[Git][security-tracker-team/security-tracker][master] automatic update

Fri Jul 30 21:10:36 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
74c0ab62 by security tracker role at 2021-07-30T20:10:26+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,31 @@
+CVE-2021-37758
+	RESERVED
+CVE-2021-37757
+	RESERVED
+CVE-2021-37756
+	RESERVED
+CVE-2021-37755
+	RESERVED
+CVE-2021-37754
+	RESERVED
+CVE-2021-37753
+	RESERVED
+CVE-2021-37752
+	RESERVED
+CVE-2021-37751
+	RESERVED
+CVE-2021-37750
+	RESERVED
+CVE-2021-37749
+	RESERVED
+CVE-2021-37748
+	RESERVED
+CVE-2021-37747
+	RESERVED
+CVE-2021-37746 (textview_uri_security_check in textview.c in Claws Mail before 3.18.0, ...)
+	TODO: check
+CVE-2021-3672
+	RESERVED
 CVE-2021-37745
 	RESERVED
 CVE-2021-37744
@@ -5670,8 +5698,8 @@ CVE-2021-35195
 	RESERVED
 CVE-2021-35194
 	RESERVED
-CVE-2021-35193
-	RESERVED
+CVE-2021-35193 (Patterson Application Service in Patterson Eaglesoft 18 through 21 acc ...)
+	TODO: check
 CVE-2021-35192
 	RESERVED
 CVE-2021-35191
@@ -18930,8 +18958,8 @@ CVE-2021-29783
 	RESERVED
 CVE-2021-29782
 	RESERVED
-CVE-2021-29781
-	RESERVED
+CVE-2021-29781 (IBM Partner Engagement Manager 2.0 could allow a remote attacker to ex ...)
+	TODO: check
 CVE-2021-29780 (IBM Resilient OnPrem v41.1 of IBM Security SOAR could allow an authent ...)
 	NOT-FOR-US: IBM
 CVE-2021-29779
@@ -19020,8 +19048,8 @@ CVE-2021-29738
 	RESERVED
 CVE-2021-29737
 	RESERVED
-CVE-2021-29736
-	RESERVED
+CVE-2021-29736 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a  ...)
+	TODO: check
 CVE-2021-29735
 	RESERVED
 CVE-2021-29734
@@ -20175,10 +20203,10 @@ CVE-2021-29300 (The @ronomon/opened library before 1.5.2 is vulnerable to a comm
 	NOT-FOR-US: @ronomon/opened
 CVE-2021-29299
 	RESERVED
-CVE-2021-29298
-	RESERVED
-CVE-2021-29297
-	RESERVED
+CVE-2021-29298 (Improper Input Validation in Emerson GE Automation Proficy Machine Edi ...)
+	TODO: check
+CVE-2021-29297 (Buffer Overflow in Emerson GE Automation Proficy Machine Edition v8.0  ...)
+	TODO: check
 CVE-2021-29296
 	RESERVED
 CVE-2021-29295
@@ -34238,7 +34266,7 @@ CVE-2021-23413 (This affects the package jszip before 3.7.0. Crafting a new zip
 	NOTE: https://github.com/Stuk/jszip/commit/22357494f424178cb416cdb7d93b26dd4f824b36
 CVE-2021-23412 (All versions of package gitlogplus are vulnerable to Command Injection ...)
 	NOT-FOR-US: Node gitlogplus
-CVE-2021-23411 (All versions of package anchorme are vulnerable to Cross-site Scriptin ...)
+CVE-2021-23411 (Affected versions of this package are vulnerable to Cross-site Scripti ...)
 	NOT-FOR-US: Node anchorme
 CVE-2021-23410 (All versions of package msgpack are vulnerable to Deserialization of U ...)
 	NOT-FOR-US: Node msgpack



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74c0ab626367314745df11636c1d763dc747c1ea

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74c0ab626367314745df11636c1d763dc747c1ea
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210730/2a204969/attachment.htm>
