5.8.0 is vulnerable ...)
+	TODO: check
+CVE-2021-26023 (The Favorites component before 1.0.2 for Nagios XI 5.8.0 is vulnerable ...)
+	TODO: check
 CVE-2021-26022
 	RESERVED
 CVE-2021-26021
@@ -16230,8 +16260,8 @@ CVE-2021-20018
 	RESERVED
 CVE-2021-20017
 	RESERVED
-CVE-2021-20016
-	RESERVED
+CVE-2021-20016 (A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product a ...)
+	TODO: check
 CVE-2021-20015
 	RESERVED
 CVE-2021-20014
@@ -27813,12 +27843,12 @@ CVE-2020-27251 (A heap overflow vulnerability exists within FactoryTalk Linx Ver
 	NOT-FOR-US: FactoryTalk
 CVE-2020-27250
 	RESERVED
-CVE-2020-27249
-	RESERVED
-CVE-2020-27248
-	RESERVED
-CVE-2020-27247
-	RESERVED
+CVE-2020-27249 (A specially crafted document can cause the document parser to copy dat ...)
+	TODO: check
+CVE-2020-27248 (A specially crafted document can cause the document parser to copy dat ...)
+	TODO: check
+CVE-2020-27247 (A specially crafted document can cause the document parser to copy dat ...)
+	TODO: check
 CVE-2020-27246
 	RESERVED
 CVE-2020-27245
@@ -56690,12 +56720,12 @@ CVE-2020-14249
 	RESERVED
 CVE-2020-14248 (BigFix Inventory up to v10.0.2 does not set the secure flag for the se ...)
 	NOT-FOR-US: HCL BigFix Inventory
-CVE-2020-14247
-	RESERVED
-CVE-2020-14246
-	RESERVED
-CVE-2020-14245
-	RESERVED
+CVE-2020-14247 (HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate sess ...)
+	TODO: check
+CVE-2020-14246 (HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication w ...)
+	TODO: check
+CVE-2020-14245 (HCL OneTest UI V9.5, V10.0, and V10.1 does not perform authentication  ...)
+	TODO: check
 CVE-2020-14244 (A vulnerability in the MIME message handling of the Domino server (ver ...)
 	NOT-FOR-US: HCL Domino server
 CVE-2020-14243
@@ -58563,8 +58593,8 @@ CVE-2020-13588
 	RESERVED
 CVE-2020-13587
 	RESERVED
-CVE-2020-13586
-	RESERVED
+CVE-2020-13586 (A memory corruption vulnerability exists in the Excel Document SST Rec ...)
+	TODO: check
 CVE-2020-13585
 	RESERVED
 CVE-2020-13584 (An exploitable use-after-free vulnerability exists in WebKitGTK browse ...)
@@ -58580,10 +58610,10 @@ CVE-2020-13582 (A denial-of-service vulnerability exists in the HTTP Server func
 	TODO: check
 CVE-2020-13581
 	RESERVED
-CVE-2020-13580
-	RESERVED
-CVE-2020-13579
-	RESERVED
+CVE-2020-13580 (An exploitable heap-based buffer overflow vulnerability exists in the  ...)
+	TODO: check
+CVE-2020-13579 (An exploitable integer overflow vulnerability exists in the PlanMaker  ...)
+	TODO: check
 CVE-2020-13578
 	RESERVED
 CVE-2020-13577
@@ -79328,8 +79358,8 @@ CVE-2020-6090 (An exploitable code execution vulnerability exists in the Web-Bas
 	NOT-FOR-US: WAGO
 CVE-2020-6089 (An exploitable code execution vulnerability exists in the ANI file for ...)
 	NOT-FOR-US: Leadtools
-CVE-2020-6088
-	RESERVED
+CVE-2020-6088 (An exploitable denial of service vulnerability exists in the ENIP Requ ...)
+	TODO: check
 CVE-2020-6087 (An exploitable denial of service vulnerability exists in the ENIP Requ ...)
 	NOT-FOR-US: Allen-Bradley Flex IO
 CVE-2020-6086 (An exploitable denial of service vulnerability exists in the ENIP Requ ...)
@@ -84264,7 +84294,7 @@ CVE-2020-4029 (The /rest/project-templates/1.0/createshared resource in Atlassia
 	NOT-FOR-US: Atlassian
 CVE-2020-4028 (Versions before 8.9.1, Various resources in Jira responded with a 404  ...)
 	NOT-FOR-US: Atlassian
-CVE-2020-4027 (Atlassian Confluence Server and Data Center before version 7.5.1 allow ...)
+CVE-2020-4027 (Affected versions of Atlassian Confluence Server and Data Center allow ...)
 	NOT-FOR-US: Atlassian
 CVE-2020-4026 (The CustomAppsRestResource list resource in Atlassian Navigator Links  ...)
 	NOT-FOR-US: Atlassian



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5424d16e91a44b0844a1a0d1fdeb5cf07219f9d6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5424d16e91a44b0844a1a0d1fdeb5cf07219f9d6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210204/9a03a04f/attachment.html>

More information about the debian-security-tracker-commits mailing list