[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Fri Feb 12 08:10:30 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
90c71e2e by security tracker role at 2021-02-12T08:10:22+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,15 @@
+CVE-2021-27201
+ RESERVED
+CVE-2021-27200
+ RESERVED
+CVE-2021-27199
+ RESERVED
+CVE-2021-27198
+ RESERVED
+CVE-2021-27197
+ RESERVED
+CVE-2021-27196
+ RESERVED
CVE-2021-27195
RESERVED
CVE-2021-27194
@@ -10,8 +22,8 @@ CVE-2021-27191 (The get-ip-range package before 4.0.0 for Node.js is vulnerable
TODO: check
CVE-2021-3408
RESERVED
-CVE-2021-27190
- RESERVED
+CVE-2021-27190 (PEEL Shopping cart 9.3.0 allows utilisateurs/change_params.php Address ...)
+ TODO: check
CVE-2021-27189
RESERVED
CVE-2021-27188
@@ -11622,8 +11634,8 @@ CVE-2021-21978
RESERVED
CVE-2021-21977
RESERVED
-CVE-2021-21976
- RESERVED
+CVE-2021-21976 (vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8. ...)
+ TODO: check
CVE-2021-21975
RESERVED
CVE-2021-21974
@@ -13362,11 +13374,11 @@ CVE-2021-21471 (In CLA-Assistant, versions before 2.8.5, due to improper access
NOT-FOR-US: CLA-Assistant
CVE-2021-21470 (SAP EPM Add-in for Microsoft Office, version - 1010 and SAP EPM Add-in ...)
NOT-FOR-US: SAP
-CVE-2021-21469 (When security guidelines for SAP NetWeaver Master Data Management, ver ...)
+CVE-2021-21469 (When security guidelines for SAP NetWeaver Master Data Management runn ...)
NOT-FOR-US: SAP
CVE-2021-21468 (The BW Database Interface does not perform necessary authorization che ...)
NOT-FOR-US: SAP
-CVE-2021-21467 (SAP Banking Services (Generic Market Data) 400, 450, and 500 does not ...)
+CVE-2021-21467 (SAP Banking Services (Generic Market Data) does not perform necessary ...)
NOT-FOR-US: SAP
CVE-2021-21466 (SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 75 ...)
NOT-FOR-US: SAP
@@ -14218,10 +14230,10 @@ CVE-2021-21313
RESERVED
CVE-2021-21312
RESERVED
-CVE-2021-21311
- RESERVED
-CVE-2021-21310
- RESERVED
+CVE-2021-21311 (Adminer is an open-source database management in a single PHP file. In ...)
+ TODO: check
+CVE-2021-21310 (NextAuth.js (next-auth) is am open source authentication solution for ...)
+ TODO: check
CVE-2021-21309
RESERVED
CVE-2021-21308
@@ -14953,109 +14965,109 @@ CVE-2021-21065
RESERVED
CVE-2021-21064
RESERVED
-CVE-2021-21063
- RESERVED
-CVE-2021-21062
- RESERVED
-CVE-2021-21061
- RESERVED
-CVE-2021-21060
- RESERVED
-CVE-2021-21059
- RESERVED
-CVE-2021-21058
- RESERVED
-CVE-2021-21057
- RESERVED
+CVE-2021-21063 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+ TODO: check
+CVE-2021-21062 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+ TODO: check
+CVE-2021-21061 (Acrobat Pro DC versions versions 2020.013.20074 (and earlier), 2020.00 ...)
+ TODO: check
+CVE-2021-21060 (Adobe Acrobat Pro DC versions 2020.013.20074 (and earlier), 2020.001.3 ...)
+ TODO: check
+CVE-2021-21059 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+ TODO: check
+CVE-2021-21058 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+ TODO: check
+CVE-2021-21057 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+ TODO: check
CVE-2021-21056
RESERVED
-CVE-2021-21055
- RESERVED
-CVE-2021-21054
- RESERVED
-CVE-2021-21053
- RESERVED
-CVE-2021-21052
- RESERVED
-CVE-2021-21051
- RESERVED
-CVE-2021-21050
- RESERVED
-CVE-2021-21049
- RESERVED
-CVE-2021-21048
- RESERVED
-CVE-2021-21047
- RESERVED
-CVE-2021-21046
- RESERVED
-CVE-2021-21045
- RESERVED
-CVE-2021-21044
- RESERVED
+CVE-2021-21055 (Adobe Dreamweaver versions 21.0 (and earlier) and 20.2 (and earlier) i ...)
+ TODO: check
+CVE-2021-21054 (Adobe Illustrator version 25.1 (and earlier) is affected by an Out-of- ...)
+ TODO: check
+CVE-2021-21053 (Adobe Illustrator version 25.1 (and earlier) is affected by an Out-of- ...)
+ TODO: check
+CVE-2021-21052 (Adobe Animate version 21.0.2 (and earlier) is affected by an Out-of-bo ...)
+ TODO: check
+CVE-2021-21051 (Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) ...)
+ TODO: check
+CVE-2021-21050 (Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) ...)
+ TODO: check
+CVE-2021-21049 (Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) ...)
+ TODO: check
+CVE-2021-21048 (Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) ...)
+ TODO: check
+CVE-2021-21047 (Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) ...)
+ TODO: check
+CVE-2021-21046 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+ TODO: check
+CVE-2021-21045 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+ TODO: check
+CVE-2021-21044 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+ TODO: check
CVE-2021-21043 (ACS Commons version 4.9.2 (and earlier) suffers from a Reflected Cross ...)
NOT-FOR-US: Adobe
-CVE-2021-21042
- RESERVED
-CVE-2021-21041
- RESERVED
-CVE-2021-21040
- RESERVED
-CVE-2021-21039
- RESERVED
-CVE-2021-21038
- RESERVED
-CVE-2021-21037
- RESERVED
-CVE-2021-21036
- RESERVED
-CVE-2021-21035
- RESERVED
-CVE-2021-21034
- RESERVED
-CVE-2021-21033
- RESERVED
-CVE-2021-21032
- RESERVED
-CVE-2021-21031
- RESERVED
-CVE-2021-21030
- RESERVED
-CVE-2021-21029
- RESERVED
-CVE-2021-21028
- RESERVED
-CVE-2021-21027
- RESERVED
-CVE-2021-21026
- RESERVED
-CVE-2021-21025
- RESERVED
-CVE-2021-21024
- RESERVED
-CVE-2021-21023
- RESERVED
-CVE-2021-21022
- RESERVED
-CVE-2021-21021
- RESERVED
-CVE-2021-21020
- RESERVED
-CVE-2021-21019
- RESERVED
-CVE-2021-21018
- RESERVED
-CVE-2021-21017
- RESERVED
-CVE-2021-21016
- RESERVED
-CVE-2021-21015
- RESERVED
-CVE-2021-21014
- RESERVED
-CVE-2021-21013 (Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bound ...)
+CVE-2021-21042 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+ TODO: check
+CVE-2021-21041 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+ TODO: check
+CVE-2021-21040 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+ TODO: check
+CVE-2021-21039 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+ TODO: check
+CVE-2021-21038 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+ TODO: check
+CVE-2021-21037 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+ TODO: check
+CVE-2021-21036 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+ TODO: check
+CVE-2021-21035 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+ TODO: check
+CVE-2021-21034 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+ TODO: check
+CVE-2021-21033 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+ TODO: check
+CVE-2021-21032 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+ TODO: check
+CVE-2021-21031 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+ TODO: check
+CVE-2021-21030 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+ TODO: check
+CVE-2021-21029 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+ TODO: check
+CVE-2021-21028 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+ TODO: check
+CVE-2021-21027 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+ TODO: check
+CVE-2021-21026 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+ TODO: check
+CVE-2021-21025 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+ TODO: check
+CVE-2021-21024 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+ TODO: check
+CVE-2021-21023 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+ TODO: check
+CVE-2021-21022 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+ TODO: check
+CVE-2021-21021 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+ TODO: check
+CVE-2021-21020 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+ TODO: check
+CVE-2021-21019 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+ TODO: check
+CVE-2021-21018 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+ TODO: check
+CVE-2021-21017 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+ TODO: check
+CVE-2021-21016 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+ TODO: check
+CVE-2021-21015 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+ TODO: check
+CVE-2021-21014 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+ TODO: check
+CVE-2021-21013 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
NOT-FOR-US: Adobe
-CVE-2021-21012 (Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bound ...)
+CVE-2021-21012 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
NOT-FOR-US: Adobe
CVE-2021-21011 (Adobe Captivate 2019 version 11.5.1.499 (and earlier) is affected by a ...)
NOT-FOR-US: Adobe
@@ -15828,40 +15840,40 @@ CVE-2021-20653
RESERVED
CVE-2021-20652 (Cross-site request forgery (CSRF) vulnerability in Name Directory 1.17 ...)
NOT-FOR-US: Name Directory
-CVE-2021-20651
- RESERVED
-CVE-2021-20650
- RESERVED
-CVE-2021-20649
- RESERVED
-CVE-2021-20648
- RESERVED
-CVE-2021-20647
- RESERVED
-CVE-2021-20646
- RESERVED
-CVE-2021-20645
- RESERVED
-CVE-2021-20644
- RESERVED
-CVE-2021-20643
- RESERVED
-CVE-2021-20642
- RESERVED
-CVE-2021-20641
- RESERVED
-CVE-2021-20640
- RESERVED
-CVE-2021-20639
- RESERVED
-CVE-2021-20638
- RESERVED
-CVE-2021-20637
- RESERVED
-CVE-2021-20636
- RESERVED
-CVE-2021-20635
- RESERVED
+CVE-2021-20651 (Directory traversal vulnerability in ELECOM File Manager all versions ...)
+ TODO: check
+CVE-2021-20650 (Cross-site request forgery (CSRF) vulnerability in ELECOM NCC-EWF100RM ...)
+ TODO: check
+CVE-2021-20649 (ELECOM WRC-300FEBK-S contains an improper certificate validation vulne ...)
+ TODO: check
+CVE-2021-20648 (ELECOM WRC-300FEBK-S allows an attacker with administrator rights to e ...)
+ TODO: check
+CVE-2021-20647 (Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK- ...)
+ TODO: check
+CVE-2021-20646 (Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK- ...)
+ TODO: check
+CVE-2021-20645 (Cross-site scripting vulnerability in ELECOM WRC-300FEBK-A allows remo ...)
+ TODO: check
+CVE-2021-20644 (ELECOM WRC-1467GHBK-A allows arbitrary scripts to be executed on the u ...)
+ TODO: check
+CVE-2021-20643 (Improper access control vulnerability in ELECOM LD-PS/U1 allows remote ...)
+ TODO: check
+CVE-2021-20642 (Improper check or handling of exceptional conditions in LOGITEC LAN-W3 ...)
+ TODO: check
+CVE-2021-20641 (Cross-site request forgery (CSRF) vulnerability in LOGITEC LAN-W300N/R ...)
+ TODO: check
+CVE-2021-20640 (Buffer overflow vulnerability in LOGITEC LAN-W300N/PGRB allows an atta ...)
+ TODO: check
+CVE-2021-20639 (LOGITEC LAN-W300N/PGRB allows an attacker with administrative privileg ...)
+ TODO: check
+CVE-2021-20638 (LOGITEC LAN-W300N/PGRB allows an attacker with administrative privileg ...)
+ TODO: check
+CVE-2021-20637 (Improper check or handling of exceptional conditions in LOGITEC LAN-W3 ...)
+ TODO: check
+CVE-2021-20636 (Cross-site request forgery (CSRF) vulnerability in LOGITEC LAN-W300N/P ...)
+ TODO: check
+CVE-2021-20635 (Improper restriction of excessive authentication attempts in LOGITEC L ...)
+ TODO: check
CVE-2021-20634
RESERVED
CVE-2021-20633
@@ -27065,26 +27077,26 @@ CVE-2020-27871 (This vulnerability allows remote attackers to create arbitrary f
TODO: check
CVE-2020-27870 (This vulnerability allows remote attackers to disclose sensitive infor ...)
TODO: check
-CVE-2020-27869
- RESERVED
-CVE-2020-27868
- RESERVED
-CVE-2020-27867
- RESERVED
-CVE-2020-27866
- RESERVED
-CVE-2020-27865
- RESERVED
-CVE-2020-27864
- RESERVED
-CVE-2020-27863
- RESERVED
-CVE-2020-27862
- RESERVED
-CVE-2020-27861
- RESERVED
-CVE-2020-27860
- RESERVED
+CVE-2020-27869 (This vulnerability allows remote attackers to escalate privileges on a ...)
+ TODO: check
+CVE-2020-27868 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2020-27867 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2020-27866 (This vulnerability allows network-adjacent attackers to bypass authent ...)
+ TODO: check
+CVE-2020-27865 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2020-27864 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2020-27863 (This vulnerability allows network-adjacent attackers to disclose sensi ...)
+ TODO: check
+CVE-2020-27862 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2020-27861 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+ TODO: check
+CVE-2020-27860 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
CVE-2020-27859 (This vulnerability allows remote attackers to disclose sensitive infor ...)
NOT-FOR-US: NEC ESMPRO Manager
CVE-2020-27858 (This vulnerability allows remote attackers to disclose sensitive infor ...)
@@ -72341,8 +72353,8 @@ CVE-2020-9308 (archive_read_support_format_rar5.c in libarchive before 3.4.2 att
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20459
NOTE: https://github.com/libarchive/libarchive/pull/1326
NOTE: https://github.com/libarchive/libarchive/commit/94821008d6eea81e315c5881cdf739202961040a
-CVE-2020-9307
- RESERVED
+CVE-2020-9307 (Hirschmann OS2, RSP, and RSPE devices before HiOS 08.3.00 allow a deni ...)
+ TODO: check
CVE-2020-9306
RESERVED
CVE-2020-9305
@@ -94125,10 +94137,10 @@ CVE-2019-19007 (Intelbras IWR 3000N 1.8.7 devices allow disclosure of the admini
NOT-FOR-US: Intelbras IWR 3000N 1.8.7 devices
CVE-2019-19006 (Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197. ...)
NOT-FOR-US: FreePBX
-CVE-2019-19005
- RESERVED
-CVE-2019-19004
- RESERVED
+CVE-2019-19005 (A bitmap double free in main.c in autotrace 0.31.1 allows attackers to ...)
+ TODO: check
+CVE-2019-19004 (A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 ...)
+ TODO: check
CVE-2019-19003 (For ABB eSOMS versions 4.0 to 6.0.2, the HTTPOnly flag is not set. Thi ...)
NOT-FOR-US: ABB eSOMS
CVE-2019-19002 (For ABB eSOMS versions 4.0 to 6.0.2, the X-XSS-Protection HTTP respons ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90c71e2e3149b5fa6711ae1754cef1fd262d0a02
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90c71e2e3149b5fa6711ae1754cef1fd262d0a02
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210212/380ba0e9/attachment.html>
More information about the debian-security-tracker-commits
mailing list