[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Nov 17 20:10:29 GMT 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fefb409b by security tracker role at 2021-11-17T20:10:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,89 @@
+CVE-2021-43995
+	RESERVED
+CVE-2021-43994
+	RESERVED
+CVE-2021-43993
+	RESERVED
+CVE-2021-43992
+	RESERVED
+CVE-2021-43991
+	RESERVED
+CVE-2021-43990
+	RESERVED
+CVE-2021-43989
+	RESERVED
+CVE-2021-43988
+	RESERVED
+CVE-2021-43987
+	RESERVED
+CVE-2021-43986
+	RESERVED
+CVE-2021-43985
+	RESERVED
+CVE-2021-43984
+	RESERVED
+CVE-2021-43983
+	RESERVED
+CVE-2021-43982
+	RESERVED
+CVE-2021-43981
+	RESERVED
+CVE-2021-43980
+	RESERVED
+CVE-2021-43979 (** DISPUTED ** Styra Open Policy Agent (OPA) Gatekeeper through 3.7.0  ...)
+	TODO: check
+CVE-2021-43978
+	RESERVED
+CVE-2021-43977 (SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows X ...)
+	TODO: check
+CVE-2021-43976 (In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wi ...)
+	TODO: check
+CVE-2021-43975 (In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in driver ...)
+	TODO: check
+CVE-2021-43974
+	RESERVED
+CVE-2021-43973
+	RESERVED
+CVE-2021-43972
+	RESERVED
+CVE-2021-43971
+	RESERVED
+CVE-2021-43970
+	RESERVED
+CVE-2021-43969
+	RESERVED
+CVE-2021-43968
+	RESERVED
+CVE-2021-43967
+	RESERVED
+CVE-2021-43966
+	RESERVED
+CVE-2021-43965
+	RESERVED
+CVE-2021-43964
+	RESERVED
+CVE-2021-43963
+	RESERVED
+CVE-2021-43962
+	RESERVED
+CVE-2021-43961
+	RESERVED
+CVE-2021-43960
+	RESERVED
+CVE-2021-3974
+	RESERVED
+CVE-2021-3973
+	RESERVED
+CVE-2021-3972
+	RESERVED
+CVE-2021-3971
+	RESERVED
+CVE-2021-3970
+	RESERVED
+CVE-2021-3969
+	RESERVED
+CVE-2021-3968
+	RESERVED
 CVE-2022-21741
 	RESERVED
 CVE-2022-21740
@@ -1953,12 +2039,12 @@ CVE-2021-43555
 	RESERVED
 CVE-2021-43554
 	RESERVED
-CVE-2021-43553
-	RESERVED
+CVE-2021-43553 (PI Vision could disclose information to a user with insufficient privi ...)
+	TODO: check
 CVE-2021-43552
 	RESERVED
-CVE-2021-43551
-	RESERVED
+CVE-2021-43551 (A remote attacker with write access to PI Vision could inject code int ...)
+	TODO: check
 CVE-2021-43550
 	RESERVED
 CVE-2021-43549
@@ -2433,7 +2519,8 @@ CVE-2021-43340
 	RESERVED
 CVE-2021-43339 (In Ericsson Network Location before 2021-07-31, it is possible for an  ...)
 	NOT-FOR-US: Ericsson
-CVE-2021-43338 (In Ericsson Network Location MPS GMPC21, it is possible to creates a n ...)
+CVE-2021-43338
+	REJECTED
 	NOT-FOR-US: Ericsson
 CVE-2021-43337 (SchedMD Slurm 21.08.* before 21.08.4 has Incorrect Access Control. On  ...)
 	- slurm-wlm <not-affected> (Affects only 21.08 series; vulnerable code introduced later)
@@ -4357,12 +4444,12 @@ CVE-2021-42958
 	RESERVED
 CVE-2021-42957
 	RESERVED
-CVE-2021-42956
-	RESERVED
-CVE-2021-42955
-	RESERVED
-CVE-2021-42954
-	RESERVED
+CVE-2021-42956 (Zoho Remote Access Plus Server Windows Desktop Binary fixed in 10.1.21 ...)
+	TODO: check
+CVE-2021-42955 (Zoho Remote Access Plus Server Windows Desktop binary fixed in version ...)
+	TODO: check
+CVE-2021-42954 (Zoho Remote Access Plus Server Windows Desktop Binary fixed from 10.1. ...)
+	TODO: check
 CVE-2021-42953
 	RESERVED
 CVE-2021-42952
@@ -6715,12 +6802,12 @@ CVE-2021-42364
 	RESERVED
 CVE-2021-42363
 	RESERVED
-CVE-2021-42362
-	RESERVED
-CVE-2021-42361
-	RESERVED
-CVE-2021-42360
-	RESERVED
+CVE-2021-42362 (The WordPress Popular Posts WordPress plugin is vulnerable to arbitrar ...)
+	TODO: check
+CVE-2021-42361 (The Contact Form Email WordPress plugin is vulnerable to Stored Cross- ...)
+	TODO: check
+CVE-2021-42360 (On sites that also had the Elementor plugin for WordPress installed, i ...)
+	TODO: check
 CVE-2021-42359 (WP DSGVO Tools (GDPR) <= 3.1.23 had an AJAX action, ‘admin-di ...)
 	NOT-FOR-US: WP DSGVO Tools (GDPR)
 CVE-2021-42358
@@ -7201,8 +7288,8 @@ CVE-2021-42252 (An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/a
 	NOTE: https://git.kernel.org/linus/b49a0e69a7b1a68c8d3f64097d06dabb770fec96 (5.15-rc1)
 CVE-2021-42251
 	RESERVED
-CVE-2021-42250
-	RESERVED
+CVE-2021-42250 (Improper output neutralization for Logs. A specific Apache Superset HT ...)
+	TODO: check
 CVE-2021-42249
 	RESERVED
 CVE-2021-42248
@@ -7972,8 +8059,8 @@ CVE-2021-41933
 	RESERVED
 CVE-2021-41932
 	RESERVED
-CVE-2021-41931
-	RESERVED
+CVE-2021-41931 (The Company's Recruitment Management System in id=2 of the parameter f ...)
+	TODO: check
 CVE-2021-41930
 	RESERVED
 CVE-2021-41929
@@ -10753,8 +10840,8 @@ CVE-2021-40747
 	RESERVED
 CVE-2021-40746
 	RESERVED
-CVE-2021-40745
-	RESERVED
+CVE-2021-40745 (Adobe Campaign version 21.2.1 (and earlier) is affected by a Path Trav ...)
+	TODO: check
 CVE-2021-40744
 	RESERVED
 CVE-2021-40743
@@ -15031,8 +15118,8 @@ CVE-2021-38961
 	RESERVED
 CVE-2021-38960
 	RESERVED
-CVE-2021-38959
-	RESERVED
+CVE-2021-38959 (IBM SPSS Statistics for Windows 24.0, 25.0, 26.0, 27.0, 27.0.1, and 28 ...)
+	TODO: check
 CVE-2021-38958
 	RESERVED
 CVE-2021-38957
@@ -23260,8 +23347,8 @@ CVE-2021-35530
 	RESERVED
 CVE-2021-35529 (Insufficiently Protected Credentials vulnerability in client environme ...)
 	NOT-FOR-US: Hitachi
-CVE-2021-35528
-	RESERVED
+CVE-2021-35528 (Improper Access Control vulnerability in the application authenticatio ...)
+	TODO: check
 CVE-2021-35527 (Password autocomplete vulnerability in the web application password fi ...)
 	NOT-FOR-US: Hitachi ABB Power Grids eSOMS
 CVE-2021-35526 (Backup file without encryption vulnerability is found in Hitachi ABB P ...)
@@ -28832,19 +28919,16 @@ CVE-2020-36365 (Smartstore (aka SmartStoreNET) before 4.1.0 allows CommonControl
 	NOT-FOR-US: Smartstore (aka SmartStoreNET)
 CVE-2020-36364 (An issue was discovered in Smartstore (aka SmartStoreNET) before 4.1.0 ...)
 	NOT-FOR-US: Smartstore (aka SmartStoreNET)
-CVE-2021-33481 [stack-based buffer overflow in try_to_divide_boxes() in pgm2asc.c]
-	RESERVED
+CVE-2021-33481 (A stack-based buffer overflow vulnerability was discovered in gocr thr ...)
 	- gocr <unfixed> (unimportant)
 	NOTE: https://sourceforge.net/p/jocr/bugs/42/
 	NOTE: Crash in CLI tool, no security impact
-CVE-2021-33480 [use-after-free in context_correction() in pgm2asc.c]
-	RESERVED
+CVE-2021-33480 (An use-after-free vulnerability was discovered in gocr through 0.53-20 ...)
 	- gocr <unfixed> (unimportant)
 	NOTE: https://sourceforge.net/p/jocr/bugs/40/
 	NOTE: https://sourceforge.net/p/jocr/bugs/41/
 	NOTE: Crash in CLI tool, no security impact
-CVE-2021-33479 [stack-based buffer overflow in measure_pitch() in pgm2asc.c]
-	RESERVED
+CVE-2021-33479 (A stack-based buffer overflow vulnerability was discovered in gocr thr ...)
 	- gocr <unfixed> (unimportant)
 	NOTE: https://sourceforge.net/p/jocr/bugs/39/
 	NOTE: Crash in CLI tool, no security impact
@@ -29005,8 +29089,7 @@ CVE-2021-33120
 	RESERVED
 CVE-2021-33119
 	RESERVED
-CVE-2021-33118
-	RESERVED
+CVE-2021-33118 (Improper access control in the software installer for the Intel(R) Ser ...)
 	NOT-FOR-US: Intel
 CVE-2021-33117
 	RESERVED
@@ -29030,8 +29113,7 @@ CVE-2021-33108
 	RESERVED
 CVE-2021-33107
 	RESERVED
-CVE-2021-33106
-	RESERVED
+CVE-2021-33106 (Integer overflow in the Safestring library maintained by Intel(R) may  ...)
 	NOT-FOR-US: Intel
 CVE-2021-33105
 	RESERVED
@@ -29052,40 +29134,29 @@ CVE-2021-33098
 	RESERVED
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00555.html
 	TODO: check, might affect src:linux
-CVE-2021-33097
-	RESERVED
+CVE-2021-33097 (Time-of-check time-of-use vulnerability in the Crypto API Toolkit for  ...)
 	NOT-FOR-US: Intel
 CVE-2021-33096
 	RESERVED
-CVE-2021-33095
-	RESERVED
+CVE-2021-33095 (Unquoted search path in the installer for the Intel(R) NUC M15 Laptop  ...)
 	NOT-FOR-US: Intel
-CVE-2021-33094
-	RESERVED
+CVE-2021-33094 (Insecure inherited permissions in the installer for the Intel(R) NUC M ...)
 	NOT-FOR-US: Intel
-CVE-2021-33093
-	RESERVED
+CVE-2021-33093 (Insecure inherited permissions in the installer for the Intel(R) NUC M ...)
 	NOT-FOR-US: Intel
-CVE-2021-33092
-	RESERVED
+CVE-2021-33092 (Incorrect default permissions in the installer for the Intel(R) NUC M1 ...)
 	NOT-FOR-US: Intel
-CVE-2021-33091
-	RESERVED
+CVE-2021-33091 (Insecure inherited permissions in the installer for the Intel(R) NUC M ...)
 	NOT-FOR-US: Intel
-CVE-2021-33090
-	RESERVED
+CVE-2021-33090 (Incorrect default permissionsin the software installer for the Intel(R ...)
 	NOT-FOR-US: Intel
-CVE-2021-33089
-	RESERVED
+CVE-2021-33089 (Improper access control in the software installer for the Intel(R) NUC ...)
 	NOT-FOR-US: Intel
-CVE-2021-33088
-	RESERVED
+CVE-2021-33088 (Incorrect default permissions in the installer for the Intel(R) NUC M1 ...)
 	NOT-FOR-US: Intel
-CVE-2021-33087
-	RESERVED
+CVE-2021-33087 (Improper authentication in the installer for the Intel(R) NUC M15 Lapt ...)
 	NOT-FOR-US: Intel
-CVE-2021-33086
-	RESERVED
+CVE-2021-33086 (Out-of-bounds write in firmware for some Intel(R) NUCs may allow an au ...)
 	NOT-FOR-US: Intel
 CVE-2021-33085
 	RESERVED
@@ -29116,8 +29187,7 @@ CVE-2021-33073
 	NOT-FOR-US: Intel
 CVE-2021-33072
 	RESERVED
-CVE-2021-33071
-	RESERVED
+CVE-2021-33071 (Incorrect default permissions in the installer for the Intel(R) oneAPI ...)
 	NOT-FOR-US: Intel
 CVE-2021-33070
 	RESERVED
@@ -30352,8 +30422,8 @@ CVE-2021-32602 (An improper neutralization of input during web page generation v
 	NOT-FOR-US: FortiGuard
 CVE-2021-32601
 	RESERVED
-CVE-2021-32600
-	RESERVED
+CVE-2021-32600 (An exposure of sensitive information to an unauthorized actor vulnerab ...)
+	TODO: check
 CVE-2021-32599
 	RESERVED
 CVE-2021-32598 (An improper neutralization of CRLF sequences in HTTP headers ('HTTP Re ...)
@@ -31251,8 +31321,8 @@ CVE-2021-32236
 	RESERVED
 CVE-2021-32235
 	RESERVED
-CVE-2021-32234
-	RESERVED
+CVE-2021-32234 (SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows r ...)
+	TODO: check
 CVE-2021-32233 (SmarterTools SmarterMail before Build 7776 allows XSS. ...)
 	NOT-FOR-US: SmarterTools SmarterMail
 CVE-2021-32232
@@ -37654,10 +37724,10 @@ CVE-2021-29863
 	RESERVED
 CVE-2021-29862 (IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user ...)
 	NOT-FOR-US: IBM
-CVE-2021-29861
-	RESERVED
-CVE-2021-29860
-	RESERVED
+CVE-2021-29861 (IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user ...)
+	TODO: check
+CVE-2021-29860 (IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user ...)
+	TODO: check
 CVE-2021-29859
 	RESERVED
 CVE-2021-29858
@@ -50045,26 +50115,26 @@ CVE-2021-24858
 	RESERVED
 CVE-2021-24857
 	RESERVED
-CVE-2021-24856
-	RESERVED
+CVE-2021-24856 (The Shared Files WordPress plugin before 1.6.61 does not sanitise and  ...)
+	TODO: check
 CVE-2021-24855
 	RESERVED
-CVE-2021-24854
-	RESERVED
-CVE-2021-24853
-	RESERVED
-CVE-2021-24852
-	RESERVED
-CVE-2021-24851
-	RESERVED
-CVE-2021-24850
-	RESERVED
+CVE-2021-24854 (The QR Redirector WordPress plugin before 1.6.1 does not sanitise and  ...)
+	TODO: check
+CVE-2021-24853 (The QR Redirector WordPress plugin before 1.6 does not have capability ...)
+	TODO: check
+CVE-2021-24852 (The MouseWheel Smooth Scroll WordPress plugin before 5.7 does not have ...)
+	TODO: check
+CVE-2021-24851 (The Insert Pages WordPress plugin before 3.7.0 allows users with a rol ...)
+	TODO: check
+CVE-2021-24850 (The Insert Pages WordPress plugin before 3.7.0 adds a shortcode that p ...)
+	TODO: check
 CVE-2021-24849
 	RESERVED
 CVE-2021-24848
 	RESERVED
-CVE-2021-24847
-	RESERVED
+CVE-2021-24847 (The importFromRedirection AJAX action of the SEO Redirection Plugin &# ...)
+	TODO: check
 CVE-2021-24846
 	RESERVED
 CVE-2021-24845
@@ -50075,8 +50145,8 @@ CVE-2021-24843
 	RESERVED
 CVE-2021-24842
 	RESERVED
-CVE-2021-24841
-	RESERVED
+CVE-2021-24841 (The Helpful WordPress plugin before 4.4.59 does not sanitise and escap ...)
+	TODO: check
 CVE-2021-24840 (The Squaretype WordPress theme before 3.0.4 allows unauthenticated use ...)
 	NOT-FOR-US: WordPress theme
 CVE-2021-24839
@@ -50089,10 +50159,10 @@ CVE-2021-24836
 	RESERVED
 CVE-2021-24835 (The WCFM – Frontend Manager for WooCommerce along with Bookings  ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2021-24834
-	RESERVED
-CVE-2021-24833
-	RESERVED
+CVE-2021-24834 (The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cro ...)
+	TODO: check
+CVE-2021-24833 (The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cro ...)
+	TODO: check
 CVE-2021-24832 (The WP SEO Redirect 301 WordPress plugin before 2.3.2 does not have CS ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24831
@@ -50127,8 +50197,8 @@ CVE-2021-24817
 	RESERVED
 CVE-2021-24816 (The Phoenix Media Rename WordPress plugin before 3.4.4 does not have c ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2021-24815
-	RESERVED
+CVE-2021-24815 (The Accept Donations with PayPal WordPress plugin before 1.3.2 does no ...)
+	TODO: check
 CVE-2021-24814
 	RESERVED
 CVE-2021-24813 (The Events Made Easy WordPress plugin before 2.2.24 does not sanitise  ...)
@@ -50149,12 +50219,12 @@ CVE-2021-24806 (The wpDiscuz WordPress plugin before 7.3.4 does check for CSRF w
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24805
 	RESERVED
-CVE-2021-24804
-	RESERVED
+CVE-2021-24804 (The Simple JWT Login WordPress plugin before 3.2.1 does not have nonce ...)
+	TODO: check
 CVE-2021-24803
 	RESERVED
-CVE-2021-24802
-	RESERVED
+CVE-2021-24802 (The Colorful Categories WordPress plugin before 2.0.15 does not enforc ...)
+	TODO: check
 CVE-2021-24801 (The WP Survey Plus WordPress plugin through 1.0 does not have any auth ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24800
@@ -50165,8 +50235,8 @@ CVE-2021-24798 (The WP Header Images WordPress plugin before 2.0.1 does not sani
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24797
 	RESERVED
-CVE-2021-24796
-	RESERVED
+CVE-2021-24796 (The My Tickets WordPress plugin before 1.8.31 does not properly saniti ...)
+	TODO: check
 CVE-2021-24795
 	RESERVED
 CVE-2021-24794 (The Connections Business Directory WordPress plugin before 10.4.3 does ...)
@@ -50183,8 +50253,8 @@ CVE-2021-24789 (The Flat Preloader WordPress plugin before 1.5.5 does not escape
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24788 (The Batch Cat WordPress plugin through 0.3 defines 3 custom AJAX actio ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2021-24787
-	RESERVED
+CVE-2021-24787 (The Client Invoicing by Sprout Invoices WordPress plugin before 19.9.7 ...)
+	TODO: check
 CVE-2021-24786
 	RESERVED
 CVE-2021-24785 (The Great Quotes WordPress plugin through 1.0.0 does not sanitise and  ...)
@@ -50205,16 +50275,16 @@ CVE-2021-24778
 	RESERVED
 CVE-2021-24777
 	RESERVED
-CVE-2021-24776
-	RESERVED
+CVE-2021-24776 (The WP Performance Score Booster WordPress plugin before 2.1 does not  ...)
+	TODO: check
 CVE-2021-24775
 	RESERVED
 CVE-2021-24774 (The Check & Log Email WordPress plugin before 1.0.3 does not valid ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24773 (The WordPress Download Manager WordPress plugin before 3.2.16 does not ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2021-24772
-	RESERVED
+CVE-2021-24772 (The Stream WordPress plugin before 3.8.2 does not sanitise and validat ...)
+	TODO: check
 CVE-2021-24771
 	RESERVED
 CVE-2021-24770 (The Stylish Price List WordPress plugin before 6.9.1 does not perform  ...)
@@ -50241,8 +50311,8 @@ CVE-2021-24760 (The Gutenberg PDF Viewer Block WordPress plugin before 1.0.1 doe
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24759
 	RESERVED
-CVE-2021-24758
-	RESERVED
+CVE-2021-24758 (The Email Log WordPress plugin before 2.4.7 does not properly validate ...)
+	TODO: check
 CVE-2021-24757 (The Stylish Price List WordPress plugin before 6.9.0 does not perform  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24756
@@ -50561,8 +50631,8 @@ CVE-2021-24600 (The WP Dialog WordPress plugin through 1.2.5.5 does not sanitise
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24599 (The Email Encoder – Protect Email Addresses WordPress plugin bef ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2021-24598
-	RESERVED
+CVE-2021-24598 (The Testimonial WordPress plugin before 1.6.0 does not escape some tes ...)
+	TODO: check
 CVE-2021-24597 (The You Shang WordPress plugin through 1.0.1 does not escape its qrcod ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24596 (The youForms for WordPress plugin through 1.0.5 does not sanitise esca ...)
@@ -50727,7 +50797,7 @@ CVE-2021-24517 (The Stop Spammers Security | Block Spam Users, Comments, Forms W
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24516 (The PlanSo Forms WordPress plugin through 2.6.3 does not escape the ti ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2021-24515 (The Video Gallery – Vimeo and YouTube Gallery WordPress plugin t ...)
+CVE-2021-24515 (The Video Gallery WordPress plugin before 1.1.5 does not escape the Ti ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24514 (The Visual Form Builder WordPress plugin before 3.0.4 does not sanitis ...)
 	NOT-FOR-US: WordPress plugin
@@ -74131,11 +74201,9 @@ CVE-2021-0160 (Uncontrolled search path in some Intel(R) NUC Pro Chassis Element
 	NOT-FOR-US: Intel
 CVE-2021-0159
 	RESERVED
-CVE-2021-0158
-	RESERVED
+CVE-2021-0158 (Improper input validation in the BIOS firmware for some Intel(R) Proce ...)
 	NOT-FOR-US: Intel
-CVE-2021-0157
-	RESERVED
+CVE-2021-0157 (Insufficient control flow management in the BIOS firmware for some Int ...)
 	NOT-FOR-US: Intel
 CVE-2021-0156
 	RESERVED
@@ -74218,11 +74286,9 @@ CVE-2021-0123
 	RESERVED
 CVE-2021-0122
 	RESERVED
-CVE-2021-0121
-	RESERVED
+CVE-2021-0121 (Improper access control in the installer for some Intel(R) Iris(R) Xe  ...)
 	NOT-FOR-US: Intel
-CVE-2021-0120
-	RESERVED
+CVE-2021-0120 (Improper initialization in the installer for some Intel(R) Graphics DC ...)
 	NOT-FOR-US: Intel
 CVE-2021-0119
 	RESERVED
@@ -74271,8 +74337,7 @@ CVE-2021-0098 (Improper access control in the Intel Unite(R) Client for Windows
 	NOT-FOR-US: Intel
 CVE-2021-0097 (Path traversal in the BMC firmware for Intel(R) Server Board M10JNP2SB ...)
 	NOT-FOR-US: Intel
-CVE-2021-0096
-	RESERVED
+CVE-2021-0096 (Improper authentication in the software installer for the Intel(R) NUC ...)
 	NOT-FOR-US: Intel
 CVE-2021-0095 (Improper initialization in the firmware for some Intel(R) Processors m ...)
 	NOT-FOR-US: Intel
@@ -231536,6 +231601,7 @@ CVE-2018-8034 (The host name verification when using TLS with the WebSocket clie
 CVE-2018-8033 (In Apache OFBiz 16.11.01 to 16.11.04, the OFBiz HTTP engine (org.apach ...)
 	NOT-FOR-US: Apache OFBiz
 CVE-2018-8032 (Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site  ...)
+	{DLA-2821-1}
 	- axis 1.4-28 (bug #905328)
 	[jessie] - axis <no-dsa> (Minor issue)
 	NOTE: https://issues.apache.org/jira/browse/AXIS-2924



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fefb409b8eed2374b9e6db26b2c6368904859626

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fefb409b8eed2374b9e6db26b2c6368904859626
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211117/5f4eb43a/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list