[Git][security-tracker-team/security-tracker][master] automatic update

Wed Sep 29 09:10:24 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
59f454be by security tracker role at 2021-09-29T08:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,11 @@
+CVE-2021-41772
+	RESERVED
+CVE-2021-41771
+	RESERVED
+CVE-2021-41770
+	RESERVED
+CVE-2021-3838
+	RESERVED
 CVE-2021-41769
 	RESERVED
 CVE-2021-41768
@@ -1421,8 +1429,8 @@ CVE-2021-41108
 	RESERVED
 CVE-2021-41107
 	RESERVED
-CVE-2021-41106
-	RESERVED
+CVE-2021-41106 (JWT is a library to work with JSON Web Token and JSON Web Signature. P ...)
+	TODO: check
 CVE-2021-41105
 	RESERVED
 CVE-2021-41104 (ESPHome is a system to control the ESP8266/ESP32. Anyone with web_serv ...)
@@ -12597,8 +12605,8 @@ CVE-2021-36299
 	RESERVED
 CVE-2021-36298
 	RESERVED
-CVE-2021-36297
-	RESERVED
+CVE-2021-36297 (SupportAssist Client version 3.8 and 3.9 contains an Untrusted search  ...)
+	TODO: check
 CVE-2021-36296
 	RESERVED
 CVE-2021-36295
@@ -12619,14 +12627,14 @@ CVE-2021-36288
 	RESERVED
 CVE-2021-36287
 	RESERVED
-CVE-2021-36286
-	RESERVED
-CVE-2021-36285
-	RESERVED
-CVE-2021-36284
-	RESERVED
-CVE-2021-36283
-	RESERVED
+CVE-2021-36286 (Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions  ...)
+	TODO: check
+CVE-2021-36285 (Dell BIOS contains an Improper Restriction of Excessive Authentication ...)
+	TODO: check
+CVE-2021-36284 (Dell BIOS contains an Improper Restriction of Excessive Authentication ...)
+	TODO: check
+CVE-2021-36283 (Dell BIOS contains an improper input validation vulnerability. A local ...)
+	TODO: check
 CVE-2021-36282 (Dell EMC PowerScale OneFS versions 8.2.x - 9.1.0.x contain a use of un ...)
 	NOT-FOR-US: EMC
 CVE-2021-36281 (Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect  ...)
@@ -48560,10 +48568,10 @@ CVE-2021-21572 (Dell BIOSConnect feature contains a buffer overflow vulnerabilit
 	NOT-FOR-US: Dell
 CVE-2021-21571 (Dell UEFI BIOS https stack leveraged by the Dell BIOSConnect feature a ...)
 	NOT-FOR-US: Dell
-CVE-2021-21570
-	RESERVED
-CVE-2021-21569
-	RESERVED
+CVE-2021-21570 (Dell NetWorker, versions 18.x and 19.x contain an Information disclosu ...)
+	TODO: check
+CVE-2021-21569 (Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulner ...)
+	TODO: check
 CVE-2021-21568 (Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an insufficie ...)
 	NOT-FOR-US: EMC
 CVE-2021-21567 (Dell PowerScale OneFS 9.1.0.x contains an improper privilege managemen ...)
@@ -48656,8 +48664,8 @@ CVE-2021-21524 (Dell SRM versions prior to 4.5.0.1 and Dell SMR versions prior t
 	NOT-FOR-US: Dell
 CVE-2021-21523
 	RESERVED
-CVE-2021-21522
-	RESERVED
+CVE-2021-21522 (Dell BIOS contains a Credentials Management issue. A local authenticat ...)
+	TODO: check
 CVE-2021-21521
 	RESERVED
 CVE-2021-21520
@@ -82327,18 +82335,18 @@ CVE-2020-20127
 	RESERVED
 CVE-2020-20126
 	RESERVED
-CVE-2020-20125
-	RESERVED
-CVE-2020-20124
-	RESERVED
+CVE-2020-20125 (EARCLINK ESPCMS-P8 contains a cross-site scripting (XSS) vulnerability ...)
+	TODO: check
+CVE-2020-20124 (Wuzhi CMS v4.1.0 contains a remote code execution (RCE) vulnerability  ...)
+	TODO: check
 CVE-2020-20123
 	RESERVED
-CVE-2020-20122
-	RESERVED
+CVE-2020-20122 (Wuzhi CMS v4.1 contains a SQL injection vulnerability in the checktitl ...)
+	TODO: check
 CVE-2020-20121
 	RESERVED
-CVE-2020-20120
-	RESERVED
+CVE-2020-20120 (ThinkPHP v3.2.3 and below contains a SQL injection vulnerability which ...)
+	TODO: check
 CVE-2020-20119
 	RESERVED
 CVE-2020-20118



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59f454befcdf95eaad6eba8e632940f526dc41a8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59f454befcdf95eaad6eba8e632940f526dc41a8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210929/85ab3567/attachment.htm>
