[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Mar 2 08:10:27 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c8be7891 by security tracker role at 2022-03-02T08:10:18+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,83 @@
+CVE-2022-26352
+ RESERVED
+CVE-2022-26351
+ RESERVED
+CVE-2022-26350
+ RESERVED
+CVE-2022-26345
+ RESERVED
+CVE-2022-26343
+ RESERVED
+CVE-2022-26337
+ RESERVED
+CVE-2022-26336
+ RESERVED
+CVE-2022-26335
+ RESERVED
+CVE-2022-26334
+ RESERVED
+CVE-2022-26304
+ RESERVED
+CVE-2022-26131
+ RESERVED
+CVE-2022-26124
+ RESERVED
+CVE-2022-26086
+ RESERVED
+CVE-2022-26083
+ RESERVED
+CVE-2022-26074
+ RESERVED
+CVE-2022-26072
+ RESERVED
+CVE-2022-26056
+ RESERVED
+CVE-2022-26038
+ RESERVED
+CVE-2022-26037
+ RESERVED
+CVE-2022-26028
+ RESERVED
+CVE-2022-26006
+ RESERVED
+CVE-2022-25999
+ RESERVED
+CVE-2022-25992
+ RESERVED
+CVE-2022-25966
+ RESERVED
+CVE-2022-25922
+ RESERVED
+CVE-2022-25917
+ RESERVED
+CVE-2022-25909
+ RESERVED
+CVE-2022-25870
+ RESERVED
+CVE-2022-25864
+ RESERVED
+CVE-2022-0822
+ RESERVED
+CVE-2022-0821
+ RESERVED
+CVE-2022-0820
+ RESERVED
+CVE-2022-0819
+ RESERVED
+CVE-2022-0818
+ RESERVED
+CVE-2022-0817
+ RESERVED
+CVE-2022-0816
+ RESERVED
+CVE-2022-0815
+ RESERVED
+CVE-2022-0814
+ RESERVED
+CVE-2022-0813
+ RESERVED
+CVE-2022-0811
+ RESERVED
CVE-2022-26333
RESERVED
CVE-2022-26332 (Cipi 3.1.15 allows Add Server stored XSS via the /api/servers name fie ...)
@@ -366,111 +446,133 @@ CVE-2022-26080
CVE-2022-26057
RESERVED
CVE-2022-0812 [NFS over RDMA random memory leakage]
+ RESERVED
- linux <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2058955
CVE-2022-0810
RESERVED
CVE-2022-0809
+ RESERVED
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html
CVE-2022-0808
+ RESERVED
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html
CVE-2022-0807
+ RESERVED
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html
CVE-2022-0806
+ RESERVED
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html
CVE-2022-0805
+ RESERVED
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html
CVE-2022-0804
+ RESERVED
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html
CVE-2022-0803
+ RESERVED
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html
CVE-2022-0802
+ RESERVED
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html
CVE-2022-0801
+ RESERVED
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html
CVE-2022-0800
+ RESERVED
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html
CVE-2022-0799
+ RESERVED
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html
CVE-2022-0798
+ RESERVED
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html
CVE-2022-0797
+ RESERVED
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html
CVE-2022-0796
+ RESERVED
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html
CVE-2022-0795
+ RESERVED
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html
CVE-2022-0794
+ RESERVED
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html
CVE-2022-0793
+ RESERVED
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html
CVE-2022-0792
+ RESERVED
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html
CVE-2022-0791
+ RESERVED
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html
CVE-2022-0790
+ RESERVED
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html
CVE-2022-0789
+ RESERVED
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
@@ -497,10 +599,10 @@ CVE-2022-0779
RESERVED
CVE-2022-0778
RESERVED
-CVE-2022-0777
- RESERVED
-CVE-2022-0776
- RESERVED
+CVE-2022-0777 (Weak Password Recovery Mechanism for Forgotten Password in GitHub repo ...)
+ TODO: check
+CVE-2022-0776 (Cross-site Scripting (XSS) - DOM in GitHub repository hakimel/reveal.j ...)
+ TODO: check
CVE-2022-0775
RESERVED
CVE-2022-0774
@@ -3318,10 +3420,10 @@ CVE-2022-25053
RESERVED
CVE-2022-25052
RESERVED
-CVE-2022-25051
- RESERVED
-CVE-2022-25050
- RESERVED
+CVE-2022-25051 (An Off-by-one Error occurs in cmr113_decode of rtl_433 21.12 when deco ...)
+ TODO: check
+CVE-2022-25050 (rtl_433 21.12 was discovered to contain a stack overflow in the functi ...)
+ TODO: check
CVE-2022-25049
RESERVED
CVE-2022-25048
@@ -3400,12 +3502,12 @@ CVE-2022-25014 (Ice Hrm 30.0.0.OS was discovered to contain a reflected cross-si
NOT-FOR-US: Ice Hrm
CVE-2022-25013 (Ice Hrm 30.0.0.OS was discovered to contain multiple reflected cross-s ...)
NOT-FOR-US: Ice Hrm
-CVE-2022-25012
- RESERVED
+CVE-2022-25012 (Argus Surveillance DVR v4.0 employs weak password encryption. ...)
+ TODO: check
CVE-2022-25011
RESERVED
-CVE-2022-25010
- RESERVED
+CVE-2022-25010 (The component /rootfs in RageFile of Stepmania v5.1b2 and below allows ...)
+ TODO: check
CVE-2022-25009
RESERVED
CVE-2022-25008
@@ -3533,8 +3635,8 @@ CVE-2022-24976 (Atheme IRC Services before 7.2.12, when used in conjunction with
[stretch] - atheme-services <postponed> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2022/01/30/4
NOTE: https://github.com/atheme/atheme/commit/4e664c75d0b280a052eb8b5e81aa41944e593c52
-CVE-2022-0577
- RESERVED
+CVE-2022-0577 (Exposure of Sensitive Information to an Unauthorized Actor in GitHub r ...)
+ TODO: check
CVE-2022-0576 (Cross-site Scripting (XSS) - Generic in Packagist librenms/librenms pr ...)
NOT-FOR-US: LibreNMS
CVE-2022-0575 (Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms pri ...)
@@ -3594,7 +3696,7 @@ CVE-2022-0567
RESERVED
CVE-2022-0566
RESERVED
- {DSA-5086-1}
+ {DSA-5086-1 DLA-2930-1}
- thunderbird 1:91.6.1-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-07/#CVE-2022-0566
CVE-2022-0565 (Exposure of Sensitive Information to an Unauthorized Actor in Packagis ...)
@@ -4081,14 +4183,14 @@ CVE-2022-24722
RESERVED
CVE-2022-24721
RESERVED
-CVE-2022-24720
- RESERVED
-CVE-2022-24719
- RESERVED
-CVE-2022-24718
- RESERVED
-CVE-2022-24717
- RESERVED
+CVE-2022-24720 (image_processing is an image processing wrapper for libvips and ImageM ...)
+ TODO: check
+CVE-2022-24719 (Fluture-Node is a FP-style HTTP and streaming utils for Node based on ...)
+ TODO: check
+CVE-2022-24718 (ssr-pages is an HTML page builder for the purpose of server-side rende ...)
+ TODO: check
+CVE-2022-24717 (ssr-pages is an HTML page builder for the purpose of server-side rende ...)
+ TODO: check
CVE-2022-24716
RESERVED
CVE-2022-24715
@@ -5621,16 +5723,16 @@ CVE-2022-24257
RESERVED
CVE-2022-24256
RESERVED
-CVE-2022-24255
- RESERVED
-CVE-2022-24254
- RESERVED
-CVE-2022-24253
- RESERVED
-CVE-2022-24252
- RESERVED
-CVE-2022-24251
- RESERVED
+CVE-2022-24255 (Extensis Portfolio v4.0 was discovered to contain hardcoded credential ...)
+ TODO: check
+CVE-2022-24254 (An unrestricted file upload vulnerability in the Backup/Restore Archiv ...)
+ TODO: check
+CVE-2022-24253 (Extensis Portfolio v4.0 was discovered to contain an authenticated unr ...)
+ TODO: check
+CVE-2022-24252 (An unrestricted file upload vulnerability in the FileTransferServlet c ...)
+ TODO: check
+CVE-2022-24251 (Extensis Portfolio v4.0 was discovered to contain an authenticated unr ...)
+ TODO: check
CVE-2022-24250
RESERVED
CVE-2022-24249 (A Null Pointer Dereference vulnerability exists in GPAC 1.1.0 via the ...)
@@ -8615,8 +8717,8 @@ CVE-2022-23389 (PublicCMS v4.0 was discovered to contain a remote code execution
NOT-FOR-US: PublicCMS
CVE-2022-23388
RESERVED
-CVE-2022-23387
- RESERVED
+CVE-2022-23387 (An issue was discovered in taocms 3.0.2. This is a SQL blind injection ...)
+ TODO: check
CVE-2022-23386
RESERVED
CVE-2022-23385
@@ -8629,14 +8731,14 @@ CVE-2022-23382
RESERVED
CVE-2022-23381
RESERVED
-CVE-2022-23380
- RESERVED
+CVE-2022-23380 (There is a SQL injection vulnerability in the background of taocms 3.0 ...)
+ TODO: check
CVE-2022-23379 (Emlog v6.0 was discovered to contain a SQL injection vulnerability via ...)
NOT-FOR-US: Emlog
CVE-2022-23378 (A Cross-Site Scripting (XSS) vulnerability exists within the 3.2.2 ver ...)
NOT-FOR-US: TastyIgniter
-CVE-2022-23377
- RESERVED
+CVE-2022-23377 (Archeevo below 5.0 is affected by local file inclusion through file=~/ ...)
+ TODO: check
CVE-2022-23376 (WikiDocs version 0.1.18 has multiple reflected XSS vulnerabilities on ...)
NOT-FOR-US: WikiDocs
CVE-2022-23375 (WikiDocs version 0.1.18 has an authenticated remote code execution vul ...)
@@ -8819,8 +8921,8 @@ CVE-2021-46389 (IIPImage High Resolution Streaming Image Server prior to commit
NOT-FOR-US: IIPImage High Resolution Streaming Image Server
CVE-2021-46388 (WAGO 750-8212 PFC200 G2 2ETH RS Firmware version 03.05.10(17) is affec ...)
NOT-FOR-US: WAGO
-CVE-2021-46387
- RESERVED
+CVE-2021-46387 (ZyXEL ZyWALL 2 Plus Internet Security Appliance is affected by Cross S ...)
+ TODO: check
CVE-2021-46386 (https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: File U ...)
NOT-FOR-US: MCMS
CVE-2021-46385 (https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: SQL In ...)
@@ -12349,8 +12451,8 @@ CVE-2022-22323
RESERVED
CVE-2022-22322
RESERVED
-CVE-2022-22321
- RESERVED
+CVE-2022-22321 (IBM MQ Appliance 9.2 CD and 9.2 LTS local messaging users stored with ...)
+ TODO: check
CVE-2022-22320
RESERVED
CVE-2022-22319
@@ -12395,8 +12497,8 @@ CVE-2022-22302
RESERVED
CVE-2022-22301
RESERVED
-CVE-2022-22300
- RESERVED
+CVE-2022-22300 (A improper handling of insufficient permissions or privileges in Forti ...)
+ TODO: check
CVE-2022-22299
RESERVED
CVE-2022-22298
@@ -13443,16 +13545,16 @@ CVE-2021-45866
RESERVED
CVE-2021-45865
RESERVED
-CVE-2021-45864
- RESERVED
-CVE-2021-45863
- RESERVED
+CVE-2021-45864 (tsMuxer git-c6a0277 was discovered to contain a segmentation fault via ...)
+ TODO: check
+CVE-2021-45863 (tsMuxer git-2678966 was discovered to contain a heap-based buffer over ...)
+ TODO: check
CVE-2021-45862
RESERVED
-CVE-2021-45861
- RESERVED
-CVE-2021-45860
- RESERVED
+CVE-2021-45861 (There is an Assertion `num <= INT_BIT' failed at BitStreamReader::s ...)
+ TODO: check
+CVE-2021-45860 (An integer overflow in DTSStreamReader::findFrame() of tsMuxer git-267 ...)
+ TODO: check
CVE-2021-45859
RESERVED
CVE-2021-45858
@@ -17382,8 +17484,8 @@ CVE-2021-44749
RESERVED
CVE-2021-44748
RESERVED
-CVE-2021-44747
- RESERVED
+CVE-2021-44747 (A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Lin ...)
+ TODO: check
CVE-2021-44746 (UNIVERGE DT 820 V3.2.7.0 and prior, UNIVERGE DT 830 V5.2.7.0 and prior ...)
NOT-FOR-US: UNIVERGE
CVE-2021-44745
@@ -18163,8 +18265,8 @@ CVE-2021-4041 [Improper shell escaping in ansible-runner]
CVE-2021-4040
RESERVED
NOT-FOR-US: Red Hat AMQ Broker
-CVE-2021-4039
- RESERVED
+CVE-2021-4039 (A command injection vulnerability in the web interface of the Zyxel NW ...)
+ TODO: check
CVE-2021-44520
RESERVED
CVE-2021-44519
@@ -18789,8 +18891,8 @@ CVE-2021-44240
RESERVED
CVE-2021-44239
RESERVED
-CVE-2021-44238
- RESERVED
+CVE-2021-44238 (AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE) via /aya/mod ...)
+ TODO: check
CVE-2021-44237
RESERVED
CVE-2021-44236
@@ -24242,12 +24344,12 @@ CVE-2021-43079
RESERVED
CVE-2021-43078
RESERVED
-CVE-2021-43077
- RESERVED
+CVE-2021-43077 (A improper neutralization of special elements used in an sql command ( ...)
+ TODO: check
CVE-2021-43076
RESERVED
-CVE-2021-43075
- RESERVED
+CVE-2021-43075 (A improper neutralization of special elements used in an os command (' ...)
+ TODO: check
CVE-2021-43074
RESERVED
CVE-2021-43073 (A improper neutralization of special elements used in an os command (' ...)
@@ -28939,8 +29041,8 @@ CVE-2021-41654
RESERVED
CVE-2021-41653 (The PING function on the TP-Link TL-WR840N EU v5 router with firmware ...)
NOT-FOR-US: TP-Link
-CVE-2021-41652
- RESERVED
+CVE-2021-41652 (Insecure permissions in the file database.sdb of BatFlat CMS v1.3.6 al ...)
+ TODO: check
CVE-2021-41651 (A blind SQL injection vulnerability exists in the Raymart DG / Ahmed H ...)
NOT-FOR-US: Raymart DG / Ahmed Helal Hotel-mgmt-system
CVE-2021-41650
@@ -29813,8 +29915,8 @@ CVE-2021-41284
RESERVED
CVE-2021-41283
RESERVED
-CVE-2021-41282
- RESERVED
+CVE-2021-41282 (diag_routes.php in pfSense 2.5.2 allows sed data injection. Authentica ...)
+ TODO: check
CVE-2021-41281 (Synapse is a package for Matrix homeservers written in Python 3/Twiste ...)
- matrix-synapse 1.47.1-1 (bug #1000451)
NOTE: https://github.com/matrix-org/synapse/security/advisories/GHSA-3hfw-x7gx-437c
@@ -30021,8 +30123,8 @@ CVE-2021-41195 (TensorFlow is an open source platform for machine learning. In a
- tensorflow <itp> (bug #804612)
CVE-2021-41194 (FirstUseAuthenticator is a JupyterHub authenticator that helps new use ...)
NOT-FOR-US: FirstUseAuthenticator for JupyterHub
-CVE-2021-41193
- RESERVED
+CVE-2021-41193 (wire-avs is the audio visual signaling (AVS) component of Wire, an ope ...)
+ TODO: check
CVE-2021-41192 (Redash is a package for data visualization and sharing. If an admin se ...)
NOT-FOR-US: Redash
CVE-2021-41191 (Roblox-Purchasing-Hub is an open source Roblox product purchasing hub. ...)
@@ -35538,8 +35640,8 @@ CVE-2021-38988
RESERVED
CVE-2021-38987
RESERVED
-CVE-2021-38986
- RESERVED
+CVE-2021-38986 (IBM MQ Appliance 9.2 CD and 9.2 LTS does not invalidate session after ...)
+ TODO: check
CVE-2021-38985 (IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 receives inp ...)
NOT-FOR-US: IBM
CVE-2021-38984 (IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker ...)
@@ -35600,8 +35702,8 @@ CVE-2021-38957 (IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclos
NOT-FOR-US: IBM
CVE-2021-38956 (IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclose sens ...)
NOT-FOR-US: IBM
-CVE-2021-38955
- RESERVED
+CVE-2021-38955 (IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a local user with elev ...)
+ TODO: check
CVE-2021-38954
RESERVED
CVE-2021-38953
@@ -42473,8 +42575,8 @@ CVE-2021-36173 (A heap-based buffer overflow in the firmware signature verificat
NOT-FOR-US: FortiGuard
CVE-2021-36172 (An improper restriction of XML external entity reference vulnerability ...)
NOT-FOR-US: Fortiguard
-CVE-2021-36171
- RESERVED
+CVE-2021-36171 (The use of a cryptographically weak pseudo-random number generator in ...)
+ TODO: check
CVE-2021-36170 (An information disclosure vulnerability [CWE-200] in FortiAnalyzerVM a ...)
NOT-FOR-US: Fortiguard
CVE-2021-36169 (A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6 ...)
@@ -42483,8 +42585,8 @@ CVE-2021-36168 (A Improper Limitation of a Pathname to a Restricted Directory ('
NOT-FOR-US: Fortinet
CVE-2021-36167 (An improper authorization vulnerabiltiy [CWE-285] in FortiClient Windo ...)
NOT-FOR-US: FortiGuard
-CVE-2021-36166
- RESERVED
+CVE-2021-36166 (An improper authentication vulnerability in FortiMail before 7.0.1 may ...)
+ TODO: check
CVE-2021-36165 (RICON Industrial Cellular Router S9922L 16.10.3(3794) is affected by c ...)
NOT-FOR-US: RICON Industrial Cellular Router
CVE-2021-36164
@@ -45233,8 +45335,8 @@ CVE-2021-35038
RESERVED
CVE-2021-35037 (Jamf Pro before 10.30.1 allows for an unvalidated URL redirect vulnera ...)
NOT-FOR-US: Jamf Pro
-CVE-2021-35036
- RESERVED
+CVE-2021-35036 (A command injection vulnerability in the web interface of the Zyxel NW ...)
+ TODO: check
CVE-2021-35035 (A cleartext storage of sensitive information vulnerability in the Zyxe ...)
NOT-FOR-US: Zyxel
CVE-2021-35034 (An insufficient session expiration vulnerability in the CGI program of ...)
@@ -51213,8 +51315,8 @@ CVE-2021-32588 (A use of hard-coded credentials (CWE-798) vulnerability in Forti
NOT-FOR-US: FortiGuard
CVE-2021-32587 (An improper access control vulnerability in FortiManager and FortiAnal ...)
NOT-FOR-US: Fortiguard
-CVE-2021-32586
- RESERVED
+CVE-2021-32586 (An improper input validation vulnerability in the web server CGI facil ...)
+ TODO: check
CVE-2021-32585
RESERVED
CVE-2021-32584
@@ -122031,8 +122133,8 @@ CVE-2020-15938 (When traffic other than HTTP/S (eg: SSH traffic, etc...) travers
NOT-FOR-US: FortiGate FortiGuard
CVE-2020-15937 (An improper neutralization of input vulnerability in FortiGate version ...)
NOT-FOR-US: FortiGate FortiGuard
-CVE-2020-15936
- RESERVED
+CVE-2020-15936 (A improper input validation in Fortinet FortiGate version 6.4.3 and be ...)
+ TODO: check
CVE-2020-15935 (A cleartext storage of sensitive information in GUI in FortiADC versio ...)
NOT-FOR-US: Fortiguard
CVE-2020-15934
@@ -152740,8 +152842,8 @@ CVE-2020-4927
RESERVED
CVE-2020-4926
RESERVED
-CVE-2020-4925
- RESERVED
+CVE-2020-4925 (A security vulnerability in the Spectrum Scale 5.0 and 5.1 allows a no ...)
+ TODO: check
CVE-2020-4924
RESERVED
CVE-2020-4923
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c8be789178e22d07a6e7c2fa5e4cc64c9cbe41eb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c8be789178e22d07a6e7c2fa5e4cc64c9cbe41eb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220302/407df80b/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list