[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat May 22 09:10:25 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cef1945e by security tracker role at 2021-05-22T08:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2021-33514 (Certain NETGEAR devices are affected by command injection by an unauth ...)
+ TODO: check
+CVE-2021-33513 (Plone through 5.2.4 allows XSS via the inline_diff methods in Products ...)
+ TODO: check
+CVE-2021-33512 (Plone through 5.2.4 allows stored XSS attacks (by a Contributor) by up ...)
+ TODO: check
+CVE-2021-33511 (Plone though 5.2.4 allows SSRF via the lxml parser. This affects Diazo ...)
+ TODO: check
+CVE-2021-33510 (Plone through 5.2.4 allows remote authenticated managers to conduct SS ...)
+ TODO: check
+CVE-2021-33509 (Plone through 5.2.4 allows remote authenticated managers to perform di ...)
+ TODO: check
+CVE-2021-33508 (Plone through 5.2.4 allows XSS via a full name that is mishandled duri ...)
+ TODO: check
+CVE-2021-33507 (Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService b ...)
+ TODO: check
+CVE-2021-33506
+ RESERVED
+CVE-2021-33505
+ RESERVED
+CVE-2021-33504
+ RESERVED
+CVE-2021-33503
+ RESERVED
+CVE-2021-33502
+ RESERVED
+CVE-2021-33501
+ RESERVED
+CVE-2021-33500 (PuTTY before 0.75 on Windows allows remote servers to cause a denial o ...)
+ TODO: check
+CVE-2021-33499
+ RESERVED
+CVE-2021-33498
+ RESERVED
CVE-2021-3563
RESERVED
- keystone <undetermined>
@@ -27729,14 +27763,14 @@ CVE-2021-21554
RESERVED
CVE-2021-21553
RESERVED
-CVE-2021-21552
- RESERVED
+CVE-2021-21552 (Dell Wyse Windows Embedded System versions WIE10 LTSC 2019 and earlier ...)
+ TODO: check
CVE-2021-21551 (Dell dbutil_2_3.sys driver contains an insufficient access control vul ...)
NOT-FOR-US: Dell
CVE-2021-21550 (Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralizati ...)
NOT-FOR-US: EMC
-CVE-2021-21549
- RESERVED
+CVE-2021-21549 (Dell EMC XtremIO Versions prior to 6.3.3-8, contain a Cross-Site Reque ...)
+ TODO: check
CVE-2021-21548
RESERVED
CVE-2021-21547 (Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 ...)
@@ -38561,34 +38595,34 @@ CVE-2021-1562
RESERVED
CVE-2021-1561
RESERVED
-CVE-2021-1560
- RESERVED
-CVE-2021-1559
- RESERVED
-CVE-2021-1558
- RESERVED
-CVE-2021-1557
- RESERVED
+CVE-2021-1560 (Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an ...)
+ TODO: check
+CVE-2021-1559 (Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an ...)
+ TODO: check
+CVE-2021-1558 (Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an ...)
+ TODO: check
+CVE-2021-1557 (Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an ...)
+ TODO: check
CVE-2021-1556
RESERVED
-CVE-2021-1555
- RESERVED
-CVE-2021-1554
- RESERVED
-CVE-2021-1553
- RESERVED
-CVE-2021-1552
- RESERVED
-CVE-2021-1551
- RESERVED
-CVE-2021-1550
- RESERVED
-CVE-2021-1549
- RESERVED
-CVE-2021-1548
- RESERVED
-CVE-2021-1547
- RESERVED
+CVE-2021-1555 (Multiple vulnerabilities in the web-based management interface of cert ...)
+ TODO: check
+CVE-2021-1554 (Multiple vulnerabilities in the web-based management interface of cert ...)
+ TODO: check
+CVE-2021-1553 (Multiple vulnerabilities in the web-based management interface of cert ...)
+ TODO: check
+CVE-2021-1552 (Multiple vulnerabilities in the web-based management interface of cert ...)
+ TODO: check
+CVE-2021-1551 (Multiple vulnerabilities in the web-based management interface of cert ...)
+ TODO: check
+CVE-2021-1550 (Multiple vulnerabilities in the web-based management interface of cert ...)
+ TODO: check
+CVE-2021-1549 (Multiple vulnerabilities in the web-based management interface of cert ...)
+ TODO: check
+CVE-2021-1548 (Multiple vulnerabilities in the web-based management interface of cert ...)
+ TODO: check
+CVE-2021-1547 (Multiple vulnerabilities in the web-based management interface of cert ...)
+ TODO: check
CVE-2021-1546
RESERVED
CVE-2021-1545
@@ -38619,8 +38653,8 @@ CVE-2021-1533
RESERVED
CVE-2021-1532 (A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence ...)
NOT-FOR-US: Cisco
-CVE-2021-1531
- RESERVED
+CVE-2021-1531 (A vulnerability in the web UI of Cisco Modeling Labs could allow an au ...)
+ TODO: check
CVE-2021-1530 (A vulnerability in the web-based management interface of Cisco BroadWo ...)
NOT-FOR-US: Cisco
CVE-2021-1529
@@ -38707,8 +38741,8 @@ CVE-2021-1489 (A vulnerability in filesystem usage management for Cisco Firepowe
NOT-FOR-US: Cisco
CVE-2021-1488 (A vulnerability in the upgrade process of Cisco Adaptive Security Appl ...)
NOT-FOR-US: Cisco
-CVE-2021-1487
- RESERVED
+CVE-2021-1487 (A vulnerability in the web-based management interface of Cisco Prime I ...)
+ TODO: check
CVE-2021-1486 (A vulnerability in Cisco SD-WAN vManage Software could allow an unauth ...)
NOT-FOR-US: Cisco
CVE-2021-1485 (A vulnerability in the CLI of Cisco IOS XR Software could allow an aut ...)
@@ -38971,8 +39005,8 @@ CVE-2021-1360 (Multiple vulnerabilities in the web-based management interface of
NOT-FOR-US: Cisco
CVE-2021-1359
RESERVED
-CVE-2021-1358
- RESERVED
+CVE-2021-1358 (A vulnerability in the web-based management interface of Cisco Finesse ...)
+ TODO: check
CVE-2021-1357 (Multiple vulnerabilities in Cisco Unified Communications Manager IM &a ...)
NOT-FOR-US: Cisco
CVE-2021-1356 (Multiple vulnerabilities in the web UI of Cisco IOS XE Software could ...)
@@ -39075,8 +39109,8 @@ CVE-2021-1308 (Multiple vulnerabilities exist in the Link Layer Discovery Protoc
NOT-FOR-US: Cisco
CVE-2021-1307 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
NOT-FOR-US: Cisco
-CVE-2021-1306
- RESERVED
+CVE-2021-1306 (A vulnerability in the restricted shell of Cisco Evolved Programmable ...)
+ TODO: check
CVE-2021-1305 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
NOT-FOR-US: Cisco
CVE-2021-1304 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
@@ -39179,8 +39213,8 @@ CVE-2021-1256 (A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD
NOT-FOR-US: Cisco
CVE-2021-1255 (Multiple vulnerabilities in the REST API endpoint of Cisco Data Center ...)
NOT-FOR-US: Cisco
-CVE-2021-1254
- RESERVED
+CVE-2021-1254 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
CVE-2021-1253 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
NOT-FOR-US: Cisco
CVE-2021-1252 (A vulnerability in the Excel XLM macro parsing module in Clam AntiViru ...)
@@ -443172,8 +443206,8 @@ CVE-2008-3281 (libxml2 2.6.32 and earlier does not properly detect recursion dur
{DSA-1631-1 DTSA-158-1}
- libxml2 2.6.32.dfsg-3 (medium)
- chromium-browser 5.0.375.29~r46008-1
-CVE-2008-3280
- RESERVED
+CVE-2008-3280 (It was found that various OpenID Providers (OPs) had TLS Server Certif ...)
+ TODO: check
CVE-2008-3279 (Untrusted search path vulnerability in libbrlttybba.so in brltty 3.7.2 ...)
- brltty <not-affected> (RedHat-specific)
CVE-2008-3278 (frysk packages through 2008-08-05 as shipped in Red Hat Enterprise Lin ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cef1945e00547dcaf7562eec3efee4122ece8bd7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cef1945e00547dcaf7562eec3efee4122ece8bd7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210522/8c142009/attachment.htm>
More information about the debian-security-tracker-commits
mailing list