[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Fri Jan 22 08:10:24 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2a93221a by security tracker role at 2021-01-22T08:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,615 @@
+CVE-2021-3280
+ RESERVED
+CVE-2021-3279
+ RESERVED
+CVE-2021-3278
+ RESERVED
+CVE-2021-3277
+ RESERVED
+CVE-2021-3276
+ RESERVED
+CVE-2021-3275
+ RESERVED
+CVE-2021-3274
+ RESERVED
+CVE-2021-3273
+ RESERVED
+CVE-2021-3272
+ RESERVED
+CVE-2021-3271
+ RESERVED
+CVE-2021-3270
+ RESERVED
+CVE-2021-3269
+ RESERVED
+CVE-2021-3268
+ RESERVED
+CVE-2021-3267
+ RESERVED
+CVE-2021-3266
+ RESERVED
+CVE-2021-3265
+ RESERVED
+CVE-2021-3264
+ RESERVED
+CVE-2021-3263
+ RESERVED
+CVE-2021-3262
+ RESERVED
+CVE-2021-3261
+ RESERVED
+CVE-2021-3260
+ RESERVED
+CVE-2021-3259
+ RESERVED
+CVE-2021-3258
+ RESERVED
+CVE-2021-3257
+ RESERVED
+CVE-2021-3256
+ RESERVED
+CVE-2021-3255
+ RESERVED
+CVE-2021-3254
+ RESERVED
+CVE-2021-3253
+ RESERVED
+CVE-2021-3252
+ RESERVED
+CVE-2021-3251
+ RESERVED
+CVE-2021-3250
+ RESERVED
+CVE-2021-3249
+ RESERVED
+CVE-2021-3248
+ RESERVED
+CVE-2021-3247
+ RESERVED
+CVE-2021-3246
+ RESERVED
+CVE-2021-3245
+ RESERVED
+CVE-2021-3244
+ RESERVED
+CVE-2021-3243
+ RESERVED
+CVE-2021-3242
+ RESERVED
+CVE-2021-3241
+ RESERVED
+CVE-2021-3240
+ RESERVED
+CVE-2021-3239
+ RESERVED
+CVE-2021-3238
+ RESERVED
+CVE-2021-3237
+ RESERVED
+CVE-2021-3236
+ RESERVED
+CVE-2021-3235
+ RESERVED
+CVE-2021-3234
+ RESERVED
+CVE-2021-3233
+ RESERVED
+CVE-2021-3232
+ RESERVED
+CVE-2021-3231
+ RESERVED
+CVE-2021-3230
+ RESERVED
+CVE-2021-3229
+ RESERVED
+CVE-2021-3228
+ RESERVED
+CVE-2021-3227
+ RESERVED
+CVE-2021-3226
+ RESERVED
+CVE-2021-3225
+ RESERVED
+CVE-2021-3224
+ RESERVED
+CVE-2021-3223
+ RESERVED
+CVE-2021-3222
+ RESERVED
+CVE-2021-3221
+ RESERVED
+CVE-2021-3220
+ RESERVED
+CVE-2021-3219
+ RESERVED
+CVE-2021-3218
+ RESERVED
+CVE-2021-3217
+ RESERVED
+CVE-2021-3216
+ RESERVED
+CVE-2021-3215
+ RESERVED
+CVE-2021-3214
+ RESERVED
+CVE-2021-3213
+ RESERVED
+CVE-2021-3212
+ RESERVED
+CVE-2021-3211
+ RESERVED
+CVE-2021-3210
+ RESERVED
+CVE-2021-3209
+ RESERVED
+CVE-2021-3208
+ RESERVED
+CVE-2021-3207
+ RESERVED
+CVE-2021-3206
+ RESERVED
+CVE-2021-3205
+ RESERVED
+CVE-2021-3204
+ RESERVED
+CVE-2021-3203
+ RESERVED
+CVE-2021-3202
+ RESERVED
+CVE-2021-3201
+ RESERVED
+CVE-2021-3200
+ RESERVED
+CVE-2021-3199 (Directory traversal with remote code execution can occur in /upload in ...)
+ TODO: check
+CVE-2021-3198
+ RESERVED
+CVE-2021-25899
+ RESERVED
+CVE-2021-25898
+ RESERVED
+CVE-2021-25897
+ RESERVED
+CVE-2021-25896
+ RESERVED
+CVE-2021-25895
+ RESERVED
+CVE-2021-25894
+ RESERVED
+CVE-2021-25893
+ RESERVED
+CVE-2021-25892
+ RESERVED
+CVE-2021-25891
+ RESERVED
+CVE-2021-25890
+ RESERVED
+CVE-2021-25889
+ RESERVED
+CVE-2021-25888
+ RESERVED
+CVE-2021-25887
+ RESERVED
+CVE-2021-25886
+ RESERVED
+CVE-2021-25885
+ RESERVED
+CVE-2021-25884
+ RESERVED
+CVE-2021-25883
+ RESERVED
+CVE-2021-25882
+ RESERVED
+CVE-2021-25881
+ RESERVED
+CVE-2021-25880
+ RESERVED
+CVE-2021-25879
+ RESERVED
+CVE-2021-25878
+ RESERVED
+CVE-2021-25877
+ RESERVED
+CVE-2021-25876
+ RESERVED
+CVE-2021-25875
+ RESERVED
+CVE-2021-25874
+ RESERVED
+CVE-2021-25873
+ RESERVED
+CVE-2021-25872
+ RESERVED
+CVE-2021-25871
+ RESERVED
+CVE-2021-25870
+ RESERVED
+CVE-2021-25869
+ RESERVED
+CVE-2021-25868
+ RESERVED
+CVE-2021-25867
+ RESERVED
+CVE-2021-25866
+ RESERVED
+CVE-2021-25865
+ RESERVED
+CVE-2021-25864
+ RESERVED
+CVE-2021-25863
+ RESERVED
+CVE-2021-25862
+ RESERVED
+CVE-2021-25861
+ RESERVED
+CVE-2021-25860
+ RESERVED
+CVE-2021-25859
+ RESERVED
+CVE-2021-25858
+ RESERVED
+CVE-2021-25857
+ RESERVED
+CVE-2021-25856
+ RESERVED
+CVE-2021-25855
+ RESERVED
+CVE-2021-25854
+ RESERVED
+CVE-2021-25853
+ RESERVED
+CVE-2021-25852
+ RESERVED
+CVE-2021-25851
+ RESERVED
+CVE-2021-25850
+ RESERVED
+CVE-2021-25849
+ RESERVED
+CVE-2021-25848
+ RESERVED
+CVE-2021-25847
+ RESERVED
+CVE-2021-25846
+ RESERVED
+CVE-2021-25845
+ RESERVED
+CVE-2021-25844
+ RESERVED
+CVE-2021-25843
+ RESERVED
+CVE-2021-25842
+ RESERVED
+CVE-2021-25841
+ RESERVED
+CVE-2021-25840
+ RESERVED
+CVE-2021-25839
+ RESERVED
+CVE-2021-25838
+ RESERVED
+CVE-2021-25837
+ RESERVED
+CVE-2021-25836
+ RESERVED
+CVE-2021-25835
+ RESERVED
+CVE-2021-25834
+ RESERVED
+CVE-2021-25833
+ RESERVED
+CVE-2021-25832
+ RESERVED
+CVE-2021-25831
+ RESERVED
+CVE-2021-25830
+ RESERVED
+CVE-2021-25829
+ RESERVED
+CVE-2021-25828
+ RESERVED
+CVE-2021-25827
+ RESERVED
+CVE-2021-25826
+ RESERVED
+CVE-2021-25825
+ RESERVED
+CVE-2021-25824
+ RESERVED
+CVE-2021-25823
+ RESERVED
+CVE-2021-25822
+ RESERVED
+CVE-2021-25821
+ RESERVED
+CVE-2021-25820
+ RESERVED
+CVE-2021-25819
+ RESERVED
+CVE-2021-25818
+ RESERVED
+CVE-2021-25817
+ RESERVED
+CVE-2021-25816
+ RESERVED
+CVE-2021-25815
+ RESERVED
+CVE-2021-25814
+ RESERVED
+CVE-2021-25813
+ RESERVED
+CVE-2021-25812
+ RESERVED
+CVE-2021-25811
+ RESERVED
+CVE-2021-25810
+ RESERVED
+CVE-2021-25809
+ RESERVED
+CVE-2021-25808
+ RESERVED
+CVE-2021-25807
+ RESERVED
+CVE-2021-25806
+ RESERVED
+CVE-2021-25805
+ RESERVED
+CVE-2021-25804
+ RESERVED
+CVE-2021-25803
+ RESERVED
+CVE-2021-25802
+ RESERVED
+CVE-2021-25801
+ RESERVED
+CVE-2021-25800
+ RESERVED
+CVE-2021-25799
+ RESERVED
+CVE-2021-25798
+ RESERVED
+CVE-2021-25797
+ RESERVED
+CVE-2021-25796
+ RESERVED
+CVE-2021-25795
+ RESERVED
+CVE-2021-25794
+ RESERVED
+CVE-2021-25793
+ RESERVED
+CVE-2021-25792
+ RESERVED
+CVE-2021-25791
+ RESERVED
+CVE-2021-25790
+ RESERVED
+CVE-2021-25789
+ RESERVED
+CVE-2021-25788
+ RESERVED
+CVE-2021-25787
+ RESERVED
+CVE-2021-25786
+ RESERVED
+CVE-2021-25785
+ RESERVED
+CVE-2021-25784
+ RESERVED
+CVE-2021-25783
+ RESERVED
+CVE-2021-25782
+ RESERVED
+CVE-2021-25781
+ RESERVED
+CVE-2021-25780
+ RESERVED
+CVE-2021-25779
+ RESERVED
+CVE-2021-25778
+ RESERVED
+CVE-2021-25777
+ RESERVED
+CVE-2021-25776
+ RESERVED
+CVE-2021-25775
+ RESERVED
+CVE-2021-25774
+ RESERVED
+CVE-2021-25773
+ RESERVED
+CVE-2021-25772
+ RESERVED
+CVE-2021-25771
+ RESERVED
+CVE-2021-25770
+ RESERVED
+CVE-2021-25769
+ RESERVED
+CVE-2021-25768
+ RESERVED
+CVE-2021-25767
+ RESERVED
+CVE-2021-25766
+ RESERVED
+CVE-2021-25765
+ RESERVED
+CVE-2021-25764
+ RESERVED
+CVE-2021-25763
+ RESERVED
+CVE-2021-25762
+ RESERVED
+CVE-2021-25761
+ RESERVED
+CVE-2021-25760
+ RESERVED
+CVE-2021-25759
+ RESERVED
+CVE-2021-25758
+ RESERVED
+CVE-2021-25757
+ RESERVED
+CVE-2021-25756
+ RESERVED
+CVE-2021-25755
+ RESERVED
+CVE-2021-25754
+ RESERVED
+CVE-2021-25753
+ RESERVED
+CVE-2021-25752
+ RESERVED
+CVE-2021-25751
+ RESERVED
+CVE-2021-25750
+ RESERVED
+CVE-2021-25749
+ RESERVED
+CVE-2021-25748
+ RESERVED
+CVE-2021-25747
+ RESERVED
+CVE-2021-25746
+ RESERVED
+CVE-2021-25745
+ RESERVED
+CVE-2021-25744
+ RESERVED
+CVE-2021-25743
+ RESERVED
+CVE-2021-25742
+ RESERVED
+CVE-2021-25741
+ RESERVED
+CVE-2021-25740
+ RESERVED
+CVE-2021-25739
+ RESERVED
+CVE-2021-25738
+ RESERVED
+CVE-2021-25737
+ RESERVED
+CVE-2021-25736
+ RESERVED
+CVE-2021-25735
+ RESERVED
+CVE-2021-25734
+ RESERVED
+CVE-2021-25733
+ RESERVED
+CVE-2021-25732
+ RESERVED
+CVE-2021-25731
+ RESERVED
+CVE-2021-25730
+ RESERVED
+CVE-2021-25729
+ RESERVED
+CVE-2021-25728
+ RESERVED
+CVE-2021-25727
+ RESERVED
+CVE-2021-25726
+ RESERVED
+CVE-2021-25725
+ RESERVED
+CVE-2021-25724
+ RESERVED
+CVE-2021-25723
+ RESERVED
+CVE-2021-25722
+ RESERVED
+CVE-2021-25721
+ RESERVED
+CVE-2021-25720
+ RESERVED
+CVE-2021-25719
+ RESERVED
+CVE-2021-25718
+ RESERVED
+CVE-2021-25717
+ RESERVED
+CVE-2021-25716
+ RESERVED
+CVE-2021-25715
+ RESERVED
+CVE-2021-25714
+ RESERVED
+CVE-2021-25713
+ RESERVED
+CVE-2021-25712
+ RESERVED
+CVE-2021-25711
+ RESERVED
+CVE-2021-25710
+ RESERVED
+CVE-2021-25709
+ RESERVED
+CVE-2021-25708
+ RESERVED
+CVE-2021-25707
+ RESERVED
+CVE-2021-25706
+ RESERVED
+CVE-2021-25705
+ RESERVED
+CVE-2021-25704
+ RESERVED
+CVE-2021-25703
+ RESERVED
+CVE-2021-25702
+ RESERVED
+CVE-2021-25701
+ RESERVED
+CVE-2021-25700
+ RESERVED
+CVE-2021-25699
+ RESERVED
+CVE-2021-25698
+ RESERVED
+CVE-2021-25697
+ RESERVED
+CVE-2021-25696
+ RESERVED
+CVE-2021-25695
+ RESERVED
+CVE-2021-25694
+ RESERVED
+CVE-2021-25693
+ RESERVED
+CVE-2021-25692
+ RESERVED
+CVE-2021-25691
+ RESERVED
+CVE-2021-25690
+ RESERVED
+CVE-2021-25689
+ RESERVED
+CVE-2021-25688
+ RESERVED
+CVE-2021-25687
+ RESERVED
+CVE-2021-25686
+ RESERVED
+CVE-2021-25685
+ RESERVED
+CVE-2021-25684
+ RESERVED
+CVE-2021-25683
+ RESERVED
+CVE-2021-25682
+ RESERVED
+CVE-2021-25681
+ RESERVED
+CVE-2021-25680
+ RESERVED
+CVE-2021-25679
+ RESERVED
+CVE-2020-36201 (An issue was discovered in certain Xerox WorkCentre products. They do ...)
+ TODO: check
+CVE-2019-25015 (LuCI in OpenWrt 18.06.0 through 18.06.4 allows stored XSS via a crafte ...)
+ TODO: check
CVE-2021-3197
RESERVED
CVE-2021-3196
@@ -7,8 +619,8 @@ CVE-2021-3195 (bitcoind in Bitcoin Core through 0.21.0 can create a new file in
NOTE: https://github.com/bitcoin/bitcoin/issues/20866
CVE-2021-3194
RESERVED
-CVE-2021-3193
- RESERVED
+CVE-2021-3193 (Improper access and command validation in the Docker config wizard of ...)
+ TODO: check
CVE-2021-3192
RESERVED
CVE-2021-3191
@@ -101,10 +713,10 @@ CVE-2021-25644
RESERVED
CVE-2021-25643
RESERVED
-CVE-2020-36200
- RESERVED
-CVE-2020-36199
- RESERVED
+CVE-2020-36200 (TinyCheck before commits 9fd360d and ea53de8 allowed an authenticated ...)
+ TODO: check
+CVE-2020-36199 (TinyCheck before commits 9fd360d and ea53de8 was vulnerable to command ...)
+ TODO: check
CVE-2021-25642
RESERVED
CVE-2021-25641
@@ -5850,12 +6462,12 @@ CVE-2021-22875
RESERVED
CVE-2021-22874
RESERVED
-CVE-2021-22873
- RESERVED
-CVE-2021-22872
- RESERVED
-CVE-2021-22871
- RESERVED
+CVE-2021-22873 (Revive Adserver before 5.1.0 is vulnerable to open redirects via the ` ...)
+ TODO: check
+CVE-2021-22872 (Revive Adserver before 5.1.0 is vulnerable to a reflected cross-site s ...)
+ TODO: check
+CVE-2021-22871 (Revive Adserver before 5.1.0 permits any user with a manager account t ...)
+ TODO: check
CVE-2021-22870
RESERVED
CVE-2021-22869
@@ -9808,8 +10420,8 @@ CVE-2020-35755
RESERVED
CVE-2020-35754
RESERVED
-CVE-2020-35753
- RESERVED
+CVE-2020-35753 (The job posting recommendation form in Persis Human Resource Managemen ...)
+ TODO: check
CVE-2020-35752
RESERVED
CVE-2020-35751
@@ -16655,8 +17267,7 @@ CVE-2020-29445
RESERVED
CVE-2020-29444
RESERVED
-CVE-2020-29443 [QEMU: ide: atapi: OOB access while processing read commands]
- RESERVED
+CVE-2020-29443 (ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of- ...)
- qemu <unfixed>
[buster] - qemu <postponed> (Fix along in future DSA)
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg04255.html
@@ -38216,10 +38827,10 @@ CVE-2020-21149
RESERVED
CVE-2020-21148
RESERVED
-CVE-2020-21147
- RESERVED
-CVE-2020-21146
- RESERVED
+CVE-2020-21147 (RockOA V1.9.8 is affected by a cross-site scripting (XSS) vulnerabilit ...)
+ TODO: check
+CVE-2020-21146 (Feehi CMS 2.0.8 is affected by a cross-site scripting (XSS) vulnerabil ...)
+ TODO: check
CVE-2020-21145
RESERVED
CVE-2020-21144
@@ -70591,16 +71202,16 @@ CVE-2020-8294
RESERVED
CVE-2020-8293
RESERVED
-CVE-2020-8292
- RESERVED
+CVE-2020-8292 (Rocket.Chat server before 3.9.0 is vulnerable to a self cross-site scr ...)
+ TODO: check
CVE-2020-8291
RESERVED
CVE-2020-8290 (Backblaze for Windows and Backblaze for macOS before 7.0.0.439 suffer ...)
NOT-FOR-US: Backblaze
CVE-2020-8289 (Backblaze for Windows before 7.0.1.433 and Backblaze for macOS before ...)
NOT-FOR-US: Backblaze
-CVE-2020-8288
- RESERVED
+CVE-2020-8288 (The `specializedRendering` function in Rocket.Chat server before 3.9.2 ...)
+ TODO: check
CVE-2020-8287 (Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two co ...)
{DSA-4826-1}
- nodejs 12.20.1~dfsg-1 (bug #979364)
@@ -74754,9 +75365,9 @@ CVE-2020-6658
RESERVED
CVE-2020-6657
RESERVED
-CVE-2020-6656 (Eaton's easySoft software v7.20 and prior are susceptible to file pars ...)
+CVE-2020-6656 (Eaton's easySoft software v7.xx prior to v7.22 are susceptible to file ...)
TODO: check
-CVE-2020-6655 (The Eaton's easySoft software v7.20 and prior are susceptible to Out-o ...)
+CVE-2020-6655 (The Eaton's easySoft software v7.xx prior to v7.22 are susceptible to ...)
TODO: check
CVE-2020-6654 (A DLL Hijacking vulnerability in Eaton's 9000x Programming and Configu ...)
NOT-FOR-US: Eaton
@@ -94411,7 +95022,8 @@ CVE-2020-0489 (In Parse_data of eas_mdls.c, there is a possible out of bounds wr
NOT-FOR-US: Android media framework
CVE-2020-0488 (In ihevc_inter_pred_chroma_copy_ssse3 of ihevc_inter_pred_filters_ssse ...)
NOT-FOR-US: Android media framework
-CVE-2020-0487 (In read_metadata_vorbiscomment_ of stream_decoder.c, there is possible ...)
+CVE-2020-0487
+ REJECTED
NOTE: Duplicate of CVE-2017-6888, requested rejection
CVE-2020-0486 (In openAssetFileListener of ContactsProvider2.java, there is a possibl ...)
NOT-FOR-US: Android
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a93221a066bd8c2cc5dd254abbd114e02967cc9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a93221a066bd8c2cc5dd254abbd114e02967cc9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210122/480b8f55/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list