[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Dec 29 08:12:35 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
18a979a1 by security tracker role at 2023-12-29T08:12:24+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,109 @@
+CVE-2023-7161 (A vulnerability classified as critical has been found in Netentsec NS- ...)
+ TODO: check
+CVE-2023-7160 (A vulnerability was found in SourceCodester Engineers Online Portal 1. ...)
+ TODO: check
+CVE-2023-7159 (A vulnerability was found in gopeak MasterLab up to 3.3.10. It has bee ...)
+ TODO: check
+CVE-2023-7158 (A vulnerability was found in MicroPython up to 1.21.0. It has been cla ...)
+ TODO: check
+CVE-2023-7157 (A vulnerability was found in SourceCodester Free and Open Source Inven ...)
+ TODO: check
+CVE-2023-7156 (A vulnerability has been found in Campcodes Online College Library Sys ...)
+ TODO: check
+CVE-2023-7155 (A vulnerability, which was classified as critical, was found in Source ...)
+ TODO: check
+CVE-2023-7152 (A vulnerability, which was classified as critical, has been found in M ...)
+ TODO: check
+CVE-2023-7150 (A vulnerability classified as critical was found in Chic Beauty Salon ...)
+ TODO: check
+CVE-2023-7149 (A vulnerability was found in code-projects QR Code Generator 1.0. It h ...)
+ TODO: check
+CVE-2023-7148 (A vulnerability has been found in ShifuML shifu 0.12.0 and classified ...)
+ TODO: check
+CVE-2023-7147 (A vulnerability, which was classified as critical, was found in gopeak ...)
+ TODO: check
+CVE-2023-7146 (A vulnerability, which was classified as critical, has been found in g ...)
+ TODO: check
+CVE-2023-7145 (A vulnerability classified as critical was found in gopeak MasterLab u ...)
+ TODO: check
+CVE-2023-7144 (A vulnerability classified as critical has been found in gopeak Master ...)
+ TODO: check
+CVE-2023-7143 (A vulnerability was found in code-projects Client Details System 1.0. ...)
+ TODO: check
+CVE-2023-7142 (A vulnerability was found in code-projects Client Details System 1.0. ...)
+ TODO: check
+CVE-2023-7141 (A vulnerability was found in code-projects Client Details System 1.0. ...)
+ TODO: check
+CVE-2023-7140 (A vulnerability was found in code-projects Client Details System 1.0 a ...)
+ TODO: check
+CVE-2023-7139 (A vulnerability has been found in code-projects Client Details System ...)
+ TODO: check
+CVE-2023-7138 (A vulnerability, which was classified as critical, was found in code-p ...)
+ TODO: check
+CVE-2023-7137 (A vulnerability, which was classified as critical, has been found in c ...)
+ TODO: check
+CVE-2023-7136 (A vulnerability classified as problematic was found in code-projects R ...)
+ TODO: check
+CVE-2023-7135 (A vulnerability classified as problematic has been found in code-proje ...)
+ TODO: check
+CVE-2023-6939 (Some Honor products are affected by type confusion vulnerability, succ ...)
+ TODO: check
+CVE-2023-52174 (XnView Classic before 2.51.3 on Windows has a Write Access Violation a ...)
+ TODO: check
+CVE-2023-52173 (XnView Classic before 2.51.3 on Windows has a Write Access Violation a ...)
+ TODO: check
+CVE-2023-52152 (mupnp/net/uri.c in mUPnP for C through 3.0.2 has an out-of-bounds read ...)
+ TODO: check
+CVE-2023-52085 (Winter is a free, open-source content management system. Users with ac ...)
+ TODO: check
+CVE-2023-52084 (Winter is a free, open-source content management system. Prior to 1.2. ...)
+ TODO: check
+CVE-2023-52083 (Winter is a free, open-source content management system. Prior to 1.2 ...)
+ TODO: check
+CVE-2023-51435 (Some Honor products are affected by incorrect privilege assignment vul ...)
+ TODO: check
+CVE-2023-51434 (Some Honor products are affected by buffer overflow vulnerability, suc ...)
+ TODO: check
+CVE-2023-51433 (Some Honor products are affected by incorrect privilege assignment vul ...)
+ TODO: check
+CVE-2023-51432 (Some Honor products are affected by out of bounds read vulnerability, ...)
+ TODO: check
+CVE-2023-51431 (Some Honor products are affected by incorrect privilege assignment vul ...)
+ TODO: check
+CVE-2023-51430 (Some Honor products are affected by incorrect privilege assignment vul ...)
+ TODO: check
+CVE-2023-51429 (Some Honor products are affected by incorrect privilege assignment vul ...)
+ TODO: check
+CVE-2023-51428 (Some Honor products are affected by type confusion vulnerability, succ ...)
+ TODO: check
+CVE-2023-51427 (Some Honor products are affected by type confusion vulnerability, succ ...)
+ TODO: check
+CVE-2023-51426 (Some Honor products are affected by type confusion vulnerability, succ ...)
+ TODO: check
+CVE-2023-50448 (In ActiveAdmin (aka Active Admin) before 2.12.0, a concurrency issue a ...)
+ TODO: check
+CVE-2023-50104 (ZZCMS 2023 has a file upload vulnerability in 3/E_bak5.1/upload/index. ...)
+ TODO: check
+CVE-2023-31302 (Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transp ...)
+ TODO: check
+CVE-2023-31301 (Stored Cross Site Scripting (XSS) Vulnerability in Sesami Cash Point & ...)
+ TODO: check
+CVE-2023-31300 (An issue was discovered in Sesami Cash Point & Transport Optimizer (CP ...)
+ TODO: check
+CVE-2023-31299 (Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transp ...)
+ TODO: check
+CVE-2023-31298 (Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transp ...)
+ TODO: check
+CVE-2023-31296 (CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer ...)
+ TODO: check
+CVE-2023-31295 (CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer ...)
+ TODO: check
+CVE-2023-31294 (CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer ...)
+ TODO: check
+CVE-2023-31293 (An issue was discovered in Sesami Cash Point & Transport Optimizer (CP ...)
+ TODO: check
+CVE-2023-31292 (An issue was discovered in Sesami Cash Point & Transport Optimizer (CP ...)
+ TODO: check
CVE-2023-7163 (A security issue exists in D-Link D-View 8 v2.0.2.89 and prior that co ...)
TODO: check
CVE-2023-7134 (A vulnerability was found in SourceCodester Medicine Tracking System 1 ...)
@@ -1127,7 +1233,7 @@ CVE-2023-50628 (Buffer Overflow vulnerability in libming version 0.4.8, allows a
- ming <removed>
CVE-2023-50249 (Sentry-Javascript is official Sentry SDKs for JavaScript. A ReDoS (Reg ...)
NOT-FOR-US: Sentry-Javascript
-CVE-2023-50044 (Buffer Overflow vulnerability in Cesanta MJS version 2.22.0, allows at ...)
+CVE-2023-50044 (Cesanta MJS 2.20.0 has a getprop_builtin_foreign out-of-bounds read if ...)
NOT-FOR-US: Cesenta MJS
CVE-2023-49825 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
@@ -2564,6 +2670,7 @@ CVE-2023-49820 (Improper Neutralization of Input During Web Page Generation ('Cr
CVE-2023-49813 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
CVE-2023-49786 (Asterisk is an open source private branch exchange and telephony toolk ...)
+ {DLA-3696-1}
- asterisk 1:20.5.1~dfsg+~cs6.13.40431414-1 (bug #1059033)
NOTE: https://github.com/asterisk/asterisk/security/advisories/GHSA-hxj9-xwr8-w8pq
NOTE: https://github.com/asterisk/asterisk/commit/d7d7764cb07c8a1872804321302ef93bf62cba05
@@ -2587,6 +2694,7 @@ CVE-2023-49708 (SQLi vulnerability in Starshop component for Joomla.)
CVE-2023-49707 (SQLi vulnerability in S5 Register module for Joomla.)
NOT-FOR-US: Joomla module
CVE-2023-49294 (Asterisk is an open source private branch exchange and telephony toolk ...)
+ {DLA-3696-1}
- asterisk 1:20.5.1~dfsg+~cs6.13.40431414-1 (bug #1059032)
NOTE: https://github.com/asterisk/asterisk/security/advisories/GHSA-8857-hfmw-vg8f
NOTE: https://github.com/asterisk/asterisk/commit/424be345639d75c6cb7d0bd2da5f0f407dbd0bd5
@@ -2707,6 +2815,7 @@ CVE-2023-40628 (A reflected XSS vulnerability was discovered in the Extplorer co
CVE-2023-40627 (A reflected XSS vulnerability was discovered in the LivingWord compone ...)
NOT-FOR-US: Joomla module
CVE-2023-37457 (Asterisk is an open source private branch exchange and telephony toolk ...)
+ {DLA-3696-1}
- asterisk <unfixed> (bug #1059303)
NOTE: https://github.com/asterisk/asterisk/security/advisories/GHSA-98rc-4j27-74hh
NOTE: https://github.com/asterisk/asterisk/commit/a1ca0268254374b515fa5992f01340f7717113fa
@@ -14716,6 +14825,7 @@ CVE-2023-40008 (Cross-Site Request Forgery (CSRF) vulnerability in Gangesh Matta
CVE-2023-3725 (Potential buffer overflow vulnerability in the Zephyr CAN bus subsyste ...)
NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr)
CVE-2023-38703 (PJSIP is a free and open source multimedia communication library writt ...)
+ {DLA-3696-1}
- asterisk <unfixed> (bug #1059303)
- pjproject <removed>
- ring <unfixed> (bug #1059307)
@@ -15979,7 +16089,7 @@ CVE-2023-43651 (JumpServer is an open source bastion host. An authenticated user
NOT-FOR-US: JumpServer
CVE-2023-43320 (An issue in Proxmox Server Solutions GmbH Proxmox VE v.5.4 thru v.8.0, ...)
NOT-FOR-US: Proxmox
-CVE-2023-43314 (The buffer overflow vulnerability in the Zyxel PMG2005-T20B firmware v ...)
+CVE-2023-43314 (** UNSUPPORTED WHEN ASSIGNED **The buffer overflow vulnerability in th ...)
NOT-FOR-US: ZYXEL
CVE-2023-43233 (A stored cross-site scripting (XSS) vulnerability in the cms/content/e ...)
NOT-FOR-US: YZNCMS
@@ -45049,7 +45159,7 @@ CVE-2023-27992 (The pre-authentication command injection vulnerability in the Zy
NOT-FOR-US: Zyxel
CVE-2023-27991 (The post-authentication command injection vulnerability in the CLI com ...)
NOT-FOR-US: Zyxel
-CVE-2023-27990 (The XSS vulnerability in Zyxel ATP series firmware versions 4.32 throu ...)
+CVE-2023-27990 (The cross-site scripting (XSS) vulnerability in Zyxel ATP series firmw ...)
NOT-FOR-US: Zyxel
CVE-2023-27989 (A buffer overflow vulnerability in the CGI program of the Zyxel NR7101 ...)
NOT-FOR-US: Zyxel
@@ -57951,8 +58061,8 @@ CVE-2023-23636 (In Jellyfin 10.8.x through 10.8.3, the name of a playlist is vul
- jellyfin <itp> (bug #994189)
CVE-2023-23635 (In Jellyfin 10.8.x through 10.8.3, the name of a collection is vulnera ...)
- jellyfin <itp> (bug #994189)
-CVE-2023-23634
- RESERVED
+CVE-2023-23634 (SQL Injection vulnerability in Documize version 5.4.2, allows remote a ...)
+ TODO: check
CVE-2023-23633
RESERVED
CVE-2023-23632 (BeyondTrust Privileged Remote Access (PRA) versions 22.2.x to 22.4.x a ...)
@@ -58726,46 +58836,46 @@ CVE-2023-23445 (Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnu
NOT-FOR-US: SICK
CVE-2023-23444 (Missing Authentication for Critical Function in SICK Flexi Classic and ...)
NOT-FOR-US: SICK
-CVE-2023-23443
- RESERVED
-CVE-2023-23442
- RESERVED
-CVE-2023-23441
- RESERVED
-CVE-2023-23440
- RESERVED
-CVE-2023-23439
- RESERVED
-CVE-2023-23438
- RESERVED
-CVE-2023-23437
- RESERVED
-CVE-2023-23436
- RESERVED
-CVE-2023-23435
- RESERVED
-CVE-2023-23434
- RESERVED
-CVE-2023-23433
- RESERVED
-CVE-2023-23432
- RESERVED
-CVE-2023-23431
- RESERVED
-CVE-2023-23430
- RESERVED
-CVE-2023-23429
- RESERVED
-CVE-2023-23428
- RESERVED
-CVE-2023-23427
- RESERVED
-CVE-2023-23426
- RESERVED
+CVE-2023-23443 (Some Honor products are affected by type confusion vulnerability, succ ...)
+ TODO: check
+CVE-2023-23442 (Some Honor products are affected by type confusion vulnerability, succ ...)
+ TODO: check
+CVE-2023-23441 (Some Honor products are affected by out of bounds read vulnerability, ...)
+ TODO: check
+CVE-2023-23440 (Some Honor products are affected by information leak vulnerability, su ...)
+ TODO: check
+CVE-2023-23439 (Some Honor products are affected by information leak vulnerability, su ...)
+ TODO: check
+CVE-2023-23438 (Some Honor products are affected by incorrect privilege assignment vul ...)
+ TODO: check
+CVE-2023-23437 (Some Honor products are affected by information leak vulnerability, su ...)
+ TODO: check
+CVE-2023-23436 (Some Honor products are affected by signature management vulnerability ...)
+ TODO: check
+CVE-2023-23435 (Some Honor products are affected by signature management vulnerability ...)
+ TODO: check
+CVE-2023-23434 (Some Honor products are affected by information leak vulnerability, su ...)
+ TODO: check
+CVE-2023-23433 (Some Honor products are affected by signature management vulnerability ...)
+ TODO: check
+CVE-2023-23432 (Some Honor products are affected by signature management vulnerability ...)
+ TODO: check
+CVE-2023-23431 (Some Honor products are affected by signature management vulnerability ...)
+ TODO: check
+CVE-2023-23430 (Some Honor products are affected by incorrect privilege assignment vul ...)
+ TODO: check
+CVE-2023-23429 (Some Honor products are affected by incorrect privilege assignment vul ...)
+ TODO: check
+CVE-2023-23428 (Some Honor products are affected by incorrect privilege assignment vul ...)
+ TODO: check
+CVE-2023-23427 (Some Honor products are affected by incorrect privilege assignment vul ...)
+ TODO: check
+CVE-2023-23426 (Some Honor products are affected by file writing vulnerability, succes ...)
+ TODO: check
CVE-2023-23425
RESERVED
-CVE-2023-23424
- RESERVED
+CVE-2023-23424 (Some Honor products are affected by file writing vulnerability, succes ...)
+ TODO: check
CVE-2023-23423 (Windows Kernel Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2023-23422 (Windows Kernel Elevation of Privilege Vulnerability)
@@ -86263,8 +86373,8 @@ CVE-2022-38055
RESERVED
CVE-2022-36418
RESERVED
-CVE-2022-36399
- RESERVED
+CVE-2022-36399 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
+ TODO: check
CVE-2022-35730 (Cross-Site Request Forgery (CSRF) vulnerability inOceanwp sticky heade ...)
NOT-FOR-US: WordPress plugin
CVE-2022-34840 (Use of hard-coded credentials vulnerability in multiple Buffalo networ ...)
@@ -172561,19 +172671,19 @@ CVE-2021-36936 (Windows Print Spooler Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-36935
RESERVED
-CVE-2021-36934 (Windows Elevation of Privilege Vulnerability)
+CVE-2021-36934 (<p>An elevation of privilege vulnerability exists because of overly pe ...)
NOT-FOR-US: Microsoft
CVE-2021-36933 (Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vuln ...)
NOT-FOR-US: Microsoft
CVE-2021-36932 (Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vuln ...)
NOT-FOR-US: Microsoft
-CVE-2021-36931 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability T ...)
+CVE-2021-36931 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-36930 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-36929 (Microsoft Edge (Chromium-based) Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-36928 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability T ...)
+CVE-2021-36928 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-36927 (Windows Digital TV Tuner device registration application Elevation of ...)
NOT-FOR-US: Microsoft
@@ -178403,49 +178513,49 @@ CVE-2021-34531
RESERVED
CVE-2021-34530 (Windows Graphics Component Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34529 (Visual Studio Code Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-34529 (Visual Studio Code Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34528 (Visual Studio Code Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-34528 (Visual Studio Code Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34527 (Windows Print Spooler Remote Code Execution Vulnerability)
+CVE-2021-34527 (<p>A remote code execution vulnerability exists when the Windows Print ...)
NOT-FOR-US: Microsoft
CVE-2021-34526
RESERVED
-CVE-2021-34525 (Windows DNS Server Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-34525 (Windows DNS Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34524 (Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34523 (Microsoft Exchange Server Elevation of Privilege Vulnerability This CV ...)
+CVE-2021-34523 (Microsoft Exchange Server Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34522 (Microsoft Defender Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-34522 (Microsoft Defender Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34521 (Raw Image Extension Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34520 (Microsoft SharePoint Server Remote Code Execution Vulnerability This C ...)
+CVE-2021-34520 (Microsoft SharePoint Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34519 (Microsoft SharePoint Server Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34518 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
+CVE-2021-34518 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34517 (Microsoft SharePoint Server Spoofing Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34516 (Win32k Elevation of Privilege Vulnerability This CVE ID is unique from ...)
+CVE-2021-34516 (Win32k Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34515
RESERVED
-CVE-2021-34514 (Windows Kernel Elevation of Privilege Vulnerability This CVE ID is uni ...)
+CVE-2021-34514 (Windows Kernel Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34513 (Storage Spaces Controller Elevation of Privilege Vulnerability This CV ...)
+CVE-2021-34513 (Storage Spaces Controller Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34512 (Storage Spaces Controller Elevation of Privilege Vulnerability This CV ...)
+CVE-2021-34512 (Storage Spaces Controller Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34511 (Windows Installer Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34510 (Storage Spaces Controller Elevation of Privilege Vulnerability This CV ...)
+CVE-2021-34510 (Storage Spaces Controller Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34509 (Storage Spaces Controller Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34508 (Windows Kernel Remote Code Execution Vulnerability This CVE ID is uniq ...)
+CVE-2021-34508 (Windows Kernel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34507 (Windows Remote Assistance Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
@@ -178455,25 +178565,25 @@ CVE-2021-34505
RESERVED
CVE-2021-34504 (Windows Address Book Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34503 (Microsoft Windows Media Foundation Remote Code Execution Vulnerability ...)
+CVE-2021-34503 (Microsoft Windows Media Foundation Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34502
RESERVED
-CVE-2021-34501 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
+CVE-2021-34501 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34500 (Windows Kernel Memory Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34499 (Windows DNS Server Denial of Service Vulnerability This CVE ID is uniq ...)
+CVE-2021-34499 (Windows DNS Server Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34498 (Windows GDI Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34497 (Windows MSHTML Platform Remote Code Execution Vulnerability This CVE I ...)
+CVE-2021-34497 (Windows MSHTML Platform Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34496 (Windows GDI Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34495
RESERVED
-CVE-2021-34494 (Windows DNS Server Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-34494 (Windows DNS Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34493 (Windows Partition Management Driver Elevation of Privilege Vulnerabili ...)
NOT-FOR-US: Microsoft
@@ -178481,7 +178591,7 @@ CVE-2021-34492 (Windows Certificate Spoofing Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34491 (Win32k Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34490 (Windows TCP/IP Driver Denial of Service Vulnerability This CVE ID is u ...)
+CVE-2021-34490 (Windows TCP/IP Driver Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34489 (DirectWrite Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
@@ -178499,7 +178609,7 @@ CVE-2021-34483 (Windows Print Spooler Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34482
RESERVED
-CVE-2021-34481 (Windows Print Spooler Elevation of Privilege Vulnerability)
+CVE-2021-34481 (<p>A remote code execution vulnerability exists when the Windows Print ...)
NOT-FOR-US: Microsoft
CVE-2021-34480 (Scripting Engine Memory Corruption Vulnerability)
NOT-FOR-US: Microsoft
@@ -178515,25 +178625,25 @@ CVE-2021-34475 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerabi
NOT-FOR-US: Microsoft
CVE-2021-34474 (Dynamics Business Central Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34473 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
+CVE-2021-34473 (Microsoft Exchange Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34472
RESERVED
CVE-2021-34471 (Microsoft Windows Defender Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34470 (Microsoft Exchange Server Elevation of Privilege Vulnerability This CV ...)
+CVE-2021-34470 (Microsoft Exchange Server Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34469 (Microsoft Office Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34468 (Microsoft SharePoint Server Remote Code Execution Vulnerability This C ...)
+CVE-2021-34468 (Microsoft SharePoint Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34467 (Microsoft SharePoint Server Remote Code Execution Vulnerability This C ...)
+CVE-2021-34467 (Microsoft SharePoint Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34466 (Windows Hello Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34465
RESERVED
-CVE-2021-34464 (Microsoft Defender Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-34464 (Microsoft Defender Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34463
RESERVED
@@ -178541,11 +178651,11 @@ CVE-2021-34462 (Windows AppX Deployment Extensions Elevation of Privilege Vulner
NOT-FOR-US: Microsoft
CVE-2021-34461 (Windows Container Isolation FS Filter Driver Elevation of Privilege Vu ...)
NOT-FOR-US: Microsoft
-CVE-2021-34460 (Storage Spaces Controller Elevation of Privilege Vulnerability This CV ...)
+CVE-2021-34460 (Storage Spaces Controller Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34459 (Windows AppContainer Elevation Of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34458 (Windows Kernel Remote Code Execution Vulnerability This CVE ID is uniq ...)
+CVE-2021-34458 (Windows Kernel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34457 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
NOT-FOR-US: Microsoft
@@ -178563,27 +178673,27 @@ CVE-2021-34451 (Microsoft Office Online Server Spoofing Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34450 (Windows Hyper-V Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34449 (Win32k Elevation of Privilege Vulnerability This CVE ID is unique from ...)
+CVE-2021-34449 (Win32k Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34448 (Scripting Engine Memory Corruption Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34447 (Windows MSHTML Platform Remote Code Execution Vulnerability This CVE I ...)
+CVE-2021-34447 (Windows MSHTML Platform Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34446 (Windows HTML Platforms Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34445 (Windows Remote Access Connection Manager Elevation of Privilege Vulner ...)
NOT-FOR-US: Microsoft
-CVE-2021-34444 (Windows DNS Server Denial of Service Vulnerability This CVE ID is uniq ...)
+CVE-2021-34444 (Windows DNS Server Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34443
RESERVED
-CVE-2021-34442 (Windows DNS Server Denial of Service Vulnerability This CVE ID is uniq ...)
+CVE-2021-34442 (Windows DNS Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34441 (Microsoft Windows Media Foundation Remote Code Execution Vulnerability ...)
+CVE-2021-34441 (Microsoft Windows Media Foundation Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34440 (GDI+ Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-34439 (Microsoft Windows Media Foundation Remote Code Execution Vulnerability ...)
+CVE-2021-34439 (Microsoft Windows Media Foundation Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-34438 (Windows Font Driver Host Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
@@ -180241,35 +180351,35 @@ CVE-2021-33782 (Windows Authenticode Spoofing Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-33781 (Azure AD Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-33780 (Windows DNS Server Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-33780 (Windows DNS Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-33779 (Windows ADFS Security Feature Bypass Vulnerability)
+CVE-2021-33779 (Windows AD FS Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-33778 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+CVE-2021-33778 (HEVC Video Extensions Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-33777 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+CVE-2021-33777 (HEVC Video Extensions Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-33776 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+CVE-2021-33776 (HEVC Video Extensions Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-33775 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+CVE-2021-33775 (HEVC Video Extensions Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-33774 (Windows Event Tracing Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-33773 (Windows Remote Access Connection Manager Elevation of Privilege Vulner ...)
NOT-FOR-US: Microsoft
-CVE-2021-33772 (Windows TCP/IP Driver Denial of Service Vulnerability This CVE ID is u ...)
+CVE-2021-33772 (Windows TCP/IP Driver Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-33771 (Windows Kernel Elevation of Privilege Vulnerability This CVE ID is uni ...)
+CVE-2021-33771 (Windows Kernel Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-33770
RESERVED
CVE-2021-33769
RESERVED
-CVE-2021-33768 (Microsoft Exchange Server Elevation of Privilege Vulnerability This CV ...)
+CVE-2021-33768 (Microsoft Exchange Server Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-33767 (Open Enclave SDK Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-33766 (Microsoft Exchange Information Disclosure Vulnerability)
+CVE-2021-33766 (Microsoft Exchange Server Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-33765 (Windows Installer Spoofing Vulnerability)
NOT-FOR-US: Microsoft
@@ -180285,33 +180395,33 @@ CVE-2021-33760 (Media Foundation Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-33759 (Windows Desktop Bridge Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-33758 (Windows Hyper-V Denial of Service Vulnerability This CVE ID is unique ...)
+CVE-2021-33758 (Windows Hyper-V Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-33757 (Windows Security Account Manager Remote Protocol Security Feature Bypa ...)
NOT-FOR-US: Microsoft
-CVE-2021-33756 (Windows DNS Snap-in Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-33756 (Windows DNS Snap-in Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-33755 (Windows Hyper-V Denial of Service Vulnerability This CVE ID is unique ...)
+CVE-2021-33755 (Windows Hyper-V Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-33754 (Windows DNS Server Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-33754 (Windows DNS Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-33753 (Microsoft Bing Search Spoofing Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-33752 (Windows DNS Snap-in Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-33752 (Windows DNS Snap-in Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-33751 (Storage Spaces Controller Elevation of Privilege Vulnerability This CV ...)
+CVE-2021-33751 (Storage Spaces Controller Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-33750 (Windows DNS Snap-in Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-33750 (Windows DNS Snap-in Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-33749 (Windows DNS Snap-in Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-33749 (Windows DNS Snap-in Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-33748
RESERVED
CVE-2021-33747
RESERVED
-CVE-2021-33746 (Windows DNS Server Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-33746 (Windows DNS Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-33745 (Windows DNS Server Denial of Service Vulnerability This CVE ID is uniq ...)
+CVE-2021-33745 (Windows DNS Server Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-33744 (Windows Secure Kernel Mode Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
@@ -185104,7 +185214,7 @@ CVE-2021-31981
RESERVED
CVE-2021-31980 (Microsoft Intune Management Extension Remote Code Execution Vulnerabil ...)
NOT-FOR-US: Microsoft
-CVE-2021-31979 (Windows Kernel Elevation of Privilege Vulnerability This CVE ID is uni ...)
+CVE-2021-31979 (Windows Kernel Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31978 (Microsoft Defender Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
@@ -185168,7 +185278,7 @@ CVE-2021-31949 (Microsoft Outlook Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31948 (Microsoft SharePoint Server Spoofing Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31947 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+CVE-2021-31947 (HEVC Video Extensions Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31946 (Paint 3D Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
@@ -187225,7 +187335,7 @@ CVE-2021-31208 (Windows Container Manager Service Elevation of Privilege Vulnera
NOT-FOR-US: Microsoft
CVE-2021-31207 (Microsoft Exchange Server Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31206 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
+CVE-2021-31206 (Microsoft Exchange Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31205 (Windows SMB Client Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
@@ -187245,7 +187355,7 @@ CVE-2021-31198 (Microsoft Exchange Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31197
RESERVED
-CVE-2021-31196 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
+CVE-2021-31196 (Microsoft Exchange Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31195 (Microsoft Exchange Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
@@ -187271,7 +187381,7 @@ CVE-2021-31185 (Windows Desktop Bridge Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31184 (Microsoft Windows Infrared Data Association (IrDA) Information Disclos ...)
NOT-FOR-US: Microsoft
-CVE-2021-31183 (Windows TCP/IP Driver Denial of Service Vulnerability This CVE ID is u ...)
+CVE-2021-31183 (Windows TCP/IP Driver Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31182 (Microsoft Bluetooth Driver Spoofing Vulnerability)
NOT-FOR-US: Microsoft
@@ -187283,7 +187393,7 @@ CVE-2021-31179 (Microsoft Office Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31178 (Microsoft Office Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-31177 (Microsoft Office Remote Code Execution Vulnerability This CVE ID is un ...)
+CVE-2021-31177 (Microsoft Office Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-31176 (Microsoft Office Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
@@ -194460,27 +194570,27 @@ CVE-2021-3443 (A NULL pointer dereference flaw was found in the way Jasper versi
NOTE: https://github.com/jasper-software/jasper/commit/f94e7499a8b1471a4905c4f9c9e12e60fe88264b
CVE-2021-3442 (A flaw was found in the Red Hat OpenShift API Management product. User ...)
NOT-FOR-US: Red Hat OpenShift API Management
-CVE-2021-28483 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
+CVE-2021-28483 (Microsoft Exchange Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28482 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
+CVE-2021-28482 (Microsoft Exchange Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28481 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
+CVE-2021-28481 (Microsoft Exchange Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28480 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
+CVE-2021-28480 (Microsoft Exchange Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28479 (Windows CSC Service Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28478 (Microsoft SharePoint Server Spoofing Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28477 (Visual Studio Code Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-28477 (Visual Studio Code Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28476 (Windows Hyper-V Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28475 (Visual Studio Code Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-28475 (Visual Studio Code Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28474 (Microsoft SharePoint Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28473 (Visual Studio Code Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-28473 (Visual Studio Code Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28472 (Visual Studio Code Maven for Java Extension Remote Code Execution Vuln ...)
NOT-FOR-US: Microsoft
@@ -194488,13 +194598,13 @@ CVE-2021-28471 (Remote Development Extension for Visual Studio Code Remote Code
NOT-FOR-US: Microsoft
CVE-2021-28470 (Visual Studio Code GitHub Pull Requests and Issues Extension Remote Co ...)
NOT-FOR-US: Microsoft
-CVE-2021-28469 (Visual Studio Code Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-28469 (Visual Studio Code Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28468 (Raw Image Extension Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-28468 (Raw Image Extension Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28467
RESERVED
-CVE-2021-28466 (Raw Image Extension Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-28466 (Raw Image Extension Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28465 (Web Media Extensions Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
@@ -194512,21 +194622,21 @@ CVE-2021-28459 (Azure DevOps Server Spoofing Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28458 (Azure ms-rest-nodeauth Library Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28457 (Visual Studio Code Remote Code Execution Vulnerability This CVE ID is ...)
+CVE-2021-28457 (Visual Studio Code Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28456 (Microsoft Excel Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28455 (Microsoft Jet Red Database Engine and Access Connectivity Engine Remot ...)
NOT-FOR-US: Microsoft
-CVE-2021-28454 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
+CVE-2021-28454 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28453 (Microsoft Word Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28452 (Microsoft Outlook Memory Corruption Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28451 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
+CVE-2021-28451 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28450 (Microsoft SharePoint Denial of Service Update)
+CVE-2021-28450 (Microsoft SharePoint Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28449 (Microsoft Office Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18a979a161a02b7fe7a7b287f62efff7d7050864
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18a979a161a02b7fe7a7b287f62efff7d7050864
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231229/7dcf4a5a/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list