[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Jan 28 08:10:30 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d8b91cfa by security tracker role at 2021-01-28T08:10:23+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,77 @@
+CVE-2021-3333
+ RESERVED
+CVE-2021-3332
+ RESERVED
+CVE-2021-3331 (WinSCP before 5.17.10 allows remote attackers to execute arbitrary pro ...)
+ TODO: check
+CVE-2021-3330
+ RESERVED
+CVE-2021-3329
+ RESERVED
+CVE-2021-3328
+ RESERVED
+CVE-2021-3327
+ RESERVED
+CVE-2021-26294
+ RESERVED
+CVE-2021-26293
+ RESERVED
+CVE-2021-26292
+ RESERVED
+CVE-2021-26291
+ RESERVED
+CVE-2021-26290
+ RESERVED
+CVE-2021-26289
+ RESERVED
+CVE-2021-26288
+ RESERVED
+CVE-2021-26287
+ RESERVED
+CVE-2021-26286
+ RESERVED
+CVE-2021-26285
+ RESERVED
+CVE-2021-26284
+ RESERVED
+CVE-2021-26283
+ RESERVED
+CVE-2021-26282
+ RESERVED
+CVE-2021-26281
+ RESERVED
+CVE-2021-26280
+ RESERVED
+CVE-2021-26279
+ RESERVED
+CVE-2021-26278
+ RESERVED
+CVE-2021-26277
+ RESERVED
+CVE-2021-26276 (** DISPUTED ** scripts/cli.js in the GoDaddy node-config-shield (aka C ...)
+ TODO: check
+CVE-2021-26275
+ RESERVED
+CVE-2020-36240
+ RESERVED
+CVE-2020-36239
+ RESERVED
+CVE-2020-36238
+ RESERVED
+CVE-2020-36237
+ RESERVED
+CVE-2020-36236
+ RESERVED
+CVE-2020-36235
+ RESERVED
+CVE-2020-36234
+ RESERVED
+CVE-2020-36233
+ RESERVED
+CVE-2020-36232
+ RESERVED
+CVE-2020-36231
+ RESERVED
CVE-2021-3325 (Monitorix 3.13.0 allows remote attackers to bypass Basic Authenticatio ...)
NOT-FOR-US: Monitorix
CVE-2021-3324
@@ -18,7 +92,7 @@ CVE-2021-26274
RESERVED
CVE-2021-26273
RESERVED
-CVE-2021-3326 [glibc: assertion failure in ISO-2022-JP-3 module]
+CVE-2021-3326 (The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and ...)
- glibc <unfixed> (bug #981198)
[buster] - glibc <no-dsa> (Minor issue)
[stretch] - glibc <no-dsa> (Minor issue)
@@ -495,8 +569,8 @@ CVE-2021-26069
RESERVED
CVE-2021-26068
RESERVED
-CVE-2021-26067
- RESERVED
+CVE-2021-26067 (Affected versions of Atlassian Bamboo allow an unauthenticated remote ...)
+ TODO: check
CVE-2021-26066
RESERVED
CVE-2021-26065
@@ -2560,8 +2634,8 @@ CVE-2021-25249
RESERVED
CVE-2021-25248
RESERVED
-CVE-2021-25247
- RESERVED
+CVE-2021-25247 (A DLL hijacking vulnerability Trend Micro HouseCall for Home Networks ...)
+ TODO: check
CVE-2021-25246
RESERVED
CVE-2021-25245
@@ -2602,12 +2676,12 @@ CVE-2021-25228
RESERVED
CVE-2021-25227
RESERVED
-CVE-2021-25226
- RESERVED
-CVE-2021-25225
- RESERVED
-CVE-2021-25224
- RESERVED
+CVE-2021-25226 (A memory exhaustion vulnerability in Trend Micro ServerProtect for Lin ...)
+ TODO: check
+CVE-2021-25225 (A memory exhaustion vulnerability in Trend Micro ServerProtect for Lin ...)
+ TODO: check
+CVE-2021-25224 (A memory exhaustion vulnerability in Trend Micro ServerProtect for Lin ...)
+ TODO: check
CVE-2021-25223
RESERVED
CVE-2021-25222
@@ -4874,7 +4948,7 @@ CVE-2021-3144
CVE-2021-3143
RESERVED
CVE-2021-3142
- RESERVED
+ REJECTED
CVE-2021-3141
RESERVED
CVE-2021-24121
@@ -8109,8 +8183,8 @@ CVE-2021-22639 (An uninitialized pointer issue has been identified in the way th
TODO: check
CVE-2021-22638
RESERVED
-CVE-2021-22637
- RESERVED
+CVE-2021-22637 (Multiple stack-based buffer overflow issues have been identified in th ...)
+ TODO: check
CVE-2021-22636
RESERVED
CVE-2021-22635
@@ -15922,8 +15996,8 @@ CVE-2020-35126 (** DISPUTED ** Typesetter CMS 5.x through 5.1 allows admins to c
NOT-FOR-US: Typesetter CMS
CVE-2020-35125
RESERVED
-CVE-2020-35124
- RESERVED
+CVE-2020-35124 (A cross-site scripting (XSS) vulnerability in the assets component of ...)
+ TODO: check
CVE-2020-35123 (In Zimbra Collaboration Suite Network Edition versions < 9.0.0 P10 ...)
NOT-FOR-US: Zimbra Collaboration Suite (ZCS)
CVE-2020-35122 (An issue was discovered in the Keysight Database Connector plugin befo ...)
@@ -30023,14 +30097,14 @@ CVE-2020-25787 (An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 202
NOTE: https://git.tt-rss.org/fox/tt-rss/commit/c3d14e1fa54c7dade7b1b7955575e2991396d7ef
CVE-2020-25786 (** UNSUPPORTED WHEN ASSIGNED ** webinc/js/info.php on D-Link DIR-816L ...)
NOT-FOR-US: D-Link
-CVE-2020-25785
- RESERVED
-CVE-2020-25784
- RESERVED
-CVE-2020-25783
- RESERVED
-CVE-2020-25782
- RESERVED
+CVE-2020-25785 (An issue was discovered on Accfly Wireless Security IR Camera System 7 ...)
+ TODO: check
+CVE-2020-25784 (An issue was discovered on Accfly Wireless Security IR Camera System 7 ...)
+ TODO: check
+CVE-2020-25783 (An issue was discovered on Accfly Wireless Security IR Camera System 7 ...)
+ TODO: check
+CVE-2020-25782 (An issue was discovered on Accfly Wireless Security IR Camera 720P Sys ...)
+ TODO: check
CVE-2020-25781 (An issue was discovered in file_download.php in MantisBT before 2.24.3 ...)
- mantis <removed>
CVE-2020-25796 (An issue was discovered in the sized-chunks crate through 0.6.2 for Ru ...)
@@ -72280,7 +72354,7 @@ CVE-2020-8297
CVE-2020-8296
RESERVED
CVE-2020-8295 (A wrong check in Nextcloud Server 19 and prior allowed to perform a de ...)
- - nextcloud-server <itp> (bug #941708)
+ - nextcloud-server <itp> (bug #941708)
CVE-2020-8294
RESERVED
CVE-2020-8293 (A missing input validation in Nextcloud Server before 20.0.2, 19.0.5, ...)
@@ -96659,7 +96733,7 @@ CVE-2020-0239 (In getDocumentMetadata of DocumentsContract.java, there is a poss
CVE-2020-0238 (In updatePreferenceIntents of AccountTypePreferenceLoader, there is a ...)
NOT-FOR-US: Android
CVE-2020-0237
- RESERVED
+ REJECTED
CVE-2020-0236 (In A2DP_GetCodecType of a2dp_codec_config, there is a possible out-of- ...)
TODO: check
CVE-2020-0235 (In crus_sp_shared_ioctl we first copy 4 bytes from userdata into "size ...)
@@ -121531,7 +121605,6 @@ CVE-2019-14856 (ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a
NOTE: https://github.com/ansible/ansible/pull/63351
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1760829
CVE-2019-10206 (ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2 ...)
- {DLA-2535-1}
- ansible 2.8.6+dfsg-1 (bug #933005)
[buster] - ansible <no-dsa> (Minor issue)
[jessie] - ansible <not-affected> (Vulnerable code introduced later, password templating code introduced with 2.0 refactoring, '{{' supported in passwords)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d8b91cfaa06d0273000e62ad5d4b64249aa678e4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d8b91cfaa06d0273000e62ad5d4b64249aa678e4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210128/a5c71128/attachment.html>
More information about the debian-security-tracker-commits
mailing list