[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Sep 7 21:10:52 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ca1ad176 by security tracker role at 2021-09-07T20:10:30+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,13 @@
+CVE-2021-40683
+ RESERVED
+CVE-2021-40682
+ RESERVED
+CVE-2021-3779
+ RESERVED
+CVE-2021-3778
+ RESERVED
+CVE-2021-3777
+ RESERVED
CVE-2021-40681
RESERVED
CVE-2021-40680
@@ -285,8 +295,8 @@ CVE-2021-40540 (ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits co
[bullseye] - ulfius <no-dsa> (Minor issue)
[buster] - ulfius <no-dsa> (Minor issue)
NOTE: https://github.com/babelouest/ulfius/commit/c83f564c184a27145e07c274b305cabe943bbfaa
-CVE-2021-40539
- RESERVED
+CVE-2021-40539 (Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnera ...)
+ TODO: check
CVE-2021-40538
RESERVED
CVE-2021-40537
@@ -3081,8 +3091,8 @@ CVE-2021-39287
RESERVED
CVE-2021-39286 (Webrecorder pywb before 2.6.0 allows XSS because it does not ensure th ...)
NOT-FOR-US: Webrecorder pywb
-CVE-2021-39285
- RESERVED
+CVE-2021-39285 (A XSS vulnerability exists in Versa Director Release: 16.1R2 Build: S8 ...)
+ TODO: check
CVE-2021-39284
RESERVED
CVE-2021-39283 (liveMedia/FramedSource.cpp in Live555 through 1.08 allows an assertion ...)
@@ -3138,80 +3148,67 @@ CVE-2021-39265
RESERVED
CVE-2021-39264
RESERVED
-CVE-2021-39263
- RESERVED
+CVE-2021-39263 (A crafted NTFS image can trigger a heap-based buffer overflow, caused ...)
[experimental] - ntfs-3g 1:2021.8.22-1
- ntfs-3g 1:2021.8.22-2 (bug #988386)
NOTE: https://www.openwall.com/lists/oss-security/2021/08/30/1
NOTE: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
-CVE-2021-39262
- RESERVED
+CVE-2021-39262 (A crafted NTFS image can cause an out-of-bounds access in ntfs_decompr ...)
[experimental] - ntfs-3g 1:2021.8.22-1
- ntfs-3g 1:2021.8.22-2 (bug #988386)
NOTE: https://www.openwall.com/lists/oss-security/2021/08/30/1
NOTE: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
-CVE-2021-39261
- RESERVED
+CVE-2021-39261 (A crafted NTFS image can cause a heap-based buffer overflow in ntfs_co ...)
[experimental] - ntfs-3g 1:2021.8.22-1
- ntfs-3g 1:2021.8.22-2 (bug #988386)
NOTE: https://www.openwall.com/lists/oss-security/2021/08/30/1
NOTE: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
-CVE-2021-39260
- RESERVED
+CVE-2021-39260 (A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_s ...)
[experimental] - ntfs-3g 1:2021.8.22-1
- ntfs-3g 1:2021.8.22-2 (bug #988386)
NOTE: https://www.openwall.com/lists/oss-security/2021/08/30/1
NOTE: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
-CVE-2021-39259
- RESERVED
+CVE-2021-39259 (A crafted NTFS image can trigger an out-of-bounds access, caused by an ...)
[experimental] - ntfs-3g 1:2021.8.22-1
- ntfs-3g 1:2021.8.22-2 (bug #988386)
NOTE: https://www.openwall.com/lists/oss-security/2021/08/30/1
NOTE: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
-CVE-2021-39258
- RESERVED
+CVE-2021-39258 (A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find a ...)
[experimental] - ntfs-3g 1:2021.8.22-1
- ntfs-3g 1:2021.8.22-2 (bug #988386)
NOTE: https://www.openwall.com/lists/oss-security/2021/08/30/1
NOTE: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
-CVE-2021-39257
- RESERVED
+CVE-2021-39257 (A crafted NTFS image with an unallocated bitmap can lead to a endless ...)
[experimental] - ntfs-3g 1:2021.8.22-1
- ntfs-3g 1:2021.8.22-2 (bug #988386)
NOTE: https://www.openwall.com/lists/oss-security/2021/08/30/1
NOTE: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
-CVE-2021-39256
- RESERVED
+CVE-2021-39256 (A crafted NTFS image can cause a heap-based buffer overflow in ntfs_in ...)
[experimental] - ntfs-3g 1:2021.8.22-1
- ntfs-3g 1:2021.8.22-2 (bug #988386)
NOTE: https://www.openwall.com/lists/oss-security/2021/08/30/1
NOTE: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
-CVE-2021-39255
- RESERVED
+CVE-2021-39255 (A crafted NTFS image can trigger an out-of-bounds read, caused by an i ...)
[experimental] - ntfs-3g 1:2021.8.22-1
- ntfs-3g 1:2021.8.22-2 (bug #988386)
NOTE: https://www.openwall.com/lists/oss-security/2021/08/30/1
NOTE: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
-CVE-2021-39254
- RESERVED
+CVE-2021-39254 (A crafted NTFS image can cause an integer overflow in memmove, leading ...)
[experimental] - ntfs-3g 1:2021.8.22-1
- ntfs-3g 1:2021.8.22-2 (bug #988386)
NOTE: https://www.openwall.com/lists/oss-security/2021/08/30/1
NOTE: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
-CVE-2021-39253
- RESERVED
+CVE-2021-39253 (A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_ ...)
[experimental] - ntfs-3g 1:2021.8.22-1
- ntfs-3g 1:2021.8.22-2 (bug #988386)
NOTE: https://www.openwall.com/lists/oss-security/2021/08/30/1
NOTE: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
-CVE-2021-39252
- RESERVED
+CVE-2021-39252 (A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup ...)
[experimental] - ntfs-3g 1:2021.8.22-1
- ntfs-3g 1:2021.8.22-2 (bug #988386)
NOTE: https://www.openwall.com/lists/oss-security/2021/08/30/1
NOTE: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
-CVE-2021-39251
- RESERVED
+CVE-2021-39251 (A crafted NTFS image can cause a NULL pointer dereference in ntfs_exte ...)
[experimental] - ntfs-3g 1:2021.8.22-1
- ntfs-3g 1:2021.8.22-2 (bug #988386)
NOTE: https://www.openwall.com/lists/oss-security/2021/08/30/1
@@ -3360,16 +3357,16 @@ CVE-2021-39201
RESERVED
CVE-2021-39200
RESERVED
-CVE-2021-39199
- RESERVED
+CVE-2021-39199 (remark-html is an open source nodejs library which compiles Markdown t ...)
+ TODO: check
CVE-2021-39198
RESERVED
-CVE-2021-39197
- RESERVED
-CVE-2021-39196
- RESERVED
-CVE-2021-39195
- RESERVED
+CVE-2021-39197 (better_errors is an open source replacement for the standard Rails err ...)
+ TODO: check
+CVE-2021-39196 (pcapture is an open source dumpcap web service interface . In affected ...)
+ TODO: check
+CVE-2021-39195 (Misskey is an open source, decentralized microblogging platform. In af ...)
+ TODO: check
CVE-2021-39194
RESERVED
CVE-2021-39193 (Frontier is Substrate's Ethereum compatibility layer. Prior to commit ...)
@@ -4438,8 +4435,8 @@ CVE-2021-38700
RESERVED
CVE-2021-38699 (TastyIgniter 3.0.7 allows XSS via /account, /reservation, /admin/dashb ...)
NOT-FOR-US: TastyIgniter
-CVE-2021-38698
- RESERVED
+CVE-2021-38698 (HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allow ...)
+ TODO: check
CVE-2021-38697
RESERVED
CVE-2021-38696
@@ -4604,12 +4601,12 @@ CVE-2021-38619 (openBaraza HCM 3.1.6 does not properly neutralize user-controlla
NOT-FOR-US: openBaraza HCM
CVE-2021-38618
RESERVED
-CVE-2021-38617
- RESERVED
-CVE-2021-38616
- RESERVED
-CVE-2021-38615
- RESERVED
+CVE-2021-38617 (In Eigen NLP 3.10.1, a lack of access control on the /auth/v1/user/ us ...)
+ TODO: check
+CVE-2021-38616 (In Eigen NLP 3.10.1, a lack of access control on the /auth/v1/user/{us ...)
+ TODO: check
+CVE-2021-38615 (In Eigen NLP 3.10.1, a lack of access control on the /auth/v1/sso/conf ...)
+ TODO: check
CVE-2021-3705
RESERVED
CVE-2021-3704
@@ -5785,8 +5782,8 @@ CVE-2021-38144 (An issue was discovered in Form Tools through 3.0.20. A low-priv
NOT-FOR-US: Form Tools
CVE-2021-38143 (An issue was discovered in Form Tools through 3.0.20. When an administ ...)
NOT-FOR-US: Form Tools
-CVE-2021-38142
- RESERVED
+CVE-2021-38142 (Barco MirrorOp Windows Sender before 2.5.3.65 uses cleartext HTTP and ...)
+ TODO: check
CVE-2021-38141
RESERVED
CVE-2021-38140 (The set_user extension module before 2.0.1 for PostgreSQL allows a pot ...)
@@ -5826,8 +5823,8 @@ CVE-2021-38125
RESERVED
CVE-2021-38124
RESERVED
-CVE-2021-38123
- RESERVED
+CVE-2021-38123 (Open Redirect vulnerability in Micro Focus Network Automation, affecti ...)
+ TODO: check
CVE-2021-38122
RESERVED
CVE-2021-38121
@@ -6696,42 +6693,42 @@ CVE-2021-37735
RESERVED
CVE-2021-37734
RESERVED
-CVE-2021-37733
- RESERVED
+CVE-2021-37733 (A remote path traversal vulnerability was discovered in Aruba SD-WAN S ...)
+ TODO: check
CVE-2021-37732
RESERVED
-CVE-2021-37731
- RESERVED
+CVE-2021-37731 (A local path traversal vulnerability was discovered in Aruba SD-WAN So ...)
+ TODO: check
CVE-2021-37730
RESERVED
-CVE-2021-37729
- RESERVED
-CVE-2021-37728
- RESERVED
+CVE-2021-37729 (A remote path traversal vulnerability was discovered in Aruba SD-WAN S ...)
+ TODO: check
+CVE-2021-37728 (A remote path traversal vulnerability was discovered in Aruba Operatin ...)
+ TODO: check
CVE-2021-37727
RESERVED
CVE-2021-37726
RESERVED
-CVE-2021-37725
- RESERVED
-CVE-2021-37724
- RESERVED
-CVE-2021-37723
- RESERVED
-CVE-2021-37722
- RESERVED
-CVE-2021-37721
- RESERVED
-CVE-2021-37720
- RESERVED
-CVE-2021-37719
- RESERVED
-CVE-2021-37718
- RESERVED
-CVE-2021-37717
- RESERVED
-CVE-2021-37716
- RESERVED
+CVE-2021-37725 (A remote cross-site request forgery (csrf) vulnerability was discovere ...)
+ TODO: check
+CVE-2021-37724 (A remote arbitrary command execution vulnerability was discovered in A ...)
+ TODO: check
+CVE-2021-37723 (A remote arbitrary command execution vulnerability was discovered in A ...)
+ TODO: check
+CVE-2021-37722 (A remote arbitrary command execution vulnerability was discovered in A ...)
+ TODO: check
+CVE-2021-37721 (A remote arbitrary command execution vulnerability was discovered in A ...)
+ TODO: check
+CVE-2021-37720 (A remote arbitrary command execution vulnerability was discovered in A ...)
+ TODO: check
+CVE-2021-37719 (A remote arbitrary command execution vulnerability was discovered in A ...)
+ TODO: check
+CVE-2021-37718 (A remote arbitrary command execution vulnerability was discovered in A ...)
+ TODO: check
+CVE-2021-37717 (A remote arbitrary command execution vulnerability was discovered in A ...)
+ TODO: check
+CVE-2021-37716 (A remote buffer overflow vulnerability was discovered in Aruba SD-WAN ...)
+ TODO: check
CVE-2021-37715 (A remote cross-site scripting (XSS) vulnerability was discovered in Ar ...)
NOT-FOR-US: Aruba
CVE-2021-3671
@@ -7810,10 +7807,10 @@ CVE-2021-37220 (MuPDF through 1.18.1 has an out-of-bounds write because the cach
NOTE: http://git.ghostscript.com/?p=mupdf.git;h=f5712c9949d026e4b891b25837edd2edc166151f
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=703791
NOTE: On Stretch, an earlier version of the code exits early instead of crashing.
-CVE-2021-37219
- RESERVED
-CVE-2021-37218
- RESERVED
+CVE-2021-37219 (HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows no ...)
+ TODO: check
+CVE-2021-37218 (HashiCorp Nomad and Nomad Enterprise Raft RPC layer allows non-server ...)
+ TODO: check
CVE-2021-37217
RESERVED
CVE-2021-3659 [NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c]
@@ -9008,8 +9005,8 @@ CVE-2021-36719
RESERVED
CVE-2021-36718
RESERVED
-CVE-2021-36717
- RESERVED
+CVE-2021-36717 (In order to perform a directory traversal attack, all an attacker need ...)
+ TODO: check
CVE-2021-36716 (A ReDoS (regular expression denial of service) flaw was found in the S ...)
NOT-FOR-US: Node is-email
CVE-2021-3643
@@ -9062,8 +9059,8 @@ CVE-2021-36698
RESERVED
CVE-2021-36697
RESERVED
-CVE-2021-36696
- RESERVED
+CVE-2021-36696 (Deskpro cloud and on-premise Deskpro 2021.1.6 and fixed in Deskpro 202 ...)
+ TODO: check
CVE-2021-36695
RESERVED
CVE-2021-36694
@@ -10199,10 +10196,10 @@ CVE-2021-36165
RESERVED
CVE-2021-36164
RESERVED
-CVE-2021-36163
- RESERVED
-CVE-2021-36162
- RESERVED
+CVE-2021-36163 (In Apache Dubbo, users may choose to use the Hessian protocol. The Hes ...)
+ TODO: check
+CVE-2021-36162 (Apache Dubbo supports various rules to support configuration override ...)
+ TODO: check
CVE-2021-36161
RESERVED
CVE-2021-36160
@@ -10819,14 +10816,14 @@ CVE-2021-35951
RESERVED
CVE-2021-35950
RESERVED
-CVE-2021-35949
- RESERVED
+CVE-2021-35949 (The shareinfo controller in the ownCloud Server before 10.8.0 allows a ...)
+ TODO: check
CVE-2021-35948
RESERVED
-CVE-2021-35947
- RESERVED
-CVE-2021-35946
- RESERVED
+CVE-2021-35947 (The public share controller in the ownCloud server before version 10.8 ...)
+ TODO: check
+CVE-2021-35946 (A receiver of a federated share with access to the database with ownCl ...)
+ TODO: check
CVE-2021-35945
RESERVED
CVE-2021-35944
@@ -12339,26 +12336,22 @@ CVE-2021-35271
RESERVED
CVE-2021-35270
RESERVED
-CVE-2021-35269
- RESERVED
+CVE-2021-35269 (Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS ...)
[experimental] - ntfs-3g 1:2021.8.22-1
- ntfs-3g 1:2021.8.22-2 (bug #988386)
NOTE: https://www.openwall.com/lists/oss-security/2021/08/30/1
NOTE: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
-CVE-2021-35268
- RESERVED
+CVE-2021-35268 (Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS ...)
[experimental] - ntfs-3g 1:2021.8.22-1
- ntfs-3g 1:2021.8.22-2 (bug #988386)
NOTE: https://www.openwall.com/lists/oss-security/2021/08/30/1
NOTE: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
-CVE-2021-35267
- RESERVED
+CVE-2021-35267 (In Tuxera NTFS-3G versions < 2021.8.22, a stack buffer overflow can ...)
[experimental] - ntfs-3g 1:2021.8.22-1
- ntfs-3g 1:2021.8.22-2 (bug #988386)
NOTE: https://www.openwall.com/lists/oss-security/2021/08/30/1
NOTE: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
-CVE-2021-35266
- RESERVED
+CVE-2021-35266 (In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NT ...)
[experimental] - ntfs-3g 1:2021.8.22-1
- ntfs-3g 1:2021.8.22-2 (bug #988386)
NOTE: https://www.openwall.com/lists/oss-security/2021/08/30/1
@@ -16188,8 +16181,8 @@ CVE-2021-33601
RESERVED
CVE-2021-33600
RESERVED
-CVE-2021-33599
- RESERVED
+CVE-2021-33599 (A vulnerability affecting F-Secure Antivirus engine was discovered whe ...)
+ TODO: check
CVE-2021-33598 (A Denial-of-Service (DoS) vulnerability was discovered in all versions ...)
NOT-FOR-US: F-Secure
CVE-2021-33597 (A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atl ...)
@@ -16910,28 +16903,24 @@ CVE-2021-33291
RESERVED
CVE-2021-33290
RESERVED
-CVE-2021-33289
- RESERVED
+CVE-2021-33289 (In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted MF ...)
[experimental] - ntfs-3g 1:2021.8.22-1
- ntfs-3g 1:2021.8.22-2 (bug #988386)
NOTE: https://www.openwall.com/lists/oss-security/2021/08/30/1
NOTE: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
CVE-2021-33288
RESERVED
-CVE-2021-33287
- RESERVED
+CVE-2021-33287 (Tuxera NTFS-3G versions < 2021.8.22, when specially crafted NTFS at ...)
[experimental] - ntfs-3g 1:2021.8.22-1
- ntfs-3g 1:2021.8.22-2 (bug #988386)
NOTE: https://www.openwall.com/lists/oss-security/2021/08/30/1
NOTE: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
-CVE-2021-33286
- RESERVED
+CVE-2021-33286 (In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted un ...)
[experimental] - ntfs-3g 1:2021.8.22-1
- ntfs-3g 1:2021.8.22-2 (bug #988386)
NOTE: https://www.openwall.com/lists/oss-security/2021/08/30/1
NOTE: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
-CVE-2021-33285
- RESERVED
+CVE-2021-33285 (In Tuxera ntfs-3g versions < 2021.8.22, when a specially crafted NT ...)
[experimental] - ntfs-3g 1:2021.8.22-1
- ntfs-3g 1:2021.8.22-2 (bug #988386)
NOTE: https://www.openwall.com/lists/oss-security/2021/08/30/1
@@ -21302,9 +21291,9 @@ CVE-2021-31586 (Accellion Kiteworks before 7.4.0 allows an authenticated user to
NOT-FOR-US: Accellion Kiteworks
CVE-2021-31585 (Accellion Kiteworks before 7.3.1 allows a user with Admin privileges t ...)
NOT-FOR-US: Accellion Kiteworks
-CVE-2021-31584 (Sipwise C5 NGCP www_admin version 3.6.7 allows call/click2dial CSRF at ...)
+CVE-2021-31584 (Sipwise C5 NGCP www_csc version 3.6.4 up to and including platform NGC ...)
NOT-FOR-US: Sipwise
-CVE-2021-31583 (Sipwise C5 NGCP CSC through CE_mr9.3.1 has multiple authenticated stor ...)
+CVE-2021-31583 (Sipwise C5 NGCP WWW Admin version 3.6.7 up to and including platform v ...)
NOT-FOR-US: Sipwise
CVE-2021-31582
RESERVED
@@ -32651,8 +32640,8 @@ CVE-2021-27024
RESERVED
CVE-2021-27023
RESERVED
-CVE-2021-27022
- RESERVED
+CVE-2021-27022 (A flaw was discovered in bolt-server and ace where running a task with ...)
+ TODO: check
CVE-2021-27021 (A flaw was discovered in Puppet DB, this flaw results in an escalation ...)
- puppetdb <unfixed> (bug #990419)
NOTE: https://puppet.com/security/cve/cve-2021-27021/
@@ -81289,8 +81278,8 @@ CVE-2020-19133
RESERVED
CVE-2020-19132
RESERVED
-CVE-2020-19131
- RESERVED
+CVE-2020-19131 (Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial ...)
+ TODO: check
CVE-2020-19130
RESERVED
CVE-2020-19129
@@ -111111,8 +111100,8 @@ CVE-2020-7879
RESERVED
CVE-2020-7878
RESERVED
-CVE-2020-7877
- RESERVED
+CVE-2020-7877 (A buffer overflow issue was discovered in ZOOK solution(remote adminis ...)
+ TODO: check
CVE-2020-7876
RESERVED
CVE-2020-7875
@@ -111135,8 +111124,8 @@ CVE-2020-7867
RESERVED
CVE-2020-7866 (When using XPLATFORM 9.2.2.270 or earlier versions ActiveX component, ...)
NOT-FOR-US: XPLATFORM
-CVE-2020-7865
- RESERVED
+CVE-2020-7865 (A vulnerability(improper input validation) in the ExECM CoreB2B soluti ...)
+ TODO: check
CVE-2020-7864 (Parameter manipulation can bypass authentication to cause file upload ...)
NOT-FOR-US: Raonwiz DEXT5Editor
CVE-2020-7863 (A vulnerability in File Transfer Solution of Raonwiz could allow arbit ...)
@@ -111201,8 +111190,8 @@ CVE-2020-7834
RESERVED
CVE-2020-7833
RESERVED
-CVE-2020-7832
- RESERVED
+CVE-2020-7832 (A vulnerability (improper input validation) in the DEXT5 Upload soluti ...)
+ TODO: check
CVE-2020-7831 (A vulnerability in the web-based contract management service interface ...)
NOT-FOR-US: Inogard Ebiz4u
CVE-2020-7830 (RAONWIZ v2018.0.2.50 and earlier versions contains a vulnerability tha ...)
@@ -111227,8 +111216,8 @@ CVE-2020-7821 (Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version conta
NOT-FOR-US: Nexacro14/17 ExtCommonApiV13 Library
CVE-2020-7820 (Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a ...)
NOT-FOR-US: Nexacro14/17 ExtCommonApiV13 Library
-CVE-2020-7819
- RESERVED
+CVE-2020-7819 (A SQL-Injection vulnerability in the nTracker USB Enterprise(secure US ...)
+ TODO: check
CVE-2020-7818 (DaviewIndy 8.98.9 and earlier has a Heap-based overflow vulnerability, ...)
NOT-FOR-US: Daview
CVE-2020-7817 (MyBrowserPlus downloads the files needed to run the program through th ...)
@@ -173518,8 +173507,8 @@ CVE-2019-5320 (Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 29
NOT-FOR-US: Aruba Intelligent Edge Switch Series
CVE-2019-5319 (A remote buffer overflow vulnerability was discovered in some Aruba In ...)
NOT-FOR-US: Aruba
-CVE-2019-5318
- RESERVED
+CVE-2019-5318 (A remote cross-site request forgery (csrf) vulnerability was discovere ...)
+ TODO: check
CVE-2019-5317 (A local authentication bypass vulnerability was discovered in some Aru ...)
NOT-FOR-US: Aruba
CVE-2019-5316
@@ -201710,7 +201699,7 @@ CVE-2018-14578
RESERVED
CVE-2018-14577
RESERVED
-CVE-2018-14576 (The mintToken function of a smart contract implementation for SunContr ...)
+CVE-2018-14576 (The mintTokens function of a smart contract implementation for SunCont ...)
NOT-FOR-US: smart contract implementation for SunContract
CVE-2018-14575 (Trash Bin plugin 1.1.3 for MyBB has cross-site scripting (XSS) via a t ...)
NOT-FOR-US: MyBB plugin
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ca1ad176cdeaf68c54a17c1b090f02cec0d03a87
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ca1ad176cdeaf68c54a17c1b090f02cec0d03a87
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210907/4866041b/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list