diff options
| author | security tracker role <sectracker@soriano.debian.org> | 2021-03-30 20:10:28 +0000 |
|---|---|---|
| committer | security tracker role <sectracker@soriano.debian.org> | 2021-03-30 20:10:28 +0000 |
| commit | a54ee23687a15a0aab8283664bc55f9324504727 (patch) | |
| tree | d62c04d5f7cac76f8d23b2cf59f4a60ea0854372 | |
| parent | 615b5876b194269a3894428f76e44cccf68dab19 (diff) | |
automatic update
| -rw-r--r-- | data/CVE/2020.list | 16 | ||||
| -rw-r--r-- | data/CVE/2021.list | 604 |
2 files changed, 529 insertions, 91 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list index be0b998d2e..468fe01c52 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -34930,8 +34930,8 @@ CVE-2020-15077 RESERVED CVE-2020-15076 RESERVED -CVE-2020-15075 - RESERVED +CVE-2020-15075 (OpenVPN Connect installer for macOS version 3.2.6 and older may corrup ...) + TODO: check CVE-2020-15074 (OpenVPN Access Server older than version 2.8.4 generates new user auth ...) NOT-FOR-US: OpenVPN Access Server CVE-2020-15073 (An issue was discovered in phpList through 3.5.4. An XSS vulnerability ...) @@ -60044,8 +60044,8 @@ CVE-2020-4946 RESERVED CVE-2020-4945 RESERVED -CVE-2020-4944 - RESERVED +CVE-2020-4944 (IBM UrbanCode Deploy (UCD) 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0 ...) + TODO: check CVE-2020-4943 RESERVED CVE-2020-4942 (IBM Curam Social Program Management 7.0.9 and 7.0.11 is vulnerable to ...) @@ -60164,8 +60164,8 @@ CVE-2020-4886 (IBM InfoSphere Information Server 11.7 stores sensitive informati NOT-FOR-US: IBM CVE-2020-4885 RESERVED -CVE-2020-4884 - RESERVED +CVE-2020-4884 (IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user c ...) + TODO: check CVE-2020-4883 RESERVED CVE-2020-4882 (IBM Planning Analytics 2.0 could be vulnerable to a Server-Side Reques ...) @@ -60236,8 +60236,8 @@ CVE-2020-4850 RESERVED CVE-2020-4849 (IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.19 Interim Fix 7 could ...) NOT-FOR-US: IBM -CVE-2020-4848 - RESERVED +CVE-2020-4848 (IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 could allow a ...) + TODO: check CVE-2020-4847 RESERVED CVE-2020-4846 (IBM Security Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote ...) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 6525ca1a58..e30a46bdb7 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -1,9 +1,459 @@ -CVE-2021-3476 +CVE-2021-3480 RESERVED -CVE-2021-3475 +CVE-2021-3479 RESERVED -CVE-2021-3474 +CVE-2021-3478 RESERVED +CVE-2021-3477 + RESERVED +CVE-2021-29645 + RESERVED +CVE-2021-29644 + RESERVED +CVE-2021-29643 + RESERVED +CVE-2021-29642 (GistPad before 0.2.7 allows a crafted workspace folder to change the U ...) + TODO: check +CVE-2021-29641 + RESERVED +CVE-2021-29640 + RESERVED +CVE-2021-29639 + RESERVED +CVE-2021-29638 + RESERVED +CVE-2021-29637 + RESERVED +CVE-2021-29636 + RESERVED +CVE-2021-29635 + RESERVED +CVE-2021-29634 + RESERVED +CVE-2021-29633 + RESERVED +CVE-2021-29632 + RESERVED +CVE-2021-29631 + RESERVED +CVE-2021-29630 + RESERVED +CVE-2021-29629 + RESERVED +CVE-2021-29628 + RESERVED +CVE-2021-29627 + RESERVED +CVE-2021-29626 + RESERVED +CVE-2021-29625 + RESERVED +CVE-2021-29624 + RESERVED +CVE-2021-29623 + RESERVED +CVE-2021-29622 + RESERVED +CVE-2021-29621 + RESERVED +CVE-2021-29620 + RESERVED +CVE-2021-29619 + RESERVED +CVE-2021-29618 + RESERVED +CVE-2021-29617 + RESERVED +CVE-2021-29616 + RESERVED +CVE-2021-29615 + RESERVED +CVE-2021-29614 + RESERVED +CVE-2021-29613 + RESERVED +CVE-2021-29612 + RESERVED +CVE-2021-29611 + RESERVED +CVE-2021-29610 + RESERVED +CVE-2021-29609 + RESERVED +CVE-2021-29608 + RESERVED +CVE-2021-29607 + RESERVED +CVE-2021-29606 + RESERVED +CVE-2021-29605 + RESERVED +CVE-2021-29604 + RESERVED +CVE-2021-29603 + RESERVED +CVE-2021-29602 + RESERVED +CVE-2021-29601 + RESERVED +CVE-2021-29600 + RESERVED +CVE-2021-29599 + RESERVED +CVE-2021-29598 + RESERVED +CVE-2021-29597 + RESERVED +CVE-2021-29596 + RESERVED +CVE-2021-29595 + RESERVED +CVE-2021-29594 + RESERVED +CVE-2021-29593 + RESERVED +CVE-2021-29592 + RESERVED +CVE-2021-29591 + RESERVED +CVE-2021-29590 + RESERVED +CVE-2021-29589 + RESERVED +CVE-2021-29588 + RESERVED +CVE-2021-29587 + RESERVED +CVE-2021-29586 + RESERVED +CVE-2021-29585 + RESERVED +CVE-2021-29584 + RESERVED +CVE-2021-29583 + RESERVED +CVE-2021-29582 + RESERVED +CVE-2021-29581 + RESERVED +CVE-2021-29580 + RESERVED +CVE-2021-29579 + RESERVED +CVE-2021-29578 + RESERVED +CVE-2021-29577 + RESERVED +CVE-2021-29576 + RESERVED +CVE-2021-29575 + RESERVED +CVE-2021-29574 + RESERVED +CVE-2021-29573 + RESERVED +CVE-2021-29572 + RESERVED +CVE-2021-29571 + RESERVED +CVE-2021-29570 + RESERVED +CVE-2021-29569 + RESERVED +CVE-2021-29568 + RESERVED +CVE-2021-29567 + RESERVED +CVE-2021-29566 + RESERVED +CVE-2021-29565 + RESERVED +CVE-2021-29564 + RESERVED +CVE-2021-29563 + RESERVED +CVE-2021-29562 + RESERVED +CVE-2021-29561 + RESERVED +CVE-2021-29560 + RESERVED +CVE-2021-29559 + RESERVED +CVE-2021-29558 + RESERVED +CVE-2021-29557 + RESERVED +CVE-2021-29556 + RESERVED +CVE-2021-29555 + RESERVED +CVE-2021-29554 + RESERVED +CVE-2021-29553 + RESERVED +CVE-2021-29552 + RESERVED +CVE-2021-29551 + RESERVED +CVE-2021-29550 + RESERVED +CVE-2021-29549 + RESERVED +CVE-2021-29548 + RESERVED +CVE-2021-29547 + RESERVED +CVE-2021-29546 + RESERVED +CVE-2021-29545 + RESERVED +CVE-2021-29544 + RESERVED +CVE-2021-29543 + RESERVED +CVE-2021-29542 + RESERVED +CVE-2021-29541 + RESERVED +CVE-2021-29540 + RESERVED +CVE-2021-29539 + RESERVED +CVE-2021-29538 + RESERVED +CVE-2021-29537 + RESERVED +CVE-2021-29536 + RESERVED +CVE-2021-29535 + RESERVED +CVE-2021-29534 + RESERVED +CVE-2021-29533 + RESERVED +CVE-2021-29532 + RESERVED +CVE-2021-29531 + RESERVED +CVE-2021-29530 + RESERVED +CVE-2021-29529 + RESERVED +CVE-2021-29528 + RESERVED +CVE-2021-29527 + RESERVED +CVE-2021-29526 + RESERVED +CVE-2021-29525 + RESERVED +CVE-2021-29524 + RESERVED +CVE-2021-29523 + RESERVED +CVE-2021-29522 + RESERVED +CVE-2021-29521 + RESERVED +CVE-2021-29520 + RESERVED +CVE-2021-29519 + RESERVED +CVE-2021-29518 + RESERVED +CVE-2021-29517 + RESERVED +CVE-2021-29516 + RESERVED +CVE-2021-29515 + RESERVED +CVE-2021-29514 + RESERVED +CVE-2021-29513 + RESERVED +CVE-2021-29512 + RESERVED +CVE-2021-29511 + RESERVED +CVE-2021-29510 + RESERVED +CVE-2021-29509 + RESERVED +CVE-2021-29508 + RESERVED +CVE-2021-29507 + RESERVED +CVE-2021-29506 + RESERVED +CVE-2021-29505 + RESERVED +CVE-2021-29504 + RESERVED +CVE-2021-29503 + RESERVED +CVE-2021-29502 + RESERVED +CVE-2021-29501 + RESERVED +CVE-2021-29500 + RESERVED +CVE-2021-29499 + RESERVED +CVE-2021-29498 + RESERVED +CVE-2021-29497 + RESERVED +CVE-2021-29496 + RESERVED +CVE-2021-29495 + RESERVED +CVE-2021-29494 + RESERVED +CVE-2021-29493 + RESERVED +CVE-2021-29492 + RESERVED +CVE-2021-29491 + RESERVED +CVE-2021-29490 + RESERVED +CVE-2021-29489 + RESERVED +CVE-2021-29488 + RESERVED +CVE-2021-29487 + RESERVED +CVE-2021-29486 + RESERVED +CVE-2021-29485 + RESERVED +CVE-2021-29484 + RESERVED +CVE-2021-29483 + RESERVED +CVE-2021-29482 + RESERVED +CVE-2021-29481 + RESERVED +CVE-2021-29480 + RESERVED +CVE-2021-29479 + RESERVED +CVE-2021-29478 + RESERVED +CVE-2021-29477 + RESERVED +CVE-2021-29476 + RESERVED +CVE-2021-29475 + RESERVED +CVE-2021-29474 + RESERVED +CVE-2021-29473 + RESERVED +CVE-2021-29472 + RESERVED +CVE-2021-29471 + RESERVED +CVE-2021-29470 + RESERVED +CVE-2021-29469 + RESERVED +CVE-2021-29468 + RESERVED +CVE-2021-29467 + RESERVED +CVE-2021-29466 + RESERVED +CVE-2021-29465 + RESERVED +CVE-2021-29464 + RESERVED +CVE-2021-29463 + RESERVED +CVE-2021-29462 + RESERVED +CVE-2021-29461 + RESERVED +CVE-2021-29460 + RESERVED +CVE-2021-29459 + RESERVED +CVE-2021-29458 + RESERVED +CVE-2021-29457 + RESERVED +CVE-2021-29456 + RESERVED +CVE-2021-29455 + RESERVED +CVE-2021-29454 + RESERVED +CVE-2021-29453 + RESERVED +CVE-2021-29452 + RESERVED +CVE-2021-29451 + RESERVED +CVE-2021-29450 + RESERVED +CVE-2021-29449 + RESERVED +CVE-2021-29448 + RESERVED +CVE-2021-29447 + RESERVED +CVE-2021-29446 + RESERVED +CVE-2021-29445 + RESERVED +CVE-2021-29444 + RESERVED +CVE-2021-29443 + RESERVED +CVE-2021-29442 + RESERVED +CVE-2021-29441 + RESERVED +CVE-2021-29440 + RESERVED +CVE-2021-29439 + RESERVED +CVE-2021-29438 + RESERVED +CVE-2021-29437 + RESERVED +CVE-2021-29436 + RESERVED +CVE-2021-29435 + RESERVED +CVE-2021-29434 + RESERVED +CVE-2021-29433 + RESERVED +CVE-2021-29432 + RESERVED +CVE-2021-29431 + RESERVED +CVE-2021-29430 + RESERVED +CVE-2021-29429 + RESERVED +CVE-2021-29428 + RESERVED +CVE-2021-29427 + RESERVED +CVE-2021-29426 + RESERVED +CVE-2021-29425 + RESERVED +CVE-2021-3476 (A flaw was found in OpenEXR's B44 uncompression functionality in versi ...) + TODO: check +CVE-2021-3475 (There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker ...) + TODO: check +CVE-2021-3474 (There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted inp ...) + TODO: check CVE-2021-29424 (The Net::Netmask module before 2.0000 for Perl does not properly consi ...) - libnet-netmask-perl <unfixed> (bug #986135) NOTE: https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/ @@ -178,8 +628,8 @@ CVE-2021-29345 RESERVED CVE-2021-29344 RESERVED -CVE-2021-29343 - RESERVED +CVE-2021-29343 (Ovidentia CMS 6.x contains a SQL injection vulnerability in the "id" p ...) + TODO: check CVE-2021-29342 RESERVED CVE-2021-29341 @@ -1083,8 +1533,8 @@ CVE-2021-28937 (The /password.html page of the Web management interface of the A NOT-FOR-US: Acexy Wireless-N WiFi Repeater CVE-2021-28936 (The Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) Web management ...) NOT-FOR-US: Acexy Wireless-N WiFi Repeater -CVE-2021-28935 - RESERVED +CVE-2021-28935 (CMS Made Simple (CMSMS) 2.2.15 allows authenticated XSS via the /admin ...) + TODO: check CVE-2021-28934 RESERVED CVE-2021-28933 @@ -4752,28 +5202,28 @@ CVE-2021-27273 (This vulnerability allows remote attackers to execute arbitrary NOT-FOR-US: Netgear CVE-2021-27272 (This vulnerability allows remote attackers to delete arbitrary files o ...) NOT-FOR-US: Netgear -CVE-2021-27271 - RESERVED -CVE-2021-27270 - RESERVED -CVE-2021-27269 - RESERVED -CVE-2021-27268 - RESERVED -CVE-2021-27267 - RESERVED -CVE-2021-27266 - RESERVED -CVE-2021-27265 - RESERVED -CVE-2021-27264 - RESERVED -CVE-2021-27263 - RESERVED -CVE-2021-27262 - RESERVED -CVE-2021-27261 - RESERVED +CVE-2021-27271 (This vulnerability allows remote attackers to execute arbitrary code o ...) + TODO: check +CVE-2021-27270 (This vulnerability allows remote attackers to execute arbitrary code o ...) + TODO: check +CVE-2021-27269 (This vulnerability allows remote attackers to execute arbitrary code o ...) + TODO: check +CVE-2021-27268 (This vulnerability allows remote attackers to execute arbitrary code o ...) + TODO: check +CVE-2021-27267 (This vulnerability allows remote attackers to execute arbitrary code o ...) + TODO: check +CVE-2021-27266 (This vulnerability allows remote attackers to disclose sensitive infor ...) + TODO: check +CVE-2021-27265 (This vulnerability allows remote attackers to disclose sensitive infor ...) + TODO: check +CVE-2021-27264 (This vulnerability allows remote attackers to disclose sensitive infor ...) + TODO: check +CVE-2021-27263 (This vulnerability allows remote attackers to disclose sensitive infor ...) + TODO: check +CVE-2021-27262 (This vulnerability allows remote attackers to disclose sensitive infor ...) + TODO: check +CVE-2021-27261 (This vulnerability allows remote attackers to execute arbitrary code o ...) + TODO: check CVE-2021-27260 RESERVED CVE-2021-27259 @@ -5558,8 +6008,7 @@ CVE-2021-26921 (In util/session/sessionmanager.go in Argo CD before 1.8.4, token NOT-FOR-US: Argo CD CVE-2021-26920 RESERVED -CVE-2021-26919 - RESERVED +CVE-2021-26919 (Apache Druid allows users to read data from other database systems usi ...) - druid <itp> (bug #825797) CVE-2021-26918 (** DISPUTED ** The ProBot bot through 2021-02-08 for Discord might all ...) NOT-FOR-US: ProBot bot @@ -5827,8 +6276,8 @@ CVE-2021-26812 RESERVED CVE-2021-26811 RESERVED -CVE-2021-26810 - RESERVED +CVE-2021-26810 (D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnera ...) + TODO: check CVE-2021-26809 (PHPGurukul Car Rental Project version 2.0 suffers from a remote shell ...) NOT-FOR-US: PHPGurukul Car Rental Project CVE-2021-26808 @@ -6341,8 +6790,8 @@ CVE-2021-26581 RESERVED CVE-2021-26580 RESERVED -CVE-2021-26579 - RESERVED +CVE-2021-26579 (A security vulnerability in HPE Unified Data Management (UDM) could al ...) + TODO: check CVE-2021-26578 (A potential security vulnerability has been identified in HPE Network ...) NOT-FOR-US: HPE Network Orchestrator (NetO) CVE-2021-26577 (The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 Sy ...) @@ -13646,8 +14095,8 @@ CVE-2021-23365 RESERVED CVE-2021-23364 RESERVED -CVE-2021-23363 - RESERVED +CVE-2021-23363 (This affects the package kill-by-port before 0.0.2. If (attacker-contr ...) + TODO: check CVE-2021-23362 (The package hosted-git-info before 3.0.8 are vulnerable to Regular Exp ...) - node-hosted-git-info 3.0.8-1 [buster] - node-hosted-git-info <no-dsa> (Minor issue) @@ -17203,38 +17652,27 @@ CVE-2021-21640 RESERVED CVE-2021-21639 RESERVED -CVE-2021-21638 - RESERVED +CVE-2021-21638 (A cross-site request forgery (CSRF) vulnerability in Jenkins Team Foun ...) NOT-FOR-US: Jenkins plugin -CVE-2021-21637 - RESERVED +CVE-2021-21637 (A missing permission check in Jenkins Team Foundation Server Plugin 5. ...) NOT-FOR-US: Jenkins plugin -CVE-2021-21636 - RESERVED +CVE-2021-21636 (A missing permission check in Jenkins Team Foundation Server Plugin 5. ...) NOT-FOR-US: Jenkins plugin -CVE-2021-21635 - RESERVED +CVE-2021-21635 (Jenkins REST List Parameter Plugin 1.3.0 and earlier does not escape a ...) NOT-FOR-US: Jenkins plugin -CVE-2021-21634 - RESERVED +CVE-2021-21634 (Jenkins Jabber (XMPP) notifier and control Plugin 1.41 and earlier sto ...) NOT-FOR-US: Jenkins plugin -CVE-2021-21633 - RESERVED +CVE-2021-21633 (A cross-site request forgery (CSRF) vulnerability in Jenkins OWASP Dep ...) NOT-FOR-US: Jenkins plugin -CVE-2021-21632 - RESERVED +CVE-2021-21632 (A missing permission check in Jenkins OWASP Dependency-Track Plugin 3. ...) NOT-FOR-US: Jenkins plugin -CVE-2021-21631 - RESERVED +CVE-2021-21631 (Jenkins Cloud Statistics Plugin 0.26 and earlier does not perform a pe ...) NOT-FOR-US: Jenkins plugin -CVE-2021-21630 - RESERVED +CVE-2021-21630 (Jenkins Extra Columns Plugin 1.22 and earlier does not escape paramete ...) NOT-FOR-US: Jenkins plugin -CVE-2021-21629 - RESERVED +CVE-2021-21629 (A cross-site request forgery (CSRF) vulnerability in Jenkins Build Wit ...) NOT-FOR-US: Jenkins plugin -CVE-2021-21628 - RESERVED +CVE-2021-21628 (Jenkins Build With Parameters Plugin 1.5 and earlier does not escape p ...) NOT-FOR-US: Jenkins plugin CVE-2021-21627 (A cross-site request forgery (CSRF) vulnerability in Jenkins Libvirt A ...) NOT-FOR-US: Jenkins plugin @@ -17681,14 +18119,14 @@ CVE-2021-21414 RESERVED CVE-2021-21413 RESERVED -CVE-2021-21412 - RESERVED +CVE-2021-21412 (Potential for arbitrary code execution in npm package @thi.ng/egf `#gp ...) + TODO: check CVE-2021-21411 (OAuth2-Proxy is an open source reverse proxy that provides authenticat ...) TODO: check CVE-2021-21410 RESERVED -CVE-2021-21409 - RESERVED +CVE-2021-21409 (Netty is an open-source, asynchronous event-driven network application ...) + TODO: check CVE-2021-21408 RESERVED CVE-2021-21407 @@ -17711,8 +18149,8 @@ CVE-2021-21400 RESERVED CVE-2021-21399 RESERVED -CVE-2021-21398 - RESERVED +CVE-2021-21398 (PrestaShop is a fully scalable open source e-commerce solution. In Pre ...) + TODO: check CVE-2021-21397 RESERVED CVE-2021-21396 (wire-server is an open-source back end for Wire, a secure collaboratio ...) @@ -19709,12 +20147,12 @@ CVE-2021-20522 RESERVED CVE-2021-20521 RESERVED -CVE-2021-20520 - RESERVED +CVE-2021-20520 (IBM Jazz Foundation Products are vulnerable to cross-site scripting. T ...) + TODO: check CVE-2021-20519 RESERVED -CVE-2021-20518 - RESERVED +CVE-2021-20518 (IBM Jazz Foundation Products are vulnerable to cross-site scripting. T ...) + TODO: check CVE-2021-20517 RESERVED CVE-2021-20516 @@ -19737,16 +20175,16 @@ CVE-2021-20508 RESERVED CVE-2021-20507 RESERVED -CVE-2021-20506 - RESERVED +CVE-2021-20506 (IBM Jazz Foundation Products are vulnerable to cross-site scripting. T ...) + TODO: check CVE-2021-20505 RESERVED -CVE-2021-20504 - RESERVED -CVE-2021-20503 - RESERVED -CVE-2021-20502 - RESERVED +CVE-2021-20504 (IBM Jazz Foundation Products are vulnerable to cross-site scripting. T ...) + TODO: check +CVE-2021-20503 (IBM Jazz Foundation Products are vulnerable to cross-site scripting. T ...) + TODO: check +CVE-2021-20502 (IBM Jazz Foundation Products are vulnerable to an XML External Entity ...) + TODO: check CVE-2021-20501 RESERVED CVE-2021-20500 @@ -19785,8 +20223,8 @@ CVE-2021-20484 RESERVED CVE-2021-20483 RESERVED -CVE-2021-20482 - RESERVED +CVE-2021-20482 (IBM Cloud Pak for Automation 20.0.2 and 20.0.3 IF002 are vulnerable to ...) + TODO: check CVE-2021-20481 RESERVED CVE-2021-20480 @@ -19855,8 +20293,8 @@ CVE-2021-20449 RESERVED CVE-2021-20448 RESERVED -CVE-2021-20447 - RESERVED +CVE-2021-20447 (IBM Jazz Foundation Products are vulnerable to cross-site scripting. T ...) + TODO: check CVE-2021-20446 (IBM Maximo for Civil Infrastructure 7.6.2 is vulnerable to cross-site ...) NOT-FOR-US: IBM CVE-2021-20445 (IBM Maximo for Civil Infrastructure 7.6.2 could allow a user to obtain ...) @@ -20045,8 +20483,8 @@ CVE-2021-20354 (IBM WebSphere Application Server 8.0, 8.5, and 9.0 could allow a NOT-FOR-US: IBM CVE-2021-20353 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable ...) NOT-FOR-US: IBM -CVE-2021-20352 - RESERVED +CVE-2021-20352 (IBM Jazz Foundation Products are vulnerable to cross-site scripting. T ...) + TODO: check CVE-2021-20351 (IBM Engineering products are vulnerable to cross-site scripting. This ...) NOT-FOR-US: IBM CVE-2021-20350 (IBM Engineering products are vulnerable to cross-site scripting. This ...) |