[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jun 3 09:10:32 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
da499822 by security tracker role at 2021-06-03T08:10:25+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,11 @@
+CVE-2021-3579
+	RESERVED
+CVE-2021-3578
+	RESERVED
+CVE-2021-33806
+	RESERVED
+CVE-2021-33805 (In the reference implementation of FUSE before 2.9.8, local attackers  ...)
+	TODO: check
 CVE-2021-3577
 	RESERVED
 CVE-2021-3576
@@ -2621,8 +2629,7 @@ CVE-2021-32627
 	RESERVED
 CVE-2021-32626
 	RESERVED
-CVE-2021-32625 [integer overflow in STRALGO LCS]
-	RESERVED
+CVE-2021-32625 (Redis is an open source (BSD licensed), in-memory data structure store ...)
 	- redis 5:6.0.14-1 (bug #989351)
 	[buster] - redis <not-affected> (Vulnerable code not present)
 	[stretch] - redis <not-affected> (Vulnerable code not present)
@@ -9050,7 +9057,7 @@ CVE-2021-29968
 	RESERVED
 CVE-2021-29967
 	RESERVED
-	{DSA-4925-1}
+	{DSA-4925-1 DLA-2673-1}
 	- firefox-esr 78.11.0esr-1
 	- firefox 89.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-24/#CVE-2021-29967
@@ -9741,12 +9748,12 @@ CVE-2021-29672 (IBM Spectrum Protect Client 8.1.0.0-8 through 1.11.0 is vulnerab
 	NOT-FOR-US: IBM
 CVE-2021-29671 (IBM Spectrum Scale 5.1.0.1 could allow a local attacker to bypass the  ...)
 	NOT-FOR-US: IBM
-CVE-2021-29670
-	RESERVED
+CVE-2021-29670 (IBM Jazz Foundation and IBM Engineering products are vulnerable to cro ...)
+	TODO: check
 CVE-2021-29669
 	RESERVED
-CVE-2021-29668
-	RESERVED
+CVE-2021-29668 (IBM Jazz Foundation and IBM Engineering products are vulnerable to cro ...)
+	TODO: check
 CVE-2021-29667 (IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is  ...)
 	NOT-FOR-US: IBM
 CVE-2021-29666 (IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is  ...)
@@ -11896,8 +11903,8 @@ CVE-2021-28814
 	RESERVED
 CVE-2021-28813
 	RESERVED
-CVE-2021-28812
-	RESERVED
+CVE-2021-28812 (A command injection vulnerability has been reported to affect certain  ...)
+	TODO: check
 CVE-2021-28811
 	RESERVED
 CVE-2021-28810
@@ -11906,10 +11913,10 @@ CVE-2021-28809
 	RESERVED
 CVE-2021-28808
 	RESERVED
-CVE-2021-28807
-	RESERVED
-CVE-2021-28806
-	RESERVED
+CVE-2021-28807 (A post-authentication reflected XSS vulnerability has been reported to ...)
+	TODO: check
+CVE-2021-28806 (A DOM-based XSS vulnerability has been reported to affect QNAP NAS run ...)
+	TODO: check
 CVE-2021-28805
 	RESERVED
 CVE-2021-28804
@@ -32924,8 +32931,8 @@ CVE-2021-20373
 	RESERVED
 CVE-2021-20372
 	RESERVED
-CVE-2021-20371
-	RESERVED
+CVE-2021-20371 (IBM Jazz Foundation and IBM Engineering products could allow a remote  ...)
+	TODO: check
 CVE-2021-20370
 	RESERVED
 CVE-2021-20369
@@ -32970,18 +32977,18 @@ CVE-2021-20350 (IBM Engineering products are vulnerable to cross-site scripting.
 	NOT-FOR-US: IBM
 CVE-2021-20349
 	RESERVED
-CVE-2021-20348
-	RESERVED
-CVE-2021-20347
-	RESERVED
-CVE-2021-20346
-	RESERVED
-CVE-2021-20345
-	RESERVED
+CVE-2021-20348 (IBM Jazz Foundation and IBM Engineering products are vulnerable to ser ...)
+	TODO: check
+CVE-2021-20347 (IBM Jazz Foundation and IBM Engineering products are vulnerable to ser ...)
+	TODO: check
+CVE-2021-20346 (IBM Jazz Foundation and IBM Engineering products are vulnerable to ser ...)
+	TODO: check
+CVE-2021-20345 (IBM Jazz Foundation and IBM Engineering products are vulnerable to ser ...)
+	TODO: check
 CVE-2021-20344
 	RESERVED
-CVE-2021-20343
-	RESERVED
+CVE-2021-20343 (IBM Jazz Foundation and IBM Engineering products are vulnerable to ser ...)
+	TODO: check
 CVE-2021-20342
 	RESERVED
 CVE-2021-20341 (IBM Cloud Pak for Multicloud Management Monitoring 2.2 returns potenti ...)
@@ -32990,8 +32997,8 @@ CVE-2021-20340 (IBM Engineering products are vulnerable to cross-site scripting.
 	NOT-FOR-US: IBM
 CVE-2021-20339
 	RESERVED
-CVE-2021-20338
-	RESERVED
+CVE-2021-20338 (IBM Jazz Foundation and IBM Engineering products are vulnerable to cro ...)
+	TODO: check
 CVE-2021-20337
 	RESERVED
 CVE-2021-20336 (IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-sit ...)
@@ -34442,10 +34449,10 @@ CVE-2020-35444
 	RESERVED
 CVE-2020-35443
 	RESERVED
-CVE-2020-35442
-	RESERVED
-CVE-2020-35441
-	RESERVED
+CVE-2020-35442 (FDCMS (also known as Fangfa Content Management System) 4.0 allows remo ...)
+	TODO: check
+CVE-2020-35441 (FDCMS (aka Fangfa Content Management System) 4.0 contains a front-end  ...)
+	TODO: check
 CVE-2020-35440
 	RESERVED
 CVE-2020-35439
@@ -101003,8 +101010,8 @@ CVE-2020-5032 (IBM QRadar SIEM 7.3 and 7.4 in some configurations may be vulnera
 	NOT-FOR-US: IBM
 CVE-2020-5031
 	RESERVED
-CVE-2020-5030
-	RESERVED
+CVE-2020-5030 (IBM Jazz Foundation and IBM Engineering products are vulnerable to cro ...)
+	TODO: check
 CVE-2020-5029
 	RESERVED
 CVE-2020-5028
@@ -101109,8 +101116,8 @@ CVE-2020-4979 (IBM QRadar SIEM 7.3 and 7.4 is vulnerable to insecure inter-deplo
 	NOT-FOR-US: IBM
 CVE-2020-4978
 	RESERVED
-CVE-2020-4977
-	RESERVED
+CVE-2020-4977 (IBM Engineering Lifecycle Optimization - Publishing is vulnerable to s ...)
+	TODO: check
 CVE-2020-4976 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
 	NOT-FOR-US: IBM
 CVE-2020-4975 (IBM Engineering products are vulnerable to cross-site scripting. This  ...)
@@ -101602,8 +101609,8 @@ CVE-2020-4734
 	RESERVED
 CVE-2020-4733 (IBM Jazz Foundation products are vulnerable to cross-site scripting. T ...)
 	NOT-FOR-US: IBM
-CVE-2020-4732
-	RESERVED
+CVE-2020-4732 (IBM Jazz Foundation and IBM Engineering products could allow an authen ...)
+	TODO: check
 CVE-2020-4731 (IBM Aspera Web Application 1.9.14 PL1 is vulnerable to cross-site scri ...)
 	NOT-FOR-US: IBM
 CVE-2020-4730
@@ -102076,8 +102083,8 @@ CVE-2020-4497
 	RESERVED
 CVE-2020-4496
 	RESERVED
-CVE-2020-4495
-	RESERVED
+CVE-2020-4495 (IBM Jazz Foundation and IBM Engineering products could allow a remote  ...)
+	TODO: check
 CVE-2020-4494 (IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows ...)
 	NOT-FOR-US: IBM
 CVE-2020-4493 (IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow an attacker to ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/da499822b0a906a41313bf3b44f64f43950cbbe0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/da499822b0a906a41313bf3b44f64f43950cbbe0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210603/8080149b/attachment.htm>

More information about the debian-security-tracker-commits mailing list