[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Nov 18 08:10:19 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9288e545 by security tracker role at 2021-11-18T08:10:10+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2021-43998
+ RESERVED
+CVE-2021-43997 (Amazon FreeRTOS 10.2.0 through 10.4.5 on the ARMv7-M and ARMv8-M MPU p ...)
+ TODO: check
+CVE-2021-43996 (The Ignition component before 1.16.15, and 2.0.x before 2.0.6, for Lar ...)
+ TODO: check
CVE-2021-43995
RESERVED
CVE-2021-43994
@@ -9580,16 +9586,16 @@ CVE-2021-41279
RESERVED
CVE-2021-41278
RESERVED
-CVE-2021-41277
- RESERVED
+CVE-2021-41277 (Metabase is an open source data analytics platform. In affected versio ...)
+ TODO: check
CVE-2021-41276
RESERVED
-CVE-2021-41275
- RESERVED
-CVE-2021-41274
- RESERVED
-CVE-2021-41273
- RESERVED
+CVE-2021-41275 (spree_auth_devise is an open source library which provides authenticat ...)
+ TODO: check
+CVE-2021-41274 (solidus_auth_devise provides authentication services for the Solidus w ...)
+ TODO: check
+CVE-2021-41273 (Pterodactyl is an open-source game server management panel built with ...)
+ TODO: check
CVE-2021-41272
RESERVED
CVE-2021-41271 (Discourse is a platform for community discussion. In affected versions ...)
@@ -9765,8 +9771,8 @@ CVE-2021-41192
RESERVED
CVE-2021-41191 (Roblox-Purchasing-Hub is an open source Roblox product purchasing hub. ...)
NOT-FOR-US: Roblox-Purchasing-Hub
-CVE-2021-41190
- RESERVED
+CVE-2021-41190 (The OCI Distribution Spec project defines an API protocol to facilitat ...)
+ TODO: check
CVE-2021-41189 (DSpace is an open source turnkey repository application. In version 7. ...)
NOT-FOR-US: DSpace
CVE-2021-41188 (Shopware is open source e-commerce software. Versions prior to 5.7.6 c ...)
@@ -9822,10 +9828,10 @@ CVE-2021-41167 (modern-async is an open source JavaScript tooling library for as
NOT-FOR-US: modern-async
CVE-2021-41166
RESERVED
-CVE-2021-41165
- RESERVED
-CVE-2021-41164
- RESERVED
+CVE-2021-41165 (CKEditor4 is an open source WYSIWYG HTML editor. In affected version a ...)
+ TODO: check
+CVE-2021-41164 (CKEditor4 is an open source WYSIWYG HTML editor. In affected versions ...)
+ TODO: check
CVE-2021-41163 (Discourse is an open source platform for community discussion. In affe ...)
NOT-FOR-US: Discourse
CVE-2021-41162
@@ -29132,8 +29138,7 @@ CVE-2021-33100
RESERVED
CVE-2021-33099
RESERVED
-CVE-2021-33098
- RESERVED
+CVE-2021-33098 (Improper input validation in the Intel(R) Ethernet ixgbe driver for Li ...)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00555.html
TODO: check, might affect src:linux
CVE-2021-33097 (Time-of-check time-of-use vulnerability in the Crypto API Toolkit for ...)
@@ -29184,8 +29189,7 @@ CVE-2021-33075
RESERVED
CVE-2021-33074
RESERVED
-CVE-2021-33073
- RESERVED
+CVE-2021-33073 (Uncontrolled resource consumption in the Intel(R) Distribution of Open ...)
NOT-FOR-US: Intel
CVE-2021-33072
RESERVED
@@ -29205,21 +29209,17 @@ CVE-2021-33065
RESERVED
CVE-2021-33064
RESERVED
-CVE-2021-33063
- RESERVED
+CVE-2021-33063 (Uncontrolled search path in the Intel(R) RealSense(TM) D400 Series UWP ...)
NOT-FOR-US: Intel
-CVE-2021-33062
- RESERVED
+CVE-2021-33062 (Incorrect default permissions in the software installer for the Intel( ...)
NOT-FOR-US: Intel
CVE-2021-33061
RESERVED
CVE-2021-33060
RESERVED
-CVE-2021-33059
- RESERVED
+CVE-2021-33059 (Improper input validation in the Intel(R) Administrative Tools for Int ...)
NOT-FOR-US: Intel
-CVE-2021-33058
- RESERVED
+CVE-2021-33058 (Improper access control in the installer Intel(R)Administrative Tools ...)
NOT-FOR-US: Intel
CVE-2021-33057
RESERVED
@@ -74119,14 +74119,14 @@ CVE-2020-27677
RESERVED
CVE-2020-27676
RESERVED
-CVE-2021-0200
- RESERVED
-CVE-2021-0199
- RESERVED
-CVE-2021-0198
- RESERVED
-CVE-2021-0197
- RESERVED
+CVE-2021-0200 (Out-of-bounds write in the firmware for Intel(R) Ethernet 700 Series C ...)
+ TODO: check
+CVE-2021-0199 (Improper input validation in the firmware for the Intel(R) Ethernet Ne ...)
+ TODO: check
+CVE-2021-0198 (Improper access control in the firmware for the Intel(R) Ethernet Netw ...)
+ TODO: check
+CVE-2021-0197 (Protection mechanism failure in the firmware for the Intel(R) Ethernet ...)
+ TODO: check
CVE-2021-0196 (Improper access control in kernel mode driver for some Intel(R) NUC 9 ...)
NOT-FOR-US: Intel
CVE-2021-0195
@@ -74147,20 +74147,20 @@ CVE-2021-0188
RESERVED
CVE-2021-0187
RESERVED
-CVE-2021-0186
- RESERVED
+CVE-2021-0186 (Improper input validation in the Intel(R) SGX SDK applications compile ...)
+ TODO: check
CVE-2021-0185
RESERVED
CVE-2021-0184
RESERVED
CVE-2021-0183
RESERVED
-CVE-2021-0182
- RESERVED
+CVE-2021-0182 (Uncontrolled resource consumption in the Intel(R) HAXM software before ...)
+ TODO: check
CVE-2021-0181
RESERVED
-CVE-2021-0180
- RESERVED
+CVE-2021-0180 (Uncontrolled resource consumption in the Intel(R) HAXM software before ...)
+ TODO: check
CVE-2021-0179
RESERVED
CVE-2021-0178
@@ -74215,23 +74215,19 @@ CVE-2021-0154
RESERVED
CVE-2021-0153
RESERVED
-CVE-2021-0152
- RESERVED
+CVE-2021-0152 (Improper verification of cryptographic signature in the installer for ...)
NOT-FOR-US: Intel
-CVE-2021-0151
- RESERVED
+CVE-2021-0151 (Improper access control in the installer for some Intel(R) Wireless Bl ...)
NOT-FOR-US: Intel
CVE-2021-0150
RESERVED
CVE-2021-0149
RESERVED
-CVE-2021-0148
- RESERVED
+CVE-2021-0148 (Insertion of information into log file in firmware for some Intel(R) S ...)
NOT-FOR-US: Intel
CVE-2021-0147
RESERVED
-CVE-2021-0146
- RESERVED
+CVE-2021-0146 (Hardware allows activation of test or debug logic at runtime for some ...)
NOT-FOR-US: Intel
CVE-2021-0145
RESERVED
@@ -74253,8 +74249,7 @@ CVE-2021-0137
RESERVED
CVE-2021-0136
RESERVED
-CVE-2021-0135
- RESERVED
+CVE-2021-0135 (Improper input validation in the Intel(R) Ethernet Diagnostic Driver f ...)
NOT-FOR-US: Intel
CVE-2021-0134 (Improper input validation in an API for the Intel(R) Security Library ...)
NOT-FOR-US: Intel
@@ -74310,8 +74305,7 @@ CVE-2021-0112 (Unquoted service path in the Intel Unite(R) Client for Windows be
NOT-FOR-US: Intel
CVE-2021-0111
RESERVED
-CVE-2021-0110
- RESERVED
+CVE-2021-0110 (Improper access control in some Intel(R) Thunderbolt(TM) Windows DCH D ...)
NOT-FOR-US: Intel
CVE-2021-0109 (Insecure inherited permissions for the Intel(R) SOC driver package for ...)
NOT-FOR-US: Intel
@@ -74374,25 +74368,21 @@ CVE-2021-0084 (Improper input validation in the Intel(R) Ethernet Controllers X7
NOT-FOR-US: Intel
CVE-2021-0083 (Improper input validation in some Intel(R) Optane(TM) PMem versions be ...)
NOT-FOR-US: Intel
-CVE-2021-0082
- RESERVED
+CVE-2021-0082 (Uncontrolled search path in software installer for Intel(R) PROSet/Wir ...)
NOT-FOR-US: Intel
CVE-2021-0081
RESERVED
CVE-2021-0080
RESERVED
-CVE-2021-0079
- RESERVED
+CVE-2021-0079 (Improper input validation in software for some Intel(R) PROSet/Wireles ...)
NOT-FOR-US: Intel
-CVE-2021-0078
- RESERVED
+CVE-2021-0078 (Improper input validation in software for some Intel(R) PROSet/Wireles ...)
NOT-FOR-US: Intel
CVE-2021-0077 (Insecure inherited permissions in the installer for the Intel(R) VTune ...)
NOT-FOR-US: Intel
CVE-2021-0076
RESERVED
-CVE-2021-0075
- RESERVED
+CVE-2021-0075 (Out-of-bounds write in firmware for some Intel(R) PROSet/Wireless WiFi ...)
NOT-FOR-US: Intel
CVE-2021-0074 (Improper permissions in the installer for the Intel(R) Computing Impro ...)
NOT-FOR-US: Intel
@@ -74400,13 +74390,11 @@ CVE-2021-0073 (Insufficient control flow management in Intel(R) DSA before versi
NOT-FOR-US: Intel
CVE-2021-0072
RESERVED
-CVE-2021-0071
- RESERVED
+CVE-2021-0071 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
NOT-FOR-US: Intel
CVE-2021-0070 (Improper input validation in the BMC firmware for Intel(R) Server Boar ...)
NOT-FOR-US: Intel
-CVE-2021-0069
- RESERVED
+CVE-2021-0069 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
NOT-FOR-US: Intel
CVE-2021-0068
RESERVED
@@ -74414,14 +74402,11 @@ CVE-2021-0067 ( Improper access control in system firmware for some Int
NOT-FOR-US: Intel
CVE-2021-0066
RESERVED
-CVE-2021-0065
- RESERVED
+CVE-2021-0065 (Incorrect default permissions in the Intel(R) PROSet/Wireless WiFi sof ...)
NOT-FOR-US: Intel
-CVE-2021-0064
- RESERVED
+CVE-2021-0064 (Insecure inherited permissions in the Intel(R) PROSet/Wireless WiFi so ...)
NOT-FOR-US: Intel
-CVE-2021-0063
- RESERVED
+CVE-2021-0063 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
NOT-FOR-US: Intel
CVE-2021-0062 (Improper input validation in some Intel(R) Graphics Drivers before ver ...)
NOT-FOR-US: Intel drivers for Windows
@@ -74441,8 +74426,7 @@ CVE-2021-0055 (Insecure inherited permissions for some Intel(R) NUC 9 Extreme La
NOT-FOR-US: Intel
CVE-2021-0054 (Improper buffer restrictions in system firmware for some Intel(R) NUCs ...)
NOT-FOR-US: Intel
-CVE-2021-0053
- RESERVED
+CVE-2021-0053 (Improper initialization in firmware for some Intel(R) PROSet/Wireless ...)
NOT-FOR-US: Intel
CVE-2021-0052 (Incorrect default privileges in the Intel(R) Computing Improvement Pro ...)
NOT-FOR-US: Intel
@@ -74522,8 +74506,7 @@ CVE-2021-0015
RESERVED
CVE-2021-0014
RESERVED
-CVE-2021-0013
- RESERVED
+CVE-2021-0013 (Improper input validation for Intel(R) EMA before version 1.5.0 may al ...)
NOT-FOR-US: Intel
CVE-2021-0012 (Use after free in some Intel(R) Graphics Driver before version 27.20.1 ...)
NOT-FOR-US: Intel drivers for Windows
@@ -106349,7 +106332,7 @@ CVE-2020-13911 (Your Online Shop 1.8.0 allows authenticated users to trigger XSS
NOT-FOR-US: Your Online Shop
CVE-2020-13910 (Pengutronix Barebox through v2020.05.0 has an out-of-bounds read in nf ...)
NOT-FOR-US: Pengutronix Barebox
-CVE-2020-13909 (The Ignition page before 2.0.5 for Laravel mishandles globals, _get, _ ...)
+CVE-2020-13909 (The Ignition component before 2.0.5 for Laravel mishandles globals, _g ...)
NOT-FOR-US: Laravel
CVE-2020-13908
RESERVED
@@ -121201,8 +121184,7 @@ CVE-2020-8743 (Improper permissions in the installer for the Intel(R) Mailbox In
NOT-FOR-US: Intel
CVE-2020-8742 (Improper input validation in the firmware for Intel(R) NUCs may allow ...)
NOT-FOR-US: Intel
-CVE-2020-8741
- RESERVED
+CVE-2020-8741 (Improper permissions in the installer for the Intel(R) Thunderbolt(TM) ...)
NOT-FOR-US: Intel
CVE-2020-8740 (Out of bounds write in Intel BIOS platform sample code for some Intel( ...)
NOT-FOR-US: Intel
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9288e545da89c3d11c54dfface631c564f2cc313
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9288e545da89c3d11c54dfface631c564f2cc313
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211118/1cc4bc48/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list