Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 90c71e2e by security tracker role at 2021-02-12T08:10:22+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,15 @@ +CVE-2021-27201 + RESERVED +CVE-2021-27200 + RESERVED +CVE-2021-27199 + RESERVED +CVE-2021-27198 + RESERVED +CVE-2021-27197 + RESERVED +CVE-2021-27196 + RESERVED CVE-2021-27195 RESERVED CVE-2021-27194 @@ -10,8 +22,8 @@ CVE-2021-27191 (The get-ip-range package before 4.0.0 for Node.js is vulnerable TODO: check CVE-2021-3408 RESERVED -CVE-2021-27190 - RESERVED +CVE-2021-27190 (PEEL Shopping cart 9.3.0 allows utilisateurs/change_params.php Address ...) + TODO: check CVE-2021-27189 RESERVED CVE-2021-27188 @@ -11622,8 +11634,8 @@ CVE-2021-21978 RESERVED CVE-2021-21977 RESERVED -CVE-2021-21976 - RESERVED +CVE-2021-21976 (vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8. ...) + TODO: check CVE-2021-21975 RESERVED CVE-2021-21974 @@ -13362,11 +13374,11 @@ CVE-2021-21471 (In CLA-Assistant, versions before 2.8.5, due to improper access NOT-FOR-US: CLA-Assistant CVE-2021-21470 (SAP EPM Add-in for Microsoft Office, version - 1010 and SAP EPM Add-in ...) NOT-FOR-US: SAP -CVE-2021-21469 (When security guidelines for SAP NetWeaver Master Data Management, ver ...) +CVE-2021-21469 (When security guidelines for SAP NetWeaver Master Data Management runn ...) NOT-FOR-US: SAP CVE-2021-21468 (The BW Database Interface does not perform necessary authorization che ...) NOT-FOR-US: SAP -CVE-2021-21467 (SAP Banking Services (Generic Market Data) 400, 450, and 500 does not ...) +CVE-2021-21467 (SAP Banking Services (Generic Market Data) does not perform necessary ...) NOT-FOR-US: SAP CVE-2021-21466 (SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 75 ...) NOT-FOR-US: SAP @@ -14218,10 +14230,10 @@ CVE-2021-21313 RESERVED CVE-2021-21312 RESERVED -CVE-2021-21311 - RESERVED -CVE-2021-21310 - RESERVED +CVE-2021-21311 (Adminer is an open-source database management in a single PHP file. In ...) + TODO: check +CVE-2021-21310 (NextAuth.js (next-auth) is am open source authentication solution for ...) + TODO: check CVE-2021-21309 RESERVED CVE-2021-21308 @@ -14953,109 +14965,109 @@ CVE-2021-21065 RESERVED CVE-2021-21064 RESERVED -CVE-2021-21063 - RESERVED -CVE-2021-21062 - RESERVED -CVE-2021-21061 - RESERVED -CVE-2021-21060 - RESERVED -CVE-2021-21059 - RESERVED -CVE-2021-21058 - RESERVED -CVE-2021-21057 - RESERVED +CVE-2021-21063 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) + TODO: check +CVE-2021-21062 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) + TODO: check +CVE-2021-21061 (Acrobat Pro DC versions versions 2020.013.20074 (and earlier), 2020.00 ...) + TODO: check +CVE-2021-21060 (Adobe Acrobat Pro DC versions 2020.013.20074 (and earlier), 2020.001.3 ...) + TODO: check +CVE-2021-21059 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) + TODO: check +CVE-2021-21058 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) + TODO: check +CVE-2021-21057 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) + TODO: check CVE-2021-21056 RESERVED -CVE-2021-21055 - RESERVED -CVE-2021-21054 - RESERVED -CVE-2021-21053 - RESERVED -CVE-2021-21052 - RESERVED -CVE-2021-21051 - RESERVED -CVE-2021-21050 - RESERVED -CVE-2021-21049 - RESERVED -CVE-2021-21048 - RESERVED -CVE-2021-21047 - RESERVED -CVE-2021-21046 - RESERVED -CVE-2021-21045 - RESERVED -CVE-2021-21044 - RESERVED +CVE-2021-21055 (Adobe Dreamweaver versions 21.0 (and earlier) and 20.2 (and earlier) i ...) + TODO: check +CVE-2021-21054 (Adobe Illustrator version 25.1 (and earlier) is affected by an Out-of- ...) + TODO: check +CVE-2021-21053 (Adobe Illustrator version 25.1 (and earlier) is affected by an Out-of- ...) + TODO: check +CVE-2021-21052 (Adobe Animate version 21.0.2 (and earlier) is affected by an Out-of-bo ...) + TODO: check +CVE-2021-21051 (Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) ...) + TODO: check +CVE-2021-21050 (Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) ...) + TODO: check +CVE-2021-21049 (Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) ...) + TODO: check +CVE-2021-21048 (Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) ...) + TODO: check +CVE-2021-21047 (Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) ...) + TODO: check +CVE-2021-21046 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) + TODO: check +CVE-2021-21045 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) + TODO: check +CVE-2021-21044 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) + TODO: check CVE-2021-21043 (ACS Commons version 4.9.2 (and earlier) suffers from a Reflected Cross ...) NOT-FOR-US: Adobe -CVE-2021-21042 - RESERVED -CVE-2021-21041 - RESERVED -CVE-2021-21040 - RESERVED -CVE-2021-21039 - RESERVED -CVE-2021-21038 - RESERVED -CVE-2021-21037 - RESERVED -CVE-2021-21036 - RESERVED -CVE-2021-21035 - RESERVED -CVE-2021-21034 - RESERVED -CVE-2021-21033 - RESERVED -CVE-2021-21032 - RESERVED -CVE-2021-21031 - RESERVED -CVE-2021-21030 - RESERVED -CVE-2021-21029 - RESERVED -CVE-2021-21028 - RESERVED -CVE-2021-21027 - RESERVED -CVE-2021-21026 - RESERVED -CVE-2021-21025 - RESERVED -CVE-2021-21024 - RESERVED -CVE-2021-21023 - RESERVED -CVE-2021-21022 - RESERVED -CVE-2021-21021 - RESERVED -CVE-2021-21020 - RESERVED -CVE-2021-21019 - RESERVED -CVE-2021-21018 - RESERVED -CVE-2021-21017 - RESERVED -CVE-2021-21016 - RESERVED -CVE-2021-21015 - RESERVED -CVE-2021-21014 - RESERVED -CVE-2021-21013 (Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bound ...) +CVE-2021-21042 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) + TODO: check +CVE-2021-21041 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) + TODO: check +CVE-2021-21040 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) + TODO: check +CVE-2021-21039 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) + TODO: check +CVE-2021-21038 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) + TODO: check +CVE-2021-21037 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) + TODO: check +CVE-2021-21036 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) + TODO: check +CVE-2021-21035 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) + TODO: check +CVE-2021-21034 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) + TODO: check +CVE-2021-21033 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) + TODO: check +CVE-2021-21032 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...) + TODO: check +CVE-2021-21031 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...) + TODO: check +CVE-2021-21030 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...) + TODO: check +CVE-2021-21029 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...) + TODO: check +CVE-2021-21028 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) + TODO: check +CVE-2021-21027 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...) + TODO: check +CVE-2021-21026 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...) + TODO: check +CVE-2021-21025 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...) + TODO: check +CVE-2021-21024 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...) + TODO: check +CVE-2021-21023 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...) + TODO: check +CVE-2021-21022 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...) + TODO: check +CVE-2021-21021 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) + TODO: check +CVE-2021-21020 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...) + TODO: check +CVE-2021-21019 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...) + TODO: check +CVE-2021-21018 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...) + TODO: check +CVE-2021-21017 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) + TODO: check +CVE-2021-21016 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...) + TODO: check +CVE-2021-21015 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...) + TODO: check +CVE-2021-21014 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...) + TODO: check +CVE-2021-21013 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...) NOT-FOR-US: Adobe -CVE-2021-21012 (Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bound ...) +CVE-2021-21012 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...) NOT-FOR-US: Adobe CVE-2021-21011 (Adobe Captivate 2019 version 11.5.1.499 (and earlier) is affected by a ...) NOT-FOR-US: Adobe @@ -15828,40 +15840,40 @@ CVE-2021-20653 RESERVED CVE-2021-20652 (Cross-site request forgery (CSRF) vulnerability in Name Directory 1.17 ...) NOT-FOR-US: Name Directory -CVE-2021-20651 - RESERVED -CVE-2021-20650 - RESERVED -CVE-2021-20649 - RESERVED -CVE-2021-20648 - RESERVED -CVE-2021-20647 - RESERVED -CVE-2021-20646 - RESERVED -CVE-2021-20645 - RESERVED -CVE-2021-20644 - RESERVED -CVE-2021-20643 - RESERVED -CVE-2021-20642 - RESERVED -CVE-2021-20641 - RESERVED -CVE-2021-20640 - RESERVED -CVE-2021-20639 - RESERVED -CVE-2021-20638 - RESERVED -CVE-2021-20637 - RESERVED -CVE-2021-20636 - RESERVED -CVE-2021-20635 - RESERVED +CVE-2021-20651 (Directory traversal vulnerability in ELECOM File Manager all versions ...) + TODO: check +CVE-2021-20650 (Cross-site request forgery (CSRF) vulnerability in ELECOM NCC-EWF100RM ...) + TODO: check +CVE-2021-20649 (ELECOM WRC-300FEBK-S contains an improper certificate validation vulne ...) + TODO: check +CVE-2021-20648 (ELECOM WRC-300FEBK-S allows an attacker with administrator rights to e ...) + TODO: check +CVE-2021-20647 (Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK- ...) + TODO: check +CVE-2021-20646 (Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK- ...) + TODO: check +CVE-2021-20645 (Cross-site scripting vulnerability in ELECOM WRC-300FEBK-A allows remo ...) + TODO: check +CVE-2021-20644 (ELECOM WRC-1467GHBK-A allows arbitrary scripts to be executed on the u ...) + TODO: check +CVE-2021-20643 (Improper access control vulnerability in ELECOM LD-PS/U1 allows remote ...) + TODO: check +CVE-2021-20642 (Improper check or handling of exceptional conditions in LOGITEC LAN-W3 ...) + TODO: check +CVE-2021-20641 (Cross-site request forgery (CSRF) vulnerability in LOGITEC LAN-W300N/R ...) + TODO: check +CVE-2021-20640 (Buffer overflow vulnerability in LOGITEC LAN-W300N/PGRB allows an atta ...) + TODO: check +CVE-2021-20639 (LOGITEC LAN-W300N/PGRB allows an attacker with administrative privileg ...) + TODO: check +CVE-2021-20638 (LOGITEC LAN-W300N/PGRB allows an attacker with administrative privileg ...) + TODO: check +CVE-2021-20637 (Improper check or handling of exceptional conditions in LOGITEC LAN-W3 ...) + TODO: check +CVE-2021-20636 (Cross-site request forgery (CSRF) vulnerability in LOGITEC LAN-W300N/P ...) + TODO: check +CVE-2021-20635 (Improper restriction of excessive authentication attempts in LOGITEC L ...) + TODO: check CVE-2021-20634 RESERVED CVE-2021-20633 @@ -27065,26 +27077,26 @@ CVE-2020-27871 (This vulnerability allows remote attackers to create arbitrary f TODO: check CVE-2020-27870 (This vulnerability allows remote attackers to disclose sensitive infor ...) TODO: check -CVE-2020-27869 - RESERVED -CVE-2020-27868 - RESERVED -CVE-2020-27867 - RESERVED -CVE-2020-27866 - RESERVED -CVE-2020-27865 - RESERVED -CVE-2020-27864 - RESERVED -CVE-2020-27863 - RESERVED -CVE-2020-27862 - RESERVED -CVE-2020-27861 - RESERVED -CVE-2020-27860 - RESERVED +CVE-2020-27869 (This vulnerability allows remote attackers to escalate privileges on a ...) + TODO: check +CVE-2020-27868 (This vulnerability allows remote attackers to execute arbitrary code o ...) + TODO: check +CVE-2020-27867 (This vulnerability allows network-adjacent attackers to execute arbitr ...) + TODO: check +CVE-2020-27866 (This vulnerability allows network-adjacent attackers to bypass authent ...) + TODO: check +CVE-2020-27865 (This vulnerability allows network-adjacent attackers to execute arbitr ...) + TODO: check +CVE-2020-27864 (This vulnerability allows network-adjacent attackers to execute arbitr ...) + TODO: check +CVE-2020-27863 (This vulnerability allows network-adjacent attackers to disclose sensi ...) + TODO: check +CVE-2020-27862 (This vulnerability allows network-adjacent attackers to execute arbitr ...) + TODO: check +CVE-2020-27861 (This vulnerability allows network-adjacent attackers to execute arbitr ...) + TODO: check +CVE-2020-27860 (This vulnerability allows remote attackers to execute arbitrary code o ...) + TODO: check CVE-2020-27859 (This vulnerability allows remote attackers to disclose sensitive infor ...) NOT-FOR-US: NEC ESMPRO Manager CVE-2020-27858 (This vulnerability allows remote attackers to disclose sensitive infor ...) @@ -72341,8 +72353,8 @@ CVE-2020-9308 (archive_read_support_format_rar5.c in libarchive before 3.4.2 att NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20459 NOTE: https://github.com/libarchive/libarchive/pull/1326 NOTE: https://github.com/libarchive/libarchive/commit/94821008d6eea81e315c5881cdf739202961040a -CVE-2020-9307 - RESERVED +CVE-2020-9307 (Hirschmann OS2, RSP, and RSPE devices before HiOS 08.3.00 allow a deni ...) + TODO: check CVE-2020-9306 RESERVED CVE-2020-9305 @@ -94125,10 +94137,10 @@ CVE-2019-19007 (Intelbras IWR 3000N 1.8.7 devices allow disclosure of the admini NOT-FOR-US: Intelbras IWR 3000N 1.8.7 devices CVE-2019-19006 (Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197. ...) NOT-FOR-US: FreePBX -CVE-2019-19005 - RESERVED -CVE-2019-19004 - RESERVED +CVE-2019-19005 (A bitmap double free in main.c in autotrace 0.31.1 allows attackers to ...) + TODO: check +CVE-2019-19004 (A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 ...) + TODO: check CVE-2019-19003 (For ABB eSOMS versions 4.0 to 6.0.2, the HTTPOnly flag is not set. Thi ...) NOT-FOR-US: ABB eSOMS CVE-2019-19002 (For ABB eSOMS versions 4.0 to 6.0.2, the X-XSS-Protection HTTP respons ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90c71e2e3149b5fa6711ae1754cef1fd262d0a02 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90c71e2e3149b5fa6711ae1754cef1fd262d0a02 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits