[Git][security-tracker-team/security-tracker][master] automatic update

Fri Jul 30 09:10:26 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3440b258 by security tracker role at 2021-07-30T08:10:18+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,69 @@
+CVE-2021-37745
+	RESERVED
+CVE-2021-37744
+	RESERVED
+CVE-2021-37743 (app/View/GalaxyElements/ajax/index.ctp in MISP 2.4.147 allows Stored X ...)
+	TODO: check
+CVE-2021-37742 (app/View/Elements/GalaxyClusters/view_relation_tree.ctp in MISP 2.4.14 ...)
+	TODO: check
+CVE-2021-37741
+	RESERVED
+CVE-2021-37740
+	RESERVED
+CVE-2021-37739
+	RESERVED
+CVE-2021-37738
+	RESERVED
+CVE-2021-37737
+	RESERVED
+CVE-2021-37736
+	RESERVED
+CVE-2021-37735
+	RESERVED
+CVE-2021-37734
+	RESERVED
+CVE-2021-37733
+	RESERVED
+CVE-2021-37732
+	RESERVED
+CVE-2021-37731
+	RESERVED
+CVE-2021-37730
+	RESERVED
+CVE-2021-37729
+	RESERVED
+CVE-2021-37728
+	RESERVED
+CVE-2021-37727
+	RESERVED
+CVE-2021-37726
+	RESERVED
+CVE-2021-37725
+	RESERVED
+CVE-2021-37724
+	RESERVED
+CVE-2021-37723
+	RESERVED
+CVE-2021-37722
+	RESERVED
+CVE-2021-37721
+	RESERVED
+CVE-2021-37720
+	RESERVED
+CVE-2021-37719
+	RESERVED
+CVE-2021-37718
+	RESERVED
+CVE-2021-37717
+	RESERVED
+CVE-2021-37716
+	RESERVED
+CVE-2021-37715
+	RESERVED
+CVE-2021-3671
+	RESERVED
+CVE-2021-3670
+	RESERVED
 CVE-2021-37714
 	RESERVED
 CVE-2021-37713
@@ -2115,10 +2181,10 @@ CVE-2021-36744
 	RESERVED
 CVE-2021-36743
 	RESERVED
-CVE-2021-36742
-	RESERVED
-CVE-2021-36741
-	RESERVED
+CVE-2021-36742 (A improper input validation vulnerability in Trend Micro Apex One, Ape ...)
+	TODO: check
+CVE-2021-36741 (An improper input validation vulnerability in Trend Micro Apex One, Ap ...)
+	TODO: check
 CVE-2021-3648
 	RESERVED
 CVE-2021-3647 (URI.js is vulnerable to URL Redirection to Untrusted Site ...)
@@ -28510,6 +28576,7 @@ CVE-2021-3248
 CVE-2021-3247
 	RESERVED
 CVE-2021-3246 (A heap buffer overflow vulnerability in msadpcm_decode_block of libsnd ...)
+	{DLA-2722-1}
 	- libsndfile 1.0.31-2 (bug #991496)
 	NOTE: https://github.com/libsndfile/libsndfile/issues/687
 	NOTE: https://github.com/libsndfile/libsndfile/commit/deb669ee8be55a94565f6f8a6b60890c2e7c6f32
@@ -30090,8 +30157,8 @@ CVE-2021-25274 (The Collector Service in SolarWinds Orion Platform before 2020.2
 	NOT-FOR-US: SolarWinds
 CVE-2021-3159 (A stored cross site scripting (XSS) vulnerability in the /sys/attachme ...)
 	NOT-FOR-US: Landray EKP
-CVE-2021-25273
-	RESERVED
+CVE-2021-25273 (Stored XSS can execute as administrator in quarantined email detail vi ...)
+	TODO: check
 CVE-2021-25272
 	RESERVED
 CVE-2021-25271
@@ -57539,8 +57606,8 @@ CVE-2020-26565
 	RESERVED
 CVE-2020-26564
 	RESERVED
-CVE-2020-26563
-	RESERVED
+CVE-2020-26563 (ObjectPlanet Opinio before 7.13 allows reflected XSS via the survey/ad ...)
+	TODO: check
 CVE-2020-26562
 	RESERVED
 CVE-2020-26561 (** UNSUPPORTED WHEN ASSIGNED ** Belkin LINKSYS WRT160NL 1.0.04.002_US_ ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3440b25871977e910a88248450ab9dcdc7eba720

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3440b25871977e910a88248450ab9dcdc7eba720
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210730/2adaa687/attachment.htm>
