[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jul 20 09:10:24 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4e4e1a54 by security tracker role at 2021-07-20T08:10:16+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,365 @@
+CVE-2021-36980 (Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-f ...)
+ TODO: check
+CVE-2021-36979 (Unicorn Engine 1.0.2 has an out-of-bounds write in tb_flush_armeb (cal ...)
+ TODO: check
+CVE-2021-36978 (QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer ...)
+ TODO: check
+CVE-2021-36977 (matio (aka MAT File I/O Library) 1.5.20 and 1.5.21 has a heap-based bu ...)
+ TODO: check
+CVE-2021-36976 (libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (ca ...)
+ TODO: check
+CVE-2021-36975
+ RESERVED
+CVE-2021-36974
+ RESERVED
+CVE-2021-36973
+ RESERVED
+CVE-2021-36972
+ RESERVED
+CVE-2021-36971
+ RESERVED
+CVE-2021-36970
+ RESERVED
+CVE-2021-36969
+ RESERVED
+CVE-2021-36968
+ RESERVED
+CVE-2021-36967
+ RESERVED
+CVE-2021-36966
+ RESERVED
+CVE-2021-36965
+ RESERVED
+CVE-2021-36964
+ RESERVED
+CVE-2021-36963
+ RESERVED
+CVE-2021-36962
+ RESERVED
+CVE-2021-36961
+ RESERVED
+CVE-2021-36960
+ RESERVED
+CVE-2021-36959
+ RESERVED
+CVE-2021-36958
+ RESERVED
+CVE-2021-36957
+ RESERVED
+CVE-2021-36956
+ RESERVED
+CVE-2021-36955
+ RESERVED
+CVE-2021-36954
+ RESERVED
+CVE-2021-36953
+ RESERVED
+CVE-2021-36952
+ RESERVED
+CVE-2021-36951
+ RESERVED
+CVE-2021-36950
+ RESERVED
+CVE-2021-36949
+ RESERVED
+CVE-2021-36948
+ RESERVED
+CVE-2021-36947
+ RESERVED
+CVE-2021-36946
+ RESERVED
+CVE-2021-36945
+ RESERVED
+CVE-2021-36944
+ RESERVED
+CVE-2021-36943
+ RESERVED
+CVE-2021-36942
+ RESERVED
+CVE-2021-36941
+ RESERVED
+CVE-2021-36940
+ RESERVED
+CVE-2021-36939
+ RESERVED
+CVE-2021-36938
+ RESERVED
+CVE-2021-36937
+ RESERVED
+CVE-2021-36936
+ RESERVED
+CVE-2021-36935
+ RESERVED
+CVE-2021-36934
+ RESERVED
+CVE-2021-36933
+ RESERVED
+CVE-2021-36932
+ RESERVED
+CVE-2021-36931
+ RESERVED
+CVE-2021-36930
+ RESERVED
+CVE-2021-36929
+ RESERVED
+CVE-2021-36928
+ RESERVED
+CVE-2021-36927
+ RESERVED
+CVE-2021-36926
+ RESERVED
+CVE-2021-36925
+ RESERVED
+CVE-2021-36924
+ RESERVED
+CVE-2021-36923
+ RESERVED
+CVE-2021-36922
+ RESERVED
+CVE-2021-36921
+ RESERVED
+CVE-2021-36920
+ RESERVED
+CVE-2021-36919
+ RESERVED
+CVE-2021-36918
+ RESERVED
+CVE-2021-36917
+ RESERVED
+CVE-2021-36916
+ RESERVED
+CVE-2021-36915
+ RESERVED
+CVE-2021-36914
+ RESERVED
+CVE-2021-36913
+ RESERVED
+CVE-2021-36912
+ RESERVED
+CVE-2021-36911
+ RESERVED
+CVE-2021-36910
+ RESERVED
+CVE-2021-36909
+ RESERVED
+CVE-2021-36908
+ RESERVED
+CVE-2021-36907
+ RESERVED
+CVE-2021-36906
+ RESERVED
+CVE-2021-36905
+ RESERVED
+CVE-2021-36904
+ RESERVED
+CVE-2021-36903
+ RESERVED
+CVE-2021-36902
+ RESERVED
+CVE-2021-36901
+ RESERVED
+CVE-2021-36900
+ RESERVED
+CVE-2021-36899
+ RESERVED
+CVE-2021-36898
+ RESERVED
+CVE-2021-36897
+ RESERVED
+CVE-2021-36896
+ RESERVED
+CVE-2021-36895
+ RESERVED
+CVE-2021-36894
+ RESERVED
+CVE-2021-36893
+ RESERVED
+CVE-2021-36892
+ RESERVED
+CVE-2021-36891
+ RESERVED
+CVE-2021-36890
+ RESERVED
+CVE-2021-36889
+ RESERVED
+CVE-2021-36888
+ RESERVED
+CVE-2021-36887
+ RESERVED
+CVE-2021-36886
+ RESERVED
+CVE-2021-36885
+ RESERVED
+CVE-2021-36884
+ RESERVED
+CVE-2021-36883
+ RESERVED
+CVE-2021-36882
+ RESERVED
+CVE-2021-36881
+ RESERVED
+CVE-2021-36880
+ RESERVED
+CVE-2021-36879
+ RESERVED
+CVE-2021-36878
+ RESERVED
+CVE-2021-36877
+ RESERVED
+CVE-2021-36876
+ RESERVED
+CVE-2021-36875
+ RESERVED
+CVE-2021-36874
+ RESERVED
+CVE-2021-36873
+ RESERVED
+CVE-2021-36872
+ RESERVED
+CVE-2021-36871
+ RESERVED
+CVE-2021-36870
+ RESERVED
+CVE-2021-36869
+ RESERVED
+CVE-2021-36868
+ RESERVED
+CVE-2021-36867
+ RESERVED
+CVE-2021-36866
+ RESERVED
+CVE-2021-36865
+ RESERVED
+CVE-2021-36864
+ RESERVED
+CVE-2021-36863
+ RESERVED
+CVE-2021-36862
+ RESERVED
+CVE-2021-36861
+ RESERVED
+CVE-2021-36860
+ RESERVED
+CVE-2021-36859
+ RESERVED
+CVE-2021-36858
+ RESERVED
+CVE-2021-36857
+ RESERVED
+CVE-2021-36856
+ RESERVED
+CVE-2021-36855
+ RESERVED
+CVE-2021-36854
+ RESERVED
+CVE-2021-36853
+ RESERVED
+CVE-2021-36852
+ RESERVED
+CVE-2021-36851
+ RESERVED
+CVE-2021-36850
+ RESERVED
+CVE-2021-36849
+ RESERVED
+CVE-2021-36848
+ RESERVED
+CVE-2021-36847
+ RESERVED
+CVE-2021-36846
+ RESERVED
+CVE-2021-36845
+ RESERVED
+CVE-2021-36844
+ RESERVED
+CVE-2021-36843
+ RESERVED
+CVE-2021-36842
+ RESERVED
+CVE-2021-36841
+ RESERVED
+CVE-2021-36840
+ RESERVED
+CVE-2021-36839
+ RESERVED
+CVE-2021-36838
+ RESERVED
+CVE-2021-36837
+ RESERVED
+CVE-2021-36836
+ RESERVED
+CVE-2021-36835
+ RESERVED
+CVE-2021-36834
+ RESERVED
+CVE-2021-36833
+ RESERVED
+CVE-2021-36832
+ RESERVED
+CVE-2021-36831
+ RESERVED
+CVE-2021-36830
+ RESERVED
+CVE-2021-36829
+ RESERVED
+CVE-2021-36828
+ RESERVED
+CVE-2021-36827
+ RESERVED
+CVE-2021-36826
+ RESERVED
+CVE-2021-36825
+ RESERVED
+CVE-2021-36824
+ RESERVED
+CVE-2021-36823
+ RESERVED
+CVE-2021-36822
+ RESERVED
+CVE-2021-36821
+ RESERVED
+CVE-2021-36820
+ RESERVED
+CVE-2021-36819
+ RESERVED
+CVE-2021-36818
+ RESERVED
+CVE-2021-36817
+ RESERVED
+CVE-2021-36816
+ RESERVED
+CVE-2021-36815
+ RESERVED
+CVE-2021-36814
+ RESERVED
+CVE-2021-36813
+ RESERVED
+CVE-2021-36812
+ RESERVED
+CVE-2021-36811
+ RESERVED
+CVE-2021-36810
+ RESERVED
+CVE-2021-36809
+ RESERVED
+CVE-2021-36808
+ RESERVED
+CVE-2021-36807
+ RESERVED
+CVE-2021-36806
+ RESERVED
+CVE-2020-36431 (Unicorn Engine 1.0.2 has an out-of-bounds write in helper_wfe_arm. ...)
+ TODO: check
+CVE-2020-36430 (libass 0.15.x before 0.15.1 has a heap-based buffer overflow in decode ...)
+ TODO: check
+CVE-2020-36429 (Variant_encodeJson in open62541 1.x before 1.0.4 has an out-of-bounds ...)
+ TODO: check
+CVE-2020-36428 (matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a heap-base ...)
+ TODO: check
+CVE-2019-25051 (objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acom ...)
+ TODO: check
+CVE-2019-25050 (netCDF in GDAL 2.4.2 through 3.0.4 has a stack-based buffer overflow i ...)
+ TODO: check
CVE-2021-36805
RESERVED
CVE-2021-36804
@@ -3880,8 +4242,8 @@ CVE-2019-25047 (Greenbone Security Assistant (GSA) before 8.0.2 and Greenbone OS
NOT-FOR-US: Greenbone Security Assistant
CVE-2018-25016 (Greenbone Security Assistant (GSA) before 7.0.3 and Greenbone OS (GOS) ...)
NOT-FOR-US: Greenbone Security Assistant
-CVE-2021-35054
- RESERVED
+CVE-2021-35054 (Minecraft before 1.17.1, when online-mode=false is configured, allows ...)
+ TODO: check
CVE-2021-XXXX [memory leak when authenticated client connects with MQTT v5 sent a crafted CONNECT message to the broker]
- mosquitto 2.0.11-1
[buster] - mosquitto <not-affected> (Vulnerable code introduced later)
@@ -4864,10 +5226,10 @@ CVE-2021-34620 (The WP Fluent Forms plugin < 3.6.67 for WordPress is vulnerab
NOT-FOR-US: WordPress plugin
CVE-2021-34619
RESERVED
-CVE-2021-34618
- RESERVED
-CVE-2021-34617
- RESERVED
+CVE-2021-34618 (A remote denial of service (DoS) vulnerability was discovered in some ...)
+ TODO: check
+CVE-2021-34617 (A remote cross-site scripting (XSS) vulnerability was discovered in so ...)
+ TODO: check
CVE-2021-34616 (A remote arbitrary command execution vulnerability was discovered in A ...)
NOT-FOR-US: Aruba
CVE-2021-34615 (A remote arbitrary command execution vulnerability was discovered in A ...)
@@ -9112,10 +9474,10 @@ CVE-2021-32776
RESERVED
CVE-2021-32775
RESERVED
-CVE-2021-32774
- RESERVED
-CVE-2021-32773
- RESERVED
+CVE-2021-32774 (DataDump is a MediaWiki extension that provides dumps of wikis. Prior ...)
+ TODO: check
+CVE-2021-32773 (Racket is a general-purpose programming language and an ecosystem for ...)
+ TODO: check
CVE-2021-32772
RESERVED
CVE-2021-32771
@@ -9140,8 +9502,7 @@ CVE-2021-32762
RESERVED
CVE-2021-32761
RESERVED
-CVE-2021-32760
- RESERVED
+CVE-2021-32760 (containerd is a container runtime. A bug was found in containerd versi ...)
- containerd 1.4.5~ds1-2
NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-c72p-9xmj-rx3w
CVE-2021-32759
@@ -12115,8 +12476,8 @@ CVE-2021-31592
RESERVED
CVE-2021-31591
RESERVED
-CVE-2021-31590
- RESERVED
+CVE-2021-31590 (PwnDoc through 2021-04-22 has incorrect JSON Webtoken handling, leadin ...)
+ TODO: check
CVE-2021-31589
RESERVED
CVE-2021-31588
@@ -25684,12 +26045,12 @@ CVE-2021-26085
RESERVED
CVE-2021-26084
RESERVED
-CVE-2021-26083
- RESERVED
-CVE-2021-26082
- RESERVED
-CVE-2021-26081
- RESERVED
+CVE-2021-26083 (Export HTML Report in Atlassian Jira Server and Jira Data Center befor ...)
+ TODO: check
+CVE-2021-26082 (The XML Export in Atlassian Jira Server and Jira Data Center before ve ...)
+ TODO: check
+CVE-2021-26081 (REST API in Atlassian Jira Server and Jira Data Center before version ...)
+ TODO: check
CVE-2021-26080 (EditworkflowScheme.jspa in Jira Server and Jira Data Center before ver ...)
NOT-FOR-US: Atlassian
CVE-2021-26079 (The CardLayoutConfigTable component in Jira Server and Jira Data Cente ...)
@@ -30754,8 +31115,8 @@ CVE-2021-3137 (XWiki 12.10.2 allows XSS via an SVG document to the upload featur
NOT-FOR-US: XWiki
CVE-2021-3136
RESERVED
-CVE-2021-3135
- RESERVED
+CVE-2021-3135 (An issue was discovered in the tagDiv Newspaper theme 10.3.9.1 for Wor ...)
+ TODO: check
CVE-2021-23936 (OX App Suite through 7.10.4 allows XSS via the subject of a task. ...)
NOT-FOR-US: OX App Suite
CVE-2021-23935 (OX App Suite through 7.10.4 allows XSS via an appointment in which the ...)
@@ -44583,16 +44944,16 @@ CVE-2020-29505
RESERVED
CVE-2020-29504
RESERVED
-CVE-2020-29503
- RESERVED
+CVE-2020-29503 (Dell EMC PowerStore versions prior to 1.0.3.0.5.xxx contain a file per ...)
+ TODO: check
CVE-2020-29502 (Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Te ...)
NOT-FOR-US: EMC PowerStore
CVE-2020-29501 (Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Te ...)
NOT-FOR-US: EMC PowerStore
CVE-2020-29500 (Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Te ...)
NOT-FOR-US: EMC PowerStore
-CVE-2020-29499
- RESERVED
+CVE-2020-29499 (Dell EMC PowerStore versions prior to 1.0.3.0.5.006 contain an OS Comm ...)
+ TODO: check
CVE-2020-29498 (Dell Wyse Management Suite versions prior to 3.1 contain an open redir ...)
NOT-FOR-US: Dell Wyse Management Suite
CVE-2020-29497 (Dell Wyse Management Suite versions prior to 3.1 contain a stored cros ...)
@@ -107265,8 +107626,8 @@ CVE-2020-5351
RESERVED
CVE-2020-5350 (Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, ...)
NOT-FOR-US: EMC
-CVE-2020-5349
- RESERVED
+CVE-2020-5349 (Dell EMC Networking S4100 and S5200 Series Switches manufactured prior ...)
+ TODO: check
CVE-2020-5348 (Dell Latitude 7202 Rugged Tablet BIOS versions prior to A28 contain a ...)
NOT-FOR-US: Dell
CVE-2020-5347 (Dell EMC Isilon OneFS versions 8.2.2 and earlier contain a denial of s ...)
@@ -107317,14 +107678,14 @@ CVE-2020-5325
RESERVED
CVE-2020-5324 (Dell Client Consumer and Commercial Platforms contain an Arbitrary Fil ...)
NOT-FOR-US: Dell
-CVE-2020-5323
- RESERVED
-CVE-2020-5322
- RESERVED
-CVE-2020-5321
- RESERVED
-CVE-2020-5320
- RESERVED
+CVE-2020-5323 (Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenMan ...)
+ TODO: check
+CVE-2020-5322 (Dell EMC OpenManage Enterprise-Modular (OME-M) versions prior to 1.10. ...)
+ TODO: check
+CVE-2020-5321 (Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenMan ...)
+ TODO: check
+CVE-2020-5320 (Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenMan ...)
+ TODO: check
CVE-2020-5319 (Dell EMC Unity, Dell EMC Unity XT, and Dell EMC UnityVSA versions prio ...)
NOT-FOR-US: EMC
CVE-2020-5318 (Dell EMC Isilon OneFS versions 8.1.2, 8.1.0.4, 8.1.0.3, and 8.0.0.7 co ...)
@@ -107333,8 +107694,8 @@ CVE-2020-5317 (Dell EMC ECS versions prior to 3.4.0.1 contain an XSS vulnerabili
NOT-FOR-US: EMC
CVE-2020-5316
RESERVED
-CVE-2020-5315
- RESERVED
+CVE-2020-5315 (Dell EMC Repository Manager (DRM) version 3.2 contains a plain-text pa ...)
+ TODO: check
CVE-2019-20333
RESERVED
CVE-2019-20332
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e4e1a54c05133248bd869a1e60d66feb7d66249
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e4e1a54c05133248bd869a1e60d66feb7d66249
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210720/dd619fa7/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list