[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Oct 6 21:11:03 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
340c53bc by security tracker role at 2021-10-06T20:10:52+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,79 @@
+CVE-2022-20011
+ RESERVED
+CVE-2022-20010
+ RESERVED
+CVE-2022-20009
+ RESERVED
+CVE-2022-20008
+ RESERVED
+CVE-2022-20007
+ RESERVED
+CVE-2022-20006
+ RESERVED
+CVE-2022-20005
+ RESERVED
+CVE-2022-20004
+ RESERVED
+CVE-2022-20003
+ RESERVED
+CVE-2022-20002
+ RESERVED
+CVE-2021-42039
+ RESERVED
+CVE-2021-42038
+ RESERVED
+CVE-2021-42037
+ RESERVED
+CVE-2021-42036
+ RESERVED
+CVE-2021-42035
+ RESERVED
+CVE-2021-42034
+ RESERVED
+CVE-2021-42033
+ RESERVED
+CVE-2021-42032
+ RESERVED
+CVE-2021-42031
+ RESERVED
+CVE-2021-42030
+ RESERVED
+CVE-2021-42029
+ RESERVED
+CVE-2021-42028
+ RESERVED
+CVE-2021-42027
+ RESERVED
+CVE-2021-42026
+ RESERVED
+CVE-2021-42025
+ RESERVED
+CVE-2021-42024
+ RESERVED
+CVE-2021-42023
+ RESERVED
+CVE-2021-42022
+ RESERVED
+CVE-2021-42021
+ RESERVED
+CVE-2021-42020
+ RESERVED
+CVE-2021-42019
+ RESERVED
+CVE-2021-42018
+ RESERVED
+CVE-2021-42017
+ RESERVED
+CVE-2021-42016
+ RESERVED
+CVE-2021-42015
+ RESERVED
+CVE-2021-42014
+ RESERVED
+CVE-2021-42013
+ RESERVED
+CVE-2021-3864
+ RESERVED
CVE-2021-42012
RESERVED
CVE-2021-42011
@@ -391,8 +467,8 @@ CVE-2021-41837
RESERVED
CVE-2021-41833
RESERVED
-CVE-2021-3848
- RESERVED
+CVE-2021-3848 (An arbitrary file creation by privilege escalation vulnerability in Tr ...)
+ TODO: check
CVE-2021-3847
RESERVED
CVE-2021-3846
@@ -1961,22 +2037,22 @@ CVE-2021-41130
RESERVED
CVE-2021-41129
RESERVED
-CVE-2021-41128
- RESERVED
+CVE-2021-41128 (Hygeia is an application for collecting and processing personal and ca ...)
+ TODO: check
CVE-2021-41127
RESERVED
-CVE-2021-41126
- RESERVED
-CVE-2021-41125
- RESERVED
+CVE-2021-41126 (October is a Content Management System (CMS) and web platform built on ...)
+ TODO: check
+CVE-2021-41125 (Scrapy is a high-level web crawling and scraping framework for Python. ...)
+ TODO: check
CVE-2021-41124 (Scrapy-splash is a library which provides Scrapy and JavaScript integr ...)
NOT-FOR-US: Scrapy-splash
CVE-2021-41123 (Survey Solutions is a survey management and data collection system. In ...)
NOT-FOR-US: Survey Solutions
CVE-2021-41122 (Vyper is a Pythonic Smart Contract Language for the EVM. In affected v ...)
NOT-FOR-US: Vyper
-CVE-2021-41121
- RESERVED
+CVE-2021-41121 (Vyper is a Pythonic Smart Contract Language for the EVM. In affected v ...)
+ TODO: check
CVE-2021-41120 (sylius/paypal-plugin is a paypal plugin for the Sylius development pla ...)
NOT-FOR-US: sylius/paypal-plugin
CVE-2021-41119
@@ -6051,10 +6127,10 @@ CVE-2021-39353
RESERVED
CVE-2021-39352
RESERVED
-CVE-2021-39351
- RESERVED
-CVE-2021-39350
- RESERVED
+CVE-2021-39351 (The WP Bannerize WordPress plugin is vulnerable to authenticated SQL i ...)
+ TODO: check
+CVE-2021-39350 (The FV Flowplayer Video Player WordPress plugin is vulnerable to Refle ...)
+ TODO: check
CVE-2021-39349
RESERVED
CVE-2021-39348
@@ -7145,12 +7221,12 @@ CVE-2021-38927
RESERVED
CVE-2021-38926
RESERVED
-CVE-2021-38925
- RESERVED
+CVE-2021-38925 (IBM Sterling B2B Integrator Standard Edition 5.2.0. 0 through 6.1.1.0 ...)
+ TODO: check
CVE-2021-38924
RESERVED
-CVE-2021-38923
- RESERVED
+CVE-2021-38923 (IBM PowerVM Hypervisor FW1010 could allow a privileged user to gain ac ...)
+ TODO: check
CVE-2021-38922
RESERVED
CVE-2021-38921
@@ -8111,6 +8187,7 @@ CVE-2021-38501
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-45/#CVE-2021-38501
CVE-2021-38500
RESERVED
+ {DSA-4981-1}
- firefox 93.0-1
- firefox-esr 91.2.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/#CVE-2021-38500
@@ -8134,6 +8211,7 @@ CVE-2021-38497
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-45/#CVE-2021-38497
CVE-2021-38496
RESERVED
+ {DSA-4981-1}
- firefox 93.0-1
- firefox-esr 91.2.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/#CVE-2021-38496
@@ -13539,14 +13617,14 @@ CVE-2021-36180
RESERVED
CVE-2021-36179 (A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and ...)
NOT-FOR-US: FortiGuard
-CVE-2021-36178
- RESERVED
+CVE-2021-36178 (A insufficiently protected credentials in Fortinet FortiSDNConnector v ...)
+ TODO: check
CVE-2021-36177
RESERVED
CVE-2021-36176
RESERVED
-CVE-2021-36175
- RESERVED
+CVE-2021-36175 (An improper neutralization of input vulnerability [CWE-79] in FortiWeb ...)
+ TODO: check
CVE-2021-36174
RESERVED
CVE-2021-36173
@@ -13555,8 +13633,8 @@ CVE-2021-36172
RESERVED
CVE-2021-36171
RESERVED
-CVE-2021-36170
- RESERVED
+CVE-2021-36170 (An information disclosure vulnerability [CWE-200] in FortiAnalyzerVM a ...)
+ TODO: check
CVE-2021-36169
RESERVED
CVE-2021-36168 (A Improper Limitation of a Pathname to a Restricted Directory ('Path T ...)
@@ -19584,8 +19662,8 @@ CVE-2021-33604 (URL encoding error in development mode handler in com.vaadin:flo
NOT-FOR-US: com.vaadin:flow-server
CVE-2021-33603
RESERVED
-CVE-2021-33602
- RESERVED
+CVE-2021-33602 (A vulnerability affecting the F-Secure Antivirus engine was discovered ...)
+ TODO: check
CVE-2021-33601 (A vulnerability was discovered in the web user interface of F-Secure I ...)
NOT-FOR-US: F-Secure
CVE-2021-33600 (A denial-of-service (DoS) vulnerability was discovered in the web user ...)
@@ -29307,8 +29385,8 @@ CVE-2021-29910
RESERVED
CVE-2021-29909
RESERVED
-CVE-2021-29908
- RESERVED
+CVE-2021-29908 (The IBM TS7700 Management Interface is vulnerable to unauthenticated a ...)
+ TODO: check
CVE-2021-29907 (IBM OpenPages with Watson 8.1 and 8.2 could allow an authenticated use ...)
NOT-FOR-US: IBM
CVE-2021-29906
@@ -29317,8 +29395,8 @@ CVE-2021-29905 (IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/
NOT-FOR-US: IBM
CVE-2021-29904 (IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbu ...)
NOT-FOR-US: IBM
-CVE-2021-29903
- RESERVED
+CVE-2021-29903 (IBM Sterling B2B Integrator Standard Edition 5.2.6.0 through 6.1.1.0 i ...)
+ TODO: check
CVE-2021-29902
RESERVED
CVE-2021-29901
@@ -29413,8 +29491,8 @@ CVE-2021-29857
RESERVED
CVE-2021-29856 (IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 could allow an authenticated usre ...)
NOT-FOR-US: IBM
-CVE-2021-29855
- RESERVED
+CVE-2021-29855 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 i ...)
+ TODO: check
CVE-2021-29854
RESERVED
CVE-2021-29853 (IBM Planning Analytics 2.0 could expose information that could be used ...)
@@ -29449,10 +29527,10 @@ CVE-2021-29839
RESERVED
CVE-2021-29838
RESERVED
-CVE-2021-29837
- RESERVED
-CVE-2021-29836
- RESERVED
+CVE-2021-29837 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 i ...)
+ TODO: check
+CVE-2021-29836 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0. through 6.1.1.0 ...)
+ TODO: check
CVE-2021-29835
RESERVED
CVE-2021-29834 (IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0. ...)
@@ -29527,8 +29605,8 @@ CVE-2021-29800 (IBM Tivoli Netcool/OMNIbus_GUI and IBM Jazz for Service Manageme
NOT-FOR-US: IBM
CVE-2021-29799
RESERVED
-CVE-2021-29798
- RESERVED
+CVE-2021-29798 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.1.0 i ...)
+ TODO: check
CVE-2021-29797
RESERVED
CVE-2021-29796
@@ -29595,20 +29673,20 @@ CVE-2021-29766 (IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1,
NOT-FOR-US: IBM
CVE-2021-29765 (IBM PowerVM Hypervisor FW940 and FW950 could allow an attacker to obta ...)
NOT-FOR-US: IBM
-CVE-2021-29764
- RESERVED
+CVE-2021-29764 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 i ...)
+ TODO: check
CVE-2021-29763 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 ...)
NOT-FOR-US: IBM
CVE-2021-29762
RESERVED
-CVE-2021-29761
- RESERVED
-CVE-2021-29760
- RESERVED
+CVE-2021-29761 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 c ...)
+ TODO: check
+CVE-2021-29760 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 c ...)
+ TODO: check
CVE-2021-29759 (IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, and 1.3 ...)
NOT-FOR-US: IBM
-CVE-2021-29758
- RESERVED
+CVE-2021-29758 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 c ...)
+ TODO: check
CVE-2021-29757 (IBM QRadar User Behavior Analytics 4.1.1 is vulnerable to cross-site r ...)
NOT-FOR-US: IBM
CVE-2021-29756
@@ -32203,8 +32281,7 @@ CVE-2021-28704
RESERVED
CVE-2021-28703
RESERVED
-CVE-2021-28702 [PCI devices with RMRRs not deassigned correctly]
- RESERVED
+CVE-2021-28702 (PCI devices with RMRRs not deassigned correctly Certain PCI devices in ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
[stretch] - xen <end-of-life> (DSA 4602-1)
@@ -40232,72 +40309,72 @@ CVE-2021-25501
RESERVED
CVE-2021-25500
RESERVED
-CVE-2021-25499
- RESERVED
-CVE-2021-25498
- RESERVED
-CVE-2021-25497
- RESERVED
-CVE-2021-25496
- RESERVED
-CVE-2021-25495
- RESERVED
-CVE-2021-25494
- RESERVED
-CVE-2021-25493
- RESERVED
-CVE-2021-25492
- RESERVED
-CVE-2021-25491
- RESERVED
-CVE-2021-25490
- RESERVED
-CVE-2021-25489
- RESERVED
-CVE-2021-25488
- RESERVED
-CVE-2021-25487
- RESERVED
-CVE-2021-25486
- RESERVED
-CVE-2021-25485
- RESERVED
-CVE-2021-25484
- RESERVED
-CVE-2021-25483
- RESERVED
-CVE-2021-25482
- RESERVED
-CVE-2021-25481
- RESERVED
-CVE-2021-25480
- RESERVED
-CVE-2021-25479
- RESERVED
-CVE-2021-25478
- RESERVED
-CVE-2021-25477
- RESERVED
-CVE-2021-25476
- RESERVED
-CVE-2021-25475
- RESERVED
-CVE-2021-25474
- RESERVED
-CVE-2021-25473
- RESERVED
-CVE-2021-25472
- RESERVED
-CVE-2021-25471
- RESERVED
-CVE-2021-25470
- RESERVED
-CVE-2021-25469
- RESERVED
-CVE-2021-25468
- RESERVED
-CVE-2021-25467
- RESERVED
+CVE-2021-25499 (Intent redirection vulnerability in SamsungAccountSDKSigninActivity of ...)
+ TODO: check
+CVE-2021-25498 (A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSP ...)
+ TODO: check
+CVE-2021-25497 (A possible buffer overflow vulnerability in maetd_cpy_slice of libSPen ...)
+ TODO: check
+CVE-2021-25496 (A possible buffer overflow vulnerability in maetd_dec_slice of libSPen ...)
+ TODO: check
+CVE-2021-25495 (A possible heap buffer overflow vulnerability in libSPenBase library o ...)
+ TODO: check
+CVE-2021-25494 (A possible buffer overflow vulnerability in libSPenBase library of Sam ...)
+ TODO: check
+CVE-2021-25493 (Lack of boundary checking of a buffer in libSPenBase library of Samsun ...)
+ TODO: check
+CVE-2021-25492 (Lack of boundary checking of a buffer in libSPenBase library of Samsun ...)
+ TODO: check
+CVE-2021-25491 (A vulnerability in mfc driver prior to SMR Oct-2021 Release 1 allows m ...)
+ TODO: check
+CVE-2021-25490 (A keyblob downgrade attack in keymaster prior to SMR Oct-2021 Release ...)
+ TODO: check
+CVE-2021-25489 (Assuming radio permission is gained, missing input validation in modem ...)
+ TODO: check
+CVE-2021-25488 (Lack of boundary checking of a buffer in recv_data() of modem interfac ...)
+ TODO: check
+CVE-2021-25487 (Lack of boundary checking of a buffer in set_skb_priv() of modem inter ...)
+ TODO: check
+CVE-2021-25486 (Exposure of information vulnerability in ipcdump prior to SMR Oct-2021 ...)
+ TODO: check
+CVE-2021-25485 (Path traversal vulnerability in FactoryAirCommnadManger prior to SMR O ...)
+ TODO: check
+CVE-2021-25484 (Improper authentication in InputManagerService prior to SMR Oct-2021 R ...)
+ TODO: check
+CVE-2021-25483 (Lack of boundary checking of a buffer in livfivextractor library prior ...)
+ TODO: check
+CVE-2021-25482 (SQL injection vulnerabilities in CMFA framework prior to SMR Oct-2021 ...)
+ TODO: check
+CVE-2021-25481 (An improper error handling in Exynos CP booting driver prior to SMR Oc ...)
+ TODO: check
+CVE-2021-25480 (A lack of replay attack protection in GUTI REALLOCATION COMMAND messag ...)
+ TODO: check
+CVE-2021-25479 (A possible heap-based buffer overflow vulnerability in Exynos CP Chips ...)
+ TODO: check
+CVE-2021-25478 (A possible stack-based buffer overflow vulnerability in Exynos CP Chip ...)
+ TODO: check
+CVE-2021-25477 (An improper error handling in Mediatek RRC Protocol stack prior to SMR ...)
+ TODO: check
+CVE-2021-25476 (An information disclosure vulnerability in Widevine TA log prior to SM ...)
+ TODO: check
+CVE-2021-25475 (A possible heap-based buffer overflow vulnerability in DSP kernel driv ...)
+ TODO: check
+CVE-2021-25474 (Assuming a shell privilege is gained, an improper exception handling f ...)
+ TODO: check
+CVE-2021-25473 (Assuming a shell privilege is gained, an improper exception handling f ...)
+ TODO: check
+CVE-2021-25472 (An improper access control vulnerability in BluetoothSettingsProvider ...)
+ TODO: check
+CVE-2021-25471 (A lack of replay attack protection in Security Mode Command process pr ...)
+ TODO: check
+CVE-2021-25470 (An improper caller check logic of SMC call in TEEGRIS secure OS prior ...)
+ TODO: check
+CVE-2021-25469 (A possible stack-based buffer overflow vulnerability in Widevine trust ...)
+ TODO: check
+CVE-2021-25468 (A possible guessing and confirming a byte memory vulnerability in Wide ...)
+ TODO: check
+CVE-2021-25467 (Assuming system privilege is gained, possible buffer overflow vulnerab ...)
+ TODO: check
CVE-2021-25466 (Improper scheme check vulnerability in Samsung Internet prior to versi ...)
NOT-FOR-US: Samsung
CVE-2021-25465 (An improper scheme check vulnerability in Samsung Themes prior to vers ...)
@@ -43454,12 +43531,12 @@ CVE-2021-24023 (An improper input validation in FortiAI v1.4.0 and earlier may a
NOT-FOR-US: FortiAI (FortiGuard)
CVE-2021-24022 (A buffer overflow vulnerability in FortiAnalyzer CLI 6.4.5 and below, ...)
NOT-FOR-US: Fortiguard
-CVE-2021-24021
- RESERVED
+CVE-2021-24021 (An improper neutralization of input vulnerability [CWE-79] in FortiAna ...)
+ TODO: check
CVE-2021-24020 (A missing cryptographic step in the implementation of the hash digest ...)
NOT-FOR-US: Fortiguard
-CVE-2021-24019
- RESERVED
+CVE-2021-24019 (An insufficient session expiration vulnerability [CWE- 613] in FortiCl ...)
+ TODO: check
CVE-2021-24018 (A buffer underwrite vulnerability in the firmware verification routine ...)
NOT-FOR-US: FortiOS
CVE-2021-24017 (An improper authentication in Fortinet FortiManager version 6.4.3 and ...)
@@ -53986,8 +54063,7 @@ CVE-2021-20266 (A flaw was found in RPM's hdrblobInit() in lib/header.c. This fl
CVE-2021-20265 (A flaw was found in the way memory resources were freed in the unix_st ...)
- linux 4.4.4-1
NOTE: https://git.kernel.org/linus/fa0dc04df259ba2df3ce1920e9690c7842f8fa4b (4.5-rc3)
-CVE-2021-20264
- RESERVED
+CVE-2021-20264 (An insecure modification flaw in the /etc/passwd file was found in the ...)
NOT-FOR-US: Container configuration of some Red Hat products
CVE-2021-20263 (A flaw was found in the virtio-fs shared file system daemon (virtiofsd ...)
- qemu 1:5.2+dfsg-9 (bug #985083)
@@ -62840,52 +62916,38 @@ CVE-2021-0697
RESERVED
CVE-2021-0696
RESERVED
-CVE-2021-0695
- RESERVED
+CVE-2021-0695 (In get_sock_stat of xt_qtaguid.c, there is a possible out of bounds re ...)
- linux <not-affected> (Android-specific xt_qtaguid code)
NOTE: https://source.android.com/security/bulletin/2021-09-01
CVE-2021-0694
RESERVED
-CVE-2021-0693
- RESERVED
+CVE-2021-0693 (In openFile of HeapDumpProvider.java, there is a possible way to retri ...)
NOT-FOR-US: Android
-CVE-2021-0692
- RESERVED
+CVE-2021-0692 (In sendBroadcastToInstaller of FirstScreenBroadcast.java, there is a p ...)
NOT-FOR-US: Android
-CVE-2021-0691
- RESERVED
+CVE-2021-0691 (In the SELinux policy configured in system_app.te, there is a possible ...)
NOT-FOR-US: Android
-CVE-2021-0690
- RESERVED
+CVE-2021-0690 (In ih264d_mark_err_slice_skip of ih264d_parse_pslice.c, there is a pos ...)
NOT-FOR-US: Android media framework
-CVE-2021-0689
- RESERVED
+CVE-2021-0689 (In RGB_to_BGR1_portable of SkSwizzler_opts.h, there is a possible out ...)
NOT-FOR-US: Android media framework
-CVE-2021-0688
- RESERVED
-CVE-2021-0687
- RESERVED
+CVE-2021-0688 (In lockNow of PhoneWindowManager.java, there is a possible lock screen ...)
+ TODO: check
+CVE-2021-0687 (In ellipsize of Layout.java, there is a possible ANR due to improper i ...)
NOT-FOR-US: Android
-CVE-2021-0686
- RESERVED
+CVE-2021-0686 (In getDefaultSmsPackage of RoleManagerService.java, there is a possibl ...)
NOT-FOR-US: Android
-CVE-2021-0685
- RESERVED
+CVE-2021-0685 (In ParsedIntentInfo of ParsedIntentInfo.java, there is a possible parc ...)
NOT-FOR-US: Android
-CVE-2021-0684
- RESERVED
+CVE-2021-0684 (In TouchInputMapper::sync of TouchInputMapper.cpp, there is a possible ...)
NOT-FOR-US: Android
-CVE-2021-0683
- RESERVED
+CVE-2021-0683 (In runTraceIpcStop of ActivityManagerShellCommand.java, there is a pos ...)
NOT-FOR-US: Android
-CVE-2021-0682
- RESERVED
+CVE-2021-0682 (In sendAccessibilityEvent of NotificationManagerService.java, there is ...)
NOT-FOR-US: Android
-CVE-2021-0681
- RESERVED
+CVE-2021-0681 (In system properties, there is a possible information disclosure due t ...)
NOT-FOR-US: MediaTek components for Android
-CVE-2021-0680
- RESERVED
+CVE-2021-0680 (In system properties, there is a possible information disclosure due t ...)
NOT-FOR-US: MediaTek components for Android
CVE-2021-0679
RESERVED
@@ -62957,8 +63019,7 @@ CVE-2021-0646 (In sqlite3_str_vappendf of sqlite3.c, there is a possible out of
NOT-FOR-US: Android
CVE-2021-0645 (In shouldBlockFromTree of ExternalStorageProvider.java, there is a pos ...)
NOT-FOR-US: Android
-CVE-2021-0644
- RESERVED
+CVE-2021-0644 (In conditionallyRemoveIdentifiers of SubscriptionController.java, ther ...)
NOT-FOR-US: Android
CVE-2021-0643
RESERVED
@@ -62974,11 +63035,9 @@ CVE-2021-0638
RESERVED
CVE-2021-0637
RESERVED
-CVE-2021-0636
- RESERVED
+CVE-2021-0636 (When extracting the incorrectly formatted avi file, the memory is dama ...)
NOT-FOR-US: UniSoc components for Android
-CVE-2021-0635
- RESERVED
+CVE-2021-0635 (When extracting the incorrectly formatted flv file, the memory is dama ...)
NOT-FOR-US: UniSoc components for Android
CVE-2021-0634
RESERVED
@@ -63056,15 +63115,13 @@ CVE-2021-0600 (In onCreate of DeviceAdminAdd.java, there is a possible way to mi
NOT-FOR-US: Android
CVE-2021-0599 (In scheduleTimeoutLocked of NotificationRecord.java, there is a possib ...)
NOT-FOR-US: Android
-CVE-2021-0598
- RESERVED
+CVE-2021-0598 (In onCreate of ConfirmConnectActivity.java, there is a possible pairin ...)
NOT-FOR-US: Android
CVE-2021-0597 (In notifyProfileAdded and notifyProfileRemoved of SipService.java, the ...)
NOT-FOR-US: Android
CVE-2021-0596 (In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possibl ...)
NOT-FOR-US: Android
-CVE-2021-0595
- RESERVED
+CVE-2021-0595 (In lockAllProfileTasks of RootWindowContainer.java, there is a possibl ...)
NOT-FOR-US: Android
CVE-2021-0594 (In onCreate of ConfirmConnectActivity, there is a possible remote bypa ...)
NOT-FOR-US: Android
@@ -85373,8 +85430,8 @@ CVE-2020-19005 (zrlog v2.1.0 has a vulnerability with the permission check. If a
NOT-FOR-US: zrlog
CVE-2020-19004
RESERVED
-CVE-2020-19003
- RESERVED
+CVE-2020-19003 (An issue in Gate One 1.2.0 allows attackers to bypass to the verificat ...)
+ TODO: check
CVE-2020-19002 (Cross Site Scripting (XSS) in Mezzanine v4.3.1 allows remote attackers ...)
NOT-FOR-US: Mezzanine CMS
CVE-2020-19001 (Command Injection in Simiki v1.6.2.1 and prior allows remote attackers ...)
@@ -92060,8 +92117,8 @@ CVE-2020-15943 (An issue was discovered in the Gantt-Chart module before 5.5.4 f
NOT-FOR-US: Gantt-Chart module for Jira
CVE-2020-15942 (An information disclosure vulnerability in Web Vulnerability Scan prof ...)
NOT-FOR-US: Fortinet
-CVE-2020-15941
- RESERVED
+CVE-2020-15941 (A path traversal vulnerability [CWE-22] in FortiClientEMS versions 6.4 ...)
+ TODO: check
CVE-2020-15940
RESERVED
CVE-2020-15939 (An improper access control vulnerability (CWE-284) in FortiSandbox ver ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/340c53bcecb4f3e38ca811a1dbbc2cb76ceffa64
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/340c53bcecb4f3e38ca811a1dbbc2cb76ceffa64
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211006/8d232d03/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list