Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5424d16e by security tracker role at 2021-02-04T08:10:19+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2021-3401 (Bitcoin Core before 0.19.0 might allow remote attackers to
execute arb ...)
+ TODO: check
+CVE-2021-3400
+ RESERVED
+CVE-2021-26689 (An issue was discovered on LG mobile devices with Android OS
8.0, 8.1, ...)
+ TODO: check
+CVE-2021-26688 (An issue was discovered on LG Wing mobile devices with Android
OS 10 s ...)
+ TODO: check
+CVE-2021-26687 (An issue was discovered on LG mobile devices with Android OS
8.0, 8.1, ...)
+ TODO: check
+CVE-2021-26686
+ RESERVED
+CVE-2021-26685
+ RESERVED
+CVE-2021-26684
+ RESERVED
+CVE-2021-26683
+ RESERVED
+CVE-2021-26682
+ RESERVED
+CVE-2021-26681
+ RESERVED
+CVE-2021-26680
+ RESERVED
+CVE-2021-26679
+ RESERVED
+CVE-2021-26678
+ RESERVED
+CVE-2021-26677
+ RESERVED
CVE-2021-3399
RESERVED
CVE-2021-3398
@@ -1605,10 +1635,10 @@ CVE-2021-3281 (In Django 2.2 before 2.2.18, 3.0 before
3.0.12, and 3.1 before 3.
NOTE:
https://www.djangoproject.com/weblog/2021/feb/01/security-releases/
NOTE:
https://github.com/django/django/commit/05413afa8c18cdb978fcdf470e09f7a12b234a23
(master)
NOTE:
https://github.com/django/django/commit/21e7622dec1f8612c85c2fc37fe8efbfd3311e37
(2.2.18)
-CVE-2021-26024
- RESERVED
-CVE-2021-26023
- RESERVED
+CVE-2021-26024 (The Favorites component before 1.0.2 for Nagios XI 5.8.0 is
vulnerable ...)
+ TODO: check
+CVE-2021-26023 (The Favorites component before 1.0.2 for Nagios XI 5.8.0 is
vulnerable ...)
+ TODO: check
CVE-2021-26022
RESERVED
CVE-2021-26021
@@ -16230,8 +16260,8 @@ CVE-2021-20018
RESERVED
CVE-2021-20017
RESERVED
-CVE-2021-20016
- RESERVED
+CVE-2021-20016 (A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100
product a ...)
+ TODO: check
CVE-2021-20015
RESERVED
CVE-2021-20014
@@ -27813,12 +27843,12 @@ CVE-2020-27251 (A heap overflow vulnerability exists
within FactoryTalk Linx Ver
NOT-FOR-US: FactoryTalk
CVE-2020-27250
RESERVED
-CVE-2020-27249
- RESERVED
-CVE-2020-27248
- RESERVED
-CVE-2020-27247
- RESERVED
+CVE-2020-27249 (A specially crafted document can cause the document parser to
copy dat ...)
+ TODO: check
+CVE-2020-27248 (A specially crafted document can cause the document parser to
copy dat ...)
+ TODO: check
+CVE-2020-27247 (A specially crafted document can cause the document parser to
copy dat ...)
+ TODO: check
CVE-2020-27246
RESERVED
CVE-2020-27245
@@ -56690,12 +56720,12 @@ CVE-2020-14249
RESERVED
CVE-2020-14248 (BigFix Inventory up to v10.0.2 does not set the secure flag
for the se ...)
NOT-FOR-US: HCL BigFix Inventory
-CVE-2020-14247
- RESERVED
-CVE-2020-14246
- RESERVED
-CVE-2020-14245
- RESERVED
+CVE-2020-14247 (HCL OneTest Performance V9.5, V10.0, V10.1 contains an
inadequate sess ...)
+ TODO: check
+CVE-2020-14246 (HCL OneTest Performance V9.5, V10.0, V10.1 uses basic
authentication w ...)
+ TODO: check
+CVE-2020-14245 (HCL OneTest UI V9.5, V10.0, and V10.1 does not perform
authentication ...)
+ TODO: check
CVE-2020-14244 (A vulnerability in the MIME message handling of the Domino
server (ver ...)
NOT-FOR-US: HCL Domino server
CVE-2020-14243
@@ -58563,8 +58593,8 @@ CVE-2020-13588
RESERVED
CVE-2020-13587
RESERVED
-CVE-2020-13586
- RESERVED
+CVE-2020-13586 (A memory corruption vulnerability exists in the Excel Document
SST Rec ...)
+ TODO: check
CVE-2020-13585
RESERVED
CVE-2020-13584 (An exploitable use-after-free vulnerability exists in
WebKitGTK browse ...)
@@ -58580,10 +58610,10 @@ CVE-2020-13582 (A denial-of-service vulnerability
exists in the HTTP Server func
TODO: check
CVE-2020-13581
RESERVED
-CVE-2020-13580
- RESERVED
-CVE-2020-13579
- RESERVED
+CVE-2020-13580 (An exploitable heap-based buffer overflow vulnerability exists
in the ...)
+ TODO: check
+CVE-2020-13579 (An exploitable integer overflow vulnerability exists in the
PlanMaker ...)
+ TODO: check
CVE-2020-13578
RESERVED
CVE-2020-13577
@@ -79328,8 +79358,8 @@ CVE-2020-6090 (An exploitable code execution
vulnerability exists in the Web-Bas
NOT-FOR-US: WAGO
CVE-2020-6089 (An exploitable code execution vulnerability exists in the ANI
file for ...)
NOT-FOR-US: Leadtools
-CVE-2020-6088
- RESERVED
+CVE-2020-6088 (An exploitable denial of service vulnerability exists in the
ENIP Requ ...)
+ TODO: check
CVE-2020-6087 (An exploitable denial of service vulnerability exists in the
ENIP Requ ...)
NOT-FOR-US: Allen-Bradley Flex IO
CVE-2020-6086 (An exploitable denial of service vulnerability exists in the
ENIP Requ ...)
@@ -84264,7 +84294,7 @@ CVE-2020-4029 (The
/rest/project-templates/1.0/createshared resource in Atlassia
NOT-FOR-US: Atlassian
CVE-2020-4028 (Versions before 8.9.1, Various resources in Jira responded with
a 404 ...)
NOT-FOR-US: Atlassian
-CVE-2020-4027 (Atlassian Confluence Server and Data Center before version
7.5.1 allow ...)
+CVE-2020-4027 (Affected versions of Atlassian Confluence Server and Data
Center allow ...)
NOT-FOR-US: Atlassian
CVE-2020-4026 (The CustomAppsRestResource list resource in Atlassian Navigator
Links ...)
NOT-FOR-US: Atlassian
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5424d16e91a44b0844a1a0d1fdeb5cf07219f9d6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5424d16e91a44b0844a1a0d1fdeb5cf07219f9d6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
