[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jun 24 09:10:22 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fb2f4c82 by security tracker role at 2021-06-24T08:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2021-3618
+	RESERVED
+CVE-2021-3617
+	RESERVED
+CVE-2021-3616
+	RESERVED
+CVE-2021-3615
+	RESERVED
+CVE-2021-3614
+	RESERVED
+CVE-2021-35474
+	RESERVED
+CVE-2021-35473
+	RESERVED
+CVE-2021-35472
+	RESERVED
+CVE-2021-35471
+	RESERVED
+CVE-2021-35470
+	RESERVED
+CVE-2021-35469
+	RESERVED
 CVE-2021-35468
 	RESERVED
 CVE-2021-35467
@@ -893,8 +915,8 @@ CVE-2021-35043
 	RESERVED
 CVE-2021-35042
 	RESERVED
-CVE-2021-35041
-	RESERVED
+CVE-2021-35041 (The blockchain node in FISCO-BCOS V2.7.2 may have a bug when dealing w ...)
+	TODO: check
 CVE-2021-3609
 	RESERVED
 	- linux <unfixed>
@@ -3010,16 +3032,16 @@ CVE-2021-34073
 	RESERVED
 CVE-2021-34072
 	RESERVED
-CVE-2021-34071
-	RESERVED
-CVE-2021-34070
-	RESERVED
-CVE-2021-34069
-	RESERVED
-CVE-2021-34068
-	RESERVED
-CVE-2021-34067
-	RESERVED
+CVE-2021-34071 (Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause ...)
+	TODO: check
+CVE-2021-34070 (Out-of-bounds Read in tsMuxer 2.6.16 allows attackers to cause a Denia ...)
+	TODO: check
+CVE-2021-34069 (Divide-by-zero bug in tsMuxer 2.6.16 allows attackers to cause a Denia ...)
+	TODO: check
+CVE-2021-34068 (Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause ...)
+	TODO: check
+CVE-2021-34067 (Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause ...)
+	TODO: check
 CVE-2021-34066
 	RESERVED
 CVE-2021-34065
@@ -5906,8 +5928,8 @@ CVE-2021-32825
 	RESERVED
 CVE-2021-32824
 	RESERVED
-CVE-2021-32823
-	RESERVED
+CVE-2021-32823 (In the bindata RubyGem before version 2.4.10 there is a potential deni ...)
+	TODO: check
 CVE-2021-32822
 	RESERVED
 CVE-2021-32821
@@ -15775,8 +15797,8 @@ CVE-2021-28802
 	RESERVED
 CVE-2021-28801 (An out-of-bounds read vulnerability has been reported to affect certai ...)
 	NOT-FOR-US: QNAP
-CVE-2021-28800
-	RESERVED
+CVE-2021-28800 (A command injection vulnerability has been reported to affect QNAP NAS ...)
+	TODO: check
 CVE-2021-28799 (An improper authorization vulnerability has been reported to affect QN ...)
 	NOT-FOR-US: QNAP
 CVE-2021-28798 (A relative path traversal vulnerability has been reported to affect QN ...)
@@ -32143,8 +32165,8 @@ CVE-2021-21811
 	RESERVED
 CVE-2021-21810
 	RESERVED
-CVE-2021-21809
-	RESERVED
+CVE-2021-21809 (A command execution vulnerability exists in the default legacy spellch ...)
+	TODO: check
 CVE-2021-21808 (A memory corruption vulnerability exists in the PNG png_palette_proces ...)
 	NOT-FOR-US: Accusoft ImageGear
 CVE-2021-21807
@@ -38251,8 +38273,8 @@ CVE-2021-20021 (A vulnerability in the SonicWall Email Security version 10.0.9.x
 	NOT-FOR-US: SonicWall
 CVE-2021-20020 (A command execution vulnerability in SonicWall GMS 9.3 allows a remote ...)
 	NOT-FOR-US: SonicWall
-CVE-2021-20019
-	RESERVED
+CVE-2021-20019 (A vulnerability in SonicOS where the HTTP server response leaks partia ...)
+	TODO: check
 CVE-2021-20018 (A post-authenticated vulnerability in SonicWall SMA100 allows an attac ...)
 	NOT-FOR-US: SonicWall
 CVE-2021-20017 (A post-authenticated command injection vulnerability in SonicWall SMA1 ...)
@@ -39478,8 +39500,8 @@ CVE-2021-2324
 	RESERVED
 CVE-2021-2323
 	RESERVED
-CVE-2021-2322
-	RESERVED
+CVE-2021-2322 (Vulnerability in OpenGrok (component: Web App). Versions that are affe ...)
+	TODO: check
 CVE-2021-2321 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.20-dfsg-1
 CVE-2021-2320 (Vulnerability in the Oracle Cloud Infrastructure Storage Gateway produ ...)
@@ -68743,8 +68765,8 @@ CVE-2020-18662
 	RESERVED
 CVE-2020-18661
 	RESERVED
-CVE-2020-18660
-	RESERVED
+CVE-2020-18660 (GetSimpleCMS <=3.3.15 has an open redirect in admin/changedata.php  ...)
+	TODO: check
 CVE-2020-18659 (Cross Site Scripting vulnerability in GetSimpleCMS <=3.3.15 via the ...)
 	NOT-FOR-US: GetSimpleCMS
 CVE-2020-18658 (Cross Site Scriptiong (XSS) vulnerability in GetSimpleCMS <=3.3.15  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb2f4c8287907ac1f666b808a4d79efcbce36d69

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb2f4c8287907ac1f666b808a4d79efcbce36d69
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210624/dedf0aa6/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list