diff options
author | security tracker role <sectracker@soriano.debian.org> | 2021-01-05 08:10:18 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2021-01-05 08:10:18 +0000 |
commit | ca8bc0fee1f956eaee1e0694226e6031db6b057a (patch) | |
tree | 86586e541bda4ebe1bd00a61605937db4cb2b9f3 /data/CVE | |
parent | 62f89bf4114ac3f91b7c94bbcec3d2652a4fe4ba (diff) |
automatic update
Diffstat (limited to 'data/CVE')
-rw-r--r-- | data/CVE/2017.list | 2 | ||||
-rw-r--r-- | data/CVE/2018.list | 2 | ||||
-rw-r--r-- | data/CVE/2019.list | 2 | ||||
-rw-r--r-- | data/CVE/2020.list | 40 | ||||
-rw-r--r-- | data/CVE/2021.list | 386 |
5 files changed, 409 insertions, 23 deletions
diff --git a/data/CVE/2017.list b/data/CVE/2017.list index 4736e668df..59a5ceab89 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -20461,7 +20461,7 @@ CVE-2017-11720 (There is a division-by-zero vulnerability in LAME 3.99.5, caused [wheezy] - lame 3.99.5+repack1-3+deb7u1 NOTE: https://sourceforge.net/p/lame/bugs/460/ NOTE: Duplicate/same as: https://blogs.gentoo.org/ago/2017/06/17/lame-divide-by-zero-in-parse_wave_header-get_audio-c/ -CVE-2017-11719 (The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg th ...) +CVE-2017-11719 (The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg 3. ...) {DSA-3957-1} - ffmpeg 7:3.3.3-1 - libav <removed> diff --git a/data/CVE/2018.list b/data/CVE/2018.list index 319ca8244c..48d37a60b0 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -36124,7 +36124,7 @@ CVE-2018-7559 (An issue was discovered in OPC UA .NET Standard Stack and Sample NOT-FOR-US: OPC UA .NET CVE-2018-7558 RESERVED -CVE-2018-7557 (The decode_init function in libavcodec/utvideodec.c in FFmpeg through ...) +CVE-2018-7557 (The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 thro ...) {DSA-4249-1 DLA-1630-1} - ffmpeg 7:3.4.3-1 - libav <removed> diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 2bb403483f..3408633a4b 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -30640,7 +30640,7 @@ CVE-2019-9723 (LogicalDOC Community Edition 8.x before 8.2.1 has a path traversa NOT-FOR-US: LogicalDOC CVE-2019-9722 RESERVED -CVE-2019-9721 (A denial of service in the subtitle decoder in FFmpeg 4.1 allows attac ...) +CVE-2019-9721 (A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allo ...) - ffmpeg 7:4.1.3-1 (bug #926666) [stretch] - ffmpeg <not-affected> (Vulnerable code not present) NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/894995c41e0795c7a44f81adc4838dedc3932e65 diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 658640ac19..16550e47f9 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1,4 +1,4 @@ -CVE-2020-36158 [mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start] +CVE-2020-36158 (mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifie ...) - linux <unfixed> NOTE: https://git.kernel.org/linus/5c455c5ab332773464d02ba17015acdca198f03d (5.11-rc1) CVE-2020-36157 (An issue was discovered in the Ultimate Member plugin before 2.1.12 fo ...) @@ -2742,22 +2742,22 @@ CVE-2020-29500 RESERVED CVE-2020-29499 RESERVED -CVE-2020-29498 - RESERVED -CVE-2020-29497 - RESERVED -CVE-2020-29496 - RESERVED +CVE-2020-29498 (Dell Wyse Management Suite versions prior to 3.1 contain an open redir ...) + TODO: check +CVE-2020-29497 (Dell Wyse Management Suite versions prior to 3.1 contain a stored cros ...) + TODO: check +CVE-2020-29496 (Dell Wyse Management Suite versions prior to 3.1 contain a stored cros ...) + TODO: check CVE-2020-29495 RESERVED CVE-2020-29494 RESERVED CVE-2020-29493 RESERVED -CVE-2020-29492 - RESERVED -CVE-2020-29491 - RESERVED +CVE-2020-29492 (Dell Wyse ThinOS 8.6 and prior versions contain an insecure default co ...) + TODO: check +CVE-2020-29491 (Dell Wyse ThinOS 8.6 and prior versions contain an insecure default co ...) + TODO: check CVE-2020-29490 RESERVED CVE-2020-29489 @@ -33310,7 +33310,7 @@ CVE-2020-15395 (In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-b NOTE: https://github.com/MediaArea/MediaInfoLib/commit/5b998282f47f080592d298a25c642f13a895c4dc CVE-2020-15394 (The REST API in Zoho ManageEngine Applications Manager before build 14 ...) NOT-FOR-US: Zoho -CVE-2020-15393 (In the Linux kernel through 5.7.6, usbtest_disconnect in drivers/usb/m ...) +CVE-2020-15393 (In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/u ...) {DLA-2420-1 DLA-2323-1} - linux 5.7.10-1 [buster] - linux 4.19.131-1 @@ -36915,7 +36915,7 @@ CVE-2020-13976 (** DISPUTED ** An issue was discovered in DD-WRT through 16214. NOT-FOR-US: DD-WRT CVE-2020-13975 RESERVED -CVE-2020-13974 (** DISPUTED ** An issue was discovered in the Linux kernel through 5.7 ...) +CVE-2020-13974 (An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers ...) {DLA-2323-1} - linux 5.7.6-1 [buster] - linux 4.19.131-1 @@ -37094,7 +37094,7 @@ CVE-2020-13906 (IrfanView 4.54 allows a user-mode write access violation startin NOT-FOR-US: IrfanView CVE-2020-13905 (IrfanView 4.54 allows a user-mode write access violation starting at F ...) NOT-FOR-US: IrfanView -CVE-2020-13904 (FFmpeg 4.2.3 has a use-after-free via a crafted EXTINF duration in an ...) +CVE-2020-13904 (FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duratio ...) {DSA-4722-1 DLA-2291-1} - ffmpeg 7:4.3.1-1 NOTE: https://patchwork.ffmpeg.org/project/ffmpeg/patch/20200529033905.41926-1-lq@chinaffmpeg.org/ @@ -37483,7 +37483,7 @@ CVE-2020-13767 (The Mitel MiCollab application before 9.1.332 for iOS could allo NOT-FOR-US: Mitel CVE-2020-13766 RESERVED -CVE-2020-13765 (rom_copy() in hw/core/loader.c in QEMU 4.1.0 does not validate the rel ...) +CVE-2020-13765 (rom_copy() in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate ...) {DSA-4728-1 DLA-2288-1 DLA-2262-1} - qemu 1:4.2-1 NOTE: https://www.openwall.com/lists/oss-security/2020/06/03/6 @@ -41169,7 +41169,7 @@ CVE-2020-12286 (In Octopus Deploy before 2019.12.9 and 2020 before 2020.1.12, th NOT-FOR-US: Octopus Deploy CVE-2020-12285 RESERVED -CVE-2020-12284 (cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.2.2 has a ...) +CVE-2020-12284 (cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2 ...) {DSA-4722-1} - ffmpeg 7:4.2.3-1 [stretch] - ffmpeg <not-affected> (Vulnerable code not present) @@ -42145,7 +42145,7 @@ CVE-2020-11886 (OpenNMS Horizon and Meridian allows HQL Injection in element/nod NOT-FOR-US: OpenNMS CVE-2020-11885 (WSO2 Enterprise Integrator through 6.6.0 has an XXE vulnerability wher ...) NOT-FOR-US: WSO2 Enterprise Integrator -CVE-2020-11884 (In the Linux kernel through 5.6.7 on the s390 platform, code execution ...) +CVE-2020-11884 (In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code exec ...) {DSA-4667-1} - linux 5.6.7-1 [stretch] - linux <not-affected> (Vulnerable code introduced later) @@ -48467,7 +48467,7 @@ CVE-2020-9385 (A NULL Pointer Dereference exists in libzint in Zint 2.7.1 becaus - zint <not-affected> (Fixed with initial upload to archive) CVE-2020-9384 (** DISPUTED ** An Insecure Direct Object Reference (IDOR) vulnerabilit ...) NOT-FOR-US: Subex -CVE-2020-9383 (An issue was discovered in the Linux kernel through 5.5.6. set_fdc in ...) +CVE-2020-9383 (An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fd ...) {DSA-4698-1 DLA-2242-1 DLA-2241-1} - linux 5.5.13-1 [buster] - linux 4.19.118-1 @@ -58108,8 +58108,8 @@ CVE-2020-5363 (Select Dell Client Consumer and Commercial platforms include an i NOT-FOR-US: Dell CVE-2020-5362 (Dell Client Consumer and Commercial platforms include an improper auth ...) NOT-FOR-US: Dell -CVE-2020-5361 - RESERVED +CVE-2020-5361 (Select Dell Client Commercial and Consumer platforms support a BIOS pa ...) + TODO: check CVE-2020-5360 (Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable ...) NOT-FOR-US: Dell CVE-2020-5359 (Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable ...) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 2c39266a07..b2992a2062 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -1,3 +1,389 @@ +CVE-2021-3019 (ffay lanproxy 0.1 allows Directory Traversal to read /../conf/config.p ...) + TODO: check +CVE-2021-3018 (ipeak Infosystems ibexwebCMS (aka IPeakCMS) 3.5 is vulnerable to an un ...) + TODO: check +CVE-2021-3017 + RESERVED +CVE-2021-3016 + RESERVED +CVE-2021-3015 + RESERVED +CVE-2021-22159 + RESERVED +CVE-2021-22158 + RESERVED +CVE-2021-22157 + RESERVED +CVE-2021-22156 + RESERVED +CVE-2021-22155 + RESERVED +CVE-2021-22154 + RESERVED +CVE-2021-22153 + RESERVED +CVE-2021-22152 + RESERVED +CVE-2021-22151 + RESERVED +CVE-2021-22150 + RESERVED +CVE-2021-22149 + RESERVED +CVE-2021-22148 + RESERVED +CVE-2021-22147 + RESERVED +CVE-2021-22146 + RESERVED +CVE-2021-22145 + RESERVED +CVE-2021-22144 + RESERVED +CVE-2021-22143 + RESERVED +CVE-2021-22142 + RESERVED +CVE-2021-22141 + RESERVED +CVE-2021-22140 + RESERVED +CVE-2021-22139 + RESERVED +CVE-2021-22138 + RESERVED +CVE-2021-22137 + RESERVED +CVE-2021-22136 + RESERVED +CVE-2021-22135 + RESERVED +CVE-2021-22134 + RESERVED +CVE-2021-22133 + RESERVED +CVE-2021-22132 + RESERVED +CVE-2021-22131 + RESERVED +CVE-2021-22130 + RESERVED +CVE-2021-22129 + RESERVED +CVE-2021-22128 + RESERVED +CVE-2021-22127 + RESERVED +CVE-2021-22126 + RESERVED +CVE-2021-22125 + RESERVED +CVE-2021-22124 + RESERVED +CVE-2021-22123 + RESERVED +CVE-2021-22122 + RESERVED +CVE-2021-22121 + RESERVED +CVE-2021-22120 + RESERVED +CVE-2021-22119 + RESERVED +CVE-2021-22118 + RESERVED +CVE-2021-22117 + RESERVED +CVE-2021-22116 + RESERVED +CVE-2021-22115 + RESERVED +CVE-2021-22114 + RESERVED +CVE-2021-22113 + RESERVED +CVE-2021-22112 + RESERVED +CVE-2021-22111 + RESERVED +CVE-2021-22110 + RESERVED +CVE-2021-22109 + RESERVED +CVE-2021-22108 + RESERVED +CVE-2021-22107 + RESERVED +CVE-2021-22106 + RESERVED +CVE-2021-22105 + RESERVED +CVE-2021-22104 + RESERVED +CVE-2021-22103 + RESERVED +CVE-2021-22102 + RESERVED +CVE-2021-22101 + RESERVED +CVE-2021-22100 + RESERVED +CVE-2021-22099 + RESERVED +CVE-2021-22098 + RESERVED +CVE-2021-22097 + RESERVED +CVE-2021-22096 + RESERVED +CVE-2021-22095 + RESERVED +CVE-2021-22094 + RESERVED +CVE-2021-22093 + RESERVED +CVE-2021-22092 + RESERVED +CVE-2021-22091 + RESERVED +CVE-2021-22090 + RESERVED +CVE-2021-22089 + RESERVED +CVE-2021-22088 + RESERVED +CVE-2021-22087 + RESERVED +CVE-2021-22086 + RESERVED +CVE-2021-22085 + RESERVED +CVE-2021-22084 + RESERVED +CVE-2021-22083 + RESERVED +CVE-2021-22082 + RESERVED +CVE-2021-22081 + RESERVED +CVE-2021-22080 + RESERVED +CVE-2021-22079 + RESERVED +CVE-2021-22078 + RESERVED +CVE-2021-22077 + RESERVED +CVE-2021-22076 + RESERVED +CVE-2021-22075 + RESERVED +CVE-2021-22074 + RESERVED +CVE-2021-22073 + RESERVED +CVE-2021-22072 + RESERVED +CVE-2021-22071 + RESERVED +CVE-2021-22070 + RESERVED +CVE-2021-22069 + RESERVED +CVE-2021-22068 + RESERVED +CVE-2021-22067 + RESERVED +CVE-2021-22066 + RESERVED +CVE-2021-22065 + RESERVED +CVE-2021-22064 + RESERVED +CVE-2021-22063 + RESERVED +CVE-2021-22062 + RESERVED +CVE-2021-22061 + RESERVED +CVE-2021-22060 + RESERVED +CVE-2021-22059 + RESERVED +CVE-2021-22058 + RESERVED +CVE-2021-22057 + RESERVED +CVE-2021-22056 + RESERVED +CVE-2021-22055 + RESERVED +CVE-2021-22054 + RESERVED +CVE-2021-22053 + RESERVED +CVE-2021-22052 + RESERVED +CVE-2021-22051 + RESERVED +CVE-2021-22050 + RESERVED +CVE-2021-22049 + RESERVED +CVE-2021-22048 + RESERVED +CVE-2021-22047 + RESERVED +CVE-2021-22046 + RESERVED +CVE-2021-22045 + RESERVED +CVE-2021-22044 + RESERVED +CVE-2021-22043 + RESERVED +CVE-2021-22042 + RESERVED +CVE-2021-22041 + RESERVED +CVE-2021-22040 + RESERVED +CVE-2021-22039 + RESERVED +CVE-2021-22038 + RESERVED +CVE-2021-22037 + RESERVED +CVE-2021-22036 + RESERVED +CVE-2021-22035 + RESERVED +CVE-2021-22034 + RESERVED +CVE-2021-22033 + RESERVED +CVE-2021-22032 + RESERVED +CVE-2021-22031 + RESERVED +CVE-2021-22030 + RESERVED +CVE-2021-22029 + RESERVED +CVE-2021-22028 + RESERVED +CVE-2021-22027 + RESERVED +CVE-2021-22026 + RESERVED +CVE-2021-22025 + RESERVED +CVE-2021-22024 + RESERVED +CVE-2021-22023 + RESERVED +CVE-2021-22022 + RESERVED +CVE-2021-22021 + RESERVED +CVE-2021-22020 + RESERVED +CVE-2021-22019 + RESERVED +CVE-2021-22018 + RESERVED +CVE-2021-22017 + RESERVED +CVE-2021-22016 + RESERVED +CVE-2021-22015 + RESERVED +CVE-2021-22014 + RESERVED +CVE-2021-22013 + RESERVED +CVE-2021-22012 + RESERVED +CVE-2021-22011 + RESERVED +CVE-2021-22010 + RESERVED +CVE-2021-22009 + RESERVED +CVE-2021-22008 + RESERVED +CVE-2021-22007 + RESERVED +CVE-2021-22006 + RESERVED +CVE-2021-22005 + RESERVED +CVE-2021-22004 + RESERVED +CVE-2021-22003 + RESERVED +CVE-2021-22002 + RESERVED +CVE-2021-22001 + RESERVED +CVE-2021-22000 + RESERVED +CVE-2021-21999 + RESERVED +CVE-2021-21998 + RESERVED +CVE-2021-21997 + RESERVED +CVE-2021-21996 + RESERVED +CVE-2021-21995 + RESERVED +CVE-2021-21994 + RESERVED +CVE-2021-21993 + RESERVED +CVE-2021-21992 + RESERVED +CVE-2021-21991 + RESERVED +CVE-2021-21990 + RESERVED +CVE-2021-21989 + RESERVED +CVE-2021-21988 + RESERVED +CVE-2021-21987 + RESERVED +CVE-2021-21986 + RESERVED +CVE-2021-21985 + RESERVED +CVE-2021-21984 + RESERVED +CVE-2021-21983 + RESERVED +CVE-2021-21982 + RESERVED +CVE-2021-21981 + RESERVED +CVE-2021-21980 + RESERVED +CVE-2021-21979 + RESERVED +CVE-2021-21978 + RESERVED +CVE-2021-21977 + RESERVED +CVE-2021-21976 + RESERVED +CVE-2021-21975 + RESERVED +CVE-2021-21974 + RESERVED +CVE-2021-21973 + RESERVED +CVE-2021-21972 + RESERVED CVE-2021-3014 (In MikroTik RouterOS through 2021-01-04, the hotspot login page is vul ...) NOT-FOR-US: MikroTik RouterOS CVE-2021-3013 |