[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Mar 25 08:10:27 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b537aa09 by security tracker role at 2021-03-25T08:10:18+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2021-29154
+ RESERVED
CVE-2021-3467
RESERVED
- jasper <removed>
@@ -18779,10 +18781,10 @@ CVE-2021-21388
RESERVED
CVE-2021-21387 (Wrongthink peer-to-peer, end-to-end encrypted messenger with PeerJS an ...)
NOT-FOR-US: Wrongthink
-CVE-2021-21386
- RESERVED
-CVE-2021-21385
- RESERVED
+CVE-2021-21386 (APKLeaks is an open-source project for scanning APK file for URIs, end ...)
+ TODO: check
+CVE-2021-21385 (Mifos-Mobile Android Application for MifosX is an Android Application ...)
+ TODO: check
CVE-2021-21384 (shescape is a simple shell escape package for JavaScript. In shescape ...)
NOT-FOR-US: shescape
CVE-2021-21383 (Wiki.js an open-source wiki app built on Node.js. Wiki.js before versi ...)
@@ -20603,8 +20605,8 @@ CVE-2021-20681
RESERVED
CVE-2021-20680
RESERVED
-CVE-2021-20679
- RESERVED
+CVE-2021-20679 (Fuji Xerox multifunction devices and printers (DocuCentre-VII C7773/C6 ...)
+ TODO: check
CVE-2021-20678 (SQL injection vulnerability in the Paid Memberships Pro versions prior ...)
NOT-FOR-US: Paid Memberships Pro
CVE-2021-20677
@@ -27885,12 +27887,12 @@ CVE-2021-1473
RESERVED
CVE-2021-1472
RESERVED
-CVE-2021-1471
- RESERVED
+CVE-2021-1471 (Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for ...)
+ TODO: check
CVE-2021-1470
RESERVED
-CVE-2021-1469
- RESERVED
+CVE-2021-1469 (Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for ...)
+ TODO: check
CVE-2021-1468
RESERVED
CVE-2021-1467
@@ -27907,8 +27909,8 @@ CVE-2021-1462
RESERVED
CVE-2021-1461
RESERVED
-CVE-2021-1460
- RESERVED
+CVE-2021-1460 (A vulnerability in the Cisco IOx Application Framework of Cisco 809 In ...)
+ TODO: check
CVE-2021-1459
RESERVED
CVE-2021-1458
@@ -27919,54 +27921,54 @@ CVE-2021-1456
RESERVED
CVE-2021-1455
RESERVED
-CVE-2021-1454
- RESERVED
-CVE-2021-1453
- RESERVED
-CVE-2021-1452
- RESERVED
-CVE-2021-1451
- RESERVED
+CVE-2021-1454 (Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software co ...)
+ TODO: check
+CVE-2021-1453 (A vulnerability in the software image verification functionality of Ci ...)
+ TODO: check
+CVE-2021-1452 (A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software f ...)
+ TODO: check
+CVE-2021-1451 (A vulnerability in the Easy Virtual Switching System (VSS) feature of ...)
+ TODO: check
CVE-2021-1450 (A vulnerability in the interprocess communication (IPC) channel of Cis ...)
NOT-FOR-US: Cisco
-CVE-2021-1449
- RESERVED
+CVE-2021-1449 (A vulnerability in the boot logic of Cisco Access Points Software coul ...)
+ TODO: check
CVE-2021-1448
RESERVED
CVE-2021-1447
RESERVED
-CVE-2021-1446
- RESERVED
+CVE-2021-1446 (A vulnerability in the DNS application layer gateway (ALG) functionali ...)
+ TODO: check
CVE-2021-1445
RESERVED
CVE-2021-1444
RESERVED
-CVE-2021-1443
- RESERVED
-CVE-2021-1442
- RESERVED
-CVE-2021-1441
- RESERVED
+CVE-2021-1443 (A vulnerability in the web UI of Cisco IOS XE Software could allow an ...)
+ TODO: check
+CVE-2021-1442 (A vulnerability in a diagnostic command for the Plug-and-Play (PnP) su ...)
+ TODO: check
+CVE-2021-1441 (A vulnerability in the hardware initialization routines of Cisco IOS X ...)
+ TODO: check
CVE-2021-1440
RESERVED
-CVE-2021-1439
- RESERVED
+CVE-2021-1439 (A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco A ...)
+ TODO: check
CVE-2021-1438
RESERVED
-CVE-2021-1437
- RESERVED
-CVE-2021-1436
- RESERVED
-CVE-2021-1435
- RESERVED
-CVE-2021-1434
- RESERVED
-CVE-2021-1433
- RESERVED
-CVE-2021-1432
- RESERVED
-CVE-2021-1431
- RESERVED
+CVE-2021-1437 (A vulnerability in the FlexConnect Upgrade feature of Cisco Aironet Se ...)
+ TODO: check
+CVE-2021-1436 (A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow ...)
+ TODO: check
+CVE-2021-1435 (A vulnerability in the web UI of Cisco IOS XE Software could allow an ...)
+ TODO: check
+CVE-2021-1434 (A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow ...)
+ TODO: check
+CVE-2021-1433 (A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software ...)
+ TODO: check
+CVE-2021-1432 (A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow ...)
+ TODO: check
+CVE-2021-1431 (A vulnerability in the vDaemon process of Cisco IOS XE SD-WAN Software ...)
+ TODO: check
CVE-2021-1430
RESERVED
CVE-2021-1429
@@ -27981,8 +27983,8 @@ CVE-2021-1425
RESERVED
CVE-2021-1424
RESERVED
-CVE-2021-1423
- RESERVED
+CVE-2021-1423 (A vulnerability in the implementation of a CLI command in Cisco Airone ...)
+ TODO: check
CVE-2021-1422
RESERVED
CVE-2021-1421
@@ -27991,10 +27993,10 @@ CVE-2021-1420
RESERVED
CVE-2021-1419
RESERVED
-CVE-2021-1418
- RESERVED
-CVE-2021-1417
- RESERVED
+CVE-2021-1418 (Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for ...)
+ TODO: check
+CVE-2021-1417 (Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for ...)
+ TODO: check
CVE-2021-1416 (Multiple vulnerabilities in the Admin portal of Cisco Identity Service ...)
NOT-FOR-US: Cisco
CVE-2021-1415
@@ -28005,8 +28007,8 @@ CVE-2021-1413
RESERVED
CVE-2021-1412 (Multiple vulnerabilities in the Admin portal of Cisco Identity Service ...)
NOT-FOR-US: Cisco
-CVE-2021-1411
- RESERVED
+CVE-2021-1411 (Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for ...)
+ TODO: check
CVE-2021-1410
RESERVED
CVE-2021-1409
@@ -28021,8 +28023,8 @@ CVE-2021-1405
RESERVED
CVE-2021-1404
RESERVED
-CVE-2021-1403
- RESERVED
+CVE-2021-1403 (A vulnerability in the web UI feature of Cisco IOS XE Software could a ...)
+ TODO: check
CVE-2021-1402
RESERVED
CVE-2021-1401
@@ -28031,24 +28033,24 @@ CVE-2021-1400
RESERVED
CVE-2021-1399
RESERVED
-CVE-2021-1398
- RESERVED
+CVE-2021-1398 (A vulnerability in the boot logic of Cisco IOS XE Software could allow ...)
+ TODO: check
CVE-2021-1397
RESERVED
CVE-2021-1396 (Multiple vulnerabilities in Cisco Application Services Engine could al ...)
NOT-FOR-US: Cisco
CVE-2021-1395
RESERVED
-CVE-2021-1394
- RESERVED
+CVE-2021-1394 (A vulnerability in the ingress traffic manager of Cisco IOS XE Softwar ...)
+ TODO: check
CVE-2021-1393 (Multiple vulnerabilities in Cisco Application Services Engine could al ...)
NOT-FOR-US: Cisco
-CVE-2021-1392
- RESERVED
-CVE-2021-1391
- RESERVED
-CVE-2021-1390
- RESERVED
+CVE-2021-1392 (A vulnerability in the CLI command permissions of Cisco IOS and Cisco ...)
+ TODO: check
+CVE-2021-1391 (A vulnerability in the dragonite debugger of Cisco IOS XE Software cou ...)
+ TODO: check
+CVE-2021-1390 (A vulnerability in one of the diagnostic test CLI commands of Cisco IO ...)
+ TODO: check
CVE-2021-1389 (A vulnerability in the IPv6 traffic processing of Cisco IOS XR Softwar ...)
NOT-FOR-US: Cisco
CVE-2021-1388 (A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrato ...)
@@ -28057,36 +28059,36 @@ CVE-2021-1387 (A vulnerability in the network stack of Cisco NX-OS Software coul
NOT-FOR-US: Cisco
CVE-2021-1386
RESERVED
-CVE-2021-1385
- RESERVED
-CVE-2021-1384
- RESERVED
-CVE-2021-1383
- RESERVED
-CVE-2021-1382
- RESERVED
-CVE-2021-1381
- RESERVED
+CVE-2021-1385 (A vulnerability in the Cisco IOx application hosting environment of mu ...)
+ TODO: check
+CVE-2021-1384 (A vulnerability in Cisco IOx application hosting environment of Cisco ...)
+ TODO: check
+CVE-2021-1383 (Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software co ...)
+ TODO: check
+CVE-2021-1382 (A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow ...)
+ TODO: check
+CVE-2021-1381 (A vulnerability in Cisco IOS XE Software could allow an authenticated, ...)
+ TODO: check
CVE-2021-1380
RESERVED
CVE-2021-1379
RESERVED
CVE-2021-1378 (A vulnerability in the SSH service of the Cisco StarOS operating syste ...)
NOT-FOR-US: Cisco
-CVE-2021-1377
- RESERVED
-CVE-2021-1376
- RESERVED
-CVE-2021-1375
- RESERVED
-CVE-2021-1374
- RESERVED
-CVE-2021-1373
- RESERVED
+CVE-2021-1377 (A vulnerability in Address Resolution Protocol (ARP) management of Cis ...)
+ TODO: check
+CVE-2021-1376 (Multiple vulnerabilities in the fast reload feature of Cisco IOS XE So ...)
+ TODO: check
+CVE-2021-1375 (Multiple vulnerabilities in the fast reload feature of Cisco IOS XE So ...)
+ TODO: check
+CVE-2021-1374 (A vulnerability in the web-based management interface of Cisco IOS XE ...)
+ TODO: check
+CVE-2021-1373 (A vulnerability in the Control and Provisioning of Wireless Access Poi ...)
+ TODO: check
CVE-2021-1372 (A vulnerability in Cisco Webex Meetings Desktop App and Webex Producti ...)
NOT-FOR-US: Cisco
-CVE-2021-1371
- RESERVED
+CVE-2021-1371 (A vulnerability in the role-based access control of Cisco IOS XE SD-WA ...)
+ TODO: check
CVE-2021-1370 (A vulnerability in a CLI command of Cisco IOS XR Software for the Cisc ...)
NOT-FOR-US: Cisco
CVE-2021-1369
@@ -28115,16 +28117,16 @@ CVE-2021-1358
RESERVED
CVE-2021-1357 (Multiple vulnerabilities in Cisco Unified Communications Manager IM &a ...)
NOT-FOR-US: Cisco
-CVE-2021-1356
- RESERVED
+CVE-2021-1356 (Multiple vulnerabilities in the web UI of Cisco IOS XE Software could ...)
+ TODO: check
CVE-2021-1355 (Multiple vulnerabilities in Cisco Unified Communications Manager IM &a ...)
NOT-FOR-US: Cisco
CVE-2021-1354 (A vulnerability in the certificate registration process of Cisco Unifi ...)
NOT-FOR-US: Cisco
CVE-2021-1353 (A vulnerability in the IPv4 protocol handling of Cisco StarOS could al ...)
NOT-FOR-US: Cisco
-CVE-2021-1352
- RESERVED
+CVE-2021-1352 (A vulnerability in the DECnet Phase IV and DECnet/OSI protocol process ...)
+ TODO: check
CVE-2021-1351 (A vulnerability in the web-based interface of Cisco Webex Meetings cou ...)
NOT-FOR-US: Cisco
CVE-2021-1350 (A vulnerability in the web UI of Cisco Umbrella could allow an unauthe ...)
@@ -28265,8 +28267,8 @@ CVE-2021-1283 (A vulnerability in the logging subsystem of Cisco Data Center Net
NOT-FOR-US: Cisco
CVE-2021-1282 (Multiple vulnerabilities in Cisco Unified Communications Manager IM &a ...)
NOT-FOR-US: Cisco
-CVE-2021-1281
- RESERVED
+CVE-2021-1281 (A vulnerability in CLI management in Cisco IOS XE SD-WAN Software coul ...)
+ TODO: check
CVE-2021-1280 (A vulnerability in the loading mechanism of specific DLLs of Cisco Adv ...)
NOT-FOR-US: Cisco
CVE-2021-1279 (Multiple vulnerabilities in Cisco SD-WAN products could allow an unaut ...)
@@ -28387,8 +28389,8 @@ CVE-2021-1222 (A vulnerability in the web-based management interface of Cisco Sm
NOT-FOR-US: Cisco
CVE-2021-1221 (A vulnerability in the user interface of Cisco Webex Meetings and Cisc ...)
NOT-FOR-US: Cisco
-CVE-2021-1220
- RESERVED
+CVE-2021-1220 (Multiple vulnerabilities in the web UI of Cisco IOS XE Software could ...)
+ TODO: check
CVE-2021-1219 (A vulnerability in Cisco Smart Software Manager Satellite could allow ...)
NOT-FOR-US: Cisco
CVE-2021-1218 (A vulnerability in the web management interface of Cisco Smart Softwar ...)
@@ -36430,16 +36432,16 @@ CVE-2020-26285 (OpenMage is a community-driven alternative to Magento CE. In Ope
CVE-2020-26284 (Hugo is a fast and Flexible Static Site Generator built in Go. Hugo de ...)
- hugo 0.79.1-1 (unimportant)
NOTE: https://github.com/gohugoio/hugo/security/advisories/GHSA-8j34-9876-pvfq
-CVE-2020-26283
- RESERVED
+CVE-2020-26283 (go-ipfs is an open-source golang implementation of IPFS which is a glo ...)
+ TODO: check
CVE-2020-26282 (BrowserUp Proxy allows you to manipulate HTTP requests and responses, ...)
NOT-FOR-US: BrowserUp Proxy
CVE-2020-26281 (async-h1 is an asynchronous HTTP/1.1 parser for Rust (crates.io). Ther ...)
NOT-FOR-US: Rust async-h1
CVE-2020-26280 (OpenSlides is a free, Web-based presentation and assembly system for m ...)
NOT-FOR-US: OpenSlides
-CVE-2020-26279
- RESERVED
+CVE-2020-26279 (go-ipfs is an open-source golang implementation of IPFS which is a glo ...)
+ TODO: check
CVE-2020-26278 (Weave Net is open source software which creates a virtual network that ...)
NOT-FOR-US: Weave Net
CVE-2020-26277 (DBdeployer is a tool that deploys MySQL database servers easily. In DB ...)
@@ -81314,10 +81316,10 @@ CVE-2020-7855
RESERVED
CVE-2020-7854
RESERVED
-CVE-2020-7853
- RESERVED
-CVE-2020-7852
- RESERVED
+CVE-2020-7853 (An outbound read/write vulnerability exists in XPLATFORM that does not ...)
+ TODO: check
+CVE-2020-7852 (DaviewIndy has a Heap-based overflow vulnerability, triggered when the ...)
+ TODO: check
CVE-2020-7851
RESERVED
CVE-2020-7850
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b537aa09014854cc20176b8c2cc5951e700c2340
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b537aa09014854cc20176b8c2cc5951e700c2340
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210325/e6d355fa/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list