[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Sep 7 09:10:43 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
769e712f by security tracker role at 2021-09-07T08:10:28+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,305 @@
+CVE-2021-40681
+	RESERVED
+CVE-2021-40680
+	RESERVED
+CVE-2021-40679
+	RESERVED
+CVE-2021-40678
+	RESERVED
+CVE-2021-40677
+	RESERVED
+CVE-2021-40676
+	RESERVED
+CVE-2021-40675
+	RESERVED
+CVE-2021-40674
+	RESERVED
+CVE-2021-40673
+	RESERVED
+CVE-2021-40672
+	RESERVED
+CVE-2021-40671
+	RESERVED
+CVE-2021-40670
+	RESERVED
+CVE-2021-40669
+	RESERVED
+CVE-2021-40668
+	RESERVED
+CVE-2021-40667
+	RESERVED
+CVE-2021-40666
+	RESERVED
+CVE-2021-40665
+	RESERVED
+CVE-2021-40664
+	RESERVED
+CVE-2021-40663
+	RESERVED
+CVE-2021-40662
+	RESERVED
+CVE-2021-40661
+	RESERVED
+CVE-2021-40660
+	RESERVED
+CVE-2021-40659
+	RESERVED
+CVE-2021-40658
+	RESERVED
+CVE-2021-40657
+	RESERVED
+CVE-2021-40656
+	RESERVED
+CVE-2021-40655
+	RESERVED
+CVE-2021-40654
+	RESERVED
+CVE-2021-40653
+	RESERVED
+CVE-2021-40652
+	RESERVED
+CVE-2021-40651
+	RESERVED
+CVE-2021-40650
+	RESERVED
+CVE-2021-40649
+	RESERVED
+CVE-2021-40648
+	RESERVED
+CVE-2021-40647
+	RESERVED
+CVE-2021-40646
+	RESERVED
+CVE-2021-40645
+	RESERVED
+CVE-2021-40644
+	RESERVED
+CVE-2021-40643
+	RESERVED
+CVE-2021-40642
+	RESERVED
+CVE-2021-40641
+	RESERVED
+CVE-2021-40640
+	RESERVED
+CVE-2021-40639
+	RESERVED
+CVE-2021-40638
+	RESERVED
+CVE-2021-40637
+	RESERVED
+CVE-2021-40636
+	RESERVED
+CVE-2021-40635
+	RESERVED
+CVE-2021-40634
+	RESERVED
+CVE-2021-40633
+	RESERVED
+CVE-2021-40632
+	RESERVED
+CVE-2021-40631
+	RESERVED
+CVE-2021-40630
+	RESERVED
+CVE-2021-40629
+	RESERVED
+CVE-2021-40628
+	RESERVED
+CVE-2021-40627
+	RESERVED
+CVE-2021-40626
+	RESERVED
+CVE-2021-40625
+	RESERVED
+CVE-2021-40624
+	RESERVED
+CVE-2021-40623
+	RESERVED
+CVE-2021-40622
+	RESERVED
+CVE-2021-40621
+	RESERVED
+CVE-2021-40620
+	RESERVED
+CVE-2021-40619
+	RESERVED
+CVE-2021-40618
+	RESERVED
+CVE-2021-40617
+	RESERVED
+CVE-2021-40616
+	RESERVED
+CVE-2021-40615
+	RESERVED
+CVE-2021-40614
+	RESERVED
+CVE-2021-40613
+	RESERVED
+CVE-2021-40612
+	RESERVED
+CVE-2021-40611
+	RESERVED
+CVE-2021-40610
+	RESERVED
+CVE-2021-40609
+	RESERVED
+CVE-2021-40608
+	RESERVED
+CVE-2021-40607
+	RESERVED
+CVE-2021-40606
+	RESERVED
+CVE-2021-40605
+	RESERVED
+CVE-2021-40604
+	RESERVED
+CVE-2021-40603
+	RESERVED
+CVE-2021-40602
+	RESERVED
+CVE-2021-40601
+	RESERVED
+CVE-2021-40600
+	RESERVED
+CVE-2021-40599
+	RESERVED
+CVE-2021-40598
+	RESERVED
+CVE-2021-40597
+	RESERVED
+CVE-2021-40596
+	RESERVED
+CVE-2021-40595
+	RESERVED
+CVE-2021-40594
+	RESERVED
+CVE-2021-40593
+	RESERVED
+CVE-2021-40592
+	RESERVED
+CVE-2021-40591
+	RESERVED
+CVE-2021-40590
+	RESERVED
+CVE-2021-40589
+	RESERVED
+CVE-2021-40588
+	RESERVED
+CVE-2021-40587
+	RESERVED
+CVE-2021-40586
+	RESERVED
+CVE-2021-40585
+	RESERVED
+CVE-2021-40584
+	RESERVED
+CVE-2021-40583
+	RESERVED
+CVE-2021-40582
+	RESERVED
+CVE-2021-40581
+	RESERVED
+CVE-2021-40580
+	RESERVED
+CVE-2021-40579
+	RESERVED
+CVE-2021-40578
+	RESERVED
+CVE-2021-40577
+	RESERVED
+CVE-2021-40576
+	RESERVED
+CVE-2021-40575
+	RESERVED
+CVE-2021-40574
+	RESERVED
+CVE-2021-40573
+	RESERVED
+CVE-2021-40572
+	RESERVED
+CVE-2021-40571
+	RESERVED
+CVE-2021-40570
+	RESERVED
+CVE-2021-40569
+	RESERVED
+CVE-2021-40568
+	RESERVED
+CVE-2021-40567
+	RESERVED
+CVE-2021-40566
+	RESERVED
+CVE-2021-40565
+	RESERVED
+CVE-2021-40564
+	RESERVED
+CVE-2021-40563
+	RESERVED
+CVE-2021-40562
+	RESERVED
+CVE-2021-40561
+	RESERVED
+CVE-2021-40560
+	RESERVED
+CVE-2021-40559
+	RESERVED
+CVE-2021-40558
+	RESERVED
+CVE-2021-40557
+	RESERVED
+CVE-2021-40556
+	RESERVED
+CVE-2021-40555
+	RESERVED
+CVE-2021-40554
+	RESERVED
+CVE-2021-40553
+	RESERVED
+CVE-2021-40552
+	RESERVED
+CVE-2021-40551
+	RESERVED
+CVE-2021-40550
+	RESERVED
+CVE-2021-40549
+	RESERVED
+CVE-2021-40548
+	RESERVED
+CVE-2021-40547
+	RESERVED
+CVE-2021-40546
+	RESERVED
+CVE-2021-40545
+	RESERVED
+CVE-2021-40544
+	RESERVED
+CVE-2021-40543
+	RESERVED
+CVE-2021-40542
+	RESERVED
+CVE-2021-40541
+	RESERVED
+CVE-2021-40540 (ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info ...)
+	TODO: check
+CVE-2021-40539
+	RESERVED
+CVE-2021-40538
+	RESERVED
+CVE-2021-40537
+	RESERVED
+CVE-2021-40536
+	RESERVED
+CVE-2021-40535
+	RESERVED
+CVE-2021-40534
+	RESERVED
+CVE-2021-40533
+	RESERVED
+CVE-2021-40532 (Telegram Web K Alpha before 0.7.2 mishandles the characters in a docum ...)
+	TODO: check
+CVE-2021-40531 (Sketch before 75 mishandles external library feeds. ...)
+	TODO: check
 CVE-2021-40530 (The ElGamal implementation in Crypto++ through 8.5 allows plaintext re ...)
 	- libcrypto++ <unfixed> (bug #993841)
 	NOTE: https://eprint.iacr.org/2021/923
@@ -2786,10 +3088,10 @@ CVE-2021-39281
 	RESERVED
 CVE-2021-39280
 	RESERVED
-CVE-2021-39279
-	RESERVED
-CVE-2021-39278
-	RESERVED
+CVE-2021-39279 (Certain MOXA devices allow Authenticated Command Injection via /forms/ ...)
+	TODO: check
+CVE-2021-39278 (Certain MOXA devices allow reflected XSS via the Config Import menu. T ...)
+	TODO: check
 CVE-2021-39277
 	RESERVED
 CVE-2021-39276
@@ -3819,10 +4121,10 @@ CVE-2021-38843
 	RESERVED
 CVE-2021-38842
 	RESERVED
-CVE-2021-38841
-	RESERVED
-CVE-2021-38840
-	RESERVED
+CVE-2021-38841 (Remote Code Execution can occur in Simple Water Refilling Station Mana ...)
+	TODO: check
+CVE-2021-38840 (SQL Injection can occur in Simple Water Refilling Station Management S ...)
+	TODO: check
 CVE-2021-38839
 	RESERVED
 CVE-2021-38838
@@ -14561,22 +14863,22 @@ CVE-2021-34152
 	RESERVED
 CVE-2021-34151
 	RESERVED
-CVE-2021-34150
-	RESERVED
-CVE-2021-34149
-	RESERVED
-CVE-2021-34148
-	RESERVED
-CVE-2021-34147
-	RESERVED
-CVE-2021-34146
-	RESERVED
-CVE-2021-34145
-	RESERVED
-CVE-2021-34144
-	RESERVED
-CVE-2021-34143
-	RESERVED
+CVE-2021-34150 (The Bluetooth Classic implementation on Bluetrum AB5301A devices with  ...)
+	TODO: check
+CVE-2021-34149 (The Bluetooth Classic implementation on the Texas Instruments CC256XCQ ...)
+	TODO: check
+CVE-2021-34148 (The Bluetooth Classic implementation in the Cypress WICED BT stack thr ...)
+	TODO: check
+CVE-2021-34147 (The Bluetooth Classic implementation in the Cypress WICED BT stack thr ...)
+	TODO: check
+CVE-2021-34146 (The Bluetooth Classic implementation in the Cypress CYW920735Q60EVB do ...)
+	TODO: check
+CVE-2021-34145 (The Bluetooth Classic implementation in the Cypress WICED BT stack thr ...)
+	TODO: check
+CVE-2021-34144 (The Bluetooth Classic implementation in the Zhuhai Jieli AC6366C BT SD ...)
+	TODO: check
+CVE-2021-34143 (The Bluetooth Classic implementation in the Zhuhai Jieli AC6366C_DEMO_ ...)
+	TODO: check
 CVE-2021-34142
 	RESERVED
 CVE-2021-34141
@@ -15274,8 +15576,8 @@ CVE-2021-33833 (ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-b
 	NOTE: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=eceb2e8d2341c041df55a5e2f047d9a8c491463c
 CVE-2021-33832
 	RESERVED
-CVE-2021-33831
-	RESERVED
+CVE-2021-33831 (api/account/register in the TH Wildau COVID-19 Contact Tracing applica ...)
+	TODO: check
 CVE-2021-33830
 	RESERVED
 CVE-2021-33829 (A cross-site scripting (XSS) vulnerability in the HTML Data Processor  ...)
@@ -16183,10 +16485,10 @@ CVE-2021-33485 (CODESYS Control Runtime system before 3.5.17.10 has a Heap-based
 	NOT-FOR-US: CODESYS Control Runtime
 CVE-2021-3562
 	RESERVED
-CVE-2021-33484
-	RESERVED
-CVE-2021-33483
-	RESERVED
+CVE-2021-33484 (An issue was discovered in CommentsService.ashx in OnyakTech Comments  ...)
+	TODO: check
+CVE-2021-33483 (An issue was discovered in CommentsService.ashx in OnyakTech Comments  ...)
+	TODO: check
 CVE-2021-33482
 	RESERVED
 CVE-2021-33478 (The TrustZone implementation in certain Broadcom MediaxChange firmware ...)
@@ -20536,10 +20838,10 @@ CVE-2021-31788
 	RESERVED
 CVE-2021-31787
 	RESERVED
-CVE-2021-31786
-	RESERVED
-CVE-2021-31785
-	RESERVED
+CVE-2021-31786 (The Bluetooth Classic Audio implementation on Actions ATS2815 and ATS2 ...)
+	TODO: check
+CVE-2021-31785 (The Bluetooth Classic implementation on Actions ATS2815 and ATS2819 ch ...)
+	TODO: check
 CVE-2021-31784 (An out-of-bounds write vulnerability exists in the file-reading proced ...)
 	NOT-FOR-US: Open Design Alliance Drawings SDK
 CVE-2021-31783 (show_default.php in the LocalFilesEditor extension before 11.4.0.1 for ...)
@@ -20899,16 +21201,16 @@ CVE-2021-31615 (Unencrypted Bluetooth Low Energy baseband links in Bluetooth Cor
 	NOTE: Bluetooth protocol issue
 CVE-2021-31614
 	RESERVED
-CVE-2021-31613
-	RESERVED
-CVE-2021-31612
-	RESERVED
-CVE-2021-31611
-	RESERVED
-CVE-2021-31610
-	RESERVED
-CVE-2021-31609
-	RESERVED
+CVE-2021-31613 (The Bluetooth Classic implementation on Zhuhai Jieli AC690X and AC692X ...)
+	TODO: check
+CVE-2021-31612 (The Bluetooth Classic implementation on Zhuhai Jieli AC690X devices do ...)
+	TODO: check
+CVE-2021-31611 (The Bluetooth Classic implementation on Zhuhai Jieli AC690X and AC692X ...)
+	TODO: check
+CVE-2021-31610 (The Bluetooth Classic implementation on AB32VG1 devices does not prope ...)
+	TODO: check
+CVE-2021-31609 (The Bluetooth Classic implementation in Silicon Labs iWRAP 6.3.0 and e ...)
+	TODO: check
 CVE-2021-31608
 	RESERVED
 CVE-2021-31607 (In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerabi ...)
@@ -29617,8 +29919,8 @@ CVE-2021-28156 (HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log
 	- consul <not-affected> (Only affects Enterprise version)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1950492
 	NOTE: https://github.com/hashicorp/consul/pull/10030
-CVE-2021-28155
-	RESERVED
+CVE-2021-28155 (The Bluetooth Classic implementation on JBL TUNE500BT devices does not ...)
+	TODO: check
 CVE-2021-28154 (** DISPUTED ** Camunda Modeler (aka camunda-modeler) through 4.6.0 all ...)
 	NOT-FOR-US: Camunda Modeler
 CVE-2021-28152 (Hongdian H8922 3.0.5 devices have an undocumented feature that allows  ...)
@@ -29712,16 +30014,16 @@ CVE-2021-28141 (** DISPUTED ** An issue was discovered in Progress Telerik UI fo
 	NOT-FOR-US: Telerik
 CVE-2021-28140
 	RESERVED
-CVE-2021-28139
-	RESERVED
+CVE-2021-28139 (The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earl ...)
+	TODO: check
 CVE-2021-28138
 	RESERVED
 CVE-2021-28137
 	RESERVED
-CVE-2021-28136
-	RESERVED
-CVE-2021-28135
-	RESERVED
+CVE-2021-28136 (The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earl ...)
+	TODO: check
+CVE-2021-28135 (The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earl ...)
+	TODO: check
 CVE-2021-28134 (Clipper before 1.0.5 allows remote command execution. A remote attacke ...)
 	NOT-FOR-US: Clipper
 CVE-2021-28133 (Zoom through 5.5.4 sometimes allows attackers to read private informat ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/769e712f67324a708f900eeae43532fd778ca448

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/769e712f67324a708f900eeae43532fd778ca448
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210907/702e5818/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list