[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Dec 29 20:12:19 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
292b6f13 by security tracker role at 2023-12-29T20:12:08+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,171 @@
+CVE-2023-7171 (A vulnerability was found in Novel-Plus up to 4.2.0. It has been decla ...)
+ TODO: check
+CVE-2023-7166 (A vulnerability classified as problematic has been found in Novel-Plus ...)
+ TODO: check
+CVE-2023-7114 (Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths ...)
+ TODO: check
+CVE-2023-7113 (Mattermost version 8.1.6 and earlier fails to sanitize channel mention ...)
+ TODO: check
+CVE-2023-7080 (The V8 inspector intentionally allows arbitrary code execution within ...)
+ TODO: check
+CVE-2023-7079 (Sending specially crafted HTTP requests and inspector messages to Wran ...)
+ TODO: check
+CVE-2023-7078 (Sending specially crafted HTTP requests to Miniflare's server could re ...)
+ TODO: check
+CVE-2023-52139 (Misskey is an open source, decentralized social media platform. Third- ...)
+ TODO: check
+CVE-2023-52137 (The [`tj-actions/verify-changed-files`](https://github.com/tj-actions/ ...)
+ TODO: check
+CVE-2023-52135 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2023-51688 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
+ TODO: check
+CVE-2023-51687 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
+ TODO: check
+CVE-2023-51676 (Server-Side Request Forgery (SSRF) vulnerability in Leevio Happy Addon ...)
+ TODO: check
+CVE-2023-51675 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in A ...)
+ TODO: check
+CVE-2023-51663 (Hail is an open-source, general-purpose, Python-based data analysis to ...)
+ TODO: check
+CVE-2023-51545 (Cross-Site Request Forgery (CSRF), Deserialization of Untrusted Data v ...)
+ TODO: check
+CVE-2023-51541 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51527 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
+ TODO: check
+CVE-2023-51517 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in C ...)
+ TODO: check
+CVE-2023-51505 (Deserialization of Untrusted Data vulnerability in realmag777 Active P ...)
+ TODO: check
+CVE-2023-51475 (Unrestricted Upload of File with Dangerous Type vulnerability in IOSS ...)
+ TODO: check
+CVE-2023-51473 (Unrestricted Upload of File with Dangerous Type vulnerability in Pixel ...)
+ TODO: check
+CVE-2023-51470 (Deserialization of Untrusted Data vulnerability in Jacques Malgrange R ...)
+ TODO: check
+CVE-2023-51468 (Unrestricted Upload of File with Dangerous Type vulnerability in Jacqu ...)
+ TODO: check
+CVE-2023-51422 (Deserialization of Untrusted Data vulnerability in Saleswonder Team We ...)
+ TODO: check
+CVE-2023-51421 (Unrestricted Upload of File with Dangerous Type vulnerability in Soft8 ...)
+ TODO: check
+CVE-2023-51420 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
+CVE-2023-51419 (Unrestricted Upload of File with Dangerous Type vulnerability in Berth ...)
+ TODO: check
+CVE-2023-51417 (Unrestricted Upload of File with Dangerous Type vulnerability in Joris ...)
+ TODO: check
+CVE-2023-51414 (Deserialization of Untrusted Data vulnerability in EnvialoSimple Env\x ...)
+ TODO: check
+CVE-2023-51412 (Unrestricted Upload of File with Dangerous Type vulnerability in Piotn ...)
+ TODO: check
+CVE-2023-51411 (Unrestricted Upload of File with Dangerous Type vulnerability in Shabt ...)
+ TODO: check
+CVE-2023-51410 (Unrestricted Upload of File with Dangerous Type vulnerability in WPVib ...)
+ TODO: check
+CVE-2023-51402 (Cross-Site Request Forgery (CSRF) vulnerability in Brain Storm Force U ...)
+ TODO: check
+CVE-2023-51399 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51397 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51396 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51378 (Cross-Site Request Forgery (CSRF) vulnerability in Rise Themes Rise Bl ...)
+ TODO: check
+CVE-2023-51374 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51373 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51372 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51371 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51361 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-51358 (Cross-Site Request Forgery (CSRF) vulnerability in Bright Plugins Bloc ...)
+ TODO: check
+CVE-2023-51354 (Cross-Site Request Forgery (CSRF) vulnerability in WebbaPlugins Appoin ...)
+ TODO: check
+CVE-2023-50902 (Cross-Site Request Forgery (CSRF) vulnerability in WPExpertsio New Use ...)
+ TODO: check
+CVE-2023-50901 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-50896 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-50893 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-50892 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-50891 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-50889 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-50881 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-50880 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-50879 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-50878 (Cross-Site Request Forgery (CSRF) vulnerability in InspireUI MStore AP ...)
+ TODO: check
+CVE-2023-50837 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2023-50572 (An issue in the component GroovyEngine.execute of jline-groovy v3.24.1 ...)
+ TODO: check
+CVE-2023-50571 (easy-rules-mvel v4.1.0 was discovered to contain a remote code executi ...)
+ TODO: check
+CVE-2023-50570 (An issue in the component IPAddressBitsDivision of IPAddress v5.1.0 le ...)
+ TODO: check
+CVE-2023-4675 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2023-4674 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2023-4541 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2023-4468 (A vulnerability was found in Poly Trio 8800 and Trio C60. It has been ...)
+ TODO: check
+CVE-2023-4467 (A vulnerability was found in Poly Trio 8800 7.2.6.0019 and classified ...)
+ TODO: check
+CVE-2023-4466 (A vulnerability has been found in Poly CCX 400, CCX 600, Trio 8800 and ...)
+ TODO: check
+CVE-2023-4465 (A vulnerability, which was classified as problematic, was found in Pol ...)
+ TODO: check
+CVE-2023-4464 (A vulnerability, which was classified as critical, has been found in P ...)
+ TODO: check
+CVE-2023-4463 (A vulnerability classified as problematic was found in Poly CCX 400, C ...)
+ TODO: check
+CVE-2023-4462 (A vulnerability classified as problematic has been found in Poly CCX 4 ...)
+ TODO: check
+CVE-2023-49830 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
+CVE-2023-47840 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
+CVE-2023-47804 (Apache OpenOffice documents can contain links that call internal macro ...)
+ TODO: check
+CVE-2023-46623 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
+CVE-2023-45751 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
+CVE-2023-44089 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-44088 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2023-41815 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-41814 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-41813 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2023-40606 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
+CVE-2023-32517 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in P ...)
+ TODO: check
+CVE-2023-32101 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in P ...)
+ TODO: check
+CVE-2023-32095 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
CVE-2023-7161 (A vulnerability classified as critical has been found in Netentsec NS- ...)
NOT-FOR-US: Netentsec NS-ASG Application Security Gateway
CVE-2023-7160 (A vulnerability was found in SourceCodester Engineers Online Portal 1. ...)
@@ -14,7 +182,7 @@ CVE-2023-7155 (A vulnerability, which was classified as critical, was found in S
NOT-FOR-US: SourceCodester Free and Open Source Inventory Management System
CVE-2023-7152 (A vulnerability, which was classified as critical, has been found in M ...)
NOT-FOR-US: MicroPython
-CVE-2023-7150 (A vulnerability classified as critical was found in Chic Beauty Salon ...)
+CVE-2023-7150 (A vulnerability classified as critical was found in Campcodes Chic Bea ...)
NOT-FOR-US: Chic Beauty Salon
CVE-2023-7149 (A vulnerability was found in code-projects QR Code Generator 1.0. It h ...)
NOT-FOR-US: code-projects QR Code Generator
@@ -1515,25 +1683,25 @@ CVE-2023-34027 (Deserialization of Untrusted Data vulnerability in Rajnish Arora
CVE-2019-25158 (A vulnerability has been found in pedroetb tts-api up to 2.1.4 and cla ...)
NOT-FOR-US: pedroetb tts-api
CVE-2023-50762 (When processing a PGP/MIME payload that contains digitally signed text ...)
- {DSA-5582-1}
+ {DSA-5582-1 DLA-3698-1}
- thunderbird 1:115.6.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-50762
CVE-2023-50761 (The signature of a digitally signed S/MIME email message may optionall ...)
- {DSA-5582-1}
+ {DSA-5582-1 DLA-3698-1}
- thunderbird 1:115.6.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-50761
CVE-2023-6862 (A use-after-free was identified in the `nsDNSService::Init`. This iss ...)
- {DSA-5582-1 DSA-5581-1}
+ {DSA-5582-1 DSA-5581-1 DLA-3698-1 DLA-3697-1}
- firefox-esr 115.6.0esr-1
- thunderbird 1:115.6.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6862
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-6862
CVE-2023-6873 (Memory safety bugs present in Firefox 120. Some of these bugs showed e ...)
- {DSA-5582-1}
+ {DSA-5582-1 DLA-3698-1}
- firefox 121.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6873
CVE-2023-6864 (Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thun ...)
- {DSA-5582-1 DSA-5581-1}
+ {DSA-5582-1 DSA-5581-1 DLA-3698-1 DLA-3697-1}
- firefox 121.0-1
- firefox-esr 115.6.0esr-1
- thunderbird 1:115.6.0-1
@@ -1541,7 +1709,7 @@ CVE-2023-6864 (Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-6864
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6864
CVE-2023-6863 (The `ShutdownObserver()` was susceptible to potentially undefined beha ...)
- {DSA-5581-1}
+ {DSA-5581-1 DLA-3697-1}
- firefox 121.0-1
- firefox-esr 115.6.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6863
@@ -1562,7 +1730,7 @@ CVE-2023-6868 (In some instances, the user-agent would allow push requests which
- firefox <not-affected> (Android-specific)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6868
CVE-2023-6861 (The `nsWindow::PickerOpen(void)` method was susceptible to a heap buff ...)
- {DSA-5582-1 DSA-5581-1}
+ {DSA-5582-1 DSA-5581-1 DLA-3698-1 DLA-3697-1}
- firefox 121.0-1
- firefox-esr 115.6.0esr-1
- thunderbird 1:115.6.0-1
@@ -1570,13 +1738,13 @@ CVE-2023-6861 (The `nsWindow::PickerOpen(void)` method was susceptible to a heap
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-6861
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6861
CVE-2023-6867 (The timing of a button click causing a popup to disappear was approxim ...)
- {DSA-5581-1}
+ {DSA-5581-1 DLA-3697-1}
- firefox 121.0-1
- firefox-esr 115.6.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6867
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6867
CVE-2023-6860 (The `VideoBridge` allowed any content process to use textures produced ...)
- {DSA-5582-1 DSA-5581-1}
+ {DSA-5582-1 DSA-5581-1 DLA-3698-1 DLA-3697-1}
- firefox 121.0-1
- firefox-esr 115.6.0esr-1
- thunderbird 1:115.6.0-1
@@ -1587,7 +1755,7 @@ CVE-2023-6866 (TypedArrays can be fallible and lacked proper exception handling.
- firefox 121.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6866
CVE-2023-6859 (A use-after-free condition affected TLS socket creation when under mem ...)
- {DSA-5582-1 DSA-5581-1}
+ {DSA-5582-1 DSA-5581-1 DLA-3698-1 DLA-3697-1}
- firefox 121.0-1
- firefox-esr 115.6.0esr-1
- thunderbird 1:115.6.0-1
@@ -1595,7 +1763,7 @@ CVE-2023-6859 (A use-after-free condition affected TLS socket creation when unde
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-6859
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6859
CVE-2023-6858 (Firefox was susceptible to a heap buffer overflow in `nsTextFragment` ...)
- {DSA-5582-1 DSA-5581-1}
+ {DSA-5582-1 DSA-5581-1 DLA-3698-1 DLA-3697-1}
- firefox 121.0-1
- firefox-esr 115.6.0esr-1
- thunderbird 1:115.6.0-1
@@ -1603,7 +1771,7 @@ CVE-2023-6858 (Firefox was susceptible to a heap buffer overflow in `nsTextFragm
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-6858
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6858
CVE-2023-6857 (When resolving a symlink, a race may occur where the buffer passed to ...)
- {DSA-5582-1 DSA-5581-1}
+ {DSA-5582-1 DSA-5581-1 DLA-3698-1 DLA-3697-1}
- firefox 121.0-1
- firefox-esr 115.6.0esr-1
- thunderbird 1:115.6.0-1
@@ -1611,13 +1779,13 @@ CVE-2023-6857 (When resolving a symlink, a race may occur where the buffer passe
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-6857
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6857
CVE-2023-6865 (`EncryptingOutputStream` was susceptible to exposing uninitialized dat ...)
- {DSA-5581-1}
+ {DSA-5581-1 DLA-3697-1}
- firefox 121.0-1
- firefox-esr 115.6.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6865
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6865
CVE-2023-6856 (The WebGL `DrawElementsInstanced` method was susceptible to a heap buf ...)
- {DSA-5582-1 DSA-5581-1}
+ {DSA-5582-1 DSA-5581-1 DLA-3698-1 DLA-3697-1}
- firefox 121.0-1
- firefox-esr 115.6.0esr-1
- thunderbird 1:115.6.0-1
@@ -34667,8 +34835,8 @@ CVE-2023-31250 (The file download facility doesn't sufficiently sanitize file pa
NOTE: https://www.drupal.org/sa-core-2023-005
CVE-2023-31238 (A vulnerability has been identified in POWER METER SICAM Q100 (All ver ...)
NOT-FOR-US: Siemens
-CVE-2023-31237
- RESERVED
+CVE-2023-31237 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in D ...)
+ TODO: check
CVE-2023-31236 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in unFo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-31235 (Cross-Site Request Forgery (CSRF) vulnerability in Roland Barker, xnau ...)
@@ -34683,8 +34851,8 @@ CVE-2023-31231 (Unrestricted Upload of File with Dangerous Type vulnerability in
NOT-FOR-US: WordPress plugin
CVE-2023-31230 (Cross-Site Request Forgery (CSRF) vulnerability in Haoqisir Baidu Tong ...)
NOT-FOR-US: Haoqisir Baidu Tongji generator
-CVE-2023-31229
- RESERVED
+CVE-2023-31229 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in W ...)
+ TODO: check
CVE-2023-31228 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Crea ...)
NOT-FOR-US: WordPress plugin
CVE-2023-31227 (The hwPartsDFR module has a vulnerability in API calling verification. ...)
@@ -35173,8 +35341,8 @@ CVE-2023-31097
RESERVED
CVE-2023-31096 (An issue was discovered in Broadcom) LSI PCI-SV92EX Soft Modem Kernel ...)
NOT-FOR-US: Broadcom
-CVE-2023-31095
- RESERVED
+CVE-2023-31095 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in C ...)
+ TODO: check
CVE-2023-31094 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Lauri Ka ...)
NOT-FOR-US: WooCommerce plugin
CVE-2023-31093 (Cross-Site Request Forgery (CSRF) vulnerability in Chronosly Chronosly ...)
@@ -42274,8 +42442,8 @@ CVE-2023-28788 (Improper Neutralization of Special Elements used in an SQL Comma
NOT-FOR-US: WordPress plugin
CVE-2023-28787
RESERVED
-CVE-2023-28786
- RESERVED
+CVE-2023-28786 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in S ...)
+ TODO: check
CVE-2023-28785 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28784 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Contest ...)
@@ -53825,8 +53993,8 @@ CVE-2023-25056 (Cross-Site Request Forgery (CSRF) vulnerability in SlickRemix Fe
NOT-FOR-US: WordPress plugin
CVE-2023-25055 (Cross-Site Request Forgery (CSRF) vulnerability in Amit Agarwal Google ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-25054
- RESERVED
+CVE-2023-25054 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
CVE-2023-25053
RESERVED
CVE-2023-25052 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tepl ...)
@@ -61313,10 +61481,10 @@ CVE-2023-22679 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-22678 (Cross-Site Request Forgery (CSRF) vulnerability inRafael DerySuperior ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-22677
- RESERVED
-CVE-2023-22676
- RESERVED
+CVE-2023-22677 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
+CVE-2023-22676 (Missing Authorization vulnerability in Anders Thorborg.This issue affe ...)
+ TODO: check
CVE-2023-22675
RESERVED
CVE-2023-22674 (Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability ...)
@@ -76285,8 +76453,8 @@ CVE-2022-44591 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2022-44590 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-44589
- RESERVED
+CVE-2022-44589 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
+ TODO: check
CVE-2022-44588 (Unauth. SQL Injection vulnerability inCryptocurrency Widgets Pack Plug ...)
NOT-FOR-US: WordPress plugin
CVE-2022-44587
@@ -194644,31 +194812,31 @@ CVE-2021-28448 (Visual Studio Code Kubernetes Tools Remote Code Execution Vulner
NOT-FOR-US: Microsoft
CVE-2021-28447 (Windows Early Launch Antimalware Driver Security Feature Bypass Vulner ...)
NOT-FOR-US: Microsoft
-CVE-2021-28446 (Windows Portmapping Information Disclosure Vulnerability)
+CVE-2021-28446 (<p>N/A</p>)
NOT-FOR-US: Microsoft
CVE-2021-28445 (Windows Network File System Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28444 (Windows Hyper-V Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28443 (Windows Console Driver Denial of Service Vulnerability This CVE ID is ...)
+CVE-2021-28443 (Windows Console Driver Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28442 (Windows TCP/IP Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28441 (Windows Hyper-V Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28440 (Windows Installer Elevation of Privilege Vulnerability This CVE ID is ...)
+CVE-2021-28440 (Windows Installer Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28439 (Windows TCP/IP Driver Denial of Service Vulnerability This CVE ID is u ...)
+CVE-2021-28439 (Windows TCP/IP Driver Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28438 (Windows Console Driver Denial of Service Vulnerability This CVE ID is ...)
+CVE-2021-28438 (Windows Console Driver Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28437 (Windows Installer Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28436 (Windows Speech Runtime Elevation of Privilege Vulnerability This CVE I ...)
+CVE-2021-28436 (Windows Speech Runtime Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28435 (Windows Event Tracing Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28434 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28434 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28433
RESERVED
@@ -194829,77 +194997,77 @@ CVE-2021-28360
RESERVED
CVE-2021-28359 (The "origin" parameter passed to some of the endpoints like '/trigger' ...)
- airflow <itp> (bug #819700)
-CVE-2021-28358 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28358 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28357 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28357 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28356 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28356 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28355 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28355 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28354 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28354 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28353 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28353 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28352 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28352 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28351 (Windows Speech Runtime Elevation of Privilege Vulnerability This CVE I ...)
+CVE-2021-28351 (Windows Speech Runtime Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28350 (Windows GDI+ Remote Code Execution Vulnerability This CVE ID is unique ...)
+CVE-2021-28350 (Windows GDI+ Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28349 (Windows GDI+ Remote Code Execution Vulnerability This CVE ID is unique ...)
+CVE-2021-28349 (Windows GDI+ Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28348 (Windows GDI+ Remote Code Execution Vulnerability This CVE ID is unique ...)
+CVE-2021-28348 (Windows GDI+ Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28347 (Windows Speech Runtime Elevation of Privilege Vulnerability This CVE I ...)
+CVE-2021-28347 (Windows Speech Runtime Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28346 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28346 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28345 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28345 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28344 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28344 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28343 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28343 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28342 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28342 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28341 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28341 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28340 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28340 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28339 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28339 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28338 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28338 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28337 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28337 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28336 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28336 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28335 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28335 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28334 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28334 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28333 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28333 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28332 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28332 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28331 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28331 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28330 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28330 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28329 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28329 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28328 (Windows DNS Information Disclosure Vulnerability This CVE ID is unique ...)
+CVE-2021-28328 (Windows DNS Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28327 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...)
+CVE-2021-28327 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28326 (Windows AppX Deployment Server Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28325 (Windows SMB Information Disclosure Vulnerability This CVE ID is unique ...)
+CVE-2021-28325 (Windows SMB Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28324 (Windows SMB Information Disclosure Vulnerability This CVE ID is unique ...)
+CVE-2021-28324 (Windows SMB Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28323 (Windows DNS Information Disclosure Vulnerability This CVE ID is unique ...)
+CVE-2021-28323 (Windows DNS Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28322 (Diagnostics Hub Standard Collector Service Elevation of Privilege Vuln ...)
NOT-FOR-US: Microsoft
@@ -194907,7 +195075,7 @@ CVE-2021-28321 (Diagnostics Hub Standard Collector Service Elevation of Privileg
NOT-FOR-US: Microsoft
CVE-2021-28320 (Windows Resource Manager PSM Service Extension Elevation of Privilege ...)
NOT-FOR-US: Microsoft
-CVE-2021-28319 (Windows TCP/IP Driver Denial of Service Vulnerability This CVE ID is u ...)
+CVE-2021-28319 (Windows TCP/IP Driver Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28318 (Windows GDI+ Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
@@ -194915,7 +195083,7 @@ CVE-2021-28317 (Microsoft Windows Codecs Library Information Disclosure Vulnerab
NOT-FOR-US: Microsoft
CVE-2021-28316 (Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28315 (Windows Media Video Decoder Remote Code Execution Vulnerability This C ...)
+CVE-2021-28315 (Windows Media Video Decoder Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28314 (Windows Hyper-V Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
@@ -194925,9 +195093,9 @@ CVE-2021-28312 (Windows NTFS Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28311 (Windows Application Compatibility Cache Denial of Service Vulnerabilit ...)
NOT-FOR-US: Microsoft
-CVE-2021-28310 (Win32k Elevation of Privilege Vulnerability This CVE ID is unique from ...)
+CVE-2021-28310 (Win32k Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-28309 (Windows Kernel Information Disclosure Vulnerability This CVE ID is uni ...)
+CVE-2021-28309 (Windows Kernel Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-28308 (An issue was discovered in the fltk crate before 0.15.3 for Rust. Ther ...)
NOT-FOR-US: Rust crate fltk
@@ -197948,11 +198116,11 @@ CVE-2021-27097 (The boot loader in Das U-Boot before 2021.04-rc2 mishandles a mo
NOTE: https://github.com/u-boot/u-boot/commit/b6f4c757959f8850e1299a77c8e5713da78e8ec0
CVE-2021-27096 (NTFS Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-27095 (Windows Media Video Decoder Remote Code Execution Vulnerability This C ...)
+CVE-2021-27095 (Windows Media Video Decoder Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-27094 (Windows Early Launch Antimalware Driver Security Feature Bypass Vulner ...)
NOT-FOR-US: Microsoft
-CVE-2021-27093 (Windows Kernel Information Disclosure Vulnerability This CVE ID is uni ...)
+CVE-2021-27093 (Windows Kernel Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-27092 (Azure AD Web Sign-in Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
@@ -197978,11 +198146,11 @@ CVE-2021-27082 (Quantum Development Kit for Visual Studio Code Remote Code Execu
NOT-FOR-US: Microsoft
CVE-2021-27081 (Visual Studio Code ESLint Extension Remote Code Execution Vulnerabilit ...)
NOT-FOR-US: Microsoft
-CVE-2021-27080 (Azure Sphere Unsigned Code Execution Vulnerability This CVE ID is uniq ...)
+CVE-2021-27080 (Azure Sphere Unsigned Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-27079 (Windows Media Photo Codec Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-27078 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
+CVE-2021-27078 (Microsoft Exchange Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-27077 (Windows Win32k Elevation of Privilege Vulnerability This CVE ID is uni ...)
NOT-FOR-US: Microsoft
@@ -197990,11 +198158,11 @@ CVE-2021-27076 (Microsoft SharePoint Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-27075 (Azure Virtual Machine Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-27074 (Azure Sphere Unsigned Code Execution Vulnerability This CVE ID is uniq ...)
+CVE-2021-27074 (Azure Sphere Unsigned Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-27073
RESERVED
-CVE-2021-27072 (Win32k Elevation of Privilege Vulnerability This CVE ID is unique from ...)
+CVE-2021-27072 (Win32k Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-27071
RESERVED
@@ -198008,43 +198176,43 @@ CVE-2021-27067 (Azure DevOps Server and Team Foundation Server Information Discl
NOT-FOR-US: Microsoft
CVE-2021-27066 (Windows Admin Center Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-27065 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
+CVE-2021-27065 (Microsoft Exchange Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-27064 (Visual Studio Installer Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-27063 (Windows DNS Server Denial of Service Vulnerability This CVE ID is uniq ...)
NOT-FOR-US: Microsoft
-CVE-2021-27062 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+CVE-2021-27062 (HEVC Video Extensions Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-27061 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+CVE-2021-27061 (HEVC Video Extensions Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-27060 (Visual Studio Code Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-27059 (Microsoft Office Remote Code Execution Vulnerability This CVE ID is un ...)
+CVE-2021-27059 (Microsoft Office Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-27058 (Microsoft Office ClickToRun Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-27057 (Microsoft Office Remote Code Execution Vulnerability This CVE ID is un ...)
+CVE-2021-27057 (Microsoft Office Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-27056 (Microsoft PowerPoint Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-27055 (Microsoft Visio Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-27054 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
+CVE-2021-27054 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-27053 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
+CVE-2021-27053 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-27052 (Microsoft SharePoint Server Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-27051 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+CVE-2021-27051 (HEVC Video Extensions Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-27050 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+CVE-2021-27050 (HEVC Video Extensions Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-27049 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+CVE-2021-27049 (HEVC Video Extensions Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-27048 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+CVE-2021-27048 (HEVC Video Extensions Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-27047 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+CVE-2021-27047 (HEVC Video Extensions Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-27046 (A Memory Corruption vulnerability for PDF files in Autodesk Navisworks ...)
NOT-FOR-US: Autodesk
@@ -198434,7 +198602,7 @@ CVE-2021-26904 (LMA ISIDA Retriever 5.2 allows SQL Injection.)
NOT-FOR-US: LMA ISIDA Retriever
CVE-2021-26903 (LMA ISIDA Retriever 5.2 is vulnerable to XSS via query['text'].)
NOT-FOR-US: LMA ISIDA Retriever
-CVE-2021-26902 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+CVE-2021-26902 (HEVC Video Extensions Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-26901 (Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID ...)
NOT-FOR-US: Microsoft
@@ -198522,15 +198690,15 @@ CVE-2021-26860 (Windows App-V Overlay Filter Elevation of Privilege Vulnerabilit
NOT-FOR-US: Microsoft
CVE-2021-26859 (Microsoft Power BI Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-26858 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
+CVE-2021-26858 (Microsoft Exchange Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-26857 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
+CVE-2021-26857 (Microsoft Exchange Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-26856
RESERVED
-CVE-2021-26855 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
+CVE-2021-26855 (Microsoft Exchange Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-26854 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
+CVE-2021-26854 (Microsoft Exchange Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-26853
RESERVED
@@ -198910,7 +199078,7 @@ CVE-2021-26703 (EPrints 3.4.2 allows remote attackers to read arbitrary files an
NOT-FOR-US: EPrints
CVE-2021-26702 (EPrints 3.4.2 exposes a reflected XSS opportunity in the dataset param ...)
NOT-FOR-US: EPrints
-CVE-2021-26701 (.NET Core Remote Code Execution Vulnerability This CVE ID is unique fr ...)
+CVE-2021-26701 (.NET Core Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-26700 (Visual Studio Code npm-script Extension Remote Code Execution Vulnerab ...)
NOT-FOR-US: Microsoft
@@ -199637,13 +199805,13 @@ CVE-2021-26417 (Windows Overlay Filter Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-26416 (Windows Hyper-V Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-26415 (Windows Installer Elevation of Privilege Vulnerability This CVE ID is ...)
+CVE-2021-26415 (Windows Installer Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-26414 (Windows DCOM Server Security Feature Bypass)
NOT-FOR-US: Microsoft
CVE-2021-26413 (Windows Installer Spoofing Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-26412 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
+CVE-2021-26412 (Microsoft Exchange Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-26411 (Internet Explorer Memory Corruption Vulnerability)
NOT-FOR-US: Microsoft
@@ -205240,23 +205408,23 @@ CVE-2021-24114 (Microsoft Teams iOS Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-24113 (Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-24112 (.NET Core Remote Code Execution Vulnerability This CVE ID is unique fr ...)
+CVE-2021-24112 (.NET Core Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-24111 (.NET Framework Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-24110 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+CVE-2021-24110 (HEVC Video Extensions Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-24109 (Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerabilit ...)
NOT-FOR-US: Microsoft
-CVE-2021-24108 (Microsoft Office Remote Code Execution Vulnerability This CVE ID is un ...)
+CVE-2021-24108 (Microsoft Office Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-24107 (Windows Event Tracing Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-24106 (Windows DirectX Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-24105 (Package Managers Configurations Remote Code Execution Vulnerability)
+CVE-2021-24105 (<p>Depending on configuration of various package managers it is possib ...)
NOT-FOR-US: Microsoft
-CVE-2021-24104 (Microsoft SharePoint Spoofing Vulnerability)
+CVE-2021-24104 (Microsoft SharePoint Server Spoofing Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-24103 (Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID ...)
NOT-FOR-US: Microsoft
@@ -205286,7 +205454,7 @@ CVE-2021-24091 (Windows Camera Codec Pack Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-24090 (Windows Error Reporting Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-24089 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+CVE-2021-24089 (HEVC Video Extensions Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-24088 (Windows Local Spooler Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
@@ -205294,7 +205462,7 @@ CVE-2021-24087 (Azure IoT CLI extension Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-24086 (Windows TCP/IP Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-24085 (Microsoft Exchange Server Spoofing Vulnerability This CVE ID is unique ...)
+CVE-2021-24085 (Microsoft Exchange Server Spoofing Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-24084 (Windows Mobile Device Management Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
@@ -205324,13 +205492,13 @@ CVE-2021-24072 (Microsoft SharePoint Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-24071 (Microsoft SharePoint Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-24070 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
+CVE-2021-24070 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-24069 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
+CVE-2021-24069 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-24068 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
+CVE-2021-24068 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-24067 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
+CVE-2021-24067 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-24066 (Microsoft SharePoint Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
@@ -220324,7 +220492,7 @@ CVE-2021-1732 (Windows Win32k Elevation of Privilege Vulnerability This CVE ID i
NOT-FOR-US: Microsoft
CVE-2021-1731 (PFX Encryption Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-1730 (Microsoft Exchange Server Spoofing Vulnerability This CVE ID is unique ...)
+CVE-2021-1730 (<p>A spoofing vulnerability exists in Microsoft Exchange Server which ...)
NOT-FOR-US: Microsoft
CVE-2021-1729 (Windows Update Stack Setup Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
@@ -220332,7 +220500,7 @@ CVE-2021-1728 (System Center Operations Manager Elevation of Privilege Vulnerabi
NOT-FOR-US: Microsoft
CVE-2021-1727 (Windows Installer Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-1726 (Microsoft SharePoint Spoofing Vulnerability)
+CVE-2021-1726 (Microsoft SharePoint Server Spoofing Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-1725 (Bot Framework SDK Information Disclosure Vulnerability)
NOT-FOR-US: Bot Framework SDK
@@ -220346,21 +220514,21 @@ CVE-2021-1721 (.NET Core and Visual Studio Denial of Service Vulnerability)
NOT-FOR-US: Microsoft .NET
CVE-2021-1720
RESERVED
-CVE-2021-1719 (Microsoft SharePoint Elevation of Privilege Vulnerability This CVE ID ...)
+CVE-2021-1719 (Microsoft SharePoint Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-1718 (Microsoft SharePoint Server Tampering Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-1717 (Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from ...)
+CVE-2021-1717 (Microsoft SharePoint Server Spoofing Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-1716 (Microsoft Word Remote Code Execution Vulnerability This CVE ID is uniq ...)
+CVE-2021-1716 (Microsoft Word Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-1715 (Microsoft Word Remote Code Execution Vulnerability This CVE ID is uniq ...)
+CVE-2021-1715 (Microsoft Word Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-1714 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
+CVE-2021-1714 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-1713 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
+CVE-2021-1713 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-1712 (Microsoft SharePoint Elevation of Privilege Vulnerability This CVE ID ...)
+CVE-2021-1712 (Microsoft SharePoint Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-1711 (Microsoft Office Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
@@ -220496,13 +220664,13 @@ CVE-2021-1646 (Windows WLAN Service Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-1645 (Windows Docker Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-1644 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+CVE-2021-1644 (HEVC Video Extensions Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2021-1643 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+CVE-2021-1643 (HEVC Video Extensions Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-1642 (Windows AppX Deployment Extensions Elevation of Privilege Vulnerabilit ...)
NOT-FOR-US: Microsoft
-CVE-2021-1641 (Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from ...)
+CVE-2021-1641 (Microsoft SharePoint Server Spoofing Vulnerability)
NOT-FOR-US: Microsoft
CVE-2021-1640 (Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID ...)
NOT-FOR-US: Microsoft
@@ -252196,8 +252364,8 @@ CVE-2020-17165
RESERVED
CVE-2020-17164
RESERVED
-CVE-2020-17163
- RESERVED
+CVE-2020-17163 (Visual Studio Code Python Extension Remote Code Execution Vulnerabilit ...)
+ TODO: check
CVE-2020-17162 (Microsoft Windows Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
CVE-2020-17161
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/292b6f13f2f35fb41686f9270fdd91cfe586fecb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/292b6f13f2f35fb41686f9270fdd91cfe586fecb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231229/c16100ad/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list