[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Sep 9 09:10:34 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
61cf660c by security tracker role at 2021-09-09T08:10:25+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,45 @@
+CVE-2021-40817
+ RESERVED
+CVE-2021-40816
+ RESERVED
+CVE-2021-40815
+ RESERVED
+CVE-2021-40814 (The Customer Photo Gallery addon before 2.9.4 for PrestaShop is vulner ...)
+ TODO: check
+CVE-2021-40813
+ RESERVED
+CVE-2021-40812 (The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds ...)
+ TODO: check
+CVE-2021-40811
+ RESERVED
+CVE-2021-40810
+ RESERVED
+CVE-2021-40809
+ RESERVED
+CVE-2021-40808
+ RESERVED
+CVE-2021-40807
+ RESERVED
+CVE-2021-40806
+ RESERVED
+CVE-2021-40805
+ RESERVED
+CVE-2021-40804
+ RESERVED
+CVE-2021-40803
+ RESERVED
+CVE-2021-40802
+ RESERVED
+CVE-2021-40801
+ RESERVED
+CVE-2021-40800
+ RESERVED
+CVE-2021-40799
+ RESERVED
+CVE-2021-40798
+ RESERVED
+CVE-2021-40797 (An issue was discovered in the routes middleware in OpenStack Neutron ...)
+ TODO: check
CVE-2021-40796
RESERVED
CVE-2021-40795
@@ -226,7 +268,7 @@ CVE-2021-40685
RESERVED
CVE-2021-40684
RESERVED
-CVE-2021-40818 [webauthn buffer overflow]
+CVE-2021-40818 (scheme/webauthn.c in Glewlwyd SSO server through 2.5.3 has a buffer ov ...)
- glewlwyd 2.5.2-3 (bug #993867)
NOTE: https://github.com/babelouest/glewlwyd/commit/0efd112bb62f566877750ad62ee828bff579b4e2
CVE-2021-40683
@@ -9838,8 +9880,8 @@ CVE-2021-36442
RESERVED
CVE-2021-36441
RESERVED
-CVE-2021-36440
- RESERVED
+CVE-2021-36440 (Unrestricted File Upload in ShowDoc v2.9.5 allows remote attackers to ...)
+ TODO: check
CVE-2021-36439
RESERVED
CVE-2021-36438
@@ -13667,10 +13709,10 @@ CVE-2021-34788
RESERVED
CVE-2021-34787
RESERVED
-CVE-2021-34786
- RESERVED
-CVE-2021-34785
- RESERVED
+CVE-2021-34786 (Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Sof ...)
+ TODO: check
+CVE-2021-34785 (Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Sof ...)
+ TODO: check
CVE-2021-34784
RESERVED
CVE-2021-34783
@@ -13697,8 +13739,8 @@ CVE-2021-34773
RESERVED
CVE-2021-34772
RESERVED
-CVE-2021-34771
- RESERVED
+CVE-2021-34771 (A vulnerability in the Cisco IOS XR Software CLI could allow an authen ...)
+ TODO: check
CVE-2021-34770
RESERVED
CVE-2021-34769
@@ -13765,8 +13807,8 @@ CVE-2021-34739
RESERVED
CVE-2021-34738
RESERVED
-CVE-2021-34737
- RESERVED
+CVE-2021-34737 (A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco ...)
+ TODO: check
CVE-2021-34736
RESERVED
CVE-2021-34735
@@ -13783,8 +13825,8 @@ CVE-2021-34730 (A vulnerability in the Universal Plug-and-Play (UPnP) service of
NOT-FOR-US: Cisco
CVE-2021-34729
RESERVED
-CVE-2021-34728
- RESERVED
+CVE-2021-34728 (Multiple vulnerabilities in the CLI of Cisco IOS XR Software could all ...)
+ TODO: check
CVE-2021-34727
RESERVED
CVE-2021-34726
@@ -13795,16 +13837,16 @@ CVE-2021-34724
RESERVED
CVE-2021-34723
RESERVED
-CVE-2021-34722
- RESERVED
-CVE-2021-34721
- RESERVED
-CVE-2021-34720
- RESERVED
-CVE-2021-34719
- RESERVED
-CVE-2021-34718
- RESERVED
+CVE-2021-34722 (Multiple vulnerabilities in the CLI of Cisco IOS XR Software could all ...)
+ TODO: check
+CVE-2021-34721 (Multiple vulnerabilities in the CLI of Cisco IOS XR Software could all ...)
+ TODO: check
+CVE-2021-34720 (A vulnerability in the IP Service Level Agreements (IP SLA) responder ...)
+ TODO: check
+CVE-2021-34719 (Multiple vulnerabilities in the CLI of Cisco IOS XR Software could all ...)
+ TODO: check
+CVE-2021-34718 (A vulnerability in the SSH Server process of Cisco IOS XR Software cou ...)
+ TODO: check
CVE-2021-34717
RESERVED
CVE-2021-34716 (A vulnerability in the web-based management interface of Cisco Express ...)
@@ -13813,18 +13855,18 @@ CVE-2021-34715 (A vulnerability in the image verification function of Cisco Expr
NOT-FOR-US: Cisco
CVE-2021-34714
RESERVED
-CVE-2021-34713
- RESERVED
+CVE-2021-34713 (A vulnerability in the Layer 2 punt code of Cisco IOS XR Software runn ...)
+ TODO: check
CVE-2021-34712
RESERVED
CVE-2021-34711
RESERVED
CVE-2021-34710
RESERVED
-CVE-2021-34709
- RESERVED
-CVE-2021-34708
- RESERVED
+CVE-2021-34709 (Multiple vulnerabilities in image verification checks of Cisco Network ...)
+ TODO: check
+CVE-2021-34708 (Multiple vulnerabilities in image verification checks of Cisco Network ...)
+ TODO: check
CVE-2021-34707 (A vulnerability in the REST API of Cisco Evolved Programmable Network ...)
NOT-FOR-US: Cisco
CVE-2021-34706
@@ -18267,14 +18309,14 @@ CVE-2021-32838
RESERVED
CVE-2021-32837
RESERVED
-CVE-2021-32836
- RESERVED
-CVE-2021-32835
- RESERVED
-CVE-2021-32834
- RESERVED
-CVE-2021-32833
- RESERVED
+CVE-2021-32836 (ZStack is open source IaaS(infrastructure as a service) software. In Z ...)
+ TODO: check
+CVE-2021-32835 (Eclipse Keti is a service that was designed to protect RESTfuls API us ...)
+ TODO: check
+CVE-2021-32834 (Eclipse Keti is a service that was designed to protect RESTfuls API us ...)
+ TODO: check
+CVE-2021-32833 (Emby Server is a personal media server with apps on many devices. In E ...)
+ TODO: check
CVE-2021-32832 (Rocket.Chat is an open-source fully customizable communications platfo ...)
NOT-FOR-US: Rocket.Chat
CVE-2021-32831 (Total.js framework (npm package total.js) is a framework for Node.js p ...)
@@ -23968,8 +24010,8 @@ CVE-2021-30607 (Use after free in Permissions in Google Chrome prior to 93.0.457
CVE-2021-30606 (Use after free in Blink in Google Chrome prior to 93.0.4577.63 allowed ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2021-30605
- RESERVED
+CVE-2021-30605 (Inappropriate implementation in the ChromeOS Readiness Tool installer ...)
+ TODO: check
CVE-2021-30604 (Use after free in ANGLE in Google Chrome prior to 92.0.4515.159 allowe ...)
- chromium <unfixed> (bug #990079)
[stretch] - chromium <end-of-life> (see DSA 4562)
@@ -64708,8 +64750,8 @@ CVE-2020-26774
RESERVED
CVE-2020-26773 (Restaurant Reservation System 1.0 suffers from an authenticated SQL in ...)
NOT-FOR-US: Restaurant Reservation System
-CVE-2020-26772
- RESERVED
+CVE-2020-26772 (Command Injection in PPGo_Jobs v2.8.0 allows remote attackers to execu ...)
+ TODO: check
CVE-2020-26771
RESERVED
CVE-2020-26770
@@ -65785,8 +65827,8 @@ CVE-2020-26302
RESERVED
CVE-2020-26301
RESERVED
-CVE-2020-26300
- RESERVED
+CVE-2020-26300 (systeminformation is an npm package that provides system and OS inform ...)
+ TODO: check
CVE-2020-26299 (ftp-srv is an open-source FTP server designed to be simple yet configu ...)
NOT-FOR-US: Node ftp-srv
CVE-2020-26298 (Redcarpet is a Ruby library for Markdown processing. In Redcarpet befo ...)
@@ -81506,10 +81548,10 @@ CVE-2020-19140
RESERVED
CVE-2020-19139
RESERVED
-CVE-2020-19138
- RESERVED
-CVE-2020-19137
- RESERVED
+CVE-2020-19138 (Unrestricted Upload of File with Dangerous Type in DotCMS v5.2.3 and e ...)
+ TODO: check
+CVE-2020-19137 (Incorrect Access Control in Autumn v1.0.4 and earlier allows remote at ...)
+ TODO: check
CVE-2020-19136
RESERVED
CVE-2020-19135
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/61cf660c66e087e3eb57f0d05da9648f6fc83dcb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/61cf660c66e087e3eb57f0d05da9648f6fc83dcb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210909/f35bf21e/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list