[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Aug 2 09:11:48 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f8dea887 by security tracker role at 2023-08-02T08:11:37+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,22 +1,78 @@
+CVE-2023-4016 (Under some circumstances, this weakness allows a user who has access t ...)
+ TODO: check
+CVE-2023-3739 (Insufficient validation of untrusted input in Chromad in Google Chrome ...)
+ TODO: check
+CVE-2023-3731 (Use after free in Diagnostics in Google Chrome on ChromeOS prior to 11 ...)
+ TODO: check
+CVE-2023-3729 (Use after free in Splitscreen in Google Chrome on ChromeOS prior to 11 ...)
+ TODO: check
+CVE-2023-3494 (The fwctl driver implements a state machine which is executed when a b ...)
+ TODO: check
+CVE-2023-3107 (A set of carefully crafted ipv6 packets can trigger an integer overflo ...)
+ TODO: check
+CVE-2023-38990 (An issue in the delete function in the MenuController class of jeesite ...)
+ TODO: check
+CVE-2023-38556 (Improper input validation vulnerability in SEIKO EPSON printer Web Con ...)
+ TODO: check
+CVE-2023-36351 (An issue in Viatom Health ViHealth for Android v.2.74.58 and before al ...)
+ TODO: check
+CVE-2023-36121 (Cross Site Scripting vulnerability in e107 v.2.3.2 allows a remote att ...)
+ TODO: check
+CVE-2023-36118 (Cross Site Scripting vulnerability in Faculty Evaulation System using ...)
+ TODO: check
+CVE-2023-34869 (PHPJabbers Catering System v1.0 was discovered to contain a cross-site ...)
+ TODO: check
+CVE-2023-33564 (There is a Cross Site Scripting (XSS) vulnerability in the "theme" par ...)
+ TODO: check
+CVE-2023-33563 (In PHP Jabbers Time Slots Booking Calendar 3.3 , lack of verification ...)
+ TODO: check
+CVE-2023-33562 (User enumeration is found in in PHP Jabbers Time Slots Booking Calenda ...)
+ TODO: check
+CVE-2023-33561 (Improper input validation of password parameter in PHP Jabbers Time Sl ...)
+ TODO: check
+CVE-2023-33560 (There is a Cross Site Scripting (XSS) vulnerability in "cid" parameter ...)
+ TODO: check
+CVE-2023-31928 (A reflected cross-site scripting (XSS) vulnerability exists in Brocade ...)
+ TODO: check
+CVE-2023-31927 (An information disclosure in the web interface of Brocade Fabric OS ve ...)
+ TODO: check
+CVE-2023-31926 (System files could be overwritten using the less command in Brocade Fa ...)
+ TODO: check
+CVE-2023-31432 (Through manipulation of passwords or other variables, using commands s ...)
+ TODO: check
+CVE-2023-31431 (A buffer overflow vulnerability in \u201cdiagstatus\u201d command in B ...)
+ TODO: check
+CVE-2023-31430 (A buffer overflow vulnerability in \u201csecpolicydelete\u201d command ...)
+ TODO: check
+CVE-2023-31429 (Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a ...)
+ TODO: check
+CVE-2023-31428 (Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a ...)
+ TODO: check
+CVE-2023-31427 (Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2. ...)
+ TODO: check
+CVE-2023-31426 (The Brocade Fabric OS Commands \u201cconfigupload\u201d and \u201cconf ...)
+ TODO: check
+CVE-2023-31425 (A vulnerability in the fosexec command of Brocade Fabric OS after Broc ...)
+ TODO: check
CVE-2023-4008
- gitlab <unfixed>
-CVE-2023-4011
+CVE-2023-4011 (An issue has been discovered in GitLab EE affecting all versions from ...)
- gitlab <not-affected> (Specific to EE)
CVE-2023-4002
- gitlab <not-affected> (Specific to EE)
-CVE-2023-3993
+CVE-2023-3993 (An issue has been discovered in GitLab EE affecting all versions start ...)
- gitlab <not-affected> (Specific to EE)
-CVE-2023-3994
+CVE-2023-3994 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
- gitlab <unfixed>
-CVE-2023-3900
+CVE-2023-3900 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
- gitlab <unfixed>
-CVE-2023-3500
+CVE-2023-3500 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
- gitlab <unfixed>
CVE-2023-3401
- gitlab <unfixed>
-CVE-2023-3385
+CVE-2023-3385 (An issue has been discovered in GitLab affecting all versions starting ...)
- gitlab <unfixed>
-CVE-2023-3364
+CVE-2023-3364 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
- gitlab <unfixed>
CVE-2023-3301 [net: triggerable assertion due to race condition in hot-unplug]
- qemu 1:8.0.3+dfsg-1
@@ -1342,47 +1398,47 @@ CVE-2023-32001 (libcurl can be told to save cookie, HSTS and/or alt-svc data to
NOTE: https://curl.se/docs/CVE-2023-32001.html
NOTE: Introduced at: https://github.com/curl/curl/commit/20f9dd6bae50b7223171b17ba7798946e74f877f (curl-7_84_0)
NOTE: Fixed by: https://github.com/curl/curl/commit/0c667188e0c6cda615a036b8a2b4125f2c404dde (curl-8_2_0)
-CVE-2023-3740
+CVE-2023-3740 (Insufficient validation of untrusted input in Themes in Google Chrome ...)
{DSA-5456-1}
- chromium 115.0.5790.98-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-3738
+CVE-2023-3738 (Inappropriate implementation in Autofill in Google Chrome prior to 115 ...)
{DSA-5456-1}
- chromium 115.0.5790.98-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-3737
+CVE-2023-3737 (Inappropriate implementation in Notifications in Google Chrome prior t ...)
{DSA-5456-1}
- chromium 115.0.5790.98-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-3736
+CVE-2023-3736 (Inappropriate implementation in Custom Tabs in Google Chrome on Androi ...)
{DSA-5456-1}
- chromium 115.0.5790.98-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-3735
+CVE-2023-3735 (Inappropriate implementation in Web API Permission Prompts in Google C ...)
{DSA-5456-1}
- chromium 115.0.5790.98-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-3734
+CVE-2023-3734 (Inappropriate implementation in Picture In Picture in Google Chrome pr ...)
{DSA-5456-1}
- chromium 115.0.5790.98-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-3733
+CVE-2023-3733 (Inappropriate implementation in WebApp Installs in Google Chrome prior ...)
{DSA-5456-1}
- chromium 115.0.5790.98-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-3732
+CVE-2023-3732 (Out of bounds memory access in Mojo in Google Chrome prior to 115.0.57 ...)
{DSA-5456-1}
- chromium 115.0.5790.98-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-3730
+CVE-2023-3730 (Use after free in Tab Groups in Google Chrome prior to 115.0.5790.98 a ...)
{DSA-5456-1}
- chromium 115.0.5790.98-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-3728
+CVE-2023-3728 (Use after free in WebRTC in Google Chrome prior to 115.0.5790.98 allow ...)
{DSA-5456-1}
- chromium 115.0.5790.98-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2023-3727
+CVE-2023-3727 (Use after free in WebRTC in Google Chrome prior to 115.0.5790.98 allow ...)
{DSA-5456-1}
- chromium 115.0.5790.98-1
[buster] - chromium <end-of-life> (see DSA 5046)
@@ -11259,8 +11315,7 @@ CVE-2023-2166 (A null pointer dereference issue was found in can protocol in net
NOTE: https://git.kernel.org/linus/0acc442309a0a1b01bcdaa135e56e6398a49439c (6.1)
CVE-2023-2165
RESERVED
-CVE-2023-2164
- RESERVED
+CVE-2023-2164 (An issue has been discovered in GitLab affecting all versions starting ...)
- gitlab <unfixed>
CVE-2023-2163 [bpf: Fix incorrect verifier pruning due to missing register precision taints]
RESERVED
@@ -20790,8 +20845,7 @@ CVE-2023-1212 (Cross-site Scripting (XSS) - Stored in GitHub repository phpipam/
- phpipam <itp> (bug #731713)
CVE-2023-1211 (SQL Injection in GitHub repository phpipam/phpipam prior to v1.5.2.)
- phpipam <itp> (bug #731713)
-CVE-2023-1210
- RESERVED
+CVE-2023-1210 (An issue has been discovered in GitLab affecting all versions starting ...)
- gitlab <unfixed>
CVE-2023-1209 (Cross-Site Scripting (XSS) vulnerabilities exist in ServiceNow records ...)
NOT-FOR-US: ServiceNow
@@ -29010,8 +29064,7 @@ CVE-2023-0634
REJECTED
CVE-2023-0633
RESERVED
-CVE-2023-0632
- RESERVED
+CVE-2023-0632 (An issue has been discovered in GitLab affecting all versions starting ...)
- gitlab <unfixed>
CVE-2023-0631 (The Paid Memberships Pro WordPress plugin before 2.9.12 does not preve ...)
NOT-FOR-US: WordPress plugin
@@ -76451,8 +76504,8 @@ CVE-2022-2418 (A vulnerability was found in URVE Web Manager. It has been classi
NOT-FOR-US: URVE Web Manager
CVE-2022-2417 (Insufficient validation in GitLab CE/EE affecting all versions from 12 ...)
- gitlab 15.10.8+ds1-2
-CVE-2022-2416
- RESERVED
+CVE-2022-2416 (In affected versions of Octopus Deploy it is possible for a low privil ...)
+ TODO: check
CVE-2022-2415 (Heap buffer overflow in WebGL in Google Chrome prior to 103.0.5060.53 ...)
{DSA-5168-1}
- chromium 103.0.5060.53-1
@@ -77911,8 +77964,8 @@ CVE-2022-35300
REJECTED
CVE-2022-33939 (CENTUM VP / CS 3000 controller FCS (CP31, CP33, CP345, CP401, and CP45 ...)
NOT-FOR-US: Yokogawa CENTUM CS 3000
-CVE-2022-2346
- RESERVED
+CVE-2022-2346 (In affected versions of Octopus Deploy it is possible for a low privil ...)
+ TODO: check
CVE-2022-2345 (Use After Free in GitHub repository vim/vim prior to 9.0.0046.)
- vim 2:9.0.0135-1 (unimportant)
NOTE: https://huntr.dev/bounties/1eed7009-db6d-487b-bc41-8f2fd260483f
@@ -114306,7 +114359,7 @@ CVE-2022-23261 (Microsoft Edge (Chromium-based) Tampering Vulnerability)
NOT-FOR-US: Microsoft
CVE-2022-23260
RESERVED
-CVE-2022-23259 (Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerabili ...)
+CVE-2022-23259 (Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2022-23258 (Microsoft Edge for Android Spoofing Vulnerability)
NOT-FOR-US: Microsoft
@@ -135829,7 +135882,7 @@ CVE-2021-41359
RESERVED
CVE-2021-41358
RESERVED
-CVE-2021-41357 (Win32k Elevation of Privilege Vulnerability This CVE ID is unique from ...)
+CVE-2021-41357 (Win32k Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-41356 (Windows Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
@@ -135853,9 +135906,9 @@ CVE-2021-41347 (Windows AppX Deployment Service Elevation of Privilege Vulnerabi
NOT-FOR-US: Microsoft
CVE-2021-41346 (Console Window Host Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-41345 (Storage Spaces Controller Elevation of Privilege Vulnerability This CV ...)
+CVE-2021-41345 (Storage Spaces Controller Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-41344 (Microsoft SharePoint Server Remote Code Execution Vulnerability This C ...)
+CVE-2021-41344 (Microsoft SharePoint Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-41343 (Windows Fast FAT File System Driver Information Disclosure Vulnerabili ...)
NOT-FOR-US: Microsoft
@@ -138160,29 +138213,29 @@ CVE-2021-40493 (Zoho ManageEngine OpManager before 125437 is vulnerable to SQL I
NOT-FOR-US: Zoho ManageEngine
CVE-2021-40492 (A reflected XSS vulnerability exists in multiple pages in version 22 o ...)
NOT-FOR-US: Gibbon application
-CVE-2021-40489 (Storage Spaces Controller Elevation of Privilege Vulnerability This CV ...)
+CVE-2021-40489 (Storage Spaces Controller Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-40488 (Storage Spaces Controller Elevation of Privilege Vulnerability This CV ...)
+CVE-2021-40488 (Storage Spaces Controller Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-40487 (Microsoft SharePoint Server Remote Code Execution Vulnerability This C ...)
+CVE-2021-40487 (Microsoft SharePoint Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-40486 (Microsoft Word Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-40485 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
+CVE-2021-40485 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-40484 (Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is uniq ...)
+CVE-2021-40484 (Microsoft SharePoint Server Spoofing Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-40483 (Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is uniq ...)
+CVE-2021-40483 (Microsoft SharePoint Server Spoofing Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-40482 (Microsoft SharePoint Server Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-40481 (Microsoft Office Visio Remote Code Execution Vulnerability This CVE ID ...)
+CVE-2021-40481 (Microsoft Office Visio Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-40480 (Microsoft Office Visio Remote Code Execution Vulnerability This CVE ID ...)
+CVE-2021-40480 (Microsoft Office Visio Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-40479 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
+CVE-2021-40479 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-40478 (Storage Spaces Controller Elevation of Privilege Vulnerability This CV ...)
+CVE-2021-40478 (Storage Spaces Controller Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-40477 (Windows Event Tracing Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
@@ -138190,13 +138243,13 @@ CVE-2021-40476 (Windows AppContainer Elevation Of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-40475 (Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerab ...)
NOT-FOR-US: Microsoft
-CVE-2021-40474 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
+CVE-2021-40474 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-40473 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
+CVE-2021-40473 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-40472 (Microsoft Excel Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-40471 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
+CVE-2021-40471 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-40470 (DirectX Graphics Kernel Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
@@ -138212,11 +138265,11 @@ CVE-2021-40465 (Windows Text Shaping Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-40464 (Windows Nearby Sharing Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-40463 (Windows NAT Denial of Service Vulnerability)
+CVE-2021-40463 (Windows Network Address Translation (NAT) Denial of Service Vulnerabil ...)
NOT-FOR-US: Microsoft
CVE-2021-40462 (Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Exec ...)
NOT-FOR-US: Microsoft
-CVE-2021-40461 (Windows Hyper-V Remote Code Execution Vulnerability This CVE ID is uni ...)
+CVE-2021-40461 (Windows Hyper-V Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-40460 (Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerab ...)
NOT-FOR-US: Microsoft
@@ -138238,9 +138291,9 @@ CVE-2021-40452 (HEVC Video Extensions Remote Code Execution Vulnerability This C
NOT-FOR-US: Microsoft
CVE-2021-40451
RESERVED
-CVE-2021-40450 (Win32k Elevation of Privilege Vulnerability This CVE ID is unique from ...)
+CVE-2021-40450 (Win32k Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-40449 (Win32k Elevation of Privilege Vulnerability This CVE ID is unique from ...)
+CVE-2021-40449 (Win32k Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-40448 (Microsoft Accessibility Insights for Android Information Disclosure Vu ...)
NOT-FOR-US: Microsoft
@@ -142595,7 +142648,7 @@ CVE-2021-3706 (adminlte is vulnerable to Sensitive Cookie Without 'HttpOnly' Fla
NOT-FOR-US: adminlte
CVE-2021-38673
RESERVED
-CVE-2021-38672 (Windows Hyper-V Remote Code Execution Vulnerability This CVE ID is uni ...)
+CVE-2021-38672 (Windows Hyper-V Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-38671 (Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID ...)
NOT-FOR-US: Microsoft
@@ -159647,7 +159700,7 @@ CVE-2021-31985 (Microsoft Defender Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31984 (Power BI Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31983 (Paint 3D Remote Code Execution Vulnerability This CVE ID is unique fro ...)
+CVE-2021-31983 (Paint 3D Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31982 (Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
@@ -159661,9 +159714,9 @@ CVE-2021-31978 (Microsoft Defender Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31977 (Windows Hyper-V Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31976 (Server for NFS Information Disclosure Vulnerability This CVE ID is uni ...)
+CVE-2021-31976 (Server for NFS Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31975 (Server for NFS Information Disclosure Vulnerability This CVE ID is uni ...)
+CVE-2021-31975 (Server for NFS Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31974 (Server for NFS Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
@@ -159677,17 +159730,17 @@ CVE-2021-31970 (Windows TCP/IP Driver Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31969 (Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerab ...)
NOT-FOR-US: Microsoft
-CVE-2021-31968 (Windows Remote Desktop Services\xc2 Denial of Service Vulnerability)
+CVE-2021-31968 (Windows Remote Desktop ServicesDenial of Service Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31967 (VP9 Video Extensions Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31966 (Microsoft SharePoint Server Remote Code Execution Vulnerability This C ...)
+CVE-2021-31966 (Microsoft SharePoint Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31965 (Microsoft SharePoint Server Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31964 (Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is uniq ...)
+CVE-2021-31964 (Microsoft SharePoint Server Spoofing Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31963 (Microsoft SharePoint Server Remote Code Execution Vulnerability This C ...)
+CVE-2021-31963 (Microsoft SharePoint Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31962 (Kerberos AppContainer Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
@@ -159713,27 +159766,27 @@ CVE-2021-31952 (Windows Kernel-Mode Driver Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31951 (Windows Kernel Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31950 (Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is uniq ...)
+CVE-2021-31950 (Microsoft SharePoint Server Spoofing Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31949 (Microsoft Outlook Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31948 (Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is uniq ...)
+CVE-2021-31948 (Microsoft SharePoint Server Spoofing Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31947 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
NOT-FOR-US: Microsoft
-CVE-2021-31946 (Paint 3D Remote Code Execution Vulnerability This CVE ID is unique fro ...)
+CVE-2021-31946 (Paint 3D Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31945 (Paint 3D Remote Code Execution Vulnerability This CVE ID is unique fro ...)
+CVE-2021-31945 (Paint 3D Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31944 (3D Viewer Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31943 (3D Viewer Remote Code Execution Vulnerability This CVE ID is unique fr ...)
+CVE-2021-31943 (3D Viewer Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31942 (3D Viewer Remote Code Execution Vulnerability This CVE ID is unique fr ...)
+CVE-2021-31942 (3D Viewer Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31941 (Microsoft Office Graphics Remote Code Execution Vulnerability This CVE ...)
+CVE-2021-31941 (Microsoft Office Graphics Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31940 (Microsoft Office Graphics Remote Code Execution Vulnerability This CVE ...)
+CVE-2021-31940 (Microsoft Office Graphics Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31939 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
@@ -161758,19 +161811,19 @@ CVE-2021-31215 (SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before
NOTE: for consistency with BTS.
CVE-2021-3499 (A vulnerability was found in OVN Kubernetes in versions up to and incl ...)
NOT-FOR-US: Openshift/ovn-kubernetes
-CVE-2021-31214 (Visual Studio Code Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-31214 (Visual Studio Code Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31213 (Visual Studio Code Remote Containers Extension Remote Code Execution V ...)
NOT-FOR-US: Microsoft
CVE-2021-31212
RESERVED
-CVE-2021-31211 (Visual Studio Code Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-31211 (Visual Studio Code Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31210
RESERVED
CVE-2021-31209 (Microsoft Exchange Server Spoofing Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31208 (Windows Container Manager Service Elevation of Privilege Vulnerability ...)
+CVE-2021-31208 (Windows Container Manager Service Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31207 (Microsoft Exchange Server Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
@@ -161790,13 +161843,13 @@ CVE-2021-31200 (Common Utilities Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31199 (Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulne ...)
NOT-FOR-US: Microsoft
-CVE-2021-31198 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
+CVE-2021-31198 (Microsoft Exchange Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31197
RESERVED
CVE-2021-31196 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
NOT-FOR-US: Microsoft
-CVE-2021-31195 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
+CVE-2021-31195 (Microsoft Exchange Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31194 (OLE Automation Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
@@ -161810,7 +161863,7 @@ CVE-2021-31190 (Windows Container Isolation FS Filter Driver Elevation of Privil
NOT-FOR-US: Microsoft
CVE-2021-31189
RESERVED
-CVE-2021-31188 (Windows Graphics Component Elevation of Privilege Vulnerability This C ...)
+CVE-2021-31188 (Windows Graphics Component Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31187 (Windows WalletService Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
@@ -161828,35 +161881,35 @@ CVE-2021-31181 (Microsoft SharePoint Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31180 (Microsoft Office Graphics Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31179 (Microsoft Office Remote Code Execution Vulnerability This CVE ID is un ...)
+CVE-2021-31179 (Microsoft Office Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31178 (Microsoft Office Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31177 (Microsoft Office Remote Code Execution Vulnerability This CVE ID is un ...)
NOT-FOR-US: Microsoft
-CVE-2021-31176 (Microsoft Office Remote Code Execution Vulnerability This CVE ID is un ...)
+CVE-2021-31176 (Microsoft Office Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31175 (Microsoft Office Remote Code Execution Vulnerability This CVE ID is un ...)
+CVE-2021-31175 (Microsoft Office Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31174 (Microsoft Excel Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31173 (Microsoft SharePoint Server Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31172 (Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from ...)
+CVE-2021-31172 (Microsoft SharePoint Server Spoofing Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31171 (Microsoft SharePoint Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31170 (Windows Graphics Component Elevation of Privilege Vulnerability This C ...)
+CVE-2021-31170 (Windows Graphics Component Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31169 (Windows Container Manager Service Elevation of Privilege Vulnerability ...)
+CVE-2021-31169 (Windows Container Manager Service Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31168 (Windows Container Manager Service Elevation of Privilege Vulnerability ...)
+CVE-2021-31168 (Windows Container Manager Service Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31167 (Windows Container Manager Service Elevation of Privilege Vulnerability ...)
+CVE-2021-31167 (Windows Container Manager Service Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31166 (HTTP Protocol Stack Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31165 (Windows Container Manager Service Elevation of Privilege Vulnerability ...)
+CVE-2021-31165 (Windows Container Manager Service Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31164 (Apache Unomi prior to version 1.5.5 allows CRLF log injection because ...)
NOT-FOR-US: Apache Unomi
@@ -169010,11 +169063,11 @@ CVE-2021-28480 (Microsoft Exchange Server Remote Code Execution Vulnerability Th
NOT-FOR-US: Microsoft
CVE-2021-28479 (Windows CSC Service Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28478 (Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from ...)
+CVE-2021-28478 (Microsoft SharePoint Server Spoofing Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28477 (Visual Studio Code Remote Code Execution Vulnerability This CVE ID is ...)
NOT-FOR-US: Microsoft
-CVE-2021-28476 (Hyper-V Remote Code Execution Vulnerability)
+CVE-2021-28476 (Windows Hyper-V Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28475 (Visual Studio Code Remote Code Execution Vulnerability This CVE ID is ...)
NOT-FOR-US: Microsoft
@@ -173999,7 +174052,7 @@ CVE-2021-26443 (Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vuln
NOT-FOR-US: Microsoft
CVE-2021-26442 (Windows HTTP.sys Elevation of Privilege Vulnerability)
NOT-FOR-US: Siemens
-CVE-2021-26441 (Storage Spaces Controller Elevation of Privilege Vulnerability This CV ...)
+CVE-2021-26441 (Storage Spaces Controller Elevation of Privilege Vulnerability)
NOT-FOR-US: Siemens
CVE-2021-26440
RESERVED
@@ -174041,11 +174094,11 @@ CVE-2021-26422 (Skype for Business and Lync Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-26421 (Skype for Business and Lync Spoofing Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-26420 (Microsoft SharePoint Server Remote Code Execution Vulnerability This C ...)
+CVE-2021-26420 (Microsoft SharePoint Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-26419 (Scripting Engine Memory Corruption Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-26418 (Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from ...)
+CVE-2021-26418 (Microsoft SharePoint Server Spoofing Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-26417 (Windows Overlay Filter Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
@@ -194824,7 +194877,7 @@ CVE-2021-1677 (Azure Active Directory Pod Identity Spoofing Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-1676 (Windows NT Lan Manager Datagram Receiver Driver Information Disclosure ...)
NOT-FOR-US: Microsoft
-CVE-2021-1675 (Windows Print Spooler Elevation of Privilege Vulnerability)
+CVE-2021-1675 (Windows Print Spooler Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-1674 (Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerabi ...)
NOT-FOR-US: Microsoft
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f8dea887e5bfeb1bf310fae3ca575d971946d00a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f8dea887e5bfeb1bf310fae3ca575d971946d00a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230802/eb6343f4/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list