[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Jul 17 09:10:26 BST 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2c5b2a6e by security tracker role at 2021-07-17T08:10:18+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2021-36769 (A reordering issue exists in Telegram before 7.8.1 for Android, Telegr ...)
+	TODO: check
+CVE-2021-36768
+	RESERVED
+CVE-2021-3652
+	RESERVED
 CVE-2021-36767
 	RESERVED
 CVE-2021-36766
@@ -2892,8 +2898,8 @@ CVE-2021-3616
 	RESERVED
 CVE-2021-3615
 	RESERVED
-CVE-2021-3614
-	RESERVED
+CVE-2021-3614 (A vulnerability was reported on some Lenovo Notebook systems that coul ...)
+	TODO: check
 CVE-2021-35474 (Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache ...)
 	- trafficserver 8.1.1+ds-1.1 (bug #990303)
 	NOTE: https://lists.apache.org/thread.html/ra1a41ff92a70d25bf576d7da2590575e8ff430393a3f4a0c34de4277%40%3Cannounce.trafficserver.apache.org%3E
@@ -5091,8 +5097,8 @@ CVE-2021-34483
 	RESERVED
 CVE-2021-34482
 	RESERVED
-CVE-2021-34481
-	RESERVED
+CVE-2021-34481 (Windows Print Spooler Elevation of Privilege Vulnerability ...)
+	TODO: check
 CVE-2021-34480
 	RESERVED
 CVE-2021-34479 (Microsoft Visual Studio Spoofing Vulnerability ...)
@@ -5119,66 +5125,66 @@ CVE-2021-34469 (Microsoft Office Security Feature Bypass Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-34468 (Microsoft SharePoint Server Remote Code Execution Vulnerability This C ...)
 	NOT-FOR-US: Microsoft
-CVE-2021-34467
-	RESERVED
-CVE-2021-34466
-	RESERVED
+CVE-2021-34467 (Microsoft SharePoint Server Remote Code Execution Vulnerability This C ...)
+	TODO: check
+CVE-2021-34466 (Windows Hello Security Feature Bypass Vulnerability ...)
+	TODO: check
 CVE-2021-34465
 	RESERVED
-CVE-2021-34464
-	RESERVED
+CVE-2021-34464 (Microsoft Defender Remote Code Execution Vulnerability This CVE ID is  ...)
+	TODO: check
 CVE-2021-34463
 	RESERVED
-CVE-2021-34462
-	RESERVED
-CVE-2021-34461
-	RESERVED
-CVE-2021-34460
-	RESERVED
-CVE-2021-34459
-	RESERVED
-CVE-2021-34458
-	RESERVED
-CVE-2021-34457
-	RESERVED
-CVE-2021-34456
-	RESERVED
-CVE-2021-34455
-	RESERVED
-CVE-2021-34454
-	RESERVED
+CVE-2021-34462 (Windows AppX Deployment Extensions Elevation of Privilege Vulnerabilit ...)
+	TODO: check
+CVE-2021-34461 (Windows Container Isolation FS Filter Driver Elevation of Privilege Vu ...)
+	TODO: check
+CVE-2021-34460 (Storage Spaces Controller Elevation of Privilege Vulnerability This CV ...)
+	TODO: check
+CVE-2021-34459 (Windows AppContainer Elevation Of Privilege Vulnerability ...)
+	TODO: check
+CVE-2021-34458 (Windows Kernel Remote Code Execution Vulnerability This CVE ID is uniq ...)
+	TODO: check
+CVE-2021-34457 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
+	TODO: check
+CVE-2021-34456 (Windows Remote Access Connection Manager Elevation of Privilege Vulner ...)
+	TODO: check
+CVE-2021-34455 (Windows File History Service Elevation of Privilege Vulnerability ...)
+	TODO: check
+CVE-2021-34454 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
+	TODO: check
 CVE-2021-34453
 	RESERVED
-CVE-2021-34452
-	RESERVED
-CVE-2021-34451
-	RESERVED
-CVE-2021-34450
-	RESERVED
-CVE-2021-34449
-	RESERVED
-CVE-2021-34448
-	RESERVED
-CVE-2021-34447
-	RESERVED
-CVE-2021-34446
-	RESERVED
-CVE-2021-34445
-	RESERVED
-CVE-2021-34444
-	RESERVED
+CVE-2021-34452 (Microsoft Word Remote Code Execution Vulnerability ...)
+	TODO: check
+CVE-2021-34451 (Microsoft Office Online Server Spoofing Vulnerability ...)
+	TODO: check
+CVE-2021-34450 (Windows Hyper-V Remote Code Execution Vulnerability ...)
+	TODO: check
+CVE-2021-34449 (Win32k Elevation of Privilege Vulnerability This CVE ID is unique from ...)
+	TODO: check
+CVE-2021-34448 (Scripting Engine Memory Corruption Vulnerability ...)
+	TODO: check
+CVE-2021-34447 (Windows MSHTML Platform Remote Code Execution Vulnerability This CVE I ...)
+	TODO: check
+CVE-2021-34446 (Windows HTML Platforms Security Feature Bypass Vulnerability ...)
+	TODO: check
+CVE-2021-34445 (Windows Remote Access Connection Manager Elevation of Privilege Vulner ...)
+	TODO: check
+CVE-2021-34444 (Windows DNS Server Denial of Service Vulnerability This CVE ID is uniq ...)
+	TODO: check
 CVE-2021-34443
 	RESERVED
-CVE-2021-34442
-	RESERVED
-CVE-2021-34441
-	RESERVED
-CVE-2021-34440
-	RESERVED
-CVE-2021-34439
-	RESERVED
-CVE-2021-34438
-	RESERVED
+CVE-2021-34442 (Windows DNS Server Denial of Service Vulnerability This CVE ID is uniq ...)
+	TODO: check
+CVE-2021-34441 (Microsoft Windows Media Foundation Remote Code Execution Vulnerability ...)
+	TODO: check
+CVE-2021-34440 (GDI+ Information Disclosure Vulnerability ...)
+	TODO: check
+CVE-2021-34439 (Microsoft Windows Media Foundation Remote Code Execution Vulnerability ...)
+	TODO: check
+CVE-2021-34438 (Windows Font Driver Host Remote Code Execution Vulnerability ...)
+	TODO: check
 CVE-2021-3591
 	RESERVED
 CVE-2021-3590
@@ -5280,15 +5286,15 @@ CVE-2021-34396 (Bootloader contains a vulnerability in access permission setting
 	NOT-FOR-US: NVIDIA
 CVE-2021-34395 (Trusty TLK contains a vulnerability in its access permission settings  ...)
 	NOT-FOR-US: Trusty
-CVE-2021-34394 (Trusty contains a vulnerability in all TAs whose deserializer does not ...)
+CVE-2021-34394 (Trusty contains a vulnerability in the NVIDIA OTE protocol that is pre ...)
 	NOT-FOR-US: Trusty
 CVE-2021-34393 (Trusty contains a vulnerability in TSEC TA which deserializes the inco ...)
 	NOT-FOR-US: Trusty
 CVE-2021-34392 (Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an  ...)
 	NOT-FOR-US: Trusty
-CVE-2021-34391 (Trusty TLK contains a vulnerability in the NVIDIA TLK kernel�s  ...)
+CVE-2021-34391 (Trusty contains a vulnerability in the NVIDIA TLK kernel function wher ...)
 	NOT-FOR-US: Trusty
-CVE-2021-34390 (Trusty TLK contains a vulnerability in the NVIDIA TLK kernel function  ...)
+CVE-2021-34390 (Trusty contains a vulnerability in the NVIDIA TLK kernel function wher ...)
 	NOT-FOR-US: Trusty
 CVE-2021-34389 (Trusty contains a vulnerability in NVIDIA OTE protocol message parsing ...)
 	NOT-FOR-US: NVIDIA
@@ -6675,7 +6681,7 @@ CVE-2021-33783 (Windows SMB Information Disclosure Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-33782 (Windows Authenticode Spoofing Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2021-33781 (Active Directory Security Feature Bypass Vulnerability ...)
+CVE-2021-33781 (Azure AD Security Feature Bypass Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-33780 (Windows DNS Server Remote Code Execution Vulnerability This CVE ID is  ...)
 	NOT-FOR-US: Microsoft
@@ -8661,8 +8667,8 @@ CVE-2021-3551
 	RESERVED
 	- dogtag-pki <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1959971
-CVE-2021-3550
-	RESERVED
+CVE-2021-3550 (A DLL search path vulnerability was reported in Lenovo PCManager, prio ...)
+	TODO: check
 CVE-2021-32925 (admin/user_import.php in Chamilo 1.11.14 reads XML data without disabl ...)
 	NOT-FOR-US: Chamilo
 CVE-2021-32924 (Invision Community (aka IPS Community Suite) before 4.6.0 allows eval- ...)
@@ -18544,10 +18550,10 @@ CVE-2021-3455
 	RESERVED
 CVE-2021-3454
 	RESERVED
-CVE-2021-3453
-	RESERVED
-CVE-2021-3452
-	RESERVED
+CVE-2021-3453 (Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS m ...)
+	TODO: check
+CVE-2021-3452 (A potential vulnerability in the system shutdown SMI callback function ...)
+	TODO: check
 CVE-2021-3451 (A denial of service vulnerability was reported in Lenovo PCManager, pr ...)
 	NOT-FOR-US: Lenovo
 CVE-2021-3450 (The X509_V_FLAG_X509_STRICT flag enables additional security checks of ...)
@@ -166878,8 +166884,8 @@ CVE-2019-3754 (Dell EMC Unity Operating Environment versions prior to 5.0.0.0.5.
 	NOT-FOR-US: EMC
 CVE-2019-3753 (Dell EMC PowerConnect 8024, 7000, M6348, M6220, M8024 and M8024-K runn ...)
 	NOT-FOR-US: EMC
-CVE-2019-3752
-	RESERVED
+CVE-2019-3752 (Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and ...)
+	TODO: check
 CVE-2019-3751 (Dell EMC Enterprise Copy Data Management (eCDM) versions 1.0, 1.1, 2.0 ...)
 	NOT-FOR-US: EMC
 CVE-2019-3750 (Dell Command Update versions prior to 3.1 contain an Arbitrary File De ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c5b2a6ea06bd1194175c3ba53d4a4692b9836fb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c5b2a6ea06bd1194175c3ba53d4a4692b9836fb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210717/847ee997/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list