[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Wed Jan 20 20:10:38 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e75b495f by security tracker role at 2021-01-20T20:10:29+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2021-25642
+ RESERVED
+CVE-2021-25641
+ RESERVED
+CVE-2021-25640
+ RESERVED
CVE-2021-25639
RESERVED
CVE-2021-25638
@@ -765,6 +771,8 @@ CVE-2021-25288
CVE-2021-25287
RESERVED
CVE-2021-3185 [gstreamer: stack buffer overflow in gst_h264_slice_parse_dec_ref_pic_marking]
+ RESERVED
+ {DSA-4833-1 DLA-2528-1}
- gst-plugins-bad1.0 1.18.1-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1917192
NOTE: https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/commit/11353b3f6e2f047cc37483d21e6a37ae558896bc
@@ -780,7 +788,7 @@ CVE-2021-25282
RESERVED
CVE-2021-25281
RESERVED
-CVE-2021-21263 [Unexpected bindings in QueryBuilder]
+CVE-2021-21263 (Laravel is a web application framework. Versions of Laravel before 6.2 ...)
- php-laravel-framework 6.20.11+dfsg-1 (bug #980095)
NOTE: https://blog.laravel.com/security-laravel-62011-7302-8221-released
NOTE: https://github.com/laravel/framework/security/advisories/GHSA-3p32-j457-pg5x
@@ -3603,8 +3611,8 @@ CVE-2021-3132
RESERVED
CVE-2021-3131 (The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 enco ...)
NOT-FOR-US: 1C:Enterprise
-CVE-2021-3130
- RESERVED
+CVE-2021-3130 (Within the Open-AudIT up to version 3.5.3 application, the web interfa ...)
+ TODO: check
CVE-2021-3129 (Ignition before 2.5.2, as used in Laravel and other products, allows u ...)
NOT-FOR-US: Ignition
CVE-2021-3128
@@ -4829,8 +4837,8 @@ CVE-2021-23328
RESERVED
CVE-2021-23327
RESERVED
-CVE-2021-23326
- RESERVED
+CVE-2021-23326 (This affects the package @graphql-tools/git-loader before 6.2.6. The u ...)
+ TODO: check
CVE-2021-23325
RESERVED
CVE-2021-23324
@@ -5003,8 +5011,8 @@ CVE-2021-3112
RESERVED
CVE-2021-3111 (The Express Entries Dashboard in Concrete5 8.5.4 allows stored XSS via ...)
NOT-FOR-US: Concrete5
-CVE-2021-3110
- RESERVED
+CVE-2021-3110 (The store system in PrestaShop 1.7.7.0 allows time-based boolean SQL i ...)
+ TODO: check
CVE-2021-3109
RESERVED
CVE-2021-23242 (MERCUSYS Mercury X18G 1.0.5 devices allow Directory Traversal via ../ ...)
@@ -10316,8 +10324,8 @@ CVE-2021-21271
RESERVED
CVE-2021-21270
RESERVED
-CVE-2021-21269
- RESERVED
+CVE-2021-21269 (Keymaker is a Mastodon Community Finder based Matrix Community serverl ...)
+ TODO: check
CVE-2021-21268
RESERVED
CVE-2021-21267
@@ -13794,10 +13802,10 @@ CVE-2020-35274 (DotCMS Add Template with admin panel 20.11 is affected by cross-
NOT-FOR-US: DotCMS
CVE-2020-35273 (EgavilanMedia User Registration & Login System with Admin Panel 1. ...)
NOT-FOR-US: EgavilanMedia User Registration & Login System with Admin Panel
-CVE-2020-35272
- RESERVED
-CVE-2020-35271
- RESERVED
+CVE-2020-35272 (Employee Performance Evaluation System in PHP/MySQLi with Source Code ...)
+ TODO: check
+CVE-2020-35271 (Employee Performance Evaluation System in PHP/MySQLi with Source Code ...)
+ TODO: check
CVE-2020-35270
RESERVED
CVE-2020-35269 (Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross ...)
@@ -13906,8 +13914,8 @@ CVE-2020-35219 (The ASUS DSL-N17U modem with firmware 1.1.0.2 allows attackers t
NOT-FOR-US: ASUS
CVE-2020-35218
RESERVED
-CVE-2020-35217
- RESERVED
+CVE-2020-35217 (Vert.x-Web framework v4.0 milestone 1-4 does not perform a correct CSR ...)
+ TODO: check
CVE-2020-35216
RESERVED
CVE-2020-35215
@@ -14888,346 +14896,291 @@ CVE-2021-2133
RESERVED
CVE-2021-2132
RESERVED
-CVE-2021-2131
- RESERVED
+CVE-2021-2131 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
-CVE-2021-2130
- RESERVED
+CVE-2021-2130 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
-CVE-2021-2129
- RESERVED
+CVE-2021-2129 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
-CVE-2021-2128
- RESERVED
+CVE-2021-2128 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
-CVE-2021-2127
- RESERVED
+CVE-2021-2127 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
-CVE-2021-2126
- RESERVED
+CVE-2021-2126 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
-CVE-2021-2125
- RESERVED
+CVE-2021-2125 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
-CVE-2021-2124
- RESERVED
+CVE-2021-2124 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
-CVE-2021-2123
- RESERVED
+CVE-2021-2123 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
-CVE-2021-2122
- RESERVED
+CVE-2021-2122 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
-CVE-2021-2121
- RESERVED
+CVE-2021-2121 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
-CVE-2021-2120
- RESERVED
+CVE-2021-2120 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
-CVE-2021-2119
- RESERVED
+CVE-2021-2119 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
-CVE-2021-2118
- RESERVED
-CVE-2021-2117
- RESERVED
-CVE-2021-2116
- RESERVED
-CVE-2021-2115
- RESERVED
-CVE-2021-2114
- RESERVED
-CVE-2021-2113
- RESERVED
-CVE-2021-2112
- RESERVED
+CVE-2021-2118 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
+ TODO: check
+CVE-2021-2117 (Vulnerability in the Oracle Application Express Survey Builder compone ...)
+ TODO: check
+CVE-2021-2116 (Vulnerability in the Oracle Application Express Opportunity Tracker co ...)
+ TODO: check
+CVE-2021-2115 (Vulnerability in the Oracle Common Applications Calendar product of Or ...)
+ TODO: check
+CVE-2021-2114 (Vulnerability in the Oracle Common Applications Calendar product of Or ...)
+ TODO: check
+CVE-2021-2113 (Vulnerability in the Oracle Financial Services Revenue Management and ...)
+ TODO: check
+CVE-2021-2112 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
-CVE-2021-2111
- RESERVED
+CVE-2021-2111 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
-CVE-2021-2110
- RESERVED
-CVE-2021-2109
- RESERVED
-CVE-2021-2108
- RESERVED
-CVE-2021-2107
- RESERVED
-CVE-2021-2106
- RESERVED
-CVE-2021-2105
- RESERVED
-CVE-2021-2104
- RESERVED
-CVE-2021-2103
- RESERVED
-CVE-2021-2102
- RESERVED
-CVE-2021-2101
- RESERVED
-CVE-2021-2100
- RESERVED
-CVE-2021-2099
- RESERVED
-CVE-2021-2098
- RESERVED
-CVE-2021-2097
- RESERVED
-CVE-2021-2096
- RESERVED
+CVE-2021-2110 (Vulnerability in the Oracle Argus Safety product of Oracle Health Scie ...)
+ TODO: check
+CVE-2021-2109 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2021-2108 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2021-2107 (Vulnerability in the Oracle Customer Interaction History product of Or ...)
+ TODO: check
+CVE-2021-2106 (Vulnerability in the Oracle Customer Interaction History product of Or ...)
+ TODO: check
+CVE-2021-2105 (Vulnerability in the Oracle Customer Interaction History product of Or ...)
+ TODO: check
+CVE-2021-2104 (Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul ...)
+ TODO: check
+CVE-2021-2103 (Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul ...)
+ TODO: check
+CVE-2021-2102 (Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul ...)
+ TODO: check
+CVE-2021-2101 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
+ TODO: check
+CVE-2021-2100 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
+ TODO: check
+CVE-2021-2099 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+ TODO: check
+CVE-2021-2098 (Vulnerability in the Oracle Email Center product of Oracle E-Business ...)
+ TODO: check
+CVE-2021-2097 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
+ TODO: check
+CVE-2021-2096 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite ...)
+ TODO: check
CVE-2021-2095
RESERVED
-CVE-2021-2094
- RESERVED
-CVE-2021-2093
- RESERVED
-CVE-2021-2092
- RESERVED
-CVE-2021-2091
- RESERVED
-CVE-2021-2090
- RESERVED
-CVE-2021-2089
- RESERVED
-CVE-2021-2088
- RESERVED
+CVE-2021-2094 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
+ TODO: check
+CVE-2021-2093 (Vulnerability in the Oracle Common Applications product of Oracle E-Bu ...)
+ TODO: check
+CVE-2021-2092 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+ TODO: check
+CVE-2021-2091 (Vulnerability in the Oracle Scripting product of Oracle E-Business Sui ...)
+ TODO: check
+CVE-2021-2090 (Vulnerability in the Oracle Email Center product of Oracle E-Business ...)
+ TODO: check
+CVE-2021-2089 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite ...)
+ TODO: check
+CVE-2021-2088 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
-CVE-2021-2087
- RESERVED
+CVE-2021-2087 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
-CVE-2021-2086
- RESERVED
+CVE-2021-2086 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
-CVE-2021-2085
- RESERVED
-CVE-2021-2084
- RESERVED
-CVE-2021-2083
- RESERVED
-CVE-2021-2082
- RESERVED
-CVE-2021-2081
- RESERVED
+CVE-2021-2085 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+ TODO: check
+CVE-2021-2084 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+ TODO: check
+CVE-2021-2083 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
+ TODO: check
+CVE-2021-2082 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite ...)
+ TODO: check
+CVE-2021-2081 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
-CVE-2021-2080
- RESERVED
-CVE-2021-2079
- RESERVED
-CVE-2021-2078
- RESERVED
-CVE-2021-2077
- RESERVED
-CVE-2021-2076
- RESERVED
+CVE-2021-2080 (Vulnerability in the Oracle Configurator product of Oracle Supply Chai ...)
+ TODO: check
+CVE-2021-2079 (Vulnerability in the Oracle Configurator product of Oracle Supply Chai ...)
+ TODO: check
+CVE-2021-2078 (Vulnerability in the Oracle Configurator product of Oracle Supply Chai ...)
+ TODO: check
+CVE-2021-2077 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite ...)
+ TODO: check
+CVE-2021-2076 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
-CVE-2021-2075
- RESERVED
-CVE-2021-2074
- RESERVED
+CVE-2021-2075 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2021-2074 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
-CVE-2021-2073
- RESERVED
+CVE-2021-2073 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
-CVE-2021-2072
- RESERVED
+CVE-2021-2072 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
-CVE-2021-2071
- RESERVED
-CVE-2021-2070
- RESERVED
+CVE-2021-2071 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2021-2070 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
-CVE-2021-2069
- RESERVED
-CVE-2021-2068
- RESERVED
-CVE-2021-2067
- RESERVED
-CVE-2021-2066
- RESERVED
-CVE-2021-2065
- RESERVED
+CVE-2021-2069 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+ TODO: check
+CVE-2021-2068 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+ TODO: check
+CVE-2021-2067 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+ TODO: check
+CVE-2021-2066 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+ TODO: check
+CVE-2021-2065 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
-CVE-2021-2064
- RESERVED
-CVE-2021-2063
- RESERVED
-CVE-2021-2062
- RESERVED
-CVE-2021-2061
- RESERVED
+CVE-2021-2064 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2021-2063 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2021-2062 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
+ TODO: check
+CVE-2021-2061 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
-CVE-2021-2060
- RESERVED
+CVE-2021-2060 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
- mysql-5.7 <unfixed>
-CVE-2021-2059
- RESERVED
-CVE-2021-2058
- RESERVED
+CVE-2021-2059 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite ...)
+ TODO: check
+CVE-2021-2058 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
-CVE-2021-2057
- RESERVED
-CVE-2021-2056
- RESERVED
+CVE-2021-2057 (Vulnerability in the Oracle Retail Customer Management and Segmentatio ...)
+ TODO: check
+CVE-2021-2056 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
-CVE-2021-2055
- RESERVED
+CVE-2021-2055 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 8.0.22-1
-CVE-2021-2054
- RESERVED
+CVE-2021-2054 (Vulnerability in the RDBMS Sharding component of Oracle Database Serve ...)
+ TODO: check
CVE-2021-2053
RESERVED
-CVE-2021-2052
- RESERVED
-CVE-2021-2051
- RESERVED
-CVE-2021-2050
- RESERVED
-CVE-2021-2049
- RESERVED
-CVE-2021-2048
- RESERVED
+CVE-2021-2052 (Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of ...)
+ TODO: check
+CVE-2021-2051 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
+ TODO: check
+CVE-2021-2050 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
+ TODO: check
+CVE-2021-2049 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
+ TODO: check
+CVE-2021-2048 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
-CVE-2021-2047
- RESERVED
-CVE-2021-2046
- RESERVED
+CVE-2021-2047 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2021-2046 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
-CVE-2021-2045
- RESERVED
-CVE-2021-2044
- RESERVED
-CVE-2021-2043
- RESERVED
-CVE-2021-2042
- RESERVED
+CVE-2021-2045 (Vulnerability in the Oracle Text component of Oracle Database Server. ...)
+ TODO: check
+CVE-2021-2044 (Vulnerability in the PeopleSoft Enterprise FIN Payables product of Ora ...)
+ TODO: check
+CVE-2021-2043 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2021-2042 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 8.0.22-1
-CVE-2021-2041
- RESERVED
-CVE-2021-2040
- RESERVED
-CVE-2021-2039
- RESERVED
-CVE-2021-2038
- RESERVED
+CVE-2021-2041 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+ TODO: check
+CVE-2021-2040 (Vulnerability in the Oracle Argus Safety product of Oracle Health Scie ...)
+ TODO: check
+CVE-2021-2039 (Vulnerability in the Siebel Core - Server Framework product of Oracle ...)
+ TODO: check
+CVE-2021-2038 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
CVE-2021-2037
RESERVED
-CVE-2021-2036
- RESERVED
+CVE-2021-2036 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
-CVE-2021-2035
- RESERVED
-CVE-2021-2034
- RESERVED
-CVE-2021-2033
- RESERVED
-CVE-2021-2032
- RESERVED
+CVE-2021-2035 (Vulnerability in the RDBMS Scheduler component of Oracle Database Serv ...)
+ TODO: check
+CVE-2021-2034 (Vulnerability in the Oracle Common Applications Calendar product of Or ...)
+ TODO: check
+CVE-2021-2033 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2021-2032 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
- mysql-5.7 <unfixed>
-CVE-2021-2031
- RESERVED
+CVE-2021-2031 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
-CVE-2021-2030
- RESERVED
+CVE-2021-2030 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 8.0.22-1
-CVE-2021-2029
- RESERVED
-CVE-2021-2028
- RESERVED
+CVE-2021-2029 (Vulnerability in the Oracle Scripting product of Oracle E-Business Sui ...)
+ TODO: check
+CVE-2021-2028 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 8.0.22-1
-CVE-2021-2027
- RESERVED
-CVE-2021-2026
- RESERVED
-CVE-2021-2025
- RESERVED
-CVE-2021-2024
- RESERVED
+CVE-2021-2027 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
+ TODO: check
+CVE-2021-2026 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
+ TODO: check
+CVE-2021-2025 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+ TODO: check
+CVE-2021-2024 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
-CVE-2021-2023
- RESERVED
-CVE-2021-2022
- RESERVED
+CVE-2021-2023 (Vulnerability in the Oracle Installed Base product of Oracle E-Busines ...)
+ TODO: check
+CVE-2021-2022 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
- mysql-5.7 <unfixed>
-CVE-2021-2021
- RESERVED
+CVE-2021-2021 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
-CVE-2021-2020
- RESERVED
+CVE-2021-2020 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 8.0.21-1
-CVE-2021-2019
- RESERVED
+CVE-2021-2019 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <not-affected> (Fixed before initial upload)
-CVE-2021-2018
- RESERVED
-CVE-2021-2017
- RESERVED
-CVE-2021-2016
- RESERVED
+CVE-2021-2018 (Vulnerability in the Advanced Networking Option component of Oracle Da ...)
+ TODO: check
+CVE-2021-2017 (Vulnerability in the Oracle User Management product of Oracle E-Busine ...)
+ TODO: check
+CVE-2021-2016 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <not-affected> (Fixed before initial upload)
-CVE-2021-2015
- RESERVED
-CVE-2021-2014
- RESERVED
+CVE-2021-2015 (Vulnerability in the Oracle Workflow product of Oracle E-Business Suit ...)
+ TODO: check
+CVE-2021-2014 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed>
-CVE-2021-2013
- RESERVED
-CVE-2021-2012
- RESERVED
+CVE-2021-2013 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
+ TODO: check
+CVE-2021-2012 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 8.0.21-1
-CVE-2021-2011
- RESERVED
+CVE-2021-2011 (Vulnerability in the MySQL Client product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
- mysql-5.7 <unfixed>
-CVE-2021-2010
- RESERVED
+CVE-2021-2010 (Vulnerability in the MySQL Client product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
- mysql-5.7 <unfixed>
-CVE-2021-2009
- RESERVED
+CVE-2021-2009 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <not-affected> (Fixed before initial upload)
CVE-2021-2008
RESERVED
-CVE-2021-2007
- RESERVED
+CVE-2021-2007 (Vulnerability in the MySQL Client product of Oracle MySQL (component: ...)
- mysql-8.0 <not-affected> (Fixed before initial upload)
- mysql-5.7 <unfixed>
-CVE-2021-2006
- RESERVED
+CVE-2021-2006 (Vulnerability in the MySQL Client product of Oracle MySQL (component: ...)
- mysql-8.0 8.0.21-1
-CVE-2021-2005
- RESERVED
-CVE-2021-2004
- RESERVED
-CVE-2021-2003
- RESERVED
-CVE-2021-2002
- RESERVED
+CVE-2021-2005 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+ TODO: check
+CVE-2021-2004 (Vulnerability in the Siebel Core - Server BizLogic Script product of O ...)
+ TODO: check
+CVE-2021-2003 (Vulnerability in the Business Intelligence Enterprise Edition product ...)
+ TODO: check
+CVE-2021-2002 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
-CVE-2021-2001
- RESERVED
+CVE-2021-2001 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <not-affected> (Fixed before initial upload)
- mysql-5.7 <unfixed>
-CVE-2021-2000
- RESERVED
-CVE-2021-1999
- RESERVED
-CVE-2021-1998
- RESERVED
+CVE-2021-2000 (Vulnerability in the Unified Audit component of Oracle Database Server ...)
+ TODO: check
+CVE-2021-1999 (Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracl ...)
+ TODO: check
+CVE-2021-1998 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
-CVE-2021-1997
- RESERVED
-CVE-2021-1996
- RESERVED
-CVE-2021-1995
- RESERVED
-CVE-2021-1994
- RESERVED
-CVE-2021-1993
- RESERVED
+CVE-2021-1997 (Vulnerability in the Oracle Hospitality Reporting and Analytics produc ...)
+ TODO: check
+CVE-2021-1996 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2021-1995 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2021-1994 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2021-1993 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
+ TODO: check
CVE-2021-1992
RESERVED
CVE-2021-1991
@@ -19837,8 +19790,8 @@ CVE-2020-28485
RESERVED
CVE-2020-28484
RESERVED
-CVE-2020-28483
- RESERVED
+CVE-2020-28483 (This affects all versions of package github.com/gin-gonic/gin. When gi ...)
+ TODO: check
CVE-2020-28482 (This affects the package fastify-csrf before 3.0.0. 1. The generated c ...)
NOT-FOR-US: Node fastify-csrf
CVE-2020-28481 (The package socket.io before 2.4.0 are vulnerable to Insecure Defaults ...)
@@ -19900,8 +19853,8 @@ CVE-2020-28454
RESERVED
CVE-2020-28453
RESERVED
-CVE-2020-28452
- RESERVED
+CVE-2020-28452 (This affects the package com.softwaremill.akka-http-session:core_2.12 ...)
+ TODO: check
CVE-2020-28451
RESERVED
CVE-2020-28450
@@ -28521,40 +28474,33 @@ CVE-2020-25689 (A memory leak flaw was found in WildFly in all versions up to 21
- wildfly <itp> (bug #752018)
CVE-2020-25688 (A flaw was found in rhacm versions before 2.0.5 and before 2.1.0. Two ...)
NOT-FOR-US: Red Hat Advanced Cluster Management for Kubernetes (RHACM)
-CVE-2020-25687
- RESERVED
+CVE-2020-25687 (A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ...)
- dnsmasq 2.83-1
NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a
-CVE-2020-25686
- RESERVED
+CVE-2020-25686 (A flaw was found in dnsmasq before version 2.83. When receiving a quer ...)
- dnsmasq 2.83-1
NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=15b60ddf935a531269bb8c68198de012a4967156
NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=6a6e06fbb0d4690507ceaf2bb6f0d8910f3d4914
-CVE-2020-25685
- RESERVED
+CVE-2020-25685 (A flaw was found in dnsmasq before version 2.83. When getting a reply ...)
- dnsmasq 2.83-1
NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=2d765867c597db18be9d876c9c17e2c0fe1953cd
NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=2024f9729713fd657d65e64c2e4e471baa0a3e5b
-CVE-2020-25684
- RESERVED
+CVE-2020-25684 (A flaw was found in dnsmasq before version 2.83. When getting a reply ...)
- dnsmasq 2.83-1
NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=257ac0c5f7732cbc6aa96fdd3b06602234593aca
-CVE-2020-25683
- RESERVED
+CVE-2020-25683 (A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ...)
- dnsmasq 2.83-1
NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a
-CVE-2020-25682
- RESERVED
+CVE-2020-25682 (A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerabili ...)
- dnsmasq 2.83-1
NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a
-CVE-2020-25681
- RESERVED
+CVE-2020-25681 (A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ...)
- dnsmasq 2.83-1
NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a
@@ -38518,8 +38464,8 @@ CVE-2020-20951
RESERVED
CVE-2020-20950 (Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip L ...)
TODO: check
-CVE-2020-20949
- RESERVED
+CVE-2020-20949 (Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in STM32 crypt ...)
+ TODO: check
CVE-2020-20948
RESERVED
CVE-2020-20947
@@ -52074,8 +52020,8 @@ CVE-2020-14758 (Vulnerability in the Oracle Solaris product of Oracle Systems (c
NOT-FOR-US: Oracle
CVE-2020-14757 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
NOT-FOR-US: Oracle
-CVE-2020-14756
- RESERVED
+CVE-2020-14756 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...)
+ TODO: check
CVE-2020-14755
RESERVED
CVE-2020-14754 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
@@ -53356,8 +53302,7 @@ CVE-2020-14361 (A flaw was found in X.Org Server before xorg-x11-server 1.20.9.
- xorg-server 2:1.20.9-1
NOTE: https://lists.x.org/archives/xorg-announce/2020-August/003058.html
NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/144849ea27230962227e62a943b399e2ab304787
-CVE-2020-14360 [Check SetMap request length carefully]
- RESERVED
+CVE-2020-14360 (A flaw was found in the X.Org Server before version 1.20.10. An out-of ...)
{DSA-4803-1 DLA-2486-1}
- xorg-server 2:1.20.10-1 (bug #976216)
NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/446ff2d3177087b8173fa779fa5b77a2a128988b
@@ -76545,8 +76490,8 @@ CVE-2020-6026
RESERVED
CVE-2020-6025
RESERVED
-CVE-2020-6024
- RESERVED
+CVE-2020-6024 (Check Point SmartConsole before R80.20 Build 119, R80.30 before Build ...)
+ TODO: check
CVE-2020-6023 (Check Point ZoneAlarm before version 15.8.139.18543 allows a local act ...)
NOT-FOR-US: Check Point ZoneAlarm
CVE-2020-6022 (Check Point ZoneAlarm before version 15.8.139.18543 allows a local act ...)
@@ -79363,8 +79308,8 @@ CVE-2020-4985
RESERVED
CVE-2020-4984
RESERVED
-CVE-2020-4983
- RESERVED
+CVE-2020-4983 (IBM Spectrum LSF 10.1 and IBM Spectrum LSF Suite 10.2 could allow a us ...)
+ TODO: check
CVE-2020-4982
RESERVED
CVE-2020-4981
@@ -79487,8 +79432,8 @@ CVE-2020-4923
RESERVED
CVE-2020-4922
RESERVED
-CVE-2020-4921
- RESERVED
+CVE-2020-4921 (IBM Security Guardium 10.6 and 11.2 is vulnerable to SQL injection. A ...)
+ TODO: check
CVE-2020-4920
RESERVED
CVE-2020-4919 (IBM Cloud Pak System 2.3 has insufficient logout controls which could ...)
@@ -79555,8 +79500,8 @@ CVE-2020-4889
RESERVED
CVE-2020-4888
RESERVED
-CVE-2020-4887
- RESERVED
+CVE-2020-4887 (IBM AIX 7.1, 7.2 and AIX VIOS 3.1 could allow a local user to exploit ...)
+ TODO: check
CVE-2020-4886 (IBM InfoSphere Information Server 11.7 stores sensitive information in ...)
NOT-FOR-US: IBM
CVE-2020-4885
@@ -79956,8 +79901,8 @@ CVE-2020-4690
RESERVED
CVE-2020-4689 (IBM Security Guardium 11.2 is vulnerable to CVS Injection. A remote pr ...)
NOT-FOR-US: IBM
-CVE-2020-4688
- RESERVED
+CVE-2020-4688 (IBM Security Guardium 10.6 and 11.2 could allow a local attacker to ex ...)
+ TODO: check
CVE-2020-4687 (IBM Content Navigator 3.0.7 and 3.0.8 could allow an authenticated use ...)
NOT-FOR-US: IBM
CVE-2020-4686 (IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e75b495fcf6c0e1b343c22a1057a62a1603ec370
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e75b495fcf6c0e1b343c22a1057a62a1603ec370
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210120/a18a8d2a/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list