[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sat May 1 09:10:29 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
30e5593a by security tracker role at 2021-05-01T08:10:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,153 @@
+CVE-2021-3529
+	RESERVED
+CVE-2021-31995
+	RESERVED
+CVE-2021-31994
+	RESERVED
+CVE-2021-31993
+	RESERVED
+CVE-2021-31992
+	RESERVED
+CVE-2021-31991
+	RESERVED
+CVE-2021-31990
+	RESERVED
+CVE-2021-31989
+	RESERVED
+CVE-2021-31988
+	RESERVED
+CVE-2021-31987
+	RESERVED
+CVE-2021-31986
+	RESERVED
+CVE-2021-31985
+	RESERVED
+CVE-2021-31984
+	RESERVED
+CVE-2021-31983
+	RESERVED
+CVE-2021-31982
+	RESERVED
+CVE-2021-31981
+	RESERVED
+CVE-2021-31980
+	RESERVED
+CVE-2021-31979
+	RESERVED
+CVE-2021-31978
+	RESERVED
+CVE-2021-31977
+	RESERVED
+CVE-2021-31976
+	RESERVED
+CVE-2021-31975
+	RESERVED
+CVE-2021-31974
+	RESERVED
+CVE-2021-31973
+	RESERVED
+CVE-2021-31972
+	RESERVED
+CVE-2021-31971
+	RESERVED
+CVE-2021-31970
+	RESERVED
+CVE-2021-31969
+	RESERVED
+CVE-2021-31968
+	RESERVED
+CVE-2021-31967
+	RESERVED
+CVE-2021-31966
+	RESERVED
+CVE-2021-31965
+	RESERVED
+CVE-2021-31964
+	RESERVED
+CVE-2021-31963
+	RESERVED
+CVE-2021-31962
+	RESERVED
+CVE-2021-31961
+	RESERVED
+CVE-2021-31960
+	RESERVED
+CVE-2021-31959
+	RESERVED
+CVE-2021-31958
+	RESERVED
+CVE-2021-31957
+	RESERVED
+CVE-2021-31956
+	RESERVED
+CVE-2021-31955
+	RESERVED
+CVE-2021-31954
+	RESERVED
+CVE-2021-31953
+	RESERVED
+CVE-2021-31952
+	RESERVED
+CVE-2021-31951
+	RESERVED
+CVE-2021-31950
+	RESERVED
+CVE-2021-31949
+	RESERVED
+CVE-2021-31948
+	RESERVED
+CVE-2021-31947
+	RESERVED
+CVE-2021-31946
+	RESERVED
+CVE-2021-31945
+	RESERVED
+CVE-2021-31944
+	RESERVED
+CVE-2021-31943
+	RESERVED
+CVE-2021-31942
+	RESERVED
+CVE-2021-31941
+	RESERVED
+CVE-2021-31940
+	RESERVED
+CVE-2021-31939
+	RESERVED
+CVE-2021-31938
+	RESERVED
+CVE-2021-31937
+	RESERVED
+CVE-2021-31936
+	RESERVED
+CVE-2021-31935 (OX App Suite 7.10.4 and earlier allows XSS via a crafted distribution  ...)
+	TODO: check
+CVE-2021-31934 (OX App Suite 7.10.4 and earlier allows XSS via a crafted contact objec ...)
+	TODO: check
+CVE-2021-31933 (A remote code execution vulnerability exists in Chamilo through 1.11.1 ...)
+	TODO: check
+CVE-2021-31932
+	RESERVED
+CVE-2021-31931
+	RESERVED
+CVE-2021-31930
+	RESERVED
+CVE-2021-31929
+	RESERVED
+CVE-2021-31928
+	RESERVED
+CVE-2021-31927
+	RESERVED
+CVE-2021-31926 (AMP Application Deployment Service in CubeCoders AMP 2.1.x before 2.1. ...)
+	TODO: check
+CVE-2021-31925
+	RESERVED
+CVE-2021-31924
+	RESERVED
+CVE-2021-31923
+	RESERVED
+CVE-2021-31922
+	RESERVED
 CVE-2021-3528
 	RESERVED
 	NOT-FOR-US: noobaa
@@ -382,8 +532,8 @@ CVE-2021-31794 (Settings.aspx?view=About in Directum 5.8.2 allows XSS via the HT
 	NOT-FOR-US: Directum
 CVE-2021-31793
 	RESERVED
-CVE-2021-31792
-	RESERVED
+CVE-2021-31792 (XSS in the client account page in SuiteCRM before 7.11.19 allows an at ...)
+	TODO: check
 CVE-2021-31791 (In Hardware Sentry KM before 10.0.01 for BMC PATROL, a cleartext passw ...)
 	NOT-FOR-US: Sentry KM
 CVE-2021-31790
@@ -23778,24 +23928,24 @@ CVE-2021-21549
 	RESERVED
 CVE-2021-21548
 	RESERVED
-CVE-2021-21547
-	RESERVED
+CVE-2021-21547 (Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 ...)
+	TODO: check
 CVE-2021-21546
 	RESERVED
 CVE-2021-21545 (Dell Peripheral Manager 1.3.1 or greater contains remediation for a lo ...)
 	NOT-FOR-US: Dell
-CVE-2021-21544
-	RESERVED
-CVE-2021-21543
-	RESERVED
-CVE-2021-21542
-	RESERVED
-CVE-2021-21541
-	RESERVED
-CVE-2021-21540
-	RESERVED
-CVE-2021-21539
-	RESERVED
+CVE-2021-21544 (Dell EMC iDRAC9 versions prior to 4.40.00.00 contain an improper authe ...)
+	TODO: check
+CVE-2021-21543 (Dell EMC iDRAC9 versions prior to 4.40.00.00 contain multiple stored c ...)
+	TODO: check
+CVE-2021-21542 (Dell EMC iDRAC9 versions prior to 4.40.10.00 contain multiple stored c ...)
+	TODO: check
+CVE-2021-21541 (Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a DOM-based cross ...)
+	TODO: check
+CVE-2021-21540 (Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a stack-based ove ...)
+	TODO: check
+CVE-2021-21539 (Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a Time-of-check T ...)
+	TODO: check
 CVE-2021-21538
 	RESERVED
 CVE-2021-21537 (Dell Hybrid Client versions prior to 1.5 contain an information exposu ...)
@@ -23810,10 +23960,10 @@ CVE-2021-21533 (Wyse Management Suite versions up to 3.2 contains a vulnerabilit
 	NOT-FOR-US: Wyse Management Suite
 CVE-2021-21532 (Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper manageme ...)
 	NOT-FOR-US: Dell Wyse ThinOS
-CVE-2021-21531
-	RESERVED
-CVE-2021-21530
-	RESERVED
+CVE-2021-21531 (Dell Unisphere for PowerMax versions prior to 9.2.1.6 contain an Autho ...)
+	TODO: check
+CVE-2021-21530 (Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 c ...)
+	TODO: check
 CVE-2021-21529 (Dell System Update (DSU) 1.9 and earlier versions contain a denial of  ...)
 	NOT-FOR-US: Dell System Update (DSU)
 CVE-2021-21528
@@ -23858,8 +24008,8 @@ CVE-2021-21509
 	RESERVED
 CVE-2021-21508
 	RESERVED
-CVE-2021-21507
-	RESERVED
+CVE-2021-21507 (Dell EMC Networking X-Series firmware versions prior to 3.0.1.8 and De ...)
+	TODO: check
 CVE-2021-21506 (PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sani ...)
 	NOT-FOR-US: PowerScale OneFS
 CVE-2021-21505
@@ -25829,32 +25979,25 @@ CVE-2021-21234 (spring-boot-actuator-logview in a library that adds a simple log
 	NOT-FOR-US: Spring actuator logview
 CVE-2020-35627 (Ultimate WooCommerce Gift Cards 3.0.2 is affected by a file upload vul ...)
 	NOT-FOR-US: Ultimate WooCommerce Gift Cards
-CVE-2021-21233
-	RESERVED
+CVE-2021-21233 (Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 90. ...)
 	- chromium 90.0.4430.93-1 (bug #987715)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2021-21232
-	RESERVED
+CVE-2021-21232 (Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 all ...)
 	- chromium 90.0.4430.93-1 (bug #987715)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2021-21231
-	RESERVED
+CVE-2021-21231 (Insufficient data validation in V8 in Google Chrome prior to 90.0.4430 ...)
 	- chromium 90.0.4430.93-1 (bug #987715)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2021-21230
-	RESERVED
+CVE-2021-21230 (Type confusion in V8 in Google Chrome prior to 90.0.4430.93 allowed a  ...)
 	- chromium 90.0.4430.93-1 (bug #987715)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2021-21229
-	RESERVED
+CVE-2021-21229 (Incorrect security UI in downloads in Google Chrome on Android prior t ...)
 	- chromium 90.0.4430.93-1 (bug #987715)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2021-21228
-	RESERVED
+CVE-2021-21228 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
 	- chromium 90.0.4430.93-1 (bug #987715)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2021-21227
-	RESERVED
+CVE-2021-21227 (Insufficient data validation in V8 in Google Chrome prior to 90.0.4430 ...)
 	- chromium 90.0.4430.93-1 (bug #987715)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-21226 (Use after free in navigation in Google Chrome prior to 90.0.4430.85 al ...)
@@ -33760,10 +33903,10 @@ CVE-2020-28946 (An improper webserver configuration on Plum IK-401 devices with
 	NOT-FOR-US: Plum IK-401 devices
 CVE-2020-28945
 	RESERVED
-CVE-2020-28944
-	RESERVED
-CVE-2020-28943
-	RESERVED
+CVE-2020-28944 (OX Guard 2.10.4 and earlier allows a Denial of Service via a WKS serve ...)
+	TODO: check
+CVE-2020-28943 (OX App Suite 7.10.4 and earlier allows SSRF via a snippet. ...)
+	TODO: check
 CVE-2020-28942 (An issue exists in PrimeKey EJBCA before 7.4.3 when enrolling with EST ...)
 	NOT-FOR-US: PrimeKey EJBCA
 CVE-2020-28941 (An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c i ...)
@@ -60638,8 +60781,8 @@ CVE-2020-18086
 	RESERVED
 CVE-2020-18085
 	RESERVED
-CVE-2020-18084
-	RESERVED
+CVE-2020-18084 (Cross Site Scripting (XSS) in yzmCMS v5.2 allows remote attackers to e ...)
+	TODO: check
 CVE-2020-18083
 	RESERVED
 CVE-2020-18082



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30e5593a232067289088114c571618430cfcf3b9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30e5593a232067289088114c571618430cfcf3b9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210501/cc80b214/attachment.htm>

More information about the debian-security-tracker-commits mailing list