[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Sep 14 21:10:41 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a6dd87b2 by security tracker role at 2021-09-14T20:10:31+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2021-41077 (The activation process in Travis CI, for certain 2021-09-03 through 20 ...)
+ TODO: check
CVE-2021-41076
RESERVED
CVE-2021-41075
@@ -1592,14 +1594,14 @@ CVE-2021-40359
RESERVED
CVE-2021-40358
RESERVED
-CVE-2021-40357
- RESERVED
-CVE-2021-40356
- RESERVED
-CVE-2021-40355
- RESERVED
-CVE-2021-40354
- RESERVED
+CVE-2021-40357 (A vulnerability has been identified in Teamcenter Active Workspace V4. ...)
+ TODO: check
+CVE-2021-40356 (A vulnerability has been identified in Teamcenter V12.4 (All versions ...)
+ TODO: check
+CVE-2021-40355 (A vulnerability has been identified in Teamcenter V12.4 (All versions ...)
+ TODO: check
+CVE-2021-40354 (A vulnerability has been identified in Teamcenter V12.4 (All versions ...)
+ TODO: check
CVE-2021-3761 (Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitt ...)
TODO: check
CVE-2021-3760
@@ -3679,8 +3681,8 @@ CVE-2021-39393
RESERVED
CVE-2021-39392
RESERVED
-CVE-2021-39391
- RESERVED
+CVE-2021-39391 (Cross Site Scripting (XSS) vulnerability exists in the admin panel in ...)
+ TODO: check
CVE-2021-39390
RESERVED
CVE-2021-39389
@@ -6544,14 +6546,14 @@ CVE-2021-38179
RESERVED
CVE-2021-38178
RESERVED
-CVE-2021-38177
- RESERVED
-CVE-2021-38176
- RESERVED
-CVE-2021-38175
- RESERVED
-CVE-2021-38174
- RESERVED
+CVE-2021-38177 (SAP CommonCryptoLib version 8.5.38 or lower is vulnerable to null poin ...)
+ TODO: check
+CVE-2021-38176 (Due to improper input sanitization, an authenticated user with certain ...)
+ TODO: check
+CVE-2021-38175 (SAP Analysis for Microsoft Office - version 2.8, allows an attacker wi ...)
+ TODO: check
+CVE-2021-38174 (When a user opens manipulated files received from untrusted sources in ...)
+ TODO: check
CVE-2021-3689 (yii2 is vulnerable to Use of Predictable Algorithm in Random Number Ge ...)
- yii <itp> (bug #597899)
CVE-2020-36472 (An issue was discovered in the max7301 crate before 0.2.0 for Rust. Th ...)
@@ -6661,12 +6663,12 @@ CVE-2021-38168 (Roxy-WI through 5.2.2.0 allows authenticated SQL injection via s
NOT-FOR-US: Roxy-WI
CVE-2021-38167 (Roxy-WI through 5.2.2.0 allows SQL Injection via check_login. An unaut ...)
NOT-FOR-US: Roxy-WI
-CVE-2021-38164
- RESERVED
-CVE-2021-38163
- RESERVED
-CVE-2021-38162
- RESERVED
+CVE-2021-38164 (SAP ERP Financial Accounting (RFOPENPOSTING_FR) versions - SAP_APPL - ...)
+ TODO: check
+CVE-2021-38163 (SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7. ...)
+ TODO: check
+CVE-2021-38162 (SAP Web Dispatcher versions - 7.49, 7.53, 7.77, 7.81, KRNL64NUC - 7.22 ...)
+ TODO: check
CVE-2021-38161
RESERVED
CVE-2021-38166 (In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is a ...)
@@ -6706,8 +6708,8 @@ CVE-2021-38152 (index.php/appointment/insert_patient_add_appointment in Chikitsa
NOT-FOR-US: Chikitsa Patient Management System
CVE-2021-38151 (index.php/appointment/todos in Chikitsa Patient Management System 2.0. ...)
NOT-FOR-US: Chikitsa Patient Management System
-CVE-2021-38150
- RESERVED
+CVE-2021-38150 (When an attacker manages to get access to the local memory, or the mem ...)
+ TODO: check
CVE-2021-38149 (index.php/admin/add_user in Chikitsa Patient Management System 2.0.0 a ...)
NOT-FOR-US: Chikitsa Patient Management System
CVE-2021-38148 (Obsidian before 0.12.12 does not require user confirmation for non-htt ...)
@@ -8085,16 +8087,16 @@ CVE-2021-37537
RESERVED
CVE-2021-37536
RESERVED
-CVE-2021-37535
- RESERVED
+CVE-2021-37535 (SAP NetWeaver Application Server Java (JMS Connector Service) - versio ...)
+ TODO: check
CVE-2021-37534 (app/View/GalaxyClusters/add.ctp in MISP 2.4.146 allows Stored XSS when ...)
NOT-FOR-US: MISP
CVE-2021-37533
RESERVED
-CVE-2021-37532
- RESERVED
-CVE-2021-37531
- RESERVED
+CVE-2021-37532 (SAP Business One version - 10, due to improper input validation, allow ...)
+ TODO: check
+CVE-2021-37531 (SAP NetWeaver Knowledge Management XML Forms versions - 7.10, 7.11, 7. ...)
+ TODO: check
CVE-2021-37530
RESERVED
CVE-2021-37529
@@ -8793,20 +8795,20 @@ CVE-2021-37208
RESERVED
CVE-2021-37207
RESERVED
-CVE-2021-37206
- RESERVED
+CVE-2021-37206 (A vulnerability has been identified in SIPROTEC 5 relays with CPU vari ...)
+ TODO: check
CVE-2021-37205
RESERVED
CVE-2021-37204
RESERVED
-CVE-2021-37203
- RESERVED
-CVE-2021-37202
- RESERVED
-CVE-2021-37201
- RESERVED
-CVE-2021-37200
- RESERVED
+CVE-2021-37203 (A vulnerability has been identified in NX 1980 Series (All versions &l ...)
+ TODO: check
+CVE-2021-37202 (A vulnerability has been identified in NX 1980 Series (All versions &l ...)
+ TODO: check
+CVE-2021-37201 (A vulnerability has been identified in SINEC NMS (All versions < V1 ...)
+ TODO: check
+CVE-2021-37200 (A vulnerability has been identified in SINEC NMS (All versions < V1 ...)
+ TODO: check
CVE-2021-37199
RESERVED
CVE-2021-37198
@@ -8819,48 +8821,48 @@ CVE-2021-37195
RESERVED
CVE-2021-37194
RESERVED
-CVE-2021-37193
- RESERVED
-CVE-2021-37192
- RESERVED
-CVE-2021-37191
- RESERVED
-CVE-2021-37190
- RESERVED
+CVE-2021-37193 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
+ TODO: check
+CVE-2021-37192 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
+ TODO: check
+CVE-2021-37191 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
+ TODO: check
+CVE-2021-37190 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
+ TODO: check
CVE-2021-37189
RESERVED
CVE-2021-37188
RESERVED
CVE-2021-37187
RESERVED
-CVE-2021-37186
- RESERVED
+CVE-2021-37186 (A vulnerability has been identified in LOGO! CMR2020 (All versions < ...)
+ TODO: check
CVE-2021-37185
RESERVED
-CVE-2021-37184
- RESERVED
-CVE-2021-37183
- RESERVED
+CVE-2021-37184 (A vulnerability has been identified in Industrial Edge Management (All ...)
+ TODO: check
+CVE-2021-37183 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
+ TODO: check
CVE-2021-37182
RESERVED
-CVE-2021-37181
- RESERVED
+CVE-2021-37181 (A vulnerability has been identified in Cerberus DMS V4.0 (All versions ...)
+ TODO: check
CVE-2021-37180 (A vulnerability has been identified in Solid Edge SE2021 (All Versions ...)
NOT-FOR-US: Siemens
CVE-2021-37179 (A vulnerability has been identified in Solid Edge SE2021 (All Versions ...)
NOT-FOR-US: Siemens
CVE-2021-37178 (A vulnerability has been identified in Solid Edge SE2021 (All Versions ...)
NOT-FOR-US: Siemens
-CVE-2021-37177
- RESERVED
-CVE-2021-37176
- RESERVED
-CVE-2021-37175
- RESERVED
-CVE-2021-37174
- RESERVED
-CVE-2021-37173
- RESERVED
+CVE-2021-37177 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
+ TODO: check
+CVE-2021-37176 (A vulnerability has been identified in Simcenter Femap V2020.2 (All ve ...)
+ TODO: check
+CVE-2021-37175 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
+ TODO: check
+CVE-2021-37174 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
+ TODO: check
+CVE-2021-37173 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
+ TODO: check
CVE-2021-37172 (A vulnerability has been identified in SIMATIC S7-1200 CPU family (inc ...)
NOT-FOR-US: Siemens
CVE-2021-37171
@@ -10241,10 +10243,10 @@ CVE-2021-36584 (An issue was discovered in GPAC 1.0.1. There is a heap-based buf
NOTE: https://github.com/gpac/gpac/commit/13442ec1c401a4181ba6d7f79c27df6054c817c7
CVE-2021-36583
RESERVED
-CVE-2021-36582
- RESERVED
-CVE-2021-36581
- RESERVED
+CVE-2021-36582 (In Kooboo CMS 2.1.1.0, it is possible to upload a remote shell (e.g., ...)
+ TODO: check
+CVE-2021-36581 (Kooboo CMS 2.1.1.0 is vulnerable to Insecure file upload. It is possib ...)
+ TODO: check
CVE-2021-36580
RESERVED
CVE-2021-36579
@@ -12774,8 +12776,8 @@ CVE-2021-35495
RESERVED
CVE-2021-35494
RESERVED
-CVE-2021-35493
- RESERVED
+CVE-2021-35493 (The WebFOCUS Reporting Server and WebFOCUS Client components of TIBCO ...)
+ TODO: check
CVE-2021-3619 (Rapid7 Velociraptor 0.5.9 and prior is vulnerable to a post-authentica ...)
NOT-FOR-US: Rapid7 Velociraptor
CVE-2021-35492
@@ -16853,8 +16855,8 @@ CVE-2021-3567
NOTE: https://gitlab.gnome.org/GNOME/caribou/-/commit/d41c8e44b12222a290eaca16703406b113a630c6
CVE-2021-33738 (A vulnerability has been identified in JT2Go (All versions < V13.2. ...)
NOT-FOR-US: JT2Go
-CVE-2021-33737
- RESERVED
+CVE-2021-33737 (A vulnerability has been identified in SIMATIC CP 343-1 (incl. SIPLUS ...)
+ TODO: check
CVE-2021-33736
RESERVED
CVE-2021-33735
@@ -16887,16 +16889,16 @@ CVE-2021-33722
RESERVED
CVE-2021-33721 (A vulnerability has been identified in SINEC NMS (All versions < V1 ...)
NOT-FOR-US: Siemens
-CVE-2021-33720
- RESERVED
-CVE-2021-33719
- RESERVED
+CVE-2021-33720 (A vulnerability has been identified in SIPROTEC 5 relays with CPU vari ...)
+ TODO: check
+CVE-2021-33719 (A vulnerability has been identified in SIPROTEC 5 relays with CPU vari ...)
+ TODO: check
CVE-2021-33718 (A vulnerability has been identified in Mendix Applications using Mendi ...)
NOT-FOR-US: Mendix Applications
CVE-2021-33717 (A vulnerability has been identified in JT2Go (All versions < V13.2. ...)
NOT-FOR-US: JT2Go
-CVE-2021-33716
- RESERVED
+CVE-2021-33716 (A vulnerability has been identified in SIMATIC CP 1543-1 (incl. SIPLUS ...)
+ TODO: check
CVE-2021-33715 (A vulnerability has been identified in JT Utilities (All versions < ...)
NOT-FOR-US: Siemens
CVE-2021-33714 (A vulnerability has been identified in JT Utilities (All versions < ...)
@@ -16951,14 +16953,14 @@ CVE-2021-33690
RESERVED
CVE-2021-33689 (When user with insufficient privileges tries to access any application ...)
NOT-FOR-US: SAP
-CVE-2021-33688
- RESERVED
+CVE-2021-33688 (SAP Business One allows an attacker with business privileges to execut ...)
+ TODO: check
CVE-2021-33687 (SAP NetWeaver AS JAVA (Enterprise Portal), versions - 7.10, 7.20, 7.30 ...)
NOT-FOR-US: SAP
-CVE-2021-33686
- RESERVED
-CVE-2021-33685
- RESERVED
+CVE-2021-33686 (Under certain conditions, SAP Business One version - 10.0, allows an u ...)
+ TODO: check
+CVE-2021-33685 (SAP Business One version - 10.0 allows low-level authorized attacker t ...)
+ TODO: check
CVE-2021-33684 (SAP NetWeaver AS ABAP and ABAP Platform, versions - KRNL32NUC 7.21, 7. ...)
NOT-FOR-US: SAP
CVE-2021-33683 (SAP Web Dispatcher and Internet Communication Manager (ICM), versions ...)
@@ -16969,22 +16971,22 @@ CVE-2021-33681 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to o
NOT-FOR-US: SAP
CVE-2021-33680 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
NOT-FOR-US: SAP
-CVE-2021-33679
- RESERVED
+CVE-2021-33679 (The SAP BusinessObjects BI Platform version - 420 allows an attacker, ...)
+ TODO: check
CVE-2021-33678 (A function module of SAP NetWeaver AS ABAP (Reconciliation Framework), ...)
NOT-FOR-US: SAP
CVE-2021-33677 (SAP NetWeaver ABAP Server and ABAP Platform, versions - 700, 702, 730, ...)
NOT-FOR-US: SAP
CVE-2021-33676 (A missing authority check in SAP CRM, versions - 700, 701, 702, 712, 7 ...)
NOT-FOR-US: SAP
-CVE-2021-33675
- RESERVED
-CVE-2021-33674
- RESERVED
-CVE-2021-33673
- RESERVED
-CVE-2021-33672
- RESERVED
+CVE-2021-33675 (Under certain conditions, SAP Contact Center - version 700, does not s ...)
+ TODO: check
+CVE-2021-33674 (Under certain conditions, SAP Contact Center - version 700, does not s ...)
+ TODO: check
+CVE-2021-33673 (Under certain conditions, SAP Contact Center - version 700,does not su ...)
+ TODO: check
+CVE-2021-33672 (Due to missing encoding in SAP Contact Center's Communication Desktop ...)
+ TODO: check
CVE-2021-33671 (SAP NetWeaver Guided Procedures (Administration Workset), versions - 7 ...)
NOT-FOR-US: SAP
CVE-2021-33670 (SAP NetWeaver AS for Java (Http Service Monitoring Filter), versions - ...)
@@ -20528,8 +20530,8 @@ CVE-2021-32204
RESERVED
CVE-2021-32203
RESERVED
-CVE-2021-32202
- RESERVED
+CVE-2021-32202 (In CS-Cart version 4.11.1, it is possible to induce copy-paste XSS by ...)
+ TODO: check
CVE-2021-32201
RESERVED
CVE-2021-32200
@@ -21359,8 +21361,8 @@ CVE-2021-31893 (A vulnerability has been identified in SIMATIC PCS 7 V8.2 and ea
NOT-FOR-US: Siemens
CVE-2021-31892 (A vulnerability has been identified in SINUMERIK Analyse MyCondition ( ...)
NOT-FOR-US: Siemens
-CVE-2021-31891
- RESERVED
+CVE-2021-31891 (A vulnerability has been identified in Desigo CC (All versions with OI ...)
+ TODO: check
CVE-2021-31890
RESERVED
CVE-2021-31889
@@ -23947,12 +23949,12 @@ CVE-2021-30862
REJECTED
CVE-2021-30861
REJECTED
-CVE-2021-30860
- REJECTED
+CVE-2021-30860 (An integer overflow was addressed with improved input validation. This ...)
+ TODO: check
CVE-2021-30859
REJECTED
-CVE-2021-30858
- REJECTED
+CVE-2021-30858 (A use after free issue was addressed with improved memory management. ...)
+ TODO: check
CVE-2021-30857
REJECTED
CVE-2021-30856
@@ -26840,8 +26842,8 @@ CVE-2021-29843
RESERVED
CVE-2021-29842
RESERVED
-CVE-2021-29841
- RESERVED
+CVE-2021-29841 (IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site sc ...)
+ TODO: check
CVE-2021-29840
RESERVED
CVE-2021-29839
@@ -32786,8 +32788,8 @@ CVE-2021-27393 (A vulnerability has been identified in Nucleus NET (All versions
NOT-FOR-US: Nucleus (Siemens)
CVE-2021-27392 (A vulnerability has been identified in Siveillance Video Open Network ...)
NOT-FOR-US: Siveillance
-CVE-2021-27391
- RESERVED
+CVE-2021-27391 (A vulnerability has been identified in APOGEE MBC (PPC) (P2 Ethernet) ...)
+ TODO: check
CVE-2021-27390 (A vulnerability has been identified in JT2Go (All versions < V13.1. ...)
NOT-FOR-US: Siemens
CVE-2021-27389 (A vulnerability has been identified in Opcenter Quality (All versions ...)
@@ -37246,15 +37248,15 @@ CVE-2021-25667 (A vulnerability has been identified in RUGGEDCOM RM1224 (All ver
NOT-FOR-US: Siemens
CVE-2021-25666 (A vulnerability has been identified in SCALANCE W780 and W740 (IEEE 80 ...)
NOT-FOR-US: Siemens
-CVE-2021-25665
- RESERVED
+CVE-2021-25665 (A vulnerability has been identified in Simcenter STAR-CCM+ Viewer (All ...)
+ TODO: check
CVE-2021-25664 (A vulnerability has been identified in Nucleus 4 (All versions < V4 ...)
NOT-FOR-US: Nucleus (Siemens)
CVE-2021-25663 (A vulnerability has been identified in Nucleus 4 (All versions < V4 ...)
NOT-FOR-US: Nucleus (Siemens)
-CVE-2021-25662 (SmartVNC client fails to handle an exception properly if the program e ...)
+CVE-2021-25662 (A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Pan ...)
NOT-FOR-US: Siemens
-CVE-2021-25661 (SmartVNC has an out-of-bounds memory access vulnerability that could b ...)
+CVE-2021-25661 (A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Pan ...)
NOT-FOR-US: Siemens
CVE-2021-25660 (A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Pan ...)
NOT-FOR-US: Siemens
@@ -43074,52 +43076,52 @@ CVE-2021-23055
RESERVED
CVE-2021-23054
RESERVED
-CVE-2021-23053
- RESERVED
-CVE-2021-23052
- RESERVED
-CVE-2021-23051
- RESERVED
-CVE-2021-23050
- RESERVED
-CVE-2021-23049
- RESERVED
-CVE-2021-23048
- RESERVED
-CVE-2021-23047
- RESERVED
-CVE-2021-23046
- RESERVED
-CVE-2021-23045
- RESERVED
-CVE-2021-23044
- RESERVED
-CVE-2021-23043
- RESERVED
-CVE-2021-23042
- RESERVED
-CVE-2021-23041
- RESERVED
-CVE-2021-23040
- RESERVED
-CVE-2021-23039
- RESERVED
-CVE-2021-23038
- RESERVED
-CVE-2021-23037
- RESERVED
-CVE-2021-23036
- RESERVED
-CVE-2021-23035
- RESERVED
-CVE-2021-23034
- RESERVED
-CVE-2021-23033
- RESERVED
-CVE-2021-23032
- RESERVED
-CVE-2021-23031
- RESERVED
+CVE-2021-23053 (On version 15.1.x before 15.1.3, 14.1.x before 14.1.3.1, and 13.1.x be ...)
+ TODO: check
+CVE-2021-23052 (On version 14.1.x before 14.1.4.4 and all versions of 13.1.x, an open ...)
+ TODO: check
+CVE-2021-23051 (On BIG-IP versions 15.1.0.4 through 15.1.3, when the Data Plane Develo ...)
+ TODO: check
+CVE-2021-23050 (On BIG-IP Advanced WAF and BIG-IP ASM version 16.0.x before 16.0.1.2 a ...)
+ TODO: check
+CVE-2021-23049 (On BIG-IP version 16.0.x before 16.0.1.2 and 15.1.x before 15.1.3, whe ...)
+ TODO: check
+CVE-2021-23048 (On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1 ...)
+ TODO: check
+CVE-2021-23047 (On version 16.x before 16.1.0, 15.1.x before 15.1.3.1, 14.1.x before 1 ...)
+ TODO: check
+CVE-2021-23046 (On all versions of Guided Configuration before 8.0.0, when a configura ...)
+ TODO: check
+CVE-2021-23045 (On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1 ...)
+ TODO: check
+CVE-2021-23044 (On BIG-IP version 16.x before 16.1.0, 15.1.x before 15.1.3.1, 14.1.x b ...)
+ TODO: check
+CVE-2021-23043 (On BIG-IP, on all versions of 16.1.x, 16.0.x, 15.1.x, 14.1.x, 13.1.x, ...)
+ TODO: check
+CVE-2021-23042 (On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x ...)
+ TODO: check
+CVE-2021-23041 (On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x ...)
+ TODO: check
+CVE-2021-23040 (On BIG-IP AFM version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14 ...)
+ TODO: check
+CVE-2021-23039 (On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before ...)
+ TODO: check
+CVE-2021-23038 (On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x befo ...)
+ TODO: check
+CVE-2021-23037 (On all versions of 16.1.x, 16.0.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and ...)
+ TODO: check
+CVE-2021-23036 (On version 16.0.x before 16.0.1.2, when a BIG-IP ASM and DataSafe prof ...)
+ TODO: check
+CVE-2021-23035 (On BIG-IP 14.1.x before 14.1.4.4, when an HTTP profile is configured o ...)
+ TODO: check
+CVE-2021-23034 (On BIG-IP version 16.x before 16.1.0 and 15.1.x before 15.1.3.1, when ...)
+ TODO: check
+CVE-2021-23033 (On BIG-IP Advanced WAF and BIG-IP ASM version 16.x before 16.1.0x, 15. ...)
+ TODO: check
+CVE-2021-23032 (On version 16.x before 16.1.0, 15.1.x before 15.1.3.1, 14.1.x before 1 ...)
+ TODO: check
+CVE-2021-23031 (On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before ...)
+ TODO: check
CVE-2021-23030
RESERVED
CVE-2021-23029
@@ -47525,8 +47527,8 @@ CVE-2021-21491 (SAP Netweaver Application Server Java (Applications based on Web
NOT-FOR-US: SAP
CVE-2021-21490 (SAP NetWeaver AS for ABAP (Web Survey), versions - 700, 702, 710, 711, ...)
NOT-FOR-US: SAP
-CVE-2021-21489
- RESERVED
+CVE-2021-21489 (SAP NetWeaver Enterprise Portal versions - 7.10, 7.11, 7.20, 7.30, 7.3 ...)
+ TODO: check
CVE-2021-21488 (Knowledge Management versions 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 allow ...)
NOT-FOR-US: Knowledge Management
CVE-2021-21487 (SAP Payment Engine version 500, does not perform necessary authorizati ...)
@@ -50509,8 +50511,8 @@ CVE-2021-20584
RESERVED
CVE-2021-20583 (IBM Security Verify (IBM Security Verify Privilege Vault 10.9.66) coul ...)
NOT-FOR-US: IBM
-CVE-2021-20582
- RESERVED
+CVE-2021-20582 (IBM Security Secret Server up to 11.0 stores sensitive information in ...)
+ TODO: check
CVE-2021-20581
RESERVED
CVE-2021-20580 (IBM Planning Analytics 2.0 could be vulnerable to cross-site request f ...)
@@ -50535,8 +50537,8 @@ CVE-2021-20571
RESERVED
CVE-2021-20570
RESERVED
-CVE-2021-20569
- RESERVED
+CVE-2021-20569 (IBM Security Secret Server up to 11.0 could allow an attacker to enume ...)
+ TODO: check
CVE-2021-20568
RESERVED
CVE-2021-20567 (IBM Resilient SOAR V38.0 could allow a local privileged attacker to ob ...)
@@ -50657,8 +50659,8 @@ CVE-2021-20510 (IBM Security Verify Access Docker 10.0.0 stores user credentials
NOT-FOR-US: IBM
CVE-2021-20509 (IBM Maximo Asset Management 7.6.0 and 7.6.1 is potentially vulnerable ...)
NOT-FOR-US: IBM
-CVE-2021-20508
- RESERVED
+CVE-2021-20508 (IBM Security Secret Server up to 11.0 could allow a remote attacker to ...)
+ TODO: check
CVE-2021-20507 (IBM Jazz Foundation and IBM Engineering products are vulnerable to cro ...)
NOT-FOR-US: IBM
CVE-2021-20506 (IBM Jazz Foundation Products are vulnerable to cross-site scripting. T ...)
@@ -78257,10 +78259,10 @@ CVE-2020-21084
RESERVED
CVE-2020-21083
RESERVED
-CVE-2020-21082
- RESERVED
-CVE-2020-21081
- RESERVED
+CVE-2020-21082 (A cross-site scripting (XSS) vulnerability in the background administr ...)
+ TODO: check
+CVE-2020-21081 (A cross-site request forgery (CSRF) in Maccms 8.0 causes administrator ...)
+ TODO: check
CVE-2020-21080
RESERVED
CVE-2020-21079
@@ -78321,12 +78323,12 @@ CVE-2020-21052
RESERVED
CVE-2020-21051
RESERVED
-CVE-2020-21050
- RESERVED
-CVE-2020-21049
- RESERVED
-CVE-2020-21048
- RESERVED
+CVE-2020-21050 (Libsixel prior to v1.8.3 contains a stack buffer overflow in the funct ...)
+ TODO: check
+CVE-2020-21049 (An invalid read in the stb_image.h component of libsixel prior to v1.8 ...)
+ TODO: check
+CVE-2020-21048 (An issue in the dither.c component of libsixel prior to v1.8.4 allows ...)
+ TODO: check
CVE-2020-21047
RESERVED
CVE-2020-21046
@@ -158371,8 +158373,8 @@ CVE-2019-10943 (A vulnerability has been identified in SIMATIC ET 200SP Open Con
NOT-FOR-US: Siemens
CVE-2019-10942 (A vulnerability has been identified in SCALANCE X-200 switch family (i ...)
NOT-FOR-US: Siemens
-CVE-2019-10941
- RESERVED
+CVE-2019-10941 (A vulnerability has been identified in SINEMA Server (All versions < ...)
+ TODO: check
CVE-2019-10940 (A vulnerability has been identified in SINEMA Server (All versions < ...)
NOT-FOR-US: Siemens
CVE-2019-10939 (A vulnerability has been identified in TIM 3V-IE (incl. SIPLUS NET var ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a6dd87b2d314a9cc049c5a0dac5a43c1d202ff7f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a6dd87b2d314a9cc049c5a0dac5a43c1d202ff7f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210914/a0f8d3c4/attachment.htm>
More information about the debian-security-tracker-commits
mailing list