Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: ddbe70f8 by security tracker role at 2021-04-06T08:10:31+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,65 @@ +CVE-2021-30160 + RESERVED +CVE-2021-30159 + RESERVED +CVE-2021-30158 (An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through ...) + TODO: check +CVE-2021-30157 (An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through ...) + TODO: check +CVE-2021-30156 + RESERVED +CVE-2021-30155 + RESERVED +CVE-2021-30154 (An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through ...) + TODO: check +CVE-2021-30153 + RESERVED +CVE-2021-30152 + RESERVED +CVE-2021-30151 (Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue n ...) + TODO: check +CVE-2021-30150 (Composr 10.0.36 allows XSS in an XML script. ...) + TODO: check +CVE-2021-30149 (Composr 10.0.36 allows upload and execution of PHP files. ...) + TODO: check +CVE-2021-30148 + RESERVED +CVE-2021-30147 + RESERVED +CVE-2021-30146 + RESERVED +CVE-2021-30145 + RESERVED +CVE-2021-30144 (The Dashboard plugin through 1.0.2 for GLPI allows remote low-privileg ...) + TODO: check +CVE-2021-30143 + RESERVED +CVE-2021-30142 + RESERVED +CVE-2021-30141 (** DISPUTED ** Module/Settings/UserExport.php in Friendica through 202 ...) + TODO: check +CVE-2021-30140 + RESERVED +CVE-2021-30139 + RESERVED +CVE-2021-30138 + RESERVED +CVE-2021-30137 + RESERVED +CVE-2021-30136 + RESERVED +CVE-2021-30135 + RESERVED +CVE-2021-30134 + RESERVED +CVE-2021-30133 + RESERVED +CVE-2021-30132 + RESERVED +CVE-2021-30131 + RESERVED +CVE-2021-30130 + RESERVED CVE-2021-30129 RESERVED CVE-2021-30128 @@ -374,6 +436,7 @@ CVE-2021-30002 (An issue was discovered in the Linux kernel before 5.11.3 when a [buster] - linux 4.19.181-1 NOTE: https://git.kernel.org/linus/fb18802a338b36f675a388fc03d2aa504a0d0899 CVE-2021-3482 [heap-based buffer overflow in Jp2Image::readMetadata() in jp2image.cpp] + RESERVED - exiv2 <unfixed> NOTE: https://github.com/Exiv2/exiv2/issues/1522 CVE-2021-3481 [Out of bounds read in function QRadialFetchSimd from crafted svg file] @@ -4190,76 +4253,76 @@ CVE-2021-28210 [unlimited FV recursion, round 2] NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=1743 NOTE: https://github.com/tianocore/edk2/pull/1137 NOTE: https://github.com/tianocore/edk2/commit/47343af30435302c087027177613412a1a83e919 -CVE-2021-28209 - RESERVED -CVE-2021-28208 - RESERVED -CVE-2021-28207 - RESERVED -CVE-2021-28206 - RESERVED -CVE-2021-28205 - RESERVED -CVE-2021-28204 - RESERVED -CVE-2021-28203 - RESERVED -CVE-2021-28202 - RESERVED -CVE-2021-28201 - RESERVED -CVE-2021-28200 - RESERVED -CVE-2021-28199 - RESERVED -CVE-2021-28198 - RESERVED -CVE-2021-28197 - RESERVED -CVE-2021-28196 - RESERVED -CVE-2021-28195 - RESERVED -CVE-2021-28194 - RESERVED -CVE-2021-28193 - RESERVED -CVE-2021-28192 - RESERVED -CVE-2021-28191 - RESERVED -CVE-2021-28190 - RESERVED -CVE-2021-28189 - RESERVED -CVE-2021-28188 - RESERVED -CVE-2021-28187 - RESERVED -CVE-2021-28186 - RESERVED -CVE-2021-28185 - RESERVED -CVE-2021-28184 - RESERVED -CVE-2021-28183 - RESERVED -CVE-2021-28182 - RESERVED -CVE-2021-28181 - RESERVED -CVE-2021-28180 - RESERVED -CVE-2021-28179 - RESERVED -CVE-2021-28178 - RESERVED -CVE-2021-28177 - RESERVED -CVE-2021-28176 - RESERVED -CVE-2021-28175 - RESERVED +CVE-2021-28209 (The specific function in ASUS BMC’s firmware Web management page ...) + TODO: check +CVE-2021-28208 (The specific function in ASUS BMC’s firmware Web management page ...) + TODO: check +CVE-2021-28207 (The specific function in ASUS BMC’s firmware Web management page ...) + TODO: check +CVE-2021-28206 (The specific function in ASUS BMC’s firmware Web management page ...) + TODO: check +CVE-2021-28205 (The specific function in ASUS BMC’s firmware Web management page ...) + TODO: check +CVE-2021-28204 (The specific function in ASUS BMC’s firmware Web management page ...) + TODO: check +CVE-2021-28203 (The Web Set Media Image function in ASUS BMC’s firmware Web mana ...) + TODO: check +CVE-2021-28202 (The Service configuration-2 function in ASUS BMC’s firmware Web ...) + TODO: check +CVE-2021-28201 (The Service configuration-1 function in ASUS BMC’s firmware Web ...) + TODO: check +CVE-2021-28200 (The CD media configuration function in ASUS BMC’s firmware Web m ...) + TODO: check +CVE-2021-28199 (The specific function in ASUS BMC’s firmware Web management page ...) + TODO: check +CVE-2021-28198 (The Firmware protocol configuration function in ASUS BMC’s firmw ...) + TODO: check +CVE-2021-28197 (The Active Directory configuration function in ASUS BMC’s firmwa ...) + TODO: check +CVE-2021-28196 (The specific function in ASUS BMC’s firmware Web management page ...) + TODO: check +CVE-2021-28195 (The Radius configuration function in ASUS BMC’s firmware Web man ...) + TODO: check +CVE-2021-28194 (The specific function in ASUS BMC’s firmware Web management page ...) + TODO: check +CVE-2021-28193 (The SMTP configuration function in ASUS BMC’s firmware Web manag ...) + TODO: check +CVE-2021-28192 (The specific function in ASUS BMC’s firmware Web management page ...) + TODO: check +CVE-2021-28191 (The Firmware update function in ASUS BMC’s firmware Web manageme ...) + TODO: check +CVE-2021-28190 (The specific function in ASUS BMC’s firmware Web management page ...) + TODO: check +CVE-2021-28189 (The SMTP configuration function in ASUS BMC’s firmware Web manag ...) + TODO: check +CVE-2021-28188 (The specific function in ASUS BMC’s firmware Web management page ...) + TODO: check +CVE-2021-28187 (The specific function in ASUS BMC’s firmware Web management page ...) + TODO: check +CVE-2021-28186 (The specific function in ASUS BMC’s firmware Web management page ...) + TODO: check +CVE-2021-28185 (The specific function in ASUS BMC’s firmware Web management page ...) + TODO: check +CVE-2021-28184 (The Active Directory configuration function in ASUS BMC’s firmwa ...) + TODO: check +CVE-2021-28183 (The specific function in ASUS BMC’s firmware Web management page ...) + TODO: check +CVE-2021-28182 (The Web Service configuration function in ASUS BMC’s firmware We ...) + TODO: check +CVE-2021-28181 (The specific function in ASUS BMC’s firmware Web management page ...) + TODO: check +CVE-2021-28180 (The specific function in ASUS BMC’s firmware Web management page ...) + TODO: check +CVE-2021-28179 (The specific function in ASUS BMC’s firmware Web management page ...) + TODO: check +CVE-2021-28178 (The UEFI configuration function in ASUS BMC’s firmware Web manag ...) + TODO: check +CVE-2021-28177 (The LDAP configuration function in ASUS BMC’s firmware Web manag ...) + TODO: check +CVE-2021-28176 (The DNS configuration function in ASUS BMC’s firmware Web manage ...) + TODO: check +CVE-2021-28175 (The Radius configuration function in ASUS BMC’s firmware Web man ...) + TODO: check CVE-2021-28174 RESERVED CVE-2021-28173 @@ -23580,19 +23643,16 @@ CVE-2021-20310 RESERVED CVE-2021-20309 RESERVED -CVE-2021-20308 - RESERVED +CVE-2021-20308 (Integer overflow in the htmldoc 1.9.11 and before may allow attackers ...) - htmldoc <unfixed> NOTE: https://github.com/michaelrsweet/htmldoc/issues/423 -CVE-2021-20307 - RESERVED +CVE-2021-20307 (Format string vulnerability in panoFileOutputNamesCreate() in libpano1 ...) - libpano13 2.9.20~rc3+dfsg-1 (bug #985249) [buster] - libpano13 2.9.19+dfsg-3+deb10u1 NOTE: https://sourceforge.net/projects/panotools/files/libpano13/libpano13-2.9.20/ CVE-2021-20306 RESERVED -CVE-2021-20305 [Out of Bound memory access in signature verification] - RESERVED +CVE-2021-20305 (A flaw was found in Nettle in versions before 3.7.2, where several Net ...) - nettle 3.7.2-1 (bug #985652) NOTE: https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html NOTE: New functions ecc_mod_mul_canonical and ecc_mod_sqr_canonical: @@ -52939,10 +52999,10 @@ CVE-2020-19598 RESERVED CVE-2020-19597 RESERVED -CVE-2020-19596 - RESERVED -CVE-2020-19595 - RESERVED +CVE-2020-19596 (Buffer overflow vulnerability in Core FTP Server v1.2 Build 583, via a ...) + TODO: check +CVE-2020-19595 (Buffer overflow vulnerability in Core FTP Server v2 Build 697, via a c ...) + TODO: check CVE-2020-19594 RESERVED CVE-2020-19593 @@ -57292,8 +57352,8 @@ CVE-2020-17455 RESERVED CVE-2020-17454 (WSO2 API Manager 3.1.0 and earlier has reflected XSS on the "publisher ...) NOT-FOR-US: WSO2 API Manager -CVE-2020-17453 - RESERVED +CVE-2020-17453 (WSO2 Management Console through 5.10 allows XSS via the carbon/admin/l ...) + TODO: check CVE-2020-17452 (flatCore before 1.5.7 allows upload and execution of a .php file by an ...) NOT-FOR-US: flatCore CMS CVE-2020-17451 (flatCore before 1.5.7 allows XSS by an admin via the acp/acp.php?tn=pa ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ddbe70f860d956dff118117c3085bd5b0726354b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ddbe70f860d956dff118117c3085bd5b0726354b You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits