[Git][security-tracker-team/security-tracker][master] automatic update

Fri Jul 16 09:10:22 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
12060bcf by security tracker role at 2021-07-16T08:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,13 @@
+CVE-2021-36758 (1Password Connect server before 1.2 is missing validation checks, perm ...)
+	TODO: check
+CVE-2021-36757
+	RESERVED
+CVE-2021-36756
+	RESERVED
+CVE-2021-36755 (Nightscout Web Monitor (aka cgm-remote-monitor) 14.2.2 allows XSS via  ...)
+	TODO: check
+CVE-2021-36754
+	RESERVED
 CVE-2021-36753 (sharkdp BAT before 0.18.2 executes less.exe from the current working d ...)
 	TODO: check
 CVE-2021-36752
@@ -8991,8 +9001,8 @@ CVE-2021-32766
 	RESERVED
 CVE-2021-32765
 	RESERVED
-CVE-2021-32764
-	RESERVED
+CVE-2021-32764 (Discourse is an open-source discussion platform. In Discourse versions ...)
+	TODO: check
 CVE-2021-32763
 	RESERVED
 CVE-2021-32762
@@ -51094,63 +51104,46 @@ CVE-2021-0297
 	RESERVED
 CVE-2021-0296
 	RESERVED
-CVE-2021-0295
-	RESERVED
+CVE-2021-0295 (A vulnerability in the Distance Vector Multicast Routing Protocol (DVM ...)
 	NOT-FOR-US: Juniper
-CVE-2021-0294
-	RESERVED
+CVE-2021-0294 (A vulnerability in Juniper Networks Junos OS, which only affects the r ...)
 	NOT-FOR-US: Juniper
-CVE-2021-0293
-	RESERVED
+CVE-2021-0293 (A vulnerability in Juniper Networks Junos OS caused by Missing Release ...)
 	NOT-FOR-US: Juniper
-CVE-2021-0292
-	RESERVED
+CVE-2021-0292 (An Uncontrolled Resource Consumption vulnerability in the ARP daemon ( ...)
 	NOT-FOR-US: Juniper
-CVE-2021-0291
-	RESERVED
-CVE-2021-0290
-	RESERVED
+CVE-2021-0291 (An Exposure of System Data vulnerability in Juniper Networks Junos OS  ...)
+	TODO: check
+CVE-2021-0290 (Improper Handling of Exceptional Conditions in Ethernet interface fram ...)
 	NOT-FOR-US: Juniper
-CVE-2021-0289
-	RESERVED
-CVE-2021-0288
-	RESERVED
+CVE-2021-0289 (When user-defined ARP Policer is configured and applied on one or more ...)
+	TODO: check
+CVE-2021-0288 (A vulnerability in the processing of specific MPLS packets in Juniper  ...)
 	NOT-FOR-US: Juniper
-CVE-2021-0287
-	RESERVED
+CVE-2021-0287 (In a Segment Routing ISIS (SR-ISIS)/MPLS environment, on Juniper Netwo ...)
 	NOT-FOR-US: Juniper
-CVE-2021-0286
-	RESERVED
+CVE-2021-0286 (A vulnerability in the handling of exceptional conditions in Juniper N ...)
 	NOT-FOR-US: Juniper
-CVE-2021-0285
-	RESERVED
+CVE-2021-0285 (An uncontrolled resource consumption vulnerability in Juniper Networks ...)
 	NOT-FOR-US: Juniper
 CVE-2021-0284
 	RESERVED
 	NOT-FOR-US: Juniper
-CVE-2021-0283
-	RESERVED
+CVE-2021-0283 (A buffer overflow vulnerability in the TCP/IP stack of Juniper Network ...)
 	NOT-FOR-US: Juniper
-CVE-2021-0282
-	RESERVED
+CVE-2021-0282 (On Juniper Networks Junos OS devices with Multipath or add-path featur ...)
 	NOT-FOR-US: Juniper
-CVE-2021-0281
-	RESERVED
+CVE-2021-0281 (On Juniper Networks Junos OS devices configured with BGP origin valida ...)
 	NOT-FOR-US: Juniper
-CVE-2021-0280
-	RESERVED
+CVE-2021-0280 (Due to an Improper Initialization vulnerability in Juniper Networks Ju ...)
 	NOT-FOR-US: Juniper
-CVE-2021-0279
-	RESERVED
+CVE-2021-0279 (Juniper Networks Contrail Cloud (CC) releases prior to 13.6.0 have Rab ...)
 	NOT-FOR-US: Juniper
-CVE-2021-0278
-	RESERVED
+CVE-2021-0278 (An Improper Input Validation vulnerability in J-Web of Juniper Network ...)
 	NOT-FOR-US: Juniper
-CVE-2021-0277
-	RESERVED
+CVE-2021-0277 (An Out-of-bounds Read vulnerability in the processing of specially cra ...)
 	NOT-FOR-US: Juniper
-CVE-2021-0276
-	RESERVED
+CVE-2021-0276 (A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Ca ...)
 	NOT-FOR-US: Juniper
 CVE-2021-0275 (A Cross-site Scripting (XSS) vulnerability in J-Web on Juniper Network ...)
 	NOT-FOR-US: Juniper
@@ -61749,12 +61742,12 @@ CVE-2020-23709
 	RESERVED
 CVE-2020-23708
 	RESERVED
-CVE-2020-23707
-	RESERVED
-CVE-2020-23706
-	RESERVED
-CVE-2020-23705
-	RESERVED
+CVE-2020-23707 (A heap-based buffer overflow vulnerability in the function ok_jpg_deco ...)
+	TODO: check
+CVE-2020-23706 (A heap-based buffer overflow vulnerability in the function ok_jpg_deco ...)
+	TODO: check
+CVE-2020-23705 (A global buffer overflow vulnerability in jfif_encode at jfif.c:701 of ...)
+	TODO: check
 CVE-2020-23704
 	RESERVED
 CVE-2020-23703
@@ -90669,12 +90662,12 @@ CVE-2020-11636
 	RESERVED
 CVE-2020-11635 (The Zscaler Client Connector prior to 3.1.0 did not sufficiently valid ...)
 	NOT-FOR-US: Zscaler Client Connector
-CVE-2020-11634
-	RESERVED
+CVE-2020-11634 (The Zscaler Client Connector for Windows prior to 2.1.2.105 had a DLL  ...)
+	TODO: check
 CVE-2020-11633 (The Zscaler Client Connector for Windows prior to 2.1.2.74 had a stack ...)
 	NOT-FOR-US: Zscaler Client Connector for Windows
-CVE-2020-11632
-	RESERVED
+CVE-2020-11632 (The Zscaler Client Connector prior to 2.1.2.150 did not quote the sear ...)
+	TODO: check
 CVE-2020-11631 (An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1. ...)
 	NOT-FOR-US: EJBCA / PrimeKey
 CVE-2020-11630 (An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12060bcf5fa13058653327aeb0970522aed75522

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12060bcf5fa13058653327aeb0970522aed75522
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210716/397e52e8/attachment.htm>
