[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Oct 7 09:10:37 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d7c60877 by security tracker role at 2021-10-07T08:10:26+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,47 @@
+CVE-2021-42060
+ RESERVED
+CVE-2021-42059
+ RESERVED
+CVE-2021-42058
+ RESERVED
+CVE-2021-42057
+ RESERVED
+CVE-2021-42056
+ RESERVED
+CVE-2021-42055
+ RESERVED
+CVE-2021-42054 (ACCEL-PPP 1.12.0 has an out-of-bounds read in triton_context_schedule ...)
+ TODO: check
+CVE-2021-42053 (The Unicorn framework through 0.35.3 for Django allows XSS via compone ...)
+ TODO: check
+CVE-2021-42052
+ RESERVED
+CVE-2021-42051
+ RESERVED
+CVE-2021-42050
+ RESERVED
+CVE-2021-42049 (An issue was discovered in the Translate extension in MediaWiki throug ...)
+ TODO: check
+CVE-2021-42048 (An issue was discovered in the Growth extension in MediaWiki through 1 ...)
+ TODO: check
+CVE-2021-42047 (An issue was discovered in the Growth extension in MediaWiki through 1 ...)
+ TODO: check
+CVE-2021-42046 (An issue was discovered in the GlobalWatchlist extension in MediaWiki ...)
+ TODO: check
+CVE-2021-42045 (An issue was discovered in SecurePoll in the Growth extension in Media ...)
+ TODO: check
+CVE-2021-42044 (An issue was discovered in the Mentor dashboard in the GrowthExperimen ...)
+ TODO: check
+CVE-2021-42043 (An issue was discovered in Special:MediaSearch in the MediaSearch exte ...)
+ TODO: check
+CVE-2021-42042 (An issue was discovered in SpecialEditGrowthConfig in the GrowthExperi ...)
+ TODO: check
+CVE-2021-42041 (An issue was discovered in CentralAuth in MediaWiki through 1.36.2. Th ...)
+ TODO: check
+CVE-2021-42040 (An issue was discovered in MediaWiki through 1.36.2. A parser function ...)
+ TODO: check
+CVE-2021-3865
+ RESERVED
CVE-2022-20011
RESERVED
CVE-2022-20010
@@ -638,8 +682,8 @@ CVE-2021-41772
RESERVED
CVE-2021-41771
RESERVED
-CVE-2021-41770
- RESERVED
+CVE-2021-41770 (Ping Identity PingFederate before 10.3.1 mishandles pre-parsing valida ...)
+ TODO: check
CVE-2021-3838
RESERVED
CVE-2021-41769
@@ -2036,8 +2080,8 @@ CVE-2021-41131
RESERVED
CVE-2021-41130
RESERVED
-CVE-2021-41129
- RESERVED
+CVE-2021-41129 (Pterodactyl is an open-source game server management panel built with ...)
+ TODO: check
CVE-2021-41128 (Hygeia is an application for collecting and processing personal and ca ...)
NOT-FOR-US: Hygeia
CVE-2021-41127
@@ -16888,8 +16932,8 @@ CVE-2021-34790
RESERVED
CVE-2021-34789
RESERVED
-CVE-2021-34788
- RESERVED
+CVE-2021-34788 (A vulnerability in the shared library loading mechanism of Cisco AnyCo ...)
+ TODO: check
CVE-2021-34787
RESERVED
CVE-2021-34786 (Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Sof ...)
@@ -16900,28 +16944,28 @@ CVE-2021-34784
RESERVED
CVE-2021-34783
RESERVED
-CVE-2021-34782
- RESERVED
+CVE-2021-34782 (A vulnerability in the API endpoints for Cisco DNA Center could allow ...)
+ TODO: check
CVE-2021-34781
RESERVED
-CVE-2021-34780
- RESERVED
-CVE-2021-34779
- RESERVED
-CVE-2021-34778
- RESERVED
-CVE-2021-34777
- RESERVED
-CVE-2021-34776
- RESERVED
-CVE-2021-34775
- RESERVED
+CVE-2021-34780 (Multiple vulnerabilities exist in the Link Layer Discovery Protocol (L ...)
+ TODO: check
+CVE-2021-34779 (Multiple vulnerabilities exist in the Link Layer Discovery Protocol (L ...)
+ TODO: check
+CVE-2021-34778 (Multiple vulnerabilities exist in the Link Layer Discovery Protocol (L ...)
+ TODO: check
+CVE-2021-34777 (Multiple vulnerabilities exist in the Link Layer Discovery Protocol (L ...)
+ TODO: check
+CVE-2021-34776 (Multiple vulnerabilities exist in the Link Layer Discovery Protocol (L ...)
+ TODO: check
+CVE-2021-34775 (Multiple vulnerabilities exist in the Link Layer Discovery Protocol (L ...)
+ TODO: check
CVE-2021-34774
RESERVED
CVE-2021-34773
RESERVED
-CVE-2021-34772
- RESERVED
+CVE-2021-34772 (A vulnerability in the web-based management interface of Cisco Orbital ...)
+ TODO: check
CVE-2021-34771 (A vulnerability in the Cisco IOS XR Software CLI could allow an authen ...)
NOT-FOR-US: Cisco
CVE-2021-34770 (A vulnerability in the Control and Provisioning of Wireless Access Poi ...)
@@ -16932,8 +16976,8 @@ CVE-2021-34768 (Multiple vulnerabilities in the Control and Provisioning of Wire
NOT-FOR-US: Cisco
CVE-2021-34767 (A vulnerability in IPv6 traffic processing of Cisco IOS XE Wireless Co ...)
NOT-FOR-US: Cisco
-CVE-2021-34766
- RESERVED
+CVE-2021-34766 (A vulnerability in the web UI of Cisco Smart Software Manager On-Prem ...)
+ TODO: check
CVE-2021-34765 (A vulnerability in the web UI for Cisco Nexus Insights could allow an ...)
NOT-FOR-US: Cisco
CVE-2021-34764
@@ -16948,10 +16992,10 @@ CVE-2021-34760
RESERVED
CVE-2021-34759 (A vulnerability in the web-based management interface of Cisco Identit ...)
NOT-FOR-US: Cisco
-CVE-2021-34758
- RESERVED
-CVE-2021-34757
- RESERVED
+CVE-2021-34758 (A vulnerability in the memory management of Cisco TelePresence Collabo ...)
+ TODO: check
+CVE-2021-34757 (Multiple vulnerabilities in Cisco Business 220 Series Smart Switches f ...)
+ TODO: check
CVE-2021-34756
RESERVED
CVE-2021-34755
@@ -16968,20 +17012,20 @@ CVE-2021-34750
RESERVED
CVE-2021-34749 (A vulnerability in Server Name Identification (SNI) request filtering ...)
NOT-FOR-US: Cisco
-CVE-2021-34748
- RESERVED
+CVE-2021-34748 (A vulnerability in the web-based management interface of Cisco Intersi ...)
+ TODO: check
CVE-2021-34747
RESERVED
CVE-2021-34746 (A vulnerability in the TACACS+ authentication, authorization and accou ...)
NOT-FOR-US: Cisco
CVE-2021-34745 (A vulnerability in the AppDynamics .NET Agent for Windows could allow ...)
NOT-FOR-US: .NET Agent for Windows
-CVE-2021-34744
- RESERVED
+CVE-2021-34744 (Multiple vulnerabilities in Cisco Business 220 Series Smart Switches f ...)
+ TODO: check
CVE-2021-34743
RESERVED
-CVE-2021-34742
- RESERVED
+CVE-2021-34742 (A vulnerability in the web-based management interface of Cisco Vision ...)
+ TODO: check
CVE-2021-34741
RESERVED
CVE-2021-34740 (A vulnerability in the WLAN Control Protocol (WCP) implementation for ...)
@@ -16994,8 +17038,8 @@ CVE-2021-34737 (A vulnerability in the DHCP version 4 (DHCPv4) server feature of
NOT-FOR-US: Cisco
CVE-2021-34736
RESERVED
-CVE-2021-34735
- RESERVED
+CVE-2021-34735 (Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone ...)
+ TODO: check
CVE-2021-34734 (A vulnerability in the Link Layer Discovery Protocol (LLDP) implementa ...)
NOT-FOR-US: Cisco
CVE-2021-34733 (A vulnerability in the CLI of Cisco Prime Infrastructure and Cisco Evo ...)
@@ -17042,34 +17086,34 @@ CVE-2021-34713 (A vulnerability in the Layer 2 punt code of Cisco IOS XR Softwar
NOT-FOR-US: Cisco
CVE-2021-34712 (A vulnerability in the web-based management interface of Cisco SD-WAN ...)
NOT-FOR-US: Cisco
-CVE-2021-34711
- RESERVED
-CVE-2021-34710
- RESERVED
+CVE-2021-34711 (A vulnerability in the debug shell of Cisco IP Phone software could al ...)
+ TODO: check
+CVE-2021-34710 (Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone ...)
+ TODO: check
CVE-2021-34709 (Multiple vulnerabilities in image verification checks of Cisco Network ...)
NOT-FOR-US: Cisco
CVE-2021-34708 (Multiple vulnerabilities in image verification checks of Cisco Network ...)
NOT-FOR-US: Cisco
CVE-2021-34707 (A vulnerability in the REST API of Cisco Evolved Programmable Network ...)
NOT-FOR-US: Cisco
-CVE-2021-34706
- RESERVED
+CVE-2021-34706 (A vulnerability in the web-based management interface of Cisco Identit ...)
+ TODO: check
CVE-2021-34705 (A vulnerability in the Voice Telephony Service Provider (VTSP) service ...)
NOT-FOR-US: Cisco
CVE-2021-34704
RESERVED
CVE-2021-34703 (A vulnerability in the Link Layer Discovery Protocol (LLDP) message pa ...)
NOT-FOR-US: Cisco
-CVE-2021-34702
- RESERVED
+CVE-2021-34702 (A vulnerability in the web-based management interface of Cisco Identit ...)
+ TODO: check
CVE-2021-34701
RESERVED
CVE-2021-34700 (A vulnerability in the CLI interface of Cisco SD-WAN vManage Software ...)
NOT-FOR-US: Cisco
CVE-2021-34699 (A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS ...)
NOT-FOR-US: Cisco
-CVE-2021-34698
- RESERVED
+CVE-2021-34698 (A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Se ...)
+ TODO: check
CVE-2021-34697 (A vulnerability in the Protection Against Distributed Denial of Servic ...)
NOT-FOR-US: Cisco
CVE-2021-34696 (A vulnerability in the access control list (ACL) programming of Cisco ...)
@@ -37478,10 +37522,10 @@ CVE-2021-3388
RESERVED
CVE-2021-3387
RESERVED
-CVE-2021-26557
- RESERVED
-CVE-2021-26556
- RESERVED
+CVE-2021-26557 (When Octopus Tentacle is installed using a custom folder location, fol ...)
+ TODO: check
+CVE-2021-26556 (When Octopus Server is installed using a custom folder location, folde ...)
+ TODO: check
CVE-2021-26555
RESERVED
CVE-2021-26554
@@ -49135,12 +49179,12 @@ CVE-2021-21686
RESERVED
CVE-2021-21685
RESERVED
-CVE-2021-21684
- RESERVED
-CVE-2021-21683
- RESERVED
-CVE-2021-21682
- RESERVED
+CVE-2021-21684 (Jenkins Git Plugin 4.8.2 and earlier does not escape the Git SHA-1 che ...)
+ TODO: check
+CVE-2021-21683 (The file browser in Jenkins 2.314 and earlier, LTS 2.303.1 and earlier ...)
+ TODO: check
+CVE-2021-21682 (Jenkins 2.314 and earlier, LTS 2.303.1 and earlier accepts names of jo ...)
+ TODO: check
CVE-2021-21681 (Jenkins Nomad Plugin 0.7.4 and earlier stores Docker passwords unencry ...)
NOT-FOR-US: Jenkins plugin
CVE-2021-21680 (Jenkins Nested View Plugin 1.20 and earlier does not configure its XML ...)
@@ -60317,8 +60361,8 @@ CVE-2021-1596 (Multiple vulnerabilities in the Link Layer Discovery Protocol (LL
NOT-FOR-US: Cisco
CVE-2021-1595 (Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) i ...)
NOT-FOR-US: Cisco
-CVE-2021-1594
- RESERVED
+CVE-2021-1594 (A vulnerability in the REST API of Cisco Identity Services Engine (ISE ...)
+ TODO: check
CVE-2021-1593 (A vulnerability in Cisco Packet Tracer for Windows could allow an auth ...)
NOT-FOR-US: Cisco
CVE-2021-1592 (A vulnerability in the way Cisco UCS Manager software handles SSH sess ...)
@@ -60437,8 +60481,8 @@ CVE-2021-1536 (A vulnerability in Cisco Webex Meetings Desktop App for Windows,
NOT-FOR-US: Cisco
CVE-2021-1535 (A vulnerability in the cluster management interface of Cisco SD-WAN vM ...)
NOT-FOR-US: Cisco
-CVE-2021-1534
- RESERVED
+CVE-2021-1534 (A vulnerability in the antispam protection mechanisms of Cisco AsyncOS ...)
+ TODO: check
CVE-2021-1533
RESERVED
CVE-2021-1532 (A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence ...)
@@ -79884,28 +79928,28 @@ CVE-2020-21660
RESERVED
CVE-2020-21659
RESERVED
-CVE-2020-21658
- RESERVED
+CVE-2020-21658 (A Cross-Site Request Forgery (CSRF) in WDJA CMS v1.5.2 allows attacker ...)
+ TODO: check
CVE-2020-21657
RESERVED
-CVE-2020-21656
- RESERVED
+CVE-2020-21656 (XYHCMS v3.6 contains a stored cross-site scripting (XSS) vulnerability ...)
+ TODO: check
CVE-2020-21655
RESERVED
-CVE-2020-21654
- RESERVED
-CVE-2020-21653
- RESERVED
-CVE-2020-21652
- RESERVED
-CVE-2020-21651
- RESERVED
-CVE-2020-21650
- RESERVED
-CVE-2020-21649
- RESERVED
-CVE-2020-21648
- RESERVED
+CVE-2020-21654 (emlog v6.0 contains a vulnerability in the component admin\template.ph ...)
+ TODO: check
+CVE-2020-21653 (Myucms v2.2.1 contains a server-side request forgery (SSRF) in the com ...)
+ TODO: check
+CVE-2020-21652 (Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in ...)
+ TODO: check
+CVE-2020-21651 (Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in ...)
+ TODO: check
+CVE-2020-21650 (Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in ...)
+ TODO: check
+CVE-2020-21649 (Myucms v2.2.1 contains a server-side request forgery (SSRF) in the com ...)
+ TODO: check
+CVE-2020-21648 (WDJA CMS v1.5.2 contains an arbitrary file deletion vulnerability in t ...)
+ TODO: check
CVE-2020-21647
RESERVED
CVE-2020-21646
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7c60877cfa9c85b2fb6293b4f409d8f8045803d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7c60877cfa9c85b2fb6293b4f409d8f8045803d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211007/5fac8806/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list