[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Sep 20 21:10:34 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9337daab by security tracker role at 2021-09-20T20:10:25+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,11 @@
+CVE-2021-41524
+ RESERVED
+CVE-2021-3819
+ RESERVED
+CVE-2021-3818
+ RESERVED
+CVE-2021-3817
+ RESERVED
CVE-2021-41523
RESERVED
CVE-2021-41522
@@ -950,7 +958,7 @@ CVE-2021-41075
RESERVED
CVE-2021-41074
RESERVED
-CVE-2021-41073 (loop_rw_iter in fs/io_uring.c in the Linux kernel through 5.14.6 allow ...)
+CVE-2021-41073 (loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 ...)
- linux 5.14.6-2
[buster] - linux <not-affected> (Vulnerable code introduced later)
[stretch] - linux <not-affected> (Vulnerable code introduced later)
@@ -1852,8 +1860,8 @@ CVE-2021-40676
RESERVED
CVE-2021-40675
RESERVED
-CVE-2021-40674
- RESERVED
+CVE-2021-40674 (An SQL injection vulnerability exists in Wuzhi CMS v4.1.0 via the KeyV ...)
+ TODO: check
CVE-2021-40673
RESERVED
CVE-2021-40672
@@ -4244,56 +4252,56 @@ CVE-2021-39600
RESERVED
CVE-2021-39599 (Multiple Cross Site Scripting (XSS) vulnerabilities exists in CXUUCMS ...)
NOT-FOR-US: CXUUCMS
-CVE-2021-39598
- RESERVED
-CVE-2021-39597
- RESERVED
-CVE-2021-39596
- RESERVED
-CVE-2021-39595
- RESERVED
-CVE-2021-39594
- RESERVED
-CVE-2021-39593
- RESERVED
-CVE-2021-39592
- RESERVED
-CVE-2021-39591
- RESERVED
-CVE-2021-39590
- RESERVED
-CVE-2021-39589
- RESERVED
-CVE-2021-39588
- RESERVED
-CVE-2021-39587
- RESERVED
+CVE-2021-39598 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39597 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39596 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39595 (An issue was discovered in swftools through 20200710. A stack-buffer-o ...)
+ TODO: check
+CVE-2021-39594 (Other An issue was discovered in swftools through 20200710. A NULL poi ...)
+ TODO: check
+CVE-2021-39593 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39592 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39591 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39590 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39589 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39588 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39587 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
CVE-2021-39586
RESERVED
-CVE-2021-39585
- RESERVED
-CVE-2021-39584
- RESERVED
-CVE-2021-39583
- RESERVED
-CVE-2021-39582
- RESERVED
+CVE-2021-39585 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39584 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39583 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39582 (An issue was discovered in swftools through 20200710. A heap-buffer-ov ...)
+ TODO: check
CVE-2021-39581
RESERVED
CVE-2021-39580
RESERVED
-CVE-2021-39579
- RESERVED
+CVE-2021-39579 (An issue was discovered in swftools through 20200710. A heap-buffer-ov ...)
+ TODO: check
CVE-2021-39578
RESERVED
-CVE-2021-39577
- RESERVED
+CVE-2021-39577 (An issue was discovered in swftools through 20200710. A heap-buffer-ov ...)
+ TODO: check
CVE-2021-39576
RESERVED
-CVE-2021-39575
- RESERVED
-CVE-2021-39574
- RESERVED
+CVE-2021-39575 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39574 (An issue was discovered in swftools through 20200710. A heap-buffer-ov ...)
+ TODO: check
CVE-2021-39573
RESERVED
CVE-2021-39572
@@ -4302,8 +4310,8 @@ CVE-2021-39571
RESERVED
CVE-2021-39570
RESERVED
-CVE-2021-39569
- RESERVED
+CVE-2021-39569 (An issue was discovered in swftools through 20200710. A heap-buffer-ov ...)
+ TODO: check
CVE-2021-39568
RESERVED
CVE-2021-39567
@@ -4312,108 +4320,108 @@ CVE-2021-39566
RESERVED
CVE-2021-39565
RESERVED
-CVE-2021-39564
- RESERVED
-CVE-2021-39563
- RESERVED
-CVE-2021-39562
- RESERVED
-CVE-2021-39561
- RESERVED
+CVE-2021-39564 (An issue was discovered in swftools through 20200710. A heap-buffer-ov ...)
+ TODO: check
+CVE-2021-39563 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39562 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39561 (An issue was discovered in swftools through 20200710. A stack-buffer-o ...)
+ TODO: check
CVE-2021-39560
RESERVED
-CVE-2021-39559
- RESERVED
-CVE-2021-39558
- RESERVED
-CVE-2021-39557
- RESERVED
-CVE-2021-39556
- RESERVED
-CVE-2021-39555
- RESERVED
-CVE-2021-39554
- RESERVED
-CVE-2021-39553
- RESERVED
-CVE-2021-39552
- RESERVED
-CVE-2021-39551
- RESERVED
-CVE-2021-39550
- RESERVED
-CVE-2021-39549
- RESERVED
-CVE-2021-39548
- RESERVED
-CVE-2021-39547
- RESERVED
-CVE-2021-39546
- RESERVED
-CVE-2021-39545
- RESERVED
-CVE-2021-39544
- RESERVED
-CVE-2021-39543
- RESERVED
-CVE-2021-39542
- RESERVED
-CVE-2021-39541
- RESERVED
-CVE-2021-39540
- RESERVED
-CVE-2021-39539
- RESERVED
-CVE-2021-39538
- RESERVED
-CVE-2021-39537
- RESERVED
-CVE-2021-39536
- RESERVED
-CVE-2021-39535
- RESERVED
-CVE-2021-39534
- RESERVED
-CVE-2021-39533
- RESERVED
-CVE-2021-39532
- RESERVED
-CVE-2021-39531
- RESERVED
-CVE-2021-39530
- RESERVED
+CVE-2021-39559 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39558 (An issue was discovered in swftools through 20200710. A stack-buffer-o ...)
+ TODO: check
+CVE-2021-39557 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39556 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39555 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39554 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39553 (An issue was discovered in swftools through 20200710. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39552 (An issue was discovered in sela through 20200412. file::WavFile::readF ...)
+ TODO: check
+CVE-2021-39551 (An issue was discovered in sela through 20200412. file::SelaFile::read ...)
+ TODO: check
+CVE-2021-39550 (An issue was discovered in sela through 20200412. file::SelaFile::read ...)
+ TODO: check
+CVE-2021-39549 (An issue was discovered in sela through 20200412. A NULL pointer deref ...)
+ TODO: check
+CVE-2021-39548 (An issue was discovered in sela through 20200412. A NULL pointer deref ...)
+ TODO: check
+CVE-2021-39547 (An issue was discovered in sela through 20200412. A NULL pointer deref ...)
+ TODO: check
+CVE-2021-39546 (An issue was discovered in sela through 20200412. rice::RiceDecoder::p ...)
+ TODO: check
+CVE-2021-39545 (An issue was discovered in sela through 20200412. A NULL pointer deref ...)
+ TODO: check
+CVE-2021-39544 (An issue was discovered in sela through 20200412. file::WavFile::write ...)
+ TODO: check
+CVE-2021-39543 (An issue was discovered in pdftools through 20200714. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39542 (An issue was discovered in pdftools through 20200714. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39541 (An issue was discovered in pdftools through 20200714. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39540 (An issue was discovered in pdftools through 20200714. A stack-buffer-o ...)
+ TODO: check
+CVE-2021-39539 (An issue was discovered in pdftools through 20200714. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39538 (An issue was discovered in pdftools through 20200714. A NULL pointer d ...)
+ TODO: check
+CVE-2021-39537 (An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in ca ...)
+ TODO: check
+CVE-2021-39536 (An issue was discovered in libxsmm through v1.16.1-93. The JIT code ha ...)
+ TODO: check
+CVE-2021-39535 (An issue was discovered in libxsmm through v1.16.1-93. A NULL pointer ...)
+ TODO: check
+CVE-2021-39534 (An issue was discovered in libslax through v0.22.1. slaxIsCommentStart ...)
+ TODO: check
+CVE-2021-39533 (An issue was discovered in libslax through v0.22.1. slaxLexer() in sla ...)
+ TODO: check
+CVE-2021-39532 (An issue was discovered in libslax through v0.22.1. A NULL pointer der ...)
+ TODO: check
+CVE-2021-39531 (An issue was discovered in libslax through v0.22.1. slaxLexer() in sla ...)
+ TODO: check
+CVE-2021-39530 (An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2nlen ...)
+ TODO: check
CVE-2021-39529
RESERVED
-CVE-2021-39528
- RESERVED
-CVE-2021-39527
- RESERVED
+CVE-2021-39528 (An issue was discovered in libredwg through v0.10.1.3751. dwg_free_MAT ...)
+ TODO: check
+CVE-2021-39527 (An issue was discovered in libredwg through v0.10.1.3751. appinfo_priv ...)
+ TODO: check
CVE-2021-39526
RESERVED
-CVE-2021-39525
- RESERVED
+CVE-2021-39525 (An issue was discovered in libredwg through v0.10.1.3751. bit_read_fix ...)
+ TODO: check
CVE-2021-39524
RESERVED
-CVE-2021-39523
- RESERVED
-CVE-2021-39522
- RESERVED
-CVE-2021-39521
- RESERVED
-CVE-2021-39520
- RESERVED
-CVE-2021-39519
- RESERVED
-CVE-2021-39518
- RESERVED
-CVE-2021-39517
- RESERVED
-CVE-2021-39516
- RESERVED
-CVE-2021-39515
- RESERVED
-CVE-2021-39514
- RESERVED
+CVE-2021-39523 (An issue was discovered in libredwg through v0.10.1.3751. A NULL point ...)
+ TODO: check
+CVE-2021-39522 (An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2len( ...)
+ TODO: check
+CVE-2021-39521 (An issue was discovered in libredwg through v0.10.1.3751. A NULL point ...)
+ TODO: check
+CVE-2021-39520 (An issue was discovered in libjpeg through 2020021. A NULL pointer der ...)
+ TODO: check
+CVE-2021-39519 (An issue was discovered in libjpeg through 2020021. A NULL pointer der ...)
+ TODO: check
+CVE-2021-39518 (An issue was discovered in libjpeg through 2020021. LineBuffer::FetchR ...)
+ TODO: check
+CVE-2021-39517 (An issue was discovered in libjpeg through 2020021. A NULL pointer der ...)
+ TODO: check
+CVE-2021-39516 (An issue was discovered in libjpeg through 2020021. A NULL pointer der ...)
+ TODO: check
+CVE-2021-39515 (An issue was discovered in libjpeg through 2020021. A NULL pointer der ...)
+ TODO: check
+CVE-2021-39514 (An issue was discovered in libjpeg through 2020021. An uncaught floati ...)
+ TODO: check
CVE-2021-39513
RESERVED
CVE-2021-39512
@@ -4636,8 +4644,8 @@ CVE-2021-39404
RESERVED
CVE-2021-39403
RESERVED
-CVE-2021-39402
- RESERVED
+CVE-2021-39402 (MaianAffiliate v.1.0 is suffers from code injection by adding a new pr ...)
+ TODO: check
CVE-2021-39401
RESERVED
CVE-2021-39400
@@ -5899,8 +5907,8 @@ CVE-2021-38901
RESERVED
CVE-2021-38900
RESERVED
-CVE-2021-38899
- RESERVED
+CVE-2021-38899 (IBM Cloud Pak for Data 2.5 could allow a local user with special privi ...)
+ TODO: check
CVE-2021-38898
RESERVED
CVE-2021-38897
@@ -7842,18 +7850,18 @@ CVE-2021-38096
RESERVED
CVE-2021-38095 (The REST API in Planview Spigit 4.5.3 allows remote unauthenticated at ...)
NOT-FOR-US: Planview Spigit
-CVE-2021-38094
- RESERVED
-CVE-2021-38093
- RESERVED
-CVE-2021-38092
- RESERVED
-CVE-2021-38091
- RESERVED
-CVE-2021-38090
- RESERVED
-CVE-2021-38089
- RESERVED
+CVE-2021-38094 (Integer Overflow vulnerability in function filter_sobel in libavfilter ...)
+ TODO: check
+CVE-2021-38093 (Integer Overflow vulnerability in function filter_robert in libavfilte ...)
+ TODO: check
+CVE-2021-38092 (Integer Overflow vulnerability in function filter_prewitt in libavfilt ...)
+ TODO: check
+CVE-2021-38091 (Integer Overflow vulnerability in function filter16_sobel in libavfilt ...)
+ TODO: check
+CVE-2021-38090 (Integer Overflow vulnerability in function filter16_roberts in libavfi ...)
+ TODO: check
+CVE-2021-38089 (Buffer Overflow vulnerability in function config_input in libavfilter/ ...)
+ TODO: check
CVE-2021-3682 (A flaw was found in the USB redirector device emulation of QEMU in ver ...)
{DLA-2753-1}
- qemu 1:6.0+dfsg-3 (bug #991911)
@@ -20004,10 +20012,10 @@ CVE-2021-32841
RESERVED
CVE-2021-32840
RESERVED
-CVE-2021-32839
- RESERVED
-CVE-2021-32838
- RESERVED
+CVE-2021-32839 (sqlparse is a non-validating SQL parser module for Python. In sqlparse ...)
+ TODO: check
+CVE-2021-32838 (Flask-RESTX (pypi package flask-restx) is a community driven fork of F ...)
+ TODO: check
CVE-2021-32837
RESERVED
CVE-2021-32836 (ZStack is open source IaaS(infrastructure as a service) software. In Z ...)
@@ -21377,18 +21385,18 @@ CVE-2021-32301
RESERVED
CVE-2021-32300
RESERVED
-CVE-2021-32299
- RESERVED
-CVE-2021-32298
- RESERVED
-CVE-2021-32297
- RESERVED
+CVE-2021-32299 (An issue was discovered in pbrt through 20200627. A stack-buffer-overf ...)
+ TODO: check
+CVE-2021-32298 (An issue was discovered in libiff through 20190123. A global-buffer-ov ...)
+ TODO: check
+CVE-2021-32297 (An issue was discovered in LIEF through 0.11.4. A heap-buffer-overflow ...)
+ TODO: check
CVE-2021-32296
RESERVED
CVE-2021-32295
RESERVED
-CVE-2021-32294
- RESERVED
+CVE-2021-32294 (An issue was discovered in libgig through 20200507. A heap-buffer-over ...)
+ TODO: check
CVE-2021-32293
RESERVED
CVE-2021-32292
@@ -21397,56 +21405,56 @@ CVE-2021-32291
RESERVED
CVE-2021-32290
RESERVED
-CVE-2021-32289
- RESERVED
-CVE-2021-32288
- RESERVED
-CVE-2021-32287
- RESERVED
-CVE-2021-32286
- RESERVED
-CVE-2021-32285
- RESERVED
-CVE-2021-32284
- RESERVED
-CVE-2021-32283
- RESERVED
-CVE-2021-32282
- RESERVED
-CVE-2021-32281
- RESERVED
-CVE-2021-32280
- RESERVED
+CVE-2021-32289 (An issue was discovered in heif through through v3.6.2. A NULL pointer ...)
+ TODO: check
+CVE-2021-32288 (An issue was discovered in heif through v3.6.2. A global-buffer-overfl ...)
+ TODO: check
+CVE-2021-32287 (An issue was discovered in heif through v3.6.2. A global-buffer-overfl ...)
+ TODO: check
+CVE-2021-32286 (An issue was discovered in hcxtools through 6.1.6. A global-buffer-ove ...)
+ TODO: check
+CVE-2021-32285 (An issue was discovered in gravity through 0.8.1. A NULL pointer deref ...)
+ TODO: check
+CVE-2021-32284 (An issue was discovered in gravity through 0.8.1. A NULL pointer deref ...)
+ TODO: check
+CVE-2021-32283 (An issue was discovered in gravity through 0.8.1. A NULL pointer deref ...)
+ TODO: check
+CVE-2021-32282 (An issue was discovered in gravity through 0.8.1. A NULL pointer deref ...)
+ TODO: check
+CVE-2021-32281 (An issue was discovered in gravity through 0.8.1. A heap-buffer-overfl ...)
+ TODO: check
+CVE-2021-32280 (An issue was discovered in fig2dev through 20200520. A NULL pointer de ...)
+ TODO: check
CVE-2021-32279
RESERVED
-CVE-2021-32278
- RESERVED
-CVE-2021-32277
- RESERVED
-CVE-2021-32276
- RESERVED
-CVE-2021-32275
- RESERVED
-CVE-2021-32274
- RESERVED
-CVE-2021-32273
- RESERVED
-CVE-2021-32272
- RESERVED
-CVE-2021-32271
- RESERVED
-CVE-2021-32270
- RESERVED
-CVE-2021-32269
- RESERVED
-CVE-2021-32268
- RESERVED
+CVE-2021-32278 (An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflo ...)
+ TODO: check
+CVE-2021-32277 (An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflo ...)
+ TODO: check
+CVE-2021-32276 (An issue was discovered in faad2 through 2.10.0. A NULL pointer derefe ...)
+ TODO: check
+CVE-2021-32275 (An issue was discovered in faust through v2.30.5. A NULL pointer deref ...)
+ TODO: check
+CVE-2021-32274 (An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflo ...)
+ TODO: check
+CVE-2021-32273 (An issue was discovered in faad2 through 2.10.0. A stack-buffer-overfl ...)
+ TODO: check
+CVE-2021-32272 (An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflo ...)
+ TODO: check
+CVE-2021-32271 (An issue was discovered in gpac through 20200801. A stack-buffer-overf ...)
+ TODO: check
+CVE-2021-32270 (An issue was discovered in gpac through 20200801. A NULL pointer deref ...)
+ TODO: check
+CVE-2021-32269 (An issue was discovered in gpac through 20200801. A NULL pointer deref ...)
+ TODO: check
+CVE-2021-32268 (Buffer overflow vulnerability in function gf_fprintf in os_file.c in g ...)
+ TODO: check
CVE-2021-32267
RESERVED
CVE-2021-32266
RESERVED
-CVE-2021-32265
- RESERVED
+CVE-2021-32265 (An issue was discovered in Bento4 through v1.6.0-637. A global-buffer- ...)
+ TODO: check
CVE-2021-32264
RESERVED
CVE-2021-32263 (ok-file-formats through 2021-04-29 has a heap-based buffer overflow in ...)
@@ -25030,7 +25038,7 @@ CVE-2021-30860 (An integer overflow was addressed with improved input validation
CVE-2021-30859
REJECTED
CVE-2021-30858 (A use after free issue was addressed with improved memory management. ...)
- RESERVED
+ {DSA-4976-1 DSA-4975-1}
- webkit2gtk 2.32.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
- wpewebkit 2.32.4-1
@@ -27893,8 +27901,8 @@ CVE-2021-29858
RESERVED
CVE-2021-29857
RESERVED
-CVE-2021-29856
- RESERVED
+CVE-2021-29856 (IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 could allow an authenticated usre ...)
+ TODO: check
CVE-2021-29855
RESERVED
CVE-2021-29854
@@ -27963,16 +27971,16 @@ CVE-2021-29823
RESERVED
CVE-2021-29822 (IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scrip ...)
NOT-FOR-US: IBM
-CVE-2021-29821
- RESERVED
-CVE-2021-29820
- RESERVED
-CVE-2021-29819
- RESERVED
-CVE-2021-29818
- RESERVED
-CVE-2021-29817
- RESERVED
+CVE-2021-29821 (IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1 ...)
+ TODO: check
+CVE-2021-29820 (IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1 ...)
+ TODO: check
+CVE-2021-29819 (IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1 ...)
+ TODO: check
+CVE-2021-29818 (IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1 ...)
+ TODO: check
+CVE-2021-29817 (IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1 ...)
+ TODO: check
CVE-2021-29816
RESERVED
CVE-2021-29815
@@ -27983,18 +27991,18 @@ CVE-2021-29813
RESERVED
CVE-2021-29812
RESERVED
-CVE-2021-29811
- RESERVED
+CVE-2021-29811 (IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1 ...)
+ TODO: check
CVE-2021-29810
RESERVED
-CVE-2021-29809
- RESERVED
-CVE-2021-29808
- RESERVED
-CVE-2021-29807
- RESERVED
-CVE-2021-29806
- RESERVED
+CVE-2021-29809 (IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1 ...)
+ TODO: check
+CVE-2021-29808 (IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1 ...)
+ TODO: check
+CVE-2021-29807 (IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1 ...)
+ TODO: check
+CVE-2021-29806 (IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1 ...)
+ TODO: check
CVE-2021-29805 (IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-sit ...)
NOT-FOR-US: IBM
CVE-2021-29804 (IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-sit ...)
@@ -30686,41 +30694,49 @@ CVE-2021-28703
CVE-2021-28702
RESERVED
CVE-2021-28701 (Another race in XENMAPSPACE_grant_table handling Guests are permitted ...)
+ {DSA-4977-1}
- xen 4.14.3-1
[buster] - xen <end-of-life> (DSA 4677-1)
[stretch] - xen <end-of-life> (DSA 4602-1)
NOTE: https://xenbits.xen.org/xsa/advisory-384.html
CVE-2021-28700 (xen/arm: No memory limit for dom0less domUs The dom0less feature allow ...)
+ {DSA-4977-1}
- xen 4.14.3-1
[buster] - xen <not-affected> (Only affects 4.12 and later)
[stretch] - xen <not-affected> (Only affects 4.12 and later)
NOTE: https://xenbits.xen.org/xsa/advisory-383.html
CVE-2021-28699 (inadequate grant-v2 status frames array bounds check The v2 grant tabl ...)
+ {DSA-4977-1}
- xen 4.14.3-1
[buster] - xen <end-of-life> (DSA 4677-1)
[stretch] - xen <not-affected> (Only affects 4.10 and later)
NOTE: https://xenbits.xen.org/xsa/advisory-382.html
CVE-2021-28698 (long running loops in grant table handling In order to properly monito ...)
+ {DSA-4977-1}
- xen 4.14.3-1
[buster] - xen <end-of-life> (DSA 4677-1)
[stretch] - xen <end-of-life> (DSA 4602-1)
NOTE: https://xenbits.xen.org/xsa/advisory-380.html
CVE-2021-28697 (grant table v2 status pages may remain accessible after de-allocation ...)
+ {DSA-4977-1}
- xen 4.14.3-1
[buster] - xen <end-of-life> (DSA 4677-1)
[stretch] - xen <end-of-life> (DSA 4602-1)
NOTE: https://xenbits.xen.org/xsa/advisory-379.html
CVE-2021-28696 (IOMMU page mapping issues on x86 T[his CNA information record relates ...)
+ {DSA-4977-1}
- xen 4.14.3-1
[buster] - xen <end-of-life> (DSA 4677-1)
[stretch] - xen <end-of-life> (DSA 4602-1)
NOTE: https://xenbits.xen.org/xsa/advisory-378.html
CVE-2021-28695 (IOMMU page mapping issues on x86 T[his CNA information record relates ...)
+ {DSA-4977-1}
- xen 4.14.3-1
[buster] - xen <end-of-life> (DSA 4677-1)
[stretch] - xen <end-of-life> (DSA 4602-1)
NOTE: https://xenbits.xen.org/xsa/advisory-378.html
CVE-2021-28694 (IOMMU page mapping issues on x86 T[his CNA information record relates ...)
+ {DSA-4977-1}
- xen 4.14.3-1
[buster] - xen <end-of-life> (DSA 4677-1)
[stretch] - xen <end-of-life> (DSA 4602-1)
@@ -38154,14 +38170,12 @@ CVE-2021-25743
RESERVED
CVE-2021-25742
RESERVED
-CVE-2021-25741
- RESERVED
+CVE-2021-25741 (A security issue was discovered in Kubernetes where a user may be able ...)
- kubernetes <unfixed>
[bullseye] - kubernetes <not-affected> (Kubernetes in Bullseye only ships the client)
NOTE: Server components no longer built since 1.20.5+really1.20.2-1
NOTE: https://github.com/kubernetes/kubernetes/issues/104980
-CVE-2021-25740
- RESERVED
+CVE-2021-25740 (A security issue was discovered with Kubernetes that could enable user ...)
- kubernetes <unfixed>
[bullseye] - kubernetes <not-affected> (Kubernetes in Bullseye only ships the client)
NOTE: https://www.openwall.com/lists/oss-security/2021/07/14/1
@@ -40440,8 +40454,8 @@ CVE-2021-24743
RESERVED
CVE-2021-24742
RESERVED
-CVE-2021-24741
- RESERVED
+CVE-2021-24741 (The Support Board WordPress plugin before 3.3.4 does not escape multip ...)
+ TODO: check
CVE-2021-24740
RESERVED
CVE-2021-24739
@@ -40596,8 +40610,8 @@ CVE-2021-24665 (The WP Video Lightbox WordPress plugin before 1.9.3 does not esc
NOT-FOR-US: WordPress plugin
CVE-2021-24664
RESERVED
-CVE-2021-24663
- RESERVED
+CVE-2021-24663 (The Simple Schools Staff Directory WordPress plugin through 1.1 does n ...)
+ TODO: check
CVE-2021-24662
RESERVED
CVE-2021-24661
@@ -40608,8 +40622,8 @@ CVE-2021-24659
RESERVED
CVE-2021-24658 (The Erident Custom Login and Dashboard WordPress plugin before 3.5.9 d ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24657
- RESERVED
+CVE-2021-24657 (The Limit Login Attempts WordPress plugin before 4.0.50 does not escap ...)
+ TODO: check
CVE-2021-24656
RESERVED
CVE-2021-24655
@@ -40642,18 +40656,18 @@ CVE-2021-24642
RESERVED
CVE-2021-24641
RESERVED
-CVE-2021-24640
- RESERVED
-CVE-2021-24639
- RESERVED
-CVE-2021-24638
- RESERVED
-CVE-2021-24637
- RESERVED
-CVE-2021-24636
- RESERVED
-CVE-2021-24635
- RESERVED
+CVE-2021-24640 (The WordPress Slider Block Gutenslider plugin before 5.2.0 does not es ...)
+ TODO: check
+CVE-2021-24639 (The OMGF WordPress plugin before 4.5.4 does not enforce path validatio ...)
+ TODO: check
+CVE-2021-24638 (The OMGF WordPress plugin before 4.5.4 does not escape or validate the ...)
+ TODO: check
+CVE-2021-24637 (The Google Fonts Typography WordPress plugin before 3.0.3 does not esc ...)
+ TODO: check
+CVE-2021-24636 (The Print My Blog WordPress Plugin before 3.4.2 does not enforce nonce ...)
+ TODO: check
+CVE-2021-24635 (The Visual Link Preview WordPress plugin before 2.2.3 does not enforce ...)
+ TODO: check
CVE-2021-24634
RESERVED
CVE-2021-24633
@@ -40686,8 +40700,8 @@ CVE-2021-24620 (The WordPress Simple Ecommerce Shopping Cart Plugin- Sell produc
NOT-FOR-US: WordPress plugin
CVE-2021-24619 (The Per page add to head WordPress plugin through 1.4.4 does not prope ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24618
- RESERVED
+CVE-2021-24618 (The Donate With QRCode WordPress plugin before 1.4.5 does not sanitise ...)
+ TODO: check
CVE-2021-24617
RESERVED
CVE-2021-24616
@@ -40696,42 +40710,42 @@ CVE-2021-24615
RESERVED
CVE-2021-24614 (The Book appointment online WordPress plugin before 1.39 does not sani ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24613
- RESERVED
+CVE-2021-24613 (The Post Views Counter WordPress plugin before 1.3.5 does not sanitise ...)
+ TODO: check
CVE-2021-24612
RESERVED
CVE-2021-24611 (The Keyword Meta WordPress plugin through 3.0 does not sanitise of esc ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24610
RESERVED
-CVE-2021-24609
- RESERVED
+CVE-2021-24609 (The WP Mapa Politico Espana WordPress plugin before 3.7.0 does not san ...)
+ TODO: check
CVE-2021-24608
RESERVED
CVE-2021-24607
RESERVED
-CVE-2021-24606
- RESERVED
+CVE-2021-24606 (The Availability Calendar WordPress plugin before 1.2.1 does not escap ...)
+ TODO: check
CVE-2021-24605 (The create_post_page AJAX action of the Custom Post View Generator Wor ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24604
- RESERVED
+CVE-2021-24604 (The Availability Calendar WordPress plugin before 1.2.2 does not sanit ...)
+ TODO: check
CVE-2021-24603 (The Site Reviews WordPress plugin before 5.13.1 does not sanitise some ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24602 (The HM Multiple Roles WordPress plugin before 1.3 does not have any ac ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24601 (The WPFront Notification Bar WordPress plugin before 2.1.0.08087 does ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24600
- RESERVED
+CVE-2021-24600 (The WP Dialog WordPress plugin through 1.2.5.5 does not sanitise and e ...)
+ TODO: check
CVE-2021-24599 (The Email Encoder – Protect Email Addresses WordPress plugin bef ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24598
RESERVED
-CVE-2021-24597
- RESERVED
-CVE-2021-24596
- RESERVED
+CVE-2021-24597 (The You Shang WordPress plugin through 1.0.1 does not escape its qrcod ...)
+ TODO: check
+CVE-2021-24596 (The youForms for WordPress plugin through 1.0.5 does not sanitise esca ...)
+ TODO: check
CVE-2021-24595
RESERVED
CVE-2021-24594
@@ -40748,18 +40762,18 @@ CVE-2021-24589
RESERVED
CVE-2021-24588 (The SMS Alert Order Notifications WordPress plugin before 3.4.7 is aff ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24587
- RESERVED
+CVE-2021-24587 (The Splash Header WordPress plugin before 1.20.8 doesn't sanitise and ...)
+ TODO: check
CVE-2021-24586 (The Per page add to head WordPress plugin before 1.4.4 is lacking any ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24585
- RESERVED
-CVE-2021-24584
- RESERVED
-CVE-2021-24583
- RESERVED
-CVE-2021-24582
- RESERVED
+CVE-2021-24585 (The Timetable and Event Schedule WordPress plugin before 2.4.0 outputs ...)
+ TODO: check
+CVE-2021-24584 (The Timetable and Event Schedule WordPress plugin before 2.4.2 does no ...)
+ TODO: check
+CVE-2021-24583 (The Timetable and Event Schedule WordPress plugin before 2.4.2 does no ...)
+ TODO: check
+CVE-2021-24582 (The ThinkTwit WordPress plugin before 1.7.1 did not sanitise or escape ...)
+ TODO: check
CVE-2021-24581 (The Blue Admin WordPress plugin through 21.06.01 does not sanitise or ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24580 (The Side Menu Lite WordPress plugin before 2.2.6 does not sanitise use ...)
@@ -40862,8 +40876,8 @@ CVE-2021-24532
RESERVED
CVE-2021-24531 (The Charitable – Donation Plugin WordPress plugin before 1.6.51 ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24530
- RESERVED
+CVE-2021-24530 (The Alojapro Widget WordPress plugin through 1.1.15 doesn't properly s ...)
+ TODO: check
CVE-2021-24529 (The Grid Gallery – Photo Image Grid Gallery WordPress plugin bef ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24528 (The FluentSMTP WordPress plugin before 2.0.1 does not sanitize paramet ...)
@@ -40872,8 +40886,8 @@ CVE-2021-24527 (The User Registration & User Profile – Profile Builder
NOT-FOR-US: WordPress plugin
CVE-2021-24526 (The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contac ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24525
- RESERVED
+CVE-2021-24525 (The Shortcodes Ultimate WordPress plugin before 5.10.2 allows users wi ...)
+ TODO: check
CVE-2021-24524 (The GiveWP – Donation Plugin and Fundraising Platform WordPress ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24523 (The Daily Prayer Time WordPress plugin before 2021.08.10 does not sani ...)
@@ -40900,8 +40914,8 @@ CVE-2021-24513 (The Form Builder | Create Responsive Contact Forms WordPress plu
NOT-FOR-US: WordPress plugin
CVE-2021-24512 (The Video Posts Webcam Recorder WordPress plugin before 3.2.4 has an a ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24511
- RESERVED
+CVE-2021-24511 (The fetch_product_ajax functionality in the Product Feed on WooCommerc ...)
+ TODO: check
CVE-2021-24510 (The MF Gig Calendar WordPress plugin through 1.1 does not sanitise or ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24509 (The Page View Count WordPress plugin before 2.4.9 does not escape the ...)
@@ -41114,24 +41128,24 @@ CVE-2021-24406 (The wpForo Forum WordPress plugin before 1.9.7 did not validate
NOT-FOR-US: Wordpress plugin
CVE-2021-24405 (The Easy Cookies Policy WordPress plugin through 1.6.2 is lacking any ...)
NOT-FOR-US: Wordpress plugin
-CVE-2021-24404
- RESERVED
-CVE-2021-24403
- RESERVED
-CVE-2021-24402
- RESERVED
-CVE-2021-24401
- RESERVED
-CVE-2021-24400
- RESERVED
-CVE-2021-24399
- RESERVED
-CVE-2021-24398
- RESERVED
-CVE-2021-24397
- RESERVED
-CVE-2021-24396
- RESERVED
+CVE-2021-24404 (The options.php file of the WP-Board WordPress plugin through 1.1 beta ...)
+ TODO: check
+CVE-2021-24403 (The Orders functionality in the WordPress Page Contact plugin through ...)
+ TODO: check
+CVE-2021-24402 (The Orders functionality in the WP iCommerce WordPress plugin through ...)
+ TODO: check
+CVE-2021-24401 (The Edit domain functionality in the WP Domain Redirect WordPress plug ...)
+ TODO: check
+CVE-2021-24400 (The Edit Role functionality in the Display Users WordPress plugin thro ...)
+ TODO: check
+CVE-2021-24399 (The check_order function of The Sorter WordPress plugin through 1.0 us ...)
+ TODO: check
+CVE-2021-24398 (The Add new scene functionality in the Responsive 3D Slider WordPress ...)
+ TODO: check
+CVE-2021-24397 (The edit functionality in the MicroCopy WordPress plugin through 1.1.0 ...)
+ TODO: check
+CVE-2021-24396 (A pageid GET parameter of the GSEOR – WordPress SEO Plugin WordP ...)
+ TODO: check
CVE-2021-24395 (The editid GET parameter of the Embed Youtube Video WordPress plugin t ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24394 (An id GET parameter of the Easy Testimonial Manager WordPress plugin t ...)
@@ -77683,8 +77697,8 @@ CVE-2020-21915
RESERVED
CVE-2020-21914
RESERVED
-CVE-2020-21913
- RESERVED
+CVE-2020-21913 (International Components for Unicode (ICU-20850) v66.1 was discovered ...)
+ TODO: check
CVE-2020-21912
RESERVED
CVE-2020-21911
@@ -78695,8 +78709,8 @@ CVE-2020-21470
RESERVED
CVE-2020-21469
RESERVED
-CVE-2020-21468
- RESERVED
+CVE-2020-21468 (A segmentation fault in the redis-server component of Redis 5.0.7 lead ...)
+ TODO: check
CVE-2020-21467
RESERVED
CVE-2020-21466
@@ -79840,30 +79854,30 @@ CVE-2020-20904
RESERVED
CVE-2020-20903
RESERVED
-CVE-2020-20902
- RESERVED
-CVE-2020-20901
- RESERVED
-CVE-2020-20900
- RESERVED
-CVE-2020-20899
- RESERVED
-CVE-2020-20898
- RESERVED
-CVE-2020-20897
- RESERVED
-CVE-2020-20896
- RESERVED
-CVE-2020-20895
- RESERVED
-CVE-2020-20894
- RESERVED
-CVE-2020-20893
- RESERVED
-CVE-2020-20892
- RESERVED
-CVE-2020-20891
- RESERVED
+CVE-2020-20902 (A CWE-125: Out-of-bounds read vulnerability exists in long_term_filter ...)
+ TODO: check
+CVE-2020-20901 (Buffer Overflow vulnerability in function filter_frame in libavfilter/ ...)
+ TODO: check
+CVE-2020-20900 (Buffer Overflow vulnerability in function gaussian_blur in libavfilter ...)
+ TODO: check
+CVE-2020-20899 (Buffer Overflow vulnerability in function config_props in libavfilter/ ...)
+ TODO: check
+CVE-2020-20898 (Integer Overflow vulnerability in function filter16_prewitt in libavfi ...)
+ TODO: check
+CVE-2020-20897 (Buffer Overflow vulnerability in function filter_slice in libavfilter/ ...)
+ TODO: check
+CVE-2020-20896 (An issue was discovered in function latm_write_packet in libavformat/l ...)
+ TODO: check
+CVE-2020-20895 (Buffer Overflow vulnerability in function filter_vertically_##name in ...)
+ TODO: check
+CVE-2020-20894 (Buffer Overflow vulnerability in function gaussian_blur in libavfilter ...)
+ TODO: check
+CVE-2020-20893 (Buffer Overflow vulnerability in function activate in libavfilter/af_a ...)
+ TODO: check
+CVE-2020-20892 (An issue was discovered in function filter_frame in libavfilter/vf_len ...)
+ TODO: check
+CVE-2020-20891 (Buffer Overflow vulnerability in function config_input in libavfilter/ ...)
+ TODO: check
CVE-2020-20890
RESERVED
CVE-2020-20889
@@ -81842,8 +81856,8 @@ CVE-2020-19917
RESERVED
CVE-2020-19916
RESERVED
-CVE-2020-19915
- RESERVED
+CVE-2020-19915 (Cross Site Scripting (XSS vulnerability exists in WUZHI CMS 4.1.0 via ...)
+ TODO: check
CVE-2020-19914
RESERVED
CVE-2020-19913
@@ -111470,8 +111484,7 @@ CVE-2020-8562
[bullseye] - kubernetes <not-affected> (Kubernetes in Bullseye only ships the client)
NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/8
NOTE: Server components no longer built since 1.20.5+really1.20.2-1
-CVE-2020-8561
- RESERVED
+CVE-2020-8561 (A security issue was discovered in Kubernetes where actors that contro ...)
- kubernetes <unfixed>
[bullseye] - kubernetes <not-affected> (Kubernetes in Bullseye only ships the client)
NOTE: Server components no longer built since 1.20.5+really1.20.2-1
@@ -141197,8 +141210,8 @@ CVE-2019-16653 (An application plugin in Genius Bytes Genius Server (Genius CDDS
NOT-FOR-US: Genius Bytes Genius Server (Genius CDDS)
CVE-2019-16652 (The BPM component in Genius Bytes Genius Server (Genius CDDS) 3.2.2 al ...)
NOT-FOR-US: Genius Bytes Genius Server (Genius CDDS)
-CVE-2019-16651
- RESERVED
+CVE-2019-16651 (An issue was discovered on Virgin Media Super Hub 3 (based on ARRIS TG ...)
+ TODO: check
CVE-2019-16650 (On Supermicro X10 and X11 products, a client's access privileges may b ...)
NOT-FOR-US: Supermicro
CVE-2019-16649 (On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9337daab92d36fc17cfd74aacc17554d3ae7f60d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9337daab92d36fc17cfd74aacc17554d3ae7f60d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210920/ba76fed1/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list