From 9f4e3f84265d46c9dcd369d310826fae521fbc3f Mon Sep 17 00:00:00 2001 From: security tracker role Date: Tue, 26 Oct 2021 08:10:12 +0000 Subject: automatic update --- data/CVE/list | 109 +++++++++++++++++++++++++++++++++++++++++----------------- 1 file changed, 77 insertions(+), 32 deletions(-) (limited to 'data') diff --git a/data/CVE/list b/data/CVE/list index 54dc283a0a..1c63a119a1 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,49 @@ +CVE-2021-43032 + RESERVED +CVE-2021-43031 + RESERVED +CVE-2021-43030 + RESERVED +CVE-2021-43029 + RESERVED +CVE-2021-43028 + RESERVED +CVE-2021-43027 + RESERVED +CVE-2021-43026 + RESERVED +CVE-2021-43025 + RESERVED +CVE-2021-43024 + RESERVED +CVE-2021-43023 + RESERVED +CVE-2021-43022 + RESERVED +CVE-2021-43021 + RESERVED +CVE-2021-43020 + RESERVED +CVE-2021-43019 + RESERVED +CVE-2021-43018 + RESERVED +CVE-2021-43017 + RESERVED +CVE-2021-43016 + RESERVED +CVE-2021-43015 + RESERVED +CVE-2021-43014 + RESERVED +CVE-2021-43013 + RESERVED +CVE-2021-43012 + RESERVED +CVE-2021-43011 + RESERVED +CVE-2021-3905 + RESERVED CVE-2021-3904 RESERVED CVE-2021-3903 @@ -5049,16 +5095,16 @@ CVE-2021-41310 RESERVED CVE-2021-41309 RESERVED -CVE-2021-41308 - RESERVED -CVE-2021-41307 - RESERVED -CVE-2021-41306 - RESERVED -CVE-2021-41305 - RESERVED -CVE-2021-41304 - RESERVED +CVE-2021-41308 (Affected versions of Atlassian Jira Server and Data Center allow authe ...) + TODO: check +CVE-2021-41307 (Affected versions of Atlassian Jira Server and Data Center allow unaut ...) + TODO: check +CVE-2021-41306 (Affected versions of Atlassian Jira Server and Data Center allow anony ...) + TODO: check +CVE-2021-41305 (Affected versions of Atlassian Jira Server and Data Center allow anony ...) + TODO: check +CVE-2021-41304 (Affected versions of Atlassian Jira Server and Data Center allow anony ...) + TODO: check CVE-2021-3812 (adminlte is vulnerable to Improper Neutralization of Input During Web ...) NOT-FOR-US: adminlte CVE-2021-3811 (adminlte is vulnerable to Improper Neutralization of Input During Web ...) @@ -5343,12 +5389,12 @@ CVE-2021-41181 RESERVED CVE-2021-41180 RESERVED -CVE-2021-41179 - RESERVED -CVE-2021-41178 - RESERVED -CVE-2021-41177 - RESERVED +CVE-2021-41179 (Nextcloud is an open-source, self-hosted productivity platform. Prior ...) + TODO: check +CVE-2021-41178 (Nextcloud is an open-source, self-hosted productivity platform. Prior ...) + TODO: check +CVE-2021-41177 (Nextcloud is an open-source, self-hosted productivity platform. Prior ...) + TODO: check CVE-2021-41176 (Pterodactyl is an open-source game server management panel built with ...) NOT-FOR-US: Pterodactyl CVE-2021-41175 @@ -5429,8 +5475,7 @@ CVE-2021-41146 (qutebrowser is an open source keyboard-focused browser with a mi NOTE: https://github.com/qutebrowser/qutebrowser/commit/8f46ba3f6dc7b18375f7aa63c48a1fe461190430 NOTE: Additional hardening for potential similar issues on Linux were added, but NOTE: are not fixing a security vulnerability. -CVE-2021-41145 - RESERVED +CVE-2021-41145 (Software Defined Telecom Stack enabling the digital transformation fro ...) - freeswitch (bug #389591) NOTE: https://github.com/signalwire/freeswitch/security/advisories/GHSA-jvpq-23v4-gp3m CVE-2021-41144 @@ -5514,8 +5559,7 @@ CVE-2021-41107 RESERVED CVE-2021-41106 (JWT is a library to work with JSON Web Token and JSON Web Signature. P ...) NOT-FOR-US: PHP lcobucci/jwt -CVE-2021-41105 - RESERVED +CVE-2021-41105 (FreeSWITCH is a Software Defined Telecom Stack enabling the digital tr ...) - freeswitch (bug #389591) NOTE: https://github.com/signalwire/freeswitch/security/advisories/GHSA-jh42-prph-gp36 CVE-2021-41104 (ESPHome is a system to control the ESP8266/ESP32. Anyone with web_serv ...) @@ -10001,12 +10045,12 @@ CVE-2021-39227 (ZRender is a lightweight graphic library providing 2d draw for A NOT-FOR-US: ZRender CVE-2021-39226 (Grafana is an open source data visualization platform. In affected ver ...) - grafana -CVE-2021-39225 - RESERVED -CVE-2021-39224 - RESERVED -CVE-2021-39223 - RESERVED +CVE-2021-39225 (Nextcloud is an open-source, self-hosted productivity platform. A miss ...) + TODO: check +CVE-2021-39224 (Nextcloud is an open-source, self-hosted productivity platform. The Ne ...) + TODO: check +CVE-2021-39223 (Nextcloud is an open-source, self-hosted productivity platform. The Ne ...) + TODO: check CVE-2021-39222 RESERVED CVE-2021-39221 (Nextcloud is an open-source, self-hosted productivity platform. The Ne ...) @@ -12262,12 +12306,12 @@ CVE-2021-38262 RESERVED CVE-2021-38261 RESERVED -CVE-2021-38260 - RESERVED +CVE-2021-38260 (NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow ...) + TODO: check CVE-2021-38259 RESERVED -CVE-2021-38258 - RESERVED +CVE-2021-38258 (NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow ...) + TODO: check CVE-2021-38257 RESERVED CVE-2021-38256 @@ -52768,6 +52812,7 @@ CVE-2021-21704 (In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x NOTE: PHP Bug: https://bugs.php.net/76450 NOTE: PHP Bug: https://bugs.php.net/76452 CVE-2021-21703 (In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 a ...) + {DSA-4993-1 DSA-4992-1} - php8.0 - php7.4 (bug #997003) - php7.3 @@ -56417,8 +56462,8 @@ CVE-2021-20839 RESERVED CVE-2021-20838 RESERVED -CVE-2021-20837 - RESERVED +CVE-2021-20837 (Movable Type 7 r.5002 and earlier (Movable Type 7 Series), Movable Typ ...) + TODO: check CVE-2021-20836 (Out-of-bounds read vulnerability in CX-Supervisor v4.0.0.13 and v4.0.0 ...) NOT-FOR-US: CX-Supervisor CVE-2021-20835 -- cgit v1.2.3