[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Thu Mar 11 20:10:38 GMT 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2a69c8df by security tracker role at 2021-03-11T20:10:30+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,17 +1,29 @@
+CVE-2021-3435
+	RESERVED
+CVE-2021-3434
+	RESERVED
+CVE-2021-3433
+	RESERVED
+CVE-2021-3432
+	RESERVED
+CVE-2021-3431
+	RESERVED
+CVE-2021-3430
+	RESERVED
 CVE-2021-3429
 	RESERVED
 CVE-2021-3428
 	RESERVED
 CVE-2021-28145
 	RESERVED
-CVE-2021-28144
-	RESERVED
+CVE-2021-28144 (prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote a ...)
+	TODO: check
 CVE-2021-28143
 	RESERVED
 CVE-2021-28142
 	RESERVED
-CVE-2021-28141
-	RESERVED
+CVE-2021-28141 (An issue was discovered in Progress Telerik UI for ASP.NET AJAX 2021.1 ...)
+	TODO: check
 CVE-2021-28140
 	RESERVED
 CVE-2021-28139
@@ -189,13 +201,13 @@ CVE-2021-28089
 	RESERVED
 CVE-2020-36256
 	RESERVED
-CVE-2021-21381 [Arbitrary file read/write without permissions]
+CVE-2021-21381 (Flatpak is a system for building, distributing, and running sandboxed  ...)
 	- flatpak 1.10.1-4 (bug #984859)
 	[stretch] - flatpak <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/flatpak/flatpak/issues/4146
 	NOTE: https://github.com/flatpak/flatpak/security/advisories/GHSA-xgh4-387p-hqpp
-CVE-2021-28088
-	RESERVED
+CVE-2021-28088 (Cross-site scripting (XSS) in modules/content/admin/content.php in Imp ...)
+	TODO: check
 CVE-2021-28087
 	RESERVED
 CVE-2021-28086
@@ -1076,12 +1088,12 @@ CVE-2021-27681
 	RESERVED
 CVE-2021-27680
 	RESERVED
-CVE-2021-27679
-	RESERVED
-CVE-2021-27678
-	RESERVED
-CVE-2021-27677
-	RESERVED
+CVE-2021-27679 (Cross-site scripting (XSS) vulnerability in Navigation in Batflat CMS  ...)
+	TODO: check
+CVE-2021-27678 (Cross-site scripting (XSS) vulnerability in Snippets in Batflat CMS 1. ...)
+	TODO: check
+CVE-2021-27677 (Cross-site scripting (XSS) vulnerability in Galleries in Batflat CMS 1 ...)
+	TODO: check
 CVE-2021-27676
 	RESERVED
 CVE-2021-27675
@@ -2330,6 +2342,7 @@ CVE-2021-27106
 CVE-2021-27105
 	RESERVED
 CVE-2021-3407 (A flaw was found in mupdf 1.18.0. Double free of object during lineari ...)
+	{DLA-2589-1}
 	- mupdf 1.17.0+ds1-1.3 (bug #983684)
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;h=cee7cefc610d42fd383b3c80c12cbc675443176a
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=703366 (not public yet)
@@ -2382,84 +2395,84 @@ CVE-2021-27087
 	RESERVED
 CVE-2021-27086
 	RESERVED
-CVE-2021-27085
-	RESERVED
-CVE-2021-27084
-	RESERVED
-CVE-2021-27083
-	RESERVED
-CVE-2021-27082
-	RESERVED
-CVE-2021-27081
-	RESERVED
-CVE-2021-27080
-	RESERVED
+CVE-2021-27085 (Internet Explorer Remote Code Execution Vulnerability ...)
+	TODO: check
+CVE-2021-27084 (Visual Studio Code Java Extension Pack Remote Code Execution Vulnerabi ...)
+	TODO: check
+CVE-2021-27083 (Remote Development Extension for Visual Studio Code Remote Code Execut ...)
+	TODO: check
+CVE-2021-27082 (Quantum Development Kit for Visual Studio Code Remote Code Execution V ...)
+	TODO: check
+CVE-2021-27081 (Visual Studio Code ESLint Extension Remote Code Execution Vulnerabilit ...)
+	TODO: check
+CVE-2021-27080 (Azure Sphere Unsigned Code Execution Vulnerability This CVE ID is uniq ...)
+	TODO: check
 CVE-2021-27079
 	RESERVED
 CVE-2021-27078 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
 	NOT-FOR-US: Microsoft
-CVE-2021-27077
-	RESERVED
-CVE-2021-27076
-	RESERVED
-CVE-2021-27075
-	RESERVED
-CVE-2021-27074
-	RESERVED
+CVE-2021-27077 (Windows Win32k Elevation of Privilege Vulnerability This CVE ID is uni ...)
+	TODO: check
+CVE-2021-27076 (Microsoft SharePoint Server Remote Code Execution Vulnerability ...)
+	TODO: check
+CVE-2021-27075 (Azure Virtual Machine Information Disclosure Vulnerability ...)
+	TODO: check
+CVE-2021-27074 (Azure Sphere Unsigned Code Execution Vulnerability This CVE ID is uniq ...)
+	TODO: check
 CVE-2021-27073
 	RESERVED
 CVE-2021-27072
 	RESERVED
 CVE-2021-27071
 	RESERVED
-CVE-2021-27070
-	RESERVED
+CVE-2021-27070 (Windows 10 Update Assistant Elevation of Privilege Vulnerability ...)
+	TODO: check
 CVE-2021-27069
 	RESERVED
 CVE-2021-27068
 	RESERVED
 CVE-2021-27067
 	RESERVED
-CVE-2021-27066
-	RESERVED
+CVE-2021-27066 (Windows Admin Center Security Feature Bypass Vulnerability ...)
+	TODO: check
 CVE-2021-27065 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-27064
 	RESERVED
-CVE-2021-27063
-	RESERVED
-CVE-2021-27062
-	RESERVED
-CVE-2021-27061
-	RESERVED
-CVE-2021-27060
-	RESERVED
-CVE-2021-27059
-	RESERVED
-CVE-2021-27058
-	RESERVED
-CVE-2021-27057
-	RESERVED
-CVE-2021-27056
-	RESERVED
-CVE-2021-27055
-	RESERVED
-CVE-2021-27054
-	RESERVED
-CVE-2021-27053
-	RESERVED
-CVE-2021-27052
-	RESERVED
-CVE-2021-27051
-	RESERVED
-CVE-2021-27050
-	RESERVED
-CVE-2021-27049
-	RESERVED
-CVE-2021-27048
-	RESERVED
-CVE-2021-27047
-	RESERVED
+CVE-2021-27063 (Windows DNS Server Denial of Service Vulnerability This CVE ID is uniq ...)
+	TODO: check
+CVE-2021-27062 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID  ...)
+	TODO: check
+CVE-2021-27061 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID  ...)
+	TODO: check
+CVE-2021-27060 (Visual Studio Code Remote Code Execution Vulnerability ...)
+	TODO: check
+CVE-2021-27059 (Microsoft Office Remote Code Execution Vulnerability This CVE ID is un ...)
+	TODO: check
+CVE-2021-27058 (Microsoft Office ClickToRun Remote Code Execution Vulnerability ...)
+	TODO: check
+CVE-2021-27057 (Microsoft Office Remote Code Execution Vulnerability This CVE ID is un ...)
+	TODO: check
+CVE-2021-27056 (Microsoft PowerPoint Remote Code Execution Vulnerability ...)
+	TODO: check
+CVE-2021-27055 (Microsoft Visio Security Feature Bypass Vulnerability ...)
+	TODO: check
+CVE-2021-27054 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
+	TODO: check
+CVE-2021-27053 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
+	TODO: check
+CVE-2021-27052 (Microsoft SharePoint Server Information Disclosure Vulnerability ...)
+	TODO: check
+CVE-2021-27051 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID  ...)
+	TODO: check
+CVE-2021-27050 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID  ...)
+	TODO: check
+CVE-2021-27049 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID  ...)
+	TODO: check
+CVE-2021-27048 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID  ...)
+	TODO: check
+CVE-2021-27047 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID  ...)
+	TODO: check
 CVE-2021-27046
 	RESERVED
 CVE-2021-27045
@@ -2812,94 +2825,94 @@ CVE-2021-26904 (LMA ISIDA Retriever 5.2 allows SQL Injection. ...)
 	NOT-FOR-US: LMA ISIDA Retriever
 CVE-2021-26903 (LMA ISIDA Retriever 5.2 is vulnerable to XSS via query['text']. ...)
 	NOT-FOR-US: LMA ISIDA Retriever
-CVE-2021-26902
-	RESERVED
-CVE-2021-26901
-	RESERVED
-CVE-2021-26900
-	RESERVED
-CVE-2021-26899
-	RESERVED
-CVE-2021-26898
-	RESERVED
-CVE-2021-26897
-	RESERVED
-CVE-2021-26896
-	RESERVED
-CVE-2021-26895
-	RESERVED
-CVE-2021-26894
-	RESERVED
-CVE-2021-26893
-	RESERVED
-CVE-2021-26892
-	RESERVED
-CVE-2021-26891
-	RESERVED
-CVE-2021-26890
-	RESERVED
-CVE-2021-26889
-	RESERVED
+CVE-2021-26902 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID  ...)
+	TODO: check
+CVE-2021-26901 (Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID ...)
+	TODO: check
+CVE-2021-26900 (Windows Win32k Elevation of Privilege Vulnerability This CVE ID is uni ...)
+	TODO: check
+CVE-2021-26899 (Windows UPnP Device Host Elevation of Privilege Vulnerability ...)
+	TODO: check
+CVE-2021-26898 (Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID ...)
+	TODO: check
+CVE-2021-26897 (Windows DNS Server Remote Code Execution Vulnerability This CVE ID is  ...)
+	TODO: check
+CVE-2021-26896 (Windows DNS Server Denial of Service Vulnerability This CVE ID is uniq ...)
+	TODO: check
+CVE-2021-26895 (Windows DNS Server Remote Code Execution Vulnerability This CVE ID is  ...)
+	TODO: check
+CVE-2021-26894 (Windows DNS Server Remote Code Execution Vulnerability This CVE ID is  ...)
+	TODO: check
+CVE-2021-26893 (Windows DNS Server Remote Code Execution Vulnerability This CVE ID is  ...)
+	TODO: check
+CVE-2021-26892 (Windows Extensible Firmware Interface Security Feature Bypass Vulnerab ...)
+	TODO: check
+CVE-2021-26891 (Windows Container Execution Agent Elevation of Privilege Vulnerability ...)
+	TODO: check
+CVE-2021-26890 (Application Virtualization Remote Code Execution Vulnerability ...)
+	TODO: check
+CVE-2021-26889 (Windows Update Stack Elevation of Privilege Vulnerability ...)
+	TODO: check
 CVE-2021-26888
 	RESERVED
-CVE-2021-26887
-	RESERVED
-CVE-2021-26886
-	RESERVED
-CVE-2021-26885
-	RESERVED
-CVE-2021-26884
-	RESERVED
+CVE-2021-26887 (Microsoft Windows Folder Redirection Elevation of Privilege Vulnerabil ...)
+	TODO: check
+CVE-2021-26886 (User Profile Service Denial of Service Vulnerability ...)
+	TODO: check
+CVE-2021-26885 (Windows WalletService Elevation of Privilege Vulnerability This CVE ID ...)
+	TODO: check
+CVE-2021-26884 (Windows Media Photo Codec Information Disclosure Vulnerability ...)
+	TODO: check
 CVE-2021-26883
 	RESERVED
-CVE-2021-26882
-	RESERVED
-CVE-2021-26881
-	RESERVED
-CVE-2021-26880
-	RESERVED
-CVE-2021-26879
-	RESERVED
-CVE-2021-26878
-	RESERVED
-CVE-2021-26877
-	RESERVED
-CVE-2021-26876
-	RESERVED
-CVE-2021-26875
-	RESERVED
-CVE-2021-26874
-	RESERVED
-CVE-2021-26873
-	RESERVED
-CVE-2021-26872
-	RESERVED
-CVE-2021-26871
-	RESERVED
-CVE-2021-26870
-	RESERVED
-CVE-2021-26869
-	RESERVED
-CVE-2021-26868
-	RESERVED
-CVE-2021-26867
-	RESERVED
-CVE-2021-26866
-	RESERVED
-CVE-2021-26865
-	RESERVED
-CVE-2021-26864
-	RESERVED
-CVE-2021-26863
-	RESERVED
-CVE-2021-26862
-	RESERVED
-CVE-2021-26861
-	RESERVED
-CVE-2021-26860
-	RESERVED
-CVE-2021-26859
-	RESERVED
+CVE-2021-26882 (Remote Access API Elevation of Privilege Vulnerability ...)
+	TODO: check
+CVE-2021-26881 (Microsoft Windows Media Foundation Remote Code Execution Vulnerability ...)
+	TODO: check
+CVE-2021-26880 (Storage Spaces Controller Elevation of Privilege Vulnerability ...)
+	TODO: check
+CVE-2021-26879 (Windows NAT Denial of Service Vulnerability ...)
+	TODO: check
+CVE-2021-26878 (Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID ...)
+	TODO: check
+CVE-2021-26877 (Windows DNS Server Remote Code Execution Vulnerability This CVE ID is  ...)
+	TODO: check
+CVE-2021-26876 (OpenType Font Parsing Remote Code Execution Vulnerability ...)
+	TODO: check
+CVE-2021-26875 (Windows Win32k Elevation of Privilege Vulnerability This CVE ID is uni ...)
+	TODO: check
+CVE-2021-26874 (Windows Overlay Filter Elevation of Privilege Vulnerability ...)
+	TODO: check
+CVE-2021-26873 (Windows User Profile Service Elevation of Privilege Vulnerability ...)
+	TODO: check
+CVE-2021-26872 (Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID ...)
+	TODO: check
+CVE-2021-26871 (Windows WalletService Elevation of Privilege Vulnerability This CVE ID ...)
+	TODO: check
+CVE-2021-26870 (Windows Projected File System Elevation of Privilege Vulnerability ...)
+	TODO: check
+CVE-2021-26869 (Windows ActiveX Installer Service Information Disclosure Vulnerability ...)
+	TODO: check
+CVE-2021-26868 (Windows Graphics Component Elevation of Privilege Vulnerability ...)
+	TODO: check
+CVE-2021-26867 (Windows Hyper-V Remote Code Execution Vulnerability ...)
+	TODO: check
+CVE-2021-26866 (Windows Update Service Elevation of Privilege Vulnerability ...)
+	TODO: check
+CVE-2021-26865 (Windows Container Execution Agent Elevation of Privilege Vulnerability ...)
+	TODO: check
+CVE-2021-26864 (Windows Virtual Registry Provider Elevation of Privilege Vulnerability ...)
+	TODO: check
+CVE-2021-26863 (Windows Win32k Elevation of Privilege Vulnerability This CVE ID is uni ...)
+	TODO: check
+CVE-2021-26862 (Windows Installer Elevation of Privilege Vulnerability ...)
+	TODO: check
+CVE-2021-26861 (Windows Graphics Component Remote Code Execution Vulnerability ...)
+	TODO: check
+CVE-2021-26860 (Windows App-V Overlay Filter Elevation of Privilege Vulnerability ...)
+	TODO: check
+CVE-2021-26859 (Microsoft Power BI Information Disclosure Vulnerability ...)
+	TODO: check
 CVE-2021-26858 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-26857 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
@@ -3105,8 +3118,8 @@ CVE-2021-26778
 	RESERVED
 CVE-2021-26777
 	RESERVED
-CVE-2021-26776
-	RESERVED
+CVE-2021-26776 (CSZ CMS 1.2.9 is affected by a cross-site scripting (XSS) vulnerabilit ...)
+	TODO: check
 CVE-2021-26775
 	RESERVED
 CVE-2021-26774
@@ -3997,8 +4010,8 @@ CVE-2021-26413
 	RESERVED
 CVE-2021-26412 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
 	NOT-FOR-US: Microsoft
-CVE-2021-26411
-	RESERVED
+CVE-2021-26411 (Internet Explorer Memory Corruption Vulnerability ...)
+	TODO: check
 CVE-2021-26410
 	RESERVED
 CVE-2021-26409
@@ -9330,20 +9343,20 @@ CVE-2021-24112 (.NET Core Remote Code Execution Vulnerability This CVE ID is uni
 	NOT-FOR-US: Microsoft
 CVE-2021-24111 (.NET Framework Denial of Service Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2021-24110
-	RESERVED
+CVE-2021-24110 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID  ...)
+	TODO: check
 CVE-2021-24109 (Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerabilit ...)
 	NOT-FOR-US: Microsoft
-CVE-2021-24108
-	RESERVED
-CVE-2021-24107
-	RESERVED
+CVE-2021-24108 (Microsoft Office Remote Code Execution Vulnerability This CVE ID is un ...)
+	TODO: check
+CVE-2021-24107 (Windows Event Tracing Information Disclosure Vulnerability ...)
+	TODO: check
 CVE-2021-24106 (Windows DirectX Information Disclosure Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-24105 (Package Managers Configurations Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2021-24104
-	RESERVED
+CVE-2021-24104 (Microsoft SharePoint Spoofing Vulnerability ...)
+	TODO: check
 CVE-2021-24103 (Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-24102 (Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID ...)
@@ -9360,8 +9373,8 @@ CVE-2021-24097
 	RESERVED
 CVE-2021-24096 (Windows Kernel Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2021-24095
-	RESERVED
+CVE-2021-24095 (DirectX Elevation of Privilege Vulnerability ...)
+	TODO: check
 CVE-2021-24094 (Windows TCP/IP Remote Code Execution Vulnerability This CVE ID is uniq ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-24093 (Windows Graphics Component Remote Code Execution Vulnerability ...)
@@ -9370,10 +9383,10 @@ CVE-2021-24092 (Microsoft Defender Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-24091 (Windows Camera Codec Pack Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2021-24090
-	RESERVED
-CVE-2021-24089
-	RESERVED
+CVE-2021-24090 (Windows Error Reporting Elevation of Privilege Vulnerability ...)
+	TODO: check
+CVE-2021-24089 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID  ...)
+	TODO: check
 CVE-2021-24088 (Windows Local Spooler Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-24087 (Azure IoT CLI extension Elevation of Privilege Vulnerability ...)
@@ -18922,8 +18935,8 @@ CVE-2021-20338
 	RESERVED
 CVE-2021-20337
 	RESERVED
-CVE-2021-20336
-	RESERVED
+CVE-2021-20336 (IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-sit ...)
+	TODO: check
 CVE-2021-20335 (For MongoDB Ops Manager 4.2.X with multiple OM application servers, th ...)
 	NOT-FOR-US: MongoDB Ops Manager
 CVE-2021-20334
@@ -22993,8 +23006,8 @@ CVE-2021-1731 (PFX Encryption Security Feature Bypass Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-1730 (Microsoft Exchange Server Spoofing Vulnerability This CVE ID is unique ...)
 	NOT-FOR-US: Microsoft
-CVE-2021-1729
-	RESERVED
+CVE-2021-1729 (Windows Update Stack Setup Elevation of Privilege Vulnerability ...)
+	TODO: check
 CVE-2021-1728 (System Center Operations Manager Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-1727 (Windows Installer Elevation of Privilege Vulnerability ...)
@@ -33441,7 +33454,7 @@ CVE-2020-26521 (The JWT library in NATS nats-server before 2.1.9 allows a denial
 CVE-2020-26520
 	RESERVED
 CVE-2020-26519 (Artifex MuPDF before 1.18.0 has a heap based buffer over-write when pa ...)
-	{DSA-4794-1}
+	{DSA-4794-1 DLA-2589-1}
 	- mupdf 1.17.0+ds1-1.1 (bug #971595)
 	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commit;h=af1e390a2c7abceb32676ec684cd1dbb92907ce8
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=702937
@@ -58427,12 +58440,12 @@ CVE-2020-14991
 	RESERVED
 CVE-2020-14990 (IOBit Advanced SystemCare Free 13.5.0.263 allows local users to gain p ...)
 	NOT-FOR-US: IOBit Advanced SystemCare Free
-CVE-2020-14989
-	RESERVED
-CVE-2020-14988
-	RESERVED
-CVE-2020-14987
-	RESERVED
+CVE-2020-14989 (An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0  ...)
+	TODO: check
+CVE-2020-14988 (An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0  ...)
+	TODO: check
+CVE-2020-14987 (An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0  ...)
+	TODO: check
 CVE-2020-14986
 	RESERVED
 CVE-2020-14985
@@ -86260,10 +86273,10 @@ CVE-2020-5027
 	RESERVED
 CVE-2020-5026
 	RESERVED
-CVE-2020-5025
-	RESERVED
-CVE-2020-5024
-	RESERVED
+CVE-2020-5025 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+	TODO: check
+CVE-2020-5024 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+	TODO: check
 CVE-2020-5023 (IBM Spectrum Protect Plus 10.1.0 through 10.1.7 could allow a remote u ...)
 	NOT-FOR-US: IBM
 CVE-2020-5022 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow unauthentica ...)
@@ -86358,8 +86371,8 @@ CVE-2020-4978
 	RESERVED
 CVE-2020-4977
 	RESERVED
-CVE-2020-4976
-	RESERVED
+CVE-2020-4976 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+	TODO: check
 CVE-2020-4975 (IBM Engineering products are vulnerable to cross-site scripting. This  ...)
 	NOT-FOR-US: IBM
 CVE-2020-4974
@@ -94791,7 +94804,7 @@ CVE-2020-1898 (The fb_unserialize function did not impose a depth limit for nest
 	TODO: check
 CVE-2020-1897 (A use-after-free is possible due to an error in lifetime management in ...)
 	NOT-FOR-US: Facebook Proxygen
-CVE-2020-1896 (A stack overflow vulnerability in Facebook Hermes ‘builtin apply ...)
+CVE-2020-1896 (A stack overflow vulnerability in Facebook Hermes 'builtin apply' prio ...)
 	NOT-FOR-US: Facebook Hermes
 CVE-2020-1895 (A large heap overflow could occur in Instagram for Android when attemp ...)
 	NOT-FOR-US: Instagram for Android



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a69c8df4e7f6d7f6ffdb82bfb9ced76ad695d45

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a69c8df4e7f6d7f6ffdb82bfb9ced76ad695d45
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210311/b7ad4634/attachment.htm>


More information about the debian-security-tracker-commits mailing list