diff options
| author | security tracker role <sectracker@soriano.debian.org> | 2021-01-27 08:10:21 +0000 |
|---|---|---|
| committer | security tracker role <sectracker@soriano.debian.org> | 2021-01-27 08:10:21 +0000 |
| commit | 163020faa1dd0bb4cb641a97058a91ea75921b79 (patch) | |
| tree | c3e6e27de4f754e7978ede32daba6779dc526f64 | |
| parent | 9d03bf75f2020066ebe94601f8dd7abfc88d63b4 (diff) | |
automatic update
| -rw-r--r-- | data/CVE/2013.list | 4 | ||||
| -rw-r--r-- | data/CVE/2020.list | 8 | ||||
| -rw-r--r-- | data/CVE/2021.list | 59 |
3 files changed, 47 insertions, 24 deletions
diff --git a/data/CVE/2013.list b/data/CVE/2013.list index 26aff7f233..628cdf96d4 100644 --- a/data/CVE/2013.list +++ b/data/CVE/2013.list @@ -12789,8 +12789,8 @@ CVE-2013-2514 RESERVED CVE-2013-2513 RESERVED -CVE-2013-2512 - RESERVED +CVE-2013-2512 (The ftpd gem 0.2.1 for Ruby allows remote attackers to execute arbitra ...) + TODO: check CVE-2013-2511 RESERVED CVE-2013-2510 diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 08a7c4e934..87ee896703 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -16135,12 +16135,12 @@ CVE-2020-23778 RESERVED CVE-2020-23777 RESERVED -CVE-2020-23776 - RESERVED +CVE-2020-23776 (A SSRF vulnerability exists in Winmail 6.5 in app.php in the key param ...) + TODO: check CVE-2020-23775 RESERVED -CVE-2020-23774 - RESERVED +CVE-2020-23774 (A reflected XSS vulnerability exists in tohtml/convert.php of Winmail ...) + TODO: check CVE-2020-23773 RESERVED CVE-2020-23772 diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 0143ae3130..7e498c5741 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -1,3 +1,27 @@ +CVE-2021-3317 (KLog Server through 2.4.1 allows authenticated command injection. asyn ...) + TODO: check +CVE-2021-3316 + RESERVED +CVE-2021-3315 + RESERVED +CVE-2021-3314 + RESERVED +CVE-2021-3313 + RESERVED +CVE-2021-3312 + RESERVED +CVE-2021-3311 + RESERVED +CVE-2021-3310 + RESERVED +CVE-2021-3309 (packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process co ...) + TODO: check +CVE-2021-26272 (It was possible to execute a ReDoS-type attack inside CKEditor 4 befor ...) + TODO: check +CVE-2021-26271 (It was possible to execute a ReDoS-type attack inside CKEditor 4 befor ...) + TODO: check +CVE-2021-26270 + RESERVED CVE-2021-3307 RESERVED CVE-2021-3306 @@ -1408,7 +1432,7 @@ CVE-2021-3195 (bitcoind in Bitcoin Core through 0.21.0 can create a new file in NOTE: https://github.com/bitcoin/bitcoin/issues/20866 CVE-2021-3194 RESERVED -CVE-2021-3193 (Improper access and command validation in the Nagios Docker config wiz ...) +CVE-2021-3193 (Improper access and command validation in the Nagios Docker Config Wiz ...) NOT-FOR-US: Nagios XI CVE-2021-3192 RESERVED @@ -1482,7 +1506,7 @@ CVE-2021-25647 RESERVED CVE-2021-25646 RESERVED -CVE-2021-3308 [Xen: IRQ vector leak on x86] +CVE-2021-3308 (An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 throug ...) - xen <unfixed> (bug #981052) [buster] - xen <not-affected> (Vulnerable code introduced later) [stretch] - xen <not-affected> (Vulnerable code introduced later) @@ -2247,8 +2271,8 @@ CVE-2021-3167 RESERVED CVE-2021-3166 (An issue was discovered on ASUS DSL-N14U-B1 1.1.2.3_805 devices. An at ...) NOT-FOR-US: ASUS devices -CVE-2021-3165 - RESERVED +CVE-2021-3165 (SmartAgent 3.1.0 allows a ViewOnly attacker to create a SuperUser acco ...) + TODO: check CVE-2021-3164 (ChurchRota 2.6.4 is vulnerable to authenticated remote code execution. ...) NOT-FOR-US: ChurchRota CVE-2021-3163 @@ -2487,8 +2511,7 @@ CVE-2021-3158 RESERVED CVE-2021-3157 RESERVED -CVE-2021-3156 [Heap-based buffer overflow] - RESERVED +CVE-2021-3156 (Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privile ...) {DSA-4839-1 DLA-2534-1} - sudo 1.9.5p1-1.1 NOTE: https://www.sudo.ws/alerts/unescape_overflow.html @@ -8751,8 +8774,8 @@ CVE-2021-3016 RESERVED CVE-2021-3015 RESERVED -CVE-2021-22159 - RESERVED +CVE-2021-22159 (Insider Threat Management Windows Agent Local Privilege Escalation Vul ...) + TODO: check CVE-2021-22158 RESERVED CVE-2021-22157 @@ -10531,8 +10554,8 @@ CVE-2021-21285 RESERVED CVE-2021-21284 RESERVED -CVE-2021-21283 - RESERVED +CVE-2021-21283 (Flarum is an open source discussion platform for websites. The "Flarum ...) + TODO: check CVE-2021-21282 RESERVED CVE-2021-21281 @@ -10541,8 +10564,8 @@ CVE-2021-21280 RESERVED CVE-2021-21279 RESERVED -CVE-2021-21278 - RESERVED +CVE-2021-21278 (RSSHub is an open source, easy to use, and extensible RSS feed generat ...) + TODO: check CVE-2021-21277 RESERVED CVE-2021-21276 @@ -10555,8 +10578,8 @@ CVE-2021-21273 RESERVED CVE-2021-21272 (ORAS is open source software which enables a way to push OCI Artifacts ...) NOT-FOR-US: ORAS -CVE-2021-21271 - RESERVED +CVE-2021-21271 (Tendermint Core is an open source Byzantine Fault Tolerant (BFT) middl ...) + TODO: check CVE-2021-21270 (OctopusDSC is a PowerShell module with DSC resources that can be used ...) NOT-FOR-US: OctopusDSC CVE-2021-21269 (Keymaker is a Mastodon Community Finder based Matrix Community serverl ...) @@ -16059,10 +16082,10 @@ CVE-2021-1073 RESERVED CVE-2021-1072 RESERVED -CVE-2021-1071 - RESERVED -CVE-2021-1070 - RESERVED +CVE-2021-1071 (NVIDIA Tegra kernel in Jetson AGX Xavier Series, Jetson Xavier NX, TX1 ...) + TODO: check +CVE-2021-1070 (NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and ...) + TODO: check CVE-2021-1069 (NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerabilit ...) NOT-FOR-US: NVIDIA CVE-2021-1068 (NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerabilit ...) |