[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Thu, 28 Jan 2021 00:10:39 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d8b91cfa by security tracker role at 2021-01-28T08:10:23+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,77 @@
+CVE-2021-3333
+       RESERVED
+CVE-2021-3332
+       RESERVED
+CVE-2021-3331 (WinSCP before 5.17.10 allows remote attackers to execute 
arbitrary pro ...)
+       TODO: check
+CVE-2021-3330
+       RESERVED
+CVE-2021-3329
+       RESERVED
+CVE-2021-3328
+       RESERVED
+CVE-2021-3327
+       RESERVED
+CVE-2021-26294
+       RESERVED
+CVE-2021-26293
+       RESERVED
+CVE-2021-26292
+       RESERVED
+CVE-2021-26291
+       RESERVED
+CVE-2021-26290
+       RESERVED
+CVE-2021-26289
+       RESERVED
+CVE-2021-26288
+       RESERVED
+CVE-2021-26287
+       RESERVED
+CVE-2021-26286
+       RESERVED
+CVE-2021-26285
+       RESERVED
+CVE-2021-26284
+       RESERVED
+CVE-2021-26283
+       RESERVED
+CVE-2021-26282
+       RESERVED
+CVE-2021-26281
+       RESERVED
+CVE-2021-26280
+       RESERVED
+CVE-2021-26279
+       RESERVED
+CVE-2021-26278
+       RESERVED
+CVE-2021-26277
+       RESERVED
+CVE-2021-26276 (** DISPUTED ** scripts/cli.js in the GoDaddy 
node-config-shield (aka C ...)
+       TODO: check
+CVE-2021-26275
+       RESERVED
+CVE-2020-36240
+       RESERVED
+CVE-2020-36239
+       RESERVED
+CVE-2020-36238
+       RESERVED
+CVE-2020-36237
+       RESERVED
+CVE-2020-36236
+       RESERVED
+CVE-2020-36235
+       RESERVED
+CVE-2020-36234
+       RESERVED
+CVE-2020-36233
+       RESERVED
+CVE-2020-36232
+       RESERVED
+CVE-2020-36231
+       RESERVED
 CVE-2021-3325 (Monitorix 3.13.0 allows remote attackers to bypass Basic 
Authenticatio ...)
        NOT-FOR-US: Monitorix
 CVE-2021-3324
@@ -18,7 +92,7 @@ CVE-2021-26274
        RESERVED
 CVE-2021-26273
        RESERVED
-CVE-2021-3326 [glibc: assertion failure in ISO-2022-JP-3 module]
+CVE-2021-3326 (The iconv function in the GNU C Library (aka glibc or libc6) 
2.32 and  ...)
        - glibc <unfixed> (bug #981198)
        [buster] - glibc <no-dsa> (Minor issue)
        [stretch] - glibc <no-dsa> (Minor issue)
@@ -495,8 +569,8 @@ CVE-2021-26069
        RESERVED
 CVE-2021-26068
        RESERVED
-CVE-2021-26067
-       RESERVED
+CVE-2021-26067 (Affected versions of Atlassian Bamboo allow an unauthenticated 
remote  ...)
+       TODO: check
 CVE-2021-26066
        RESERVED
 CVE-2021-26065
@@ -2560,8 +2634,8 @@ CVE-2021-25249
        RESERVED
 CVE-2021-25248
        RESERVED
-CVE-2021-25247
-       RESERVED
+CVE-2021-25247 (A DLL hijacking vulnerability Trend Micro HouseCall for Home 
Networks  ...)
+       TODO: check
 CVE-2021-25246
        RESERVED
 CVE-2021-25245
@@ -2602,12 +2676,12 @@ CVE-2021-25228
        RESERVED
 CVE-2021-25227
        RESERVED
-CVE-2021-25226
-       RESERVED
-CVE-2021-25225
-       RESERVED
-CVE-2021-25224
-       RESERVED
+CVE-2021-25226 (A memory exhaustion vulnerability in Trend Micro ServerProtect 
for Lin ...)
+       TODO: check
+CVE-2021-25225 (A memory exhaustion vulnerability in Trend Micro ServerProtect 
for Lin ...)
+       TODO: check
+CVE-2021-25224 (A memory exhaustion vulnerability in Trend Micro ServerProtect 
for Lin ...)
+       TODO: check
 CVE-2021-25223
        RESERVED
 CVE-2021-25222
@@ -4874,7 +4948,7 @@ CVE-2021-3144
 CVE-2021-3143
        RESERVED
 CVE-2021-3142
-       RESERVED
+       REJECTED
 CVE-2021-3141
        RESERVED
 CVE-2021-24121
@@ -8109,8 +8183,8 @@ CVE-2021-22639 (An uninitialized pointer issue has been 
identified in the way th
        TODO: check
 CVE-2021-22638
        RESERVED
-CVE-2021-22637
-       RESERVED
+CVE-2021-22637 (Multiple stack-based buffer overflow issues have been 
identified in th ...)
+       TODO: check
 CVE-2021-22636
        RESERVED
 CVE-2021-22635
@@ -15922,8 +15996,8 @@ CVE-2020-35126 (** DISPUTED ** Typesetter CMS 5.x 
through 5.1 allows admins to c
        NOT-FOR-US: Typesetter CMS
 CVE-2020-35125
        RESERVED
-CVE-2020-35124
-       RESERVED
+CVE-2020-35124 (A cross-site scripting (XSS) vulnerability in the assets 
component of  ...)
+       TODO: check
 CVE-2020-35123 (In Zimbra Collaboration Suite Network Edition versions &lt; 
9.0.0 P10  ...)
        NOT-FOR-US: Zimbra Collaboration Suite (ZCS)
 CVE-2020-35122 (An issue was discovered in the Keysight Database Connector 
plugin befo ...)
@@ -30023,14 +30097,14 @@ CVE-2020-25787 (An issue was discovered in Tiny Tiny 
RSS (aka tt-rss) before 202
        NOTE: 
https://git.tt-rss.org/fox/tt-rss/commit/c3d14e1fa54c7dade7b1b7955575e2991396d7ef
 CVE-2020-25786 (** UNSUPPORTED WHEN ASSIGNED ** webinc/js/info.php on D-Link 
DIR-816L  ...)
        NOT-FOR-US: D-Link
-CVE-2020-25785
-       RESERVED
-CVE-2020-25784
-       RESERVED
-CVE-2020-25783
-       RESERVED
-CVE-2020-25782
-       RESERVED
+CVE-2020-25785 (An issue was discovered on Accfly Wireless Security IR Camera 
System 7 ...)
+       TODO: check
+CVE-2020-25784 (An issue was discovered on Accfly Wireless Security IR Camera 
System 7 ...)
+       TODO: check
+CVE-2020-25783 (An issue was discovered on Accfly Wireless Security IR Camera 
System 7 ...)
+       TODO: check
+CVE-2020-25782 (An issue was discovered on Accfly Wireless Security IR Camera 
720P Sys ...)
+       TODO: check
 CVE-2020-25781 (An issue was discovered in file_download.php in MantisBT 
before 2.24.3 ...)
        - mantis <removed>
 CVE-2020-25796 (An issue was discovered in the sized-chunks crate through 
0.6.2 for Ru ...)
@@ -72280,7 +72354,7 @@ CVE-2020-8297
 CVE-2020-8296
        RESERVED
 CVE-2020-8295 (A wrong check in Nextcloud Server 19 and prior allowed to 
perform a de ...)
-        - nextcloud-server <itp> (bug #941708)
+       - nextcloud-server <itp> (bug #941708)
 CVE-2020-8294
        RESERVED
 CVE-2020-8293 (A missing input validation in Nextcloud Server before 20.0.2, 
19.0.5,  ...)
@@ -96659,7 +96733,7 @@ CVE-2020-0239 (In getDocumentMetadata of 
DocumentsContract.java, there is a poss
 CVE-2020-0238 (In updatePreferenceIntents of AccountTypePreferenceLoader, 
there is a  ...)
        NOT-FOR-US: Android
 CVE-2020-0237
-       RESERVED
+       REJECTED
 CVE-2020-0236 (In A2DP_GetCodecType of a2dp_codec_config, there is a possible 
out-of- ...)
        TODO: check
 CVE-2020-0235 (In crus_sp_shared_ioctl we first copy 4 bytes from userdata 
into "size ...)
@@ -121531,7 +121605,6 @@ CVE-2019-14856 (ansible before versions 2.8.6, 
2.7.14, 2.6.20 is vulnerable to a
        NOTE: https://github.com/ansible/ansible/pull/63351
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1760829
 CVE-2019-10206 (ansible-playbook -k and ansible cli tools, all versions 2.8.x 
before 2 ...)
-       {DLA-2535-1}
        - ansible 2.8.6+dfsg-1 (bug #933005)
        [buster] - ansible <no-dsa> (Minor issue)
        [jessie] - ansible <not-affected> (Vulnerable code introduced later, 
password templating code introduced with 2.0 refactoring, '{{' supported in 
passwords)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d8b91cfaa06d0273000e62ad5d4b64249aa678e4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d8b91cfaa06d0273000e62ad5d4b64249aa678e4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to