Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 5424d16e by security tracker role at 2021-02-04T08:10:19+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,33 @@ +CVE-2021-3401 (Bitcoin Core before 0.19.0 might allow remote attackers to execute arb ...) + TODO: check +CVE-2021-3400 + RESERVED +CVE-2021-26689 (An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, ...) + TODO: check +CVE-2021-26688 (An issue was discovered on LG Wing mobile devices with Android OS 10 s ...) + TODO: check +CVE-2021-26687 (An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, ...) + TODO: check +CVE-2021-26686 + RESERVED +CVE-2021-26685 + RESERVED +CVE-2021-26684 + RESERVED +CVE-2021-26683 + RESERVED +CVE-2021-26682 + RESERVED +CVE-2021-26681 + RESERVED +CVE-2021-26680 + RESERVED +CVE-2021-26679 + RESERVED +CVE-2021-26678 + RESERVED +CVE-2021-26677 + RESERVED CVE-2021-3399 RESERVED CVE-2021-3398 @@ -1605,10 +1635,10 @@ CVE-2021-3281 (In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3. NOTE: https://www.djangoproject.com/weblog/2021/feb/01/security-releases/ NOTE: https://github.com/django/django/commit/05413afa8c18cdb978fcdf470e09f7a12b234a23 (master) NOTE: https://github.com/django/django/commit/21e7622dec1f8612c85c2fc37fe8efbfd3311e37 (2.2.18) -CVE-2021-26024 - RESERVED -CVE-2021-26023 - RESERVED +CVE-2021-26024 (The Favorites component before 1.0.2 for Nagios XI 5.8.0 is vulnerable ...) + TODO: check +CVE-2021-26023 (The Favorites component before 1.0.2 for Nagios XI 5.8.0 is vulnerable ...) + TODO: check CVE-2021-26022 RESERVED CVE-2021-26021 @@ -16230,8 +16260,8 @@ CVE-2021-20018 RESERVED CVE-2021-20017 RESERVED -CVE-2021-20016 - RESERVED +CVE-2021-20016 (A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product a ...) + TODO: check CVE-2021-20015 RESERVED CVE-2021-20014 @@ -27813,12 +27843,12 @@ CVE-2020-27251 (A heap overflow vulnerability exists within FactoryTalk Linx Ver NOT-FOR-US: FactoryTalk CVE-2020-27250 RESERVED -CVE-2020-27249 - RESERVED -CVE-2020-27248 - RESERVED -CVE-2020-27247 - RESERVED +CVE-2020-27249 (A specially crafted document can cause the document parser to copy dat ...) + TODO: check +CVE-2020-27248 (A specially crafted document can cause the document parser to copy dat ...) + TODO: check +CVE-2020-27247 (A specially crafted document can cause the document parser to copy dat ...) + TODO: check CVE-2020-27246 RESERVED CVE-2020-27245 @@ -56690,12 +56720,12 @@ CVE-2020-14249 RESERVED CVE-2020-14248 (BigFix Inventory up to v10.0.2 does not set the secure flag for the se ...) NOT-FOR-US: HCL BigFix Inventory -CVE-2020-14247 - RESERVED -CVE-2020-14246 - RESERVED -CVE-2020-14245 - RESERVED +CVE-2020-14247 (HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate sess ...) + TODO: check +CVE-2020-14246 (HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication w ...) + TODO: check +CVE-2020-14245 (HCL OneTest UI V9.5, V10.0, and V10.1 does not perform authentication ...) + TODO: check CVE-2020-14244 (A vulnerability in the MIME message handling of the Domino server (ver ...) NOT-FOR-US: HCL Domino server CVE-2020-14243 @@ -58563,8 +58593,8 @@ CVE-2020-13588 RESERVED CVE-2020-13587 RESERVED -CVE-2020-13586 - RESERVED +CVE-2020-13586 (A memory corruption vulnerability exists in the Excel Document SST Rec ...) + TODO: check CVE-2020-13585 RESERVED CVE-2020-13584 (An exploitable use-after-free vulnerability exists in WebKitGTK browse ...) @@ -58580,10 +58610,10 @@ CVE-2020-13582 (A denial-of-service vulnerability exists in the HTTP Server func TODO: check CVE-2020-13581 RESERVED -CVE-2020-13580 - RESERVED -CVE-2020-13579 - RESERVED +CVE-2020-13580 (An exploitable heap-based buffer overflow vulnerability exists in the ...) + TODO: check +CVE-2020-13579 (An exploitable integer overflow vulnerability exists in the PlanMaker ...) + TODO: check CVE-2020-13578 RESERVED CVE-2020-13577 @@ -79328,8 +79358,8 @@ CVE-2020-6090 (An exploitable code execution vulnerability exists in the Web-Bas NOT-FOR-US: WAGO CVE-2020-6089 (An exploitable code execution vulnerability exists in the ANI file for ...) NOT-FOR-US: Leadtools -CVE-2020-6088 - RESERVED +CVE-2020-6088 (An exploitable denial of service vulnerability exists in the ENIP Requ ...) + TODO: check CVE-2020-6087 (An exploitable denial of service vulnerability exists in the ENIP Requ ...) NOT-FOR-US: Allen-Bradley Flex IO CVE-2020-6086 (An exploitable denial of service vulnerability exists in the ENIP Requ ...) @@ -84264,7 +84294,7 @@ CVE-2020-4029 (The /rest/project-templates/1.0/createshared resource in Atlassia NOT-FOR-US: Atlassian CVE-2020-4028 (Versions before 8.9.1, Various resources in Jira responded with a 404 ...) NOT-FOR-US: Atlassian -CVE-2020-4027 (Atlassian Confluence Server and Data Center before version 7.5.1 allow ...) +CVE-2020-4027 (Affected versions of Atlassian Confluence Server and Data Center allow ...) NOT-FOR-US: Atlassian CVE-2020-4026 (The CustomAppsRestResource list resource in Atlassian Navigator Links ...) NOT-FOR-US: Atlassian View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5424d16e91a44b0844a1a0d1fdeb5cf07219f9d6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5424d16e91a44b0844a1a0d1fdeb5cf07219f9d6 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits