[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jun 15 09:10:24 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5e93f1f5 by security tracker role at 2021-06-15T08:10:14+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,21 @@
+CVE-2021-34695
+	RESERVED
+CVE-2021-34694
+	RESERVED
+CVE-2021-34693 (net/can/bcm.c in the Linux kernel through 5.12.10 allows local users t ...)
+	TODO: check
+CVE-2021-34692
+	RESERVED
+CVE-2021-34691
+	RESERVED
+CVE-2021-34690
+	RESERVED
+CVE-2021-34689
+	RESERVED
+CVE-2021-34688
+	RESERVED
+CVE-2021-34687
+	RESERVED
 CVE-2021-3601
 	RESERVED
 CVE-2021-34686
@@ -4445,8 +4463,8 @@ CVE-2021-32686
 	RESERVED
 CVE-2021-32685
 	RESERVED
-CVE-2021-32684
-	RESERVED
+CVE-2021-32684 (magento-scripts contains scripts and configuration used by Create Mage ...)
+	TODO: check
 CVE-2021-32683
 	RESERVED
 CVE-2021-32682 (elFinder is an open-source file manager for web, written in JavaScript ...)
@@ -16239,8 +16257,8 @@ CVE-2021-27889 (Cross-site Scripting (XSS) vulnerability in MyBB before 1.8.26 v
 	NOT-FOR-US: MyBB
 CVE-2021-27888 (ZendTo before 6.06-4 Beta allows XSS during the display of a drop-off  ...)
 	NOT-FOR-US: ZendTo
-CVE-2021-27887
-	RESERVED
+CVE-2021-27887 (Cross-site Scripting (XSS) vulnerability in the main dashboard of Elli ...)
+	TODO: check
 CVE-2021-27886 (rakibtg Docker Dashboard before 2021-02-28 allows command injection in ...)
 	NOT-FOR-US: rakibtg Docker Dashboard
 CVE-2021-27885 (usersettings.php in e107 through 2.3.0 lacks a certain e_TOKEN protect ...)
@@ -17778,8 +17796,8 @@ CVE-2021-27198 (An issue was discovered in Visualware MyConnection Server throug
 	NOT-FOR-US: Visualware MyConnection Server
 CVE-2021-27197 (DSUtility.dll in Pelco Digital Sentry Server before 7.19.67 has an arb ...)
 	NOT-FOR-US: Pelco Digital Sentry Server
-CVE-2021-27196
-	RESERVED
+CVE-2021-27196 (Improper Input Validation vulnerability in Hitachi ABB Power Grids Rel ...)
+	TODO: check
 CVE-2021-27195 (Improper Authorization vulnerability in Netop Vision Pro up to and inc ...)
 	NOT-FOR-US: Netop Vision Pro
 CVE-2021-27194 (Cleartext transmission of sensitive information in Netop Vision Pro up ...)
@@ -18595,8 +18613,8 @@ CVE-2021-26847
 	RESERVED
 CVE-2021-26846
 	RESERVED
-CVE-2021-26845
-	RESERVED
+CVE-2021-26845 (Information Exposure vulnerability in Hitachi ABB Power Grids eSOMS al ...)
+	TODO: check
 CVE-2021-26844
 	RESERVED
 CVE-2021-26843 (An issue was discovered in sthttpd through 2.27.1. On systems where th ...)
@@ -30828,14 +30846,14 @@ CVE-2021-21559 (Dell EMC NetWorker, versions 18.x, 19.1.x, 19.2.x 19.3.x, 19.4,
 	NOT-FOR-US: EMC
 CVE-2021-21558 (Dell EMC NetWorker, 18.x, 19.1.x, 19.2.x 19.3.x, 19.4 and 19.4.0.1, co ...)
 	NOT-FOR-US: EMC
-CVE-2021-21557
-	RESERVED
-CVE-2021-21556
-	RESERVED
-CVE-2021-21555
-	RESERVED
-CVE-2021-21554
-	RESERVED
+CVE-2021-21557 (Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain ...)
+	TODO: check
+CVE-2021-21556 (Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, ...)
+	TODO: check
+CVE-2021-21555 (Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, ...)
+	TODO: check
+CVE-2021-21554 (Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, ...)
+	TODO: check
 CVE-2021-21553
 	RESERVED
 CVE-2021-21552 (Dell Wyse Windows Embedded System versions WIE10 LTSC 2019 and earlier ...)
@@ -36405,8 +36423,8 @@ CVE-2021-20029
 	RESERVED
 CVE-2021-20028
 	RESERVED
-CVE-2021-20027
-	RESERVED
+CVE-2021-20027 (A buffer overflow vulnerability in SonicOS allows a remote attacker to ...)
+	TODO: check
 CVE-2021-20026 (A vulnerability in the SonicWall NSM On-Prem product allows an authent ...)
 	NOT-FOR-US: SonicWall
 CVE-2021-20025 (SonicWall Email Security Virtual Appliance version 10.0.9 and earlier  ...)
@@ -44661,8 +44679,7 @@ CVE-2021-0469
 	RESERVED
 CVE-2021-0468 (In LK, there is a possible escalation of privilege due to an insecure  ...)
 	NOT-FOR-US: MediaTek components for Android
-CVE-2021-0467
-	RESERVED
+CVE-2021-0467 (In Chromecast bootROM, there is a possible out of bounds write due to  ...)
 	NOT-FOR-US: AMLogic
 CVE-2021-0466 (In startIpClient of ClientModeImpl.java, there is a possible identifie ...)
 	NOT-FOR-US: Android
@@ -44959,8 +44976,7 @@ CVE-2021-0326 (In p2p_copy_client_info of p2p.c, there is a possible out of boun
 	NOTE: https://w1.fi/cgit/hostap/commit/?id=947272febe24a8f0ea828b5b2f35f13c3821901e
 CVE-2021-0325 (In ih264d_parse_pslice of ih264d_parse_pslice.c, there is a possible o ...)
 	NOT-FOR-US: Android media framework
-CVE-2021-0324
-	RESERVED
+CVE-2021-0324 (Product: AndroidVersions: Android SoCAndroid ID: A-175402462 ...)
 	NOT-FOR-US: UniSoc components for Android
 CVE-2021-0323
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e93f1f5018f7a95cc9e4a9bb92c7c69c1d015d3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e93f1f5018f7a95cc9e4a9bb92c7c69c1d015d3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210615/a5d8bc4f/attachment.htm>

More information about the debian-security-tracker-commits mailing list