summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorsecurity tracker role <sectracker@soriano.debian.org>2021-12-02 08:10:14 +0000
committersecurity tracker role <sectracker@soriano.debian.org>2021-12-02 08:10:14 +0000
commit1b18f00eb9aeb6fdfd8dcd15506d35537e56db36 (patch)
treedb782f76e725ef32fb568fd17f8cb8f1384656b6
parent43c7f53112af2af8cc8a203ee079e06a5224c15b (diff)
automatic update
-rw-r--r--data/CVE/2015.list4
-rw-r--r--data/CVE/2020.list10
-rw-r--r--data/CVE/2021.list87
3 files changed, 61 insertions, 40 deletions
diff --git a/data/CVE/2015.list b/data/CVE/2015.list
index 13bcb8bbf5..3677b75de5 100644
--- a/data/CVE/2015.list
+++ b/data/CVE/2015.list
@@ -1,3 +1,7 @@
+CVE-2015-20106
+ RESERVED
+CVE-2015-20105
+ RESERVED
CVE-2015-10001 (The WP-Stats WordPress plugin before 2.52 does not have CSRF check whe ...)
NOT-FOR-US: WordPress plugin
CVE-2015-20067 (The WP Attachment Export WordPress plugin before 0.2.4 does not have p ...)
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 4c94e3297f..37f26628ff 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -3485,15 +3485,13 @@ CVE-2020-35076
REJECTED
CVE-2020-35061
RESERVED
-CVE-2020-35037
- RESERVED
+CVE-2020-35037 (The Events Manager WordPress plugin before 5.9.8 does not sanitise and ...)
NOT-FOR-US: WordPress plugin events-manager
CVE-2020-35030
RESERVED
CVE-2020-35017
RESERVED
-CVE-2020-35012
- RESERVED
+CVE-2020-35012 (The Events Manager WordPress plugin before 5.9.8 does not sanitise and ...)
NOT-FOR-US: WordPress plugin events-manager
CVE-2020-35001
RESERVED
@@ -9011,8 +9009,8 @@ CVE-2020-27416
RESERVED
CVE-2020-27415
RESERVED
-CVE-2020-27414
- RESERVED
+CVE-2020-27414 (Mahavitaran android application 7.50 and prior transmit sensitive info ...)
+ TODO: check
CVE-2020-27413
RESERVED
CVE-2020-27412
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index cbcc2989ef..cbd08eb90b 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -1,3 +1,21 @@
+CVE-2021-44520
+ RESERVED
+CVE-2021-44519
+ RESERVED
+CVE-2021-44518
+ RESERVED
+CVE-2021-44517
+ RESERVED
+CVE-2021-44516
+ RESERVED
+CVE-2021-44515
+ RESERVED
+CVE-2021-44514
+ RESERVED
+CVE-2021-44513
+ RESERVED
+CVE-2021-44512
+ RESERVED
CVE-2021-44511
RESERVED
CVE-2021-44510
@@ -602,8 +620,8 @@ CVE-2021-4024 [podman: podman machine spawns gvproxy with port binded to all IPs
NOTE: https://github.com/containers/podman/pull/12283
NOTE: Introduced by: https://github.com/containers/podman/commit/7ef3981abe2412727840a2886489a08c03a05299 (v3.3.0-rc1)
NOTE: Fixed by: https://github.com/containers/podman/commit/295d87bb0b028e57dc2739791dee4820fe5fcc48
-CVE-2021-44227
- RESERVED
+CVE-2021-44227 (In GNU Mailman before 2.1.38, a list member or moderator can get a CSR ...)
+ TODO: check
CVE-2021-44226
RESERVED
CVE-2021-4023
@@ -1643,14 +1661,14 @@ CVE-2021-43796
RESERVED
CVE-2021-43795
RESERVED
-CVE-2021-43794
- RESERVED
-CVE-2021-43793
- RESERVED
-CVE-2021-43792
- RESERVED
-CVE-2021-43791
- RESERVED
+CVE-2021-43794 (Discourse is an open source discussion platform. In affected versions ...)
+ TODO: check
+CVE-2021-43793 (Discourse is an open source discussion platform. In affected versions ...)
+ TODO: check
+CVE-2021-43792 (Discourse is an open source discussion platform. In affected versions ...)
+ TODO: check
+CVE-2021-43791 (Zulip is an open source group chat application that combines real-time ...)
+ TODO: check
CVE-2021-43790 (Lucet is a native WebAssembly compiler and runtime. There is a bug in ...)
NOT-FOR-US: Lucet
CVE-2021-43789
@@ -2278,6 +2296,7 @@ CVE-2021-43528
RESERVED
CVE-2021-43527 [Heap overflow in NSS when verifying DSA/RSA-PSS DER-encoded signatures]
RESERVED
+ {DSA-5016-1}
- nss 2:3.73-1
NOTE: https://www.openwall.com/lists/oss-security/2021/12/01/4
NOTE: https://hg.mozilla.org/projects/nss/rev/6b3dc97a8767d9dc5c4c181597d1341d0899aa58 (NSS_3_73_BRANCH)
@@ -3203,8 +3222,8 @@ CVE-2021-43139
RESERVED
CVE-2021-43138
RESERVED
-CVE-2021-43137
- RESERVED
+CVE-2021-43137 (Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulne ...)
+ TODO: check
CVE-2021-43136 (An authentication bypass issue in FormaLMS &lt;= 2.4.4 allows an attac ...)
NOT-FOR-US: FormaLMS
CVE-2021-43135
@@ -4180,8 +4199,8 @@ CVE-2021-42713
RESERVED
CVE-2021-42712
RESERVED
-CVE-2021-42711
- RESERVED
+CVE-2021-42711 (Barracuda Network Access Client before 5.2.2 creates a Temporary File ...)
+ TODO: check
CVE-2021-42710
RESERVED
CVE-2021-42709
@@ -8117,8 +8136,8 @@ CVE-2021-41041
RESERVED
CVE-2021-41040
RESERVED
-CVE-2021-41039
- RESERVED
+CVE-2021-41039 (In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client conn ...)
+ TODO: check
CVE-2021-41038 (In versions of the @theia/plugin-ext component of Eclipse Theia prior ...)
NOT-FOR-US: Eclipse Theia
CVE-2021-41037
@@ -26293,26 +26312,26 @@ CVE-2021-33276
RESERVED
CVE-2021-33275
RESERVED
-CVE-2021-33274
- RESERVED
+CVE-2021-33274 (D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_201 ...)
+ TODO: check
CVE-2021-33273
RESERVED
CVE-2021-33272
RESERVED
-CVE-2021-33271
- RESERVED
-CVE-2021-33270
- RESERVED
-CVE-2021-33269
- RESERVED
-CVE-2021-33268
- RESERVED
-CVE-2021-33267
- RESERVED
-CVE-2021-33266
- RESERVED
-CVE-2021-33265
- RESERVED
+CVE-2021-33271 (D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_201 ...)
+ TODO: check
+CVE-2021-33270 (D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_201 ...)
+ TODO: check
+CVE-2021-33269 (D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_201 ...)
+ TODO: check
+CVE-2021-33268 (D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_201 ...)
+ TODO: check
+CVE-2021-33267 (D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_201 ...)
+ TODO: check
+CVE-2021-33266 (D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_201 ...)
+ TODO: check
+CVE-2021-33265 (D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_201 ...)
+ TODO: check
CVE-2021-33264
RESERVED
CVE-2021-33263
@@ -42352,8 +42371,8 @@ CVE-2021-26779
RESERVED
CVE-2021-26778
RESERVED
-CVE-2021-26777
- RESERVED
+CVE-2021-26777 (Buffer overflow vulnerability in function SetFirewall in index.cgi in ...)
+ TODO: check
CVE-2021-26776 (CSZ CMS 1.2.9 is affected by a cross-site scripting (XSS) vulnerabilit ...)
NOT-FOR-US: CSZ CMS
CVE-2021-26775

© 2014-2022 Faster IT GmbH | imprint | privacy policy