Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 37e034d4 by security tracker role at 2021-03-12T08:10:17+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,4 +1,170 @@ -CVE-2021-28153 [g_file_replace() with G_FILE_CREATE_REPLACE_DESTINATION creates empty target for dangling symlink] +CVE-2021-3441 + RESERVED +CVE-2021-3440 + RESERVED +CVE-2021-3439 + RESERVED +CVE-2021-3438 + RESERVED +CVE-2021-3437 + RESERVED +CVE-2021-3436 + RESERVED +CVE-2021-28216 + RESERVED +CVE-2021-28215 + RESERVED +CVE-2021-28214 + RESERVED +CVE-2021-28213 + RESERVED +CVE-2021-28212 + RESERVED +CVE-2021-28211 + RESERVED +CVE-2021-28210 + RESERVED +CVE-2021-28209 + RESERVED +CVE-2021-28208 + RESERVED +CVE-2021-28207 + RESERVED +CVE-2021-28206 + RESERVED +CVE-2021-28205 + RESERVED +CVE-2021-28204 + RESERVED +CVE-2021-28203 + RESERVED +CVE-2021-28202 + RESERVED +CVE-2021-28201 + RESERVED +CVE-2021-28200 + RESERVED +CVE-2021-28199 + RESERVED +CVE-2021-28198 + RESERVED +CVE-2021-28197 + RESERVED +CVE-2021-28196 + RESERVED +CVE-2021-28195 + RESERVED +CVE-2021-28194 + RESERVED +CVE-2021-28193 + RESERVED +CVE-2021-28192 + RESERVED +CVE-2021-28191 + RESERVED +CVE-2021-28190 + RESERVED +CVE-2021-28189 + RESERVED +CVE-2021-28188 + RESERVED +CVE-2021-28187 + RESERVED +CVE-2021-28186 + RESERVED +CVE-2021-28185 + RESERVED +CVE-2021-28184 + RESERVED +CVE-2021-28183 + RESERVED +CVE-2021-28182 + RESERVED +CVE-2021-28181 + RESERVED +CVE-2021-28180 + RESERVED +CVE-2021-28179 + RESERVED +CVE-2021-28178 + RESERVED +CVE-2021-28177 + RESERVED +CVE-2021-28176 + RESERVED +CVE-2021-28175 + RESERVED +CVE-2021-28174 + RESERVED +CVE-2021-28173 + RESERVED +CVE-2021-28172 + RESERVED +CVE-2021-28171 + RESERVED +CVE-2021-28170 + RESERVED +CVE-2021-28169 + RESERVED +CVE-2021-28168 + RESERVED +CVE-2021-28167 + RESERVED +CVE-2021-28166 + RESERVED +CVE-2021-28165 + RESERVED +CVE-2021-28164 + RESERVED +CVE-2021-28163 + RESERVED +CVE-2021-28162 + RESERVED +CVE-2021-28161 + RESERVED +CVE-2021-28160 + RESERVED +CVE-2021-28159 + RESERVED +CVE-2021-28158 + RESERVED +CVE-2021-28157 + RESERVED +CVE-2021-28156 + RESERVED +CVE-2021-28155 + RESERVED +CVE-2021-28154 (** DISPUTED ** Camunda Modeler (aka camunda-modeler) through 4.6.0 all ...) + TODO: check +CVE-2021-28152 + RESERVED +CVE-2021-28151 + RESERVED +CVE-2021-28150 + RESERVED +CVE-2021-28149 + RESERVED +CVE-2021-28148 + RESERVED +CVE-2021-28147 + RESERVED +CVE-2021-28146 + RESERVED +CVE-2020-36282 (JMS Client for RabbitMQ 1.x before 1.15.2 and 2.x before 2.2.0 is vuln ...) + TODO: check +CVE-2020-36281 (Leptonica before 1.80.0 allows a heap-based buffer over-read in pixFew ...) + TODO: check +CVE-2020-36280 (Leptonica before 1.80.0 allows a heap-based buffer over-read in pixRea ...) + TODO: check +CVE-2020-36279 (Leptonica before 1.80.0 allows a heap-based buffer over-read in raster ...) + TODO: check +CVE-2020-36278 (Leptonica before 1.80.0 allows a heap-based buffer over-read in findNe ...) + TODO: check +CVE-2020-36277 (Leptonica before 1.80.0 allows a denial of service (application crash) ...) + TODO: check +CVE-2016-20009 (** UNSUPPORTED WHEN ASSIGNED ** A DNS client stack-based buffer overfl ...) + TODO: check +CVE-2021-28153 (An issue was discovered in GNOME GLib before 2.66.8. When g_file_repla ...) - glib2.0 2.66.7-2 (bug #984969) NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2325 CVE-2021-3435 @@ -21,8 +187,8 @@ CVE-2021-28145 RESERVED CVE-2021-28144 (prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote a ...) NOT-FOR-US: D-Link -CVE-2021-28143 - RESERVED +CVE-2021-28143 (/jsonrpc on D-Link DIR-841 3.03 and 3.04 devices allows authenticated ...) + TODO: check CVE-2021-28142 RESERVED CVE-2021-28141 (An issue was discovered in Progress Telerik UI for ASP.NET AJAX 2021.1 ...) @@ -1157,10 +1323,10 @@ CVE-2021-27649 RESERVED CVE-2021-27648 RESERVED -CVE-2021-27647 - RESERVED -CVE-2021-27646 - RESERVED +CVE-2021-27647 (Out-of-bounds Read vulnerability in iscsi_snapshot_comm_core in Synolo ...) + TODO: check +CVE-2021-27646 (Use After Free vulnerability in iscsi_snapshot_comm_core in Synology D ...) + TODO: check CVE-2021-27645 (The nameserver caching daemon (nscd) in the GNU C Library (aka glibc o ...) - glibc <unfixed> (bug #983479) [buster] - glibc <no-dsa> (Minor issue) @@ -3596,8 +3762,8 @@ CVE-2021-26571 (The Baseboard Management Controller (BMC) firmware in HPE Apollo NOT-FOR-US: HPE CVE-2021-26570 (The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 Sy ...) NOT-FOR-US: HPE -CVE-2021-26569 - RESERVED +CVE-2021-26569 (Race Condition within a Thread vulnerability in iscsi_snapshot_comm_co ...) + TODO: check CVE-2021-26568 RESERVED CVE-2021-26567 (Use of unmaintained third party components vulnerability in faad in Sy ...) @@ -12318,18 +12484,18 @@ CVE-2021-22716 RESERVED CVE-2021-22715 RESERVED -CVE-2021-22714 - RESERVED -CVE-2021-22713 - RESERVED -CVE-2021-22712 - RESERVED -CVE-2021-22711 - RESERVED -CVE-2021-22710 - RESERVED -CVE-2021-22709 - RESERVED +CVE-2021-22714 (A CWE-119:Improper restriction of operations within the bounds of a me ...) + TODO: check +CVE-2021-22713 (A CWE-119:Improper restriction of operations within the bounds of a me ...) + TODO: check +CVE-2021-22712 (A CWE-119:Improper Restriction of Operations within the Bounds of a Me ...) + TODO: check +CVE-2021-22711 (A CWE-119:Improper Restriction of Operations within the Bounds of a Me ...) + TODO: check +CVE-2021-22710 (A CWE-119:Improper Restriction of Operations within the Bounds of a Me ...) + TODO: check +CVE-2021-22709 (A CWE-119:Improper Restriction of Operations within the Bounds of a Me ...) + TODO: check CVE-2021-22708 RESERVED CVE-2021-22707 @@ -18265,8 +18431,8 @@ CVE-2021-20676 RESERVED CVE-2021-20675 RESERVED -CVE-2021-20674 - RESERVED +CVE-2021-20674 (Untrusted search path vulnerability in Installer of MagicConnect Clien ...) + TODO: check CVE-2021-20673 (Stored cross-site scripting vulnerability in Admin Page of GROWI (v4.2 ...) NOT-FOR-US: GROWI CVE-2021-20672 (Reflected cross-site scripting vulnerability due to insufficient verif ...) @@ -19138,8 +19304,7 @@ CVE-2021-20263 (A flaw was found in the virtio-fs shared file system daemon (vir NOTE: Introduced in https://git.qemu.org/?p=qemu.git;a=commit;h=725ca3313a5b9cbef89eaa1c728567684f37990a CVE-2021-20262 (A flaw was found in Keycloak 12.0.0 where re-authentication does not o ...) NOT-FOR-US: Keycloak -CVE-2021-20261 - RESERVED +CVE-2021-20261 (A race condition was found in the Linux kernels implementation of the ...) - linux 4.5.1-1 NOTE: https://git.kernel.org/linus/a0c80efe5956ccce9fe7ae5c78542578c07bc20a NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1932150 @@ -24217,8 +24382,8 @@ CVE-2020-29047 (The wp-hotel-booking plugin through 1.10.2 for WordPress allows NOT-FOR-US: wp-hotel-booking plugin for WordPress CVE-2020-29046 RESERVED -CVE-2020-29045 - RESERVED +CVE-2020-29045 (The food-and-drink-menu plugin through 2.2.0 for WordPress allows remo ...) + TODO: check CVE-2020-29044 RESERVED CVE-2020-29043 (An issue was discovered in BigBlueButton through 2.2.29. When at attac ...) @@ -37181,10 +37346,10 @@ CVE-2020-24986 (Concrete5 up to and including 8.5.2 allows Unrestricted Upload o NOT-FOR-US: Concrete5 CVE-2020-24985 RESERVED -CVE-2020-24984 - RESERVED -CVE-2020-24983 - RESERVED +CVE-2020-24984 (An issue was discovered in Quadbase EspressReports ES 7 Update 9. It a ...) + TODO: check +CVE-2020-24983 (An issue was discovered in Quadbase EspressReports ES 7 Update 9. An u ...) + TODO: check CVE-2020-24982 RESERVED CVE-2020-24981 (An Incorrect Access Control vulnerability exists in /ucms/chk.php in U ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37e034d47fb03234786111ed13a452285260b764 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37e034d47fb03234786111ed13a452285260b764 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits