[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Nov 18 20:10:31 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
23dabdde by security tracker role at 2021-11-18T20:10:22+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,47 @@
+CVE-2021-44018
+ RESERVED
+CVE-2021-44017
+ RESERVED
+CVE-2021-44016
+ RESERVED
+CVE-2021-44015
+ RESERVED
+CVE-2021-44014
+ RESERVED
+CVE-2021-44013
+ RESERVED
+CVE-2021-44012
+ RESERVED
+CVE-2021-44011
+ RESERVED
+CVE-2021-44010
+ RESERVED
+CVE-2021-44009
+ RESERVED
+CVE-2021-44008
+ RESERVED
+CVE-2021-44007
+ RESERVED
+CVE-2021-44006
+ RESERVED
+CVE-2021-44005
+ RESERVED
+CVE-2021-44004
+ RESERVED
+CVE-2021-44003
+ RESERVED
+CVE-2021-44002
+ RESERVED
+CVE-2021-44001
+ RESERVED
+CVE-2021-44000
+ RESERVED
+CVE-2021-43999
+ RESERVED
+CVE-2021-3976
+ RESERVED
+CVE-2021-3975
+ RESERVED
CVE-2021-XXXX [XSS issue in handling attachment filename extension in mimetype mismatch warning]
- roundcube 1.5.0+dfsg.1-1 (bug #1000156)
NOTE: https://github.com/roundcube/roundcubemail/issues/8193
@@ -1725,12 +1769,12 @@ CVE-2021-43671
RESERVED
CVE-2021-43670
RESERVED
-CVE-2021-43669
- RESERVED
-CVE-2021-43668
- RESERVED
-CVE-2021-43667
- RESERVED
+CVE-2021-43669 (A vulnerability has been detected in HyperLedger Fabric v1.4.0, v2.0.0 ...)
+ TODO: check
+CVE-2021-43668 (Go-Ethereum 1.10.9 nodes crash (denial of service) after receiving a s ...)
+ TODO: check
+CVE-2021-43667 (A vulnerability has been detected in HyperLedger Fabric v1.4.0, v2.0.0 ...)
+ TODO: check
CVE-2021-43666
RESERVED
CVE-2021-43665
@@ -2064,8 +2108,8 @@ CVE-2021-43551 (A remote attacker with write access to PI Vision could inject co
NOT-FOR-US: OSIsoft
CVE-2021-43550
RESERVED
-CVE-2021-43549
- RESERVED
+CVE-2021-43549 (A remote authenticated attacker with write access to a PI Server could ...)
+ TODO: check
CVE-2021-43548
RESERVED
CVE-2021-43547
@@ -4325,8 +4369,8 @@ CVE-2021-43019
RESERVED
CVE-2021-43018
RESERVED
-CVE-2021-43017
- RESERVED
+CVE-2021-43017 (Adobe Creative Cloud version 5.5 (and earlier) are affected by an Appl ...)
+ TODO: check
CVE-2021-43016
RESERVED
CVE-2021-43015
@@ -5424,10 +5468,10 @@ CVE-2021-42527
RESERVED
CVE-2021-42526
RESERVED
-CVE-2021-42525
- RESERVED
-CVE-2021-42524
- RESERVED
+CVE-2021-42525 (Acrobat Animate versions 21.0.9 (and earlier)is affected by an out-of- ...)
+ TODO: check
+CVE-2021-42524 (Adobe Animate version 21.0.9 (and earlier) are affected by an out-of-b ...)
+ TODO: check
CVE-2021-3891
RESERVED
CVE-2021-3890
@@ -7243,20 +7287,20 @@ CVE-2021-42274 (Windows Hyper-V Discrete Device Assignment (DDA) Denial of Servi
NOT-FOR-US: Microsoft
CVE-2021-42273
RESERVED
-CVE-2021-42272
- RESERVED
-CVE-2021-42271
- RESERVED
-CVE-2021-42270
- RESERVED
-CVE-2021-42269
- RESERVED
-CVE-2021-42268
- RESERVED
-CVE-2021-42267
- RESERVED
-CVE-2021-42266
- RESERVED
+CVE-2021-42272 (Adobe Animate version 21.0.9 (and earlier) are affected by an out-of-b ...)
+ TODO: check
+CVE-2021-42271 (Adobe Animate version 21.0.9 (and earlier) are affected by an out-of-b ...)
+ TODO: check
+CVE-2021-42270 (Adobe Animate version 21.0.9 (and earlier) are affected by an out-of-b ...)
+ TODO: check
+CVE-2021-42269 (Adobe Animate version 21.0.9 (and earlier) are affected by a use-after ...)
+ TODO: check
+CVE-2021-42268 (Adobe Animate version 21.0.9 (and earlier) is affected by a Null point ...)
+ TODO: check
+CVE-2021-42267 (Adobe Animate version 21.0.9 (and earlier) is affected by a memory cor ...)
+ TODO: check
+CVE-2021-42266 (Adobe Animate version 21.0.9 (and earlier) is affected by a memory cor ...)
+ TODO: check
CVE-2021-42265
RESERVED
CVE-2021-42264
@@ -10828,28 +10872,28 @@ CVE-2021-40763
RESERVED
CVE-2021-40762
RESERVED
-CVE-2021-40761
- RESERVED
-CVE-2021-40760
- RESERVED
-CVE-2021-40759
- RESERVED
-CVE-2021-40758
- RESERVED
-CVE-2021-40757
- RESERVED
-CVE-2021-40756
- RESERVED
-CVE-2021-40755
- RESERVED
-CVE-2021-40754
- RESERVED
-CVE-2021-40753
- RESERVED
-CVE-2021-40752
- RESERVED
-CVE-2021-40751
- RESERVED
+CVE-2021-40761 (Adobe After Effects version 18.4.1 (and earlier) is affected by a Null ...)
+ TODO: check
+CVE-2021-40760 (Adobe After Effects version 18.4.1 (and earlier) is affected by a memo ...)
+ TODO: check
+CVE-2021-40759 (Adobe After Effects version 18.4.1 (and earlier) is affected by a memo ...)
+ TODO: check
+CVE-2021-40758 (Adobe After Effects version 18.4.1 (and earlier) is affected by a memo ...)
+ TODO: check
+CVE-2021-40757 (Adobe After Effects version 18.4.1 (and earlier) is affected by a memo ...)
+ TODO: check
+CVE-2021-40756 (Adobe After Effects version 18.4.1 (and earlier) is affected by a Null ...)
+ TODO: check
+CVE-2021-40755 (Adobe After Effects version 18.4.1 (and earlier) is affected by a memo ...)
+ TODO: check
+CVE-2021-40754 (Adobe After Effects version 18.4.1 (and earlier) is affected by a memo ...)
+ TODO: check
+CVE-2021-40753 (Adobe After Effects version 18.4.1 (and earlier) is affected by a memo ...)
+ TODO: check
+CVE-2021-40752 (Adobe After Effects version 18.4 (and earlier) is affected by a memory ...)
+ TODO: check
+CVE-2021-40751 (Adobe After Effects version 18.4 (and earlier) is affected by a memory ...)
+ TODO: check
CVE-2021-40750
RESERVED
CVE-2021-40749
@@ -10884,8 +10928,8 @@ CVE-2021-40735
RESERVED
CVE-2021-40734
RESERVED
-CVE-2021-40733
- RESERVED
+CVE-2021-40733 (Adobe Animate version 21.0.9 (and earlier) is affected by a memory cor ...)
+ TODO: check
CVE-2021-40732 (XMP Toolkit version 2020.1 (and earlier) is affected by a null pointer ...)
NOT-FOR-US: Adobe
CVE-2021-40731 (Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.200 ...)
@@ -12803,8 +12847,8 @@ CVE-2021-39930
RESERVED
CVE-2021-39929
RESERVED
-CVE-2021-39928
- RESERVED
+CVE-2021-39928 (NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 ...)
+ TODO: check
CVE-2021-39927
RESERVED
CVE-2021-39926
@@ -12819,8 +12863,8 @@ CVE-2021-39922
RESERVED
CVE-2021-39921
RESERVED
-CVE-2021-39920
- RESERVED
+CVE-2021-39920 (NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3 ...)
+ TODO: check
CVE-2021-39919
RESERVED
CVE-2021-39918
@@ -17725,10 +17769,10 @@ CVE-2021-37941
RESERVED
CVE-2021-37940
RESERVED
-CVE-2021-37939
- RESERVED
-CVE-2021-37938
- RESERVED
+CVE-2021-37939 (It was discovered that Kibana’s JIRA connector & IBM Resilie ...)
+ TODO: check
+CVE-2021-37938 (It was discovered that on Windows operating systems specifically, Kiba ...)
+ TODO: check
CVE-2021-37937
RESERVED
CVE-2021-37936
@@ -20103,10 +20147,10 @@ CVE-2021-36911
RESERVED
CVE-2021-36910
RESERVED
-CVE-2021-36909
- RESERVED
-CVE-2021-36908
- RESERVED
+CVE-2021-36909 (Authenticated Database Reset vulnerability in WordPress WP Reset PRO P ...)
+ TODO: check
+CVE-2021-36908 (Cross-Site Request Forgery (CSRF) vulnerability leading to Database Re ...)
+ TODO: check
CVE-2021-36907
RESERVED
CVE-2021-36906
@@ -23353,10 +23397,10 @@ CVE-2021-35537 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
- mysql-8.0 <unfixed>
CVE-2021-35536 (Vulnerability in the Oracle Deal Management product of Oracle E-Busine ...)
NOT-FOR-US: Oracle
-CVE-2021-35535
- RESERVED
-CVE-2021-35534
- RESERVED
+CVE-2021-35535 (Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/ ...)
+ TODO: check
+CVE-2021-35534 (Insufficient security control vulnerability in internal database acces ...)
+ TODO: check
CVE-2021-35533
RESERVED
CVE-2021-35532
@@ -44589,14 +44633,14 @@ CVE-2021-27028 (A Memory Corruption Vulnerability in Autodesk FBX Review version
NOT-FOR-US: Autodesk
CVE-2021-27027 (An Out-Of-Bounds Read Vulnerability in Autodesk FBX Review version 1.5 ...)
NOT-FOR-US: Autodesk
-CVE-2021-27026
- RESERVED
-CVE-2021-27025
- RESERVED
-CVE-2021-27024
- RESERVED
-CVE-2021-27023
- RESERVED
+CVE-2021-27026 (A flaw was divered in Puppet Enterprise and other Puppet products wher ...)
+ TODO: check
+CVE-2021-27025 (A flaw was discovered in Puppet Agent where the agent may silently ign ...)
+ TODO: check
+CVE-2021-27024 (A flaw was discovered in Continuous Delivery for Puppet Enterprise (CD ...)
+ TODO: check
+CVE-2021-27023 (A flaw was discovered in Puppet Agent and Puppet Server that may resul ...)
+ TODO: check
CVE-2021-27022 (A flaw was discovered in bolt-server and ace where running a task with ...)
- puppet <not-affected> (Only affects Puppet Enterprise)
NOTE: https://puppet.com/security/cve/CVE-2021-27022/
@@ -46933,22 +46977,22 @@ CVE-2021-23204 (Exposure of Sensitive Information to an Unauthorized Actor vulne
NOT-FOR-US: Gallagher Command Centre Server
CVE-2021-23199
RESERVED
-CVE-2021-23197
- RESERVED
-CVE-2021-23193
- RESERVED
+CVE-2021-23197 (Unquoted service path vulnerability in the Gallagher Controller Servic ...)
+ TODO: check
+CVE-2021-23193 (Improper privilege validation vulnerability in COM Interface of Gallag ...)
+ TODO: check
CVE-2021-23185
RESERVED
CVE-2021-23182 (Cleartext Storage of Sensitive Information in Memory vulnerability in ...)
NOT-FOR-US: Gallagher Command Centre Server
-CVE-2021-23167
- RESERVED
-CVE-2021-23162
- RESERVED
-CVE-2021-23155
- RESERVED
-CVE-2021-23146
- RESERVED
+CVE-2021-23167 (Improper certificate validation vulnerability in SMTP Client allows ma ...)
+ TODO: check
+CVE-2021-23162 (Improper validation of the cloud certificate chain in Mobile Connect a ...)
+ TODO: check
+CVE-2021-23155 (Improper validation of the cloud certificate chain in Mobile Client al ...)
+ TODO: check
+CVE-2021-23146 (An Incomplete Comparison with Missing Factors vulnerability in the Gal ...)
+ TODO: check
CVE-2021-23140 (Improper Authorization vulnerability in Gallagher Command Centre Serve ...)
NOT-FOR-US: Gallagher Command Centre Server
CVE-2021-23136 (Improper Authorization vulnerability in Gallagher Command Centre Serve ...)
@@ -71382,25 +71426,24 @@ CVE-2021-0674
RESERVED
CVE-2021-0673
RESERVED
-CVE-2021-0672
- RESERVED
+CVE-2021-0672 (In Browser app, there is a possible information disclosure due to a mi ...)
NOT-FOR-US: MediaTek components for Android
-CVE-2021-0671
- RESERVED
-CVE-2021-0670
- RESERVED
-CVE-2021-0669
- RESERVED
-CVE-2021-0668
- RESERVED
-CVE-2021-0667
- RESERVED
-CVE-2021-0666
- RESERVED
-CVE-2021-0665
- RESERVED
-CVE-2021-0664
- RESERVED
+CVE-2021-0671 (In apusys, there is a possible memory corruption due to a missing boun ...)
+ TODO: check
+CVE-2021-0670 (In apusys, there is a possible memory corruption due to a use after fr ...)
+ TODO: check
+CVE-2021-0669 (In apusys, there is a possible memory corruption due to a use after fr ...)
+ TODO: check
+CVE-2021-0668 (In apusys, there is a possible memory corruption due to incorrect erro ...)
+ TODO: check
+CVE-2021-0667 (In apusys, there is a possible memory corruption due to a use after fr ...)
+ TODO: check
+CVE-2021-0666 (In apusys, there is a possible out of bounds read due to an incorrect ...)
+ TODO: check
+CVE-2021-0665 (In apusys, there is a possible out of bounds read due to an incorrect ...)
+ TODO: check
+CVE-2021-0664 (In ccu, there is a possible memory corruption due to a use after free. ...)
+ TODO: check
CVE-2021-0663 (In audio DSP, there is a possible out of bounds write due to an incorr ...)
NOT-FOR-US: Mediatek
CVE-2021-0662 (In audio DSP, there is a possible out of bounds write due to an incorr ...)
@@ -71409,16 +71452,16 @@ CVE-2021-0661 (In audio DSP, there is a possible out of bounds write due to an i
NOT-FOR-US: Mediatek
CVE-2021-0660 (In ccu, there is a possible out of bounds read due to incorrect error ...)
NOT-FOR-US: Mediatek
-CVE-2021-0659
- RESERVED
-CVE-2021-0658
- RESERVED
-CVE-2021-0657
- RESERVED
-CVE-2021-0656
- RESERVED
-CVE-2021-0655
- RESERVED
+CVE-2021-0659 (In apusys, there is a possible out of bounds read due to an incorrect ...)
+ TODO: check
+CVE-2021-0658 (In apusys, there is a possible out of bounds write due to a missing bo ...)
+ TODO: check
+CVE-2021-0657 (In apusys, there is a possible out of bounds write due to a stack-base ...)
+ TODO: check
+CVE-2021-0656 (In edma driver, there is a possible memory corruption due to a use aft ...)
+ TODO: check
+CVE-2021-0655 (In mdlactl driver, there is a possible memory corruption due to an inc ...)
+ TODO: check
CVE-2021-0654 (In isRealSnapshot of TaskThumbnailView.java, there is possible data ex ...)
NOT-FOR-US: Android
CVE-2021-0653
@@ -71472,8 +71515,8 @@ CVE-2021-0631 (In wifi driver, there is a possible system crash due to a missing
NOT-FOR-US: Mediatek
CVE-2021-0630 (In wifi driver, there is a possible system crash due to a missing boun ...)
NOT-FOR-US: Mediatek
-CVE-2021-0629
- RESERVED
+CVE-2021-0629 (In mdlactl driver, there is a possible memory corruption due to a use ...)
+ TODO: check
CVE-2021-0628 (In OMA DRM, there is a possible memory corruption due to improper inpu ...)
NOT-FOR-US: Mediatek
CVE-2021-0627 (In OMA DRM, there is a possible memory corruption due to an integer ov ...)
@@ -71482,18 +71525,18 @@ CVE-2021-0626 (In ged, there is a possible out of bounds write due to a missing
NOT-FOR-US: Mediatek
CVE-2021-0625 (In ccu, there is a possible memory corruption due to improper locking. ...)
NOT-FOR-US: Mediatek
-CVE-2021-0624
- RESERVED
-CVE-2021-0623
- RESERVED
-CVE-2021-0622
- RESERVED
-CVE-2021-0621
- RESERVED
-CVE-2021-0620
- RESERVED
-CVE-2021-0619
- RESERVED
+CVE-2021-0624 (In flv extractor, there is a possible out of bounds read due to a heap ...)
+ TODO: check
+CVE-2021-0623 (In asf extractor, there is a possible out of bounds read due to an int ...)
+ TODO: check
+CVE-2021-0622 (In asf extractor, there is a possible out of bounds read due to a heap ...)
+ TODO: check
+CVE-2021-0621 (In asf extractor, there is a possible out of bounds read due to an int ...)
+ TODO: check
+CVE-2021-0620 (In asf extractor, there is a possible out of bounds read due to a heap ...)
+ TODO: check
+CVE-2021-0619 (In ape extractor, there is a possible out of bounds read due to a miss ...)
+ TODO: check
CVE-2021-0618 (In ape extractor, there is a possible out of bounds read due to a heap ...)
NOT-FOR-US: Mediatek
CVE-2021-0617 (In ape extractor, there is a possible out of bounds read due to a heap ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23dabdde440c3ff36ed3bc6ab8cc780c8ded887a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23dabdde440c3ff36ed3bc6ab8cc780c8ded887a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211118/1c9311d4/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list