automatic update

author: security tracker role <sectracker@soriano.debian.org> 2021-02-12 08:10:22 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2021-02-12 08:10:22 +0000
commit: 514f979a6454d305b01a5c307c22d5957f3deb56 (patch)
tree: 6f597b583581db7d461e61172bf35bce086a34bc /data
parent: d6e8741179a3ac1535951b361d90bc466b4447e7 (diff)
3 files changed, 180 insertions, 168 deletions
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index f757ad92ec..f81038d942 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -5221,10 +5221,10 @@ CVE-2019-19007 (Intelbras IWR 3000N 1.8.7 devices allow disclosure of the admini
 	NOT-FOR-US: Intelbras IWR 3000N 1.8.7 devices
 CVE-2019-19006 (Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197. ...)
 	NOT-FOR-US: FreePBX
-CVE-2019-19005
-	RESERVED
-CVE-2019-19004
-	RESERVED
+CVE-2019-19005 (A bitmap double free in main.c in autotrace 0.31.1 allows attackers to ...)
+	TODO: check
+CVE-2019-19004 (A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 ...)
+	TODO: check
 CVE-2019-19003 (For ABB eSOMS versions 4.0 to 6.0.2, the HTTPOnly flag is not set. Thi ...)
 	NOT-FOR-US: ABB eSOMS
 CVE-2019-19002 (For ABB eSOMS versions 4.0 to 6.0.2, the X-XSS-Protection HTTP respons ...)
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 1eae2d79c2..002777d53c 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -6796,26 +6796,26 @@ CVE-2020-27871 (This vulnerability allows remote attackers to create arbitrary f
 	TODO: check
 CVE-2020-27870 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	TODO: check
-CVE-2020-27869
-	RESERVED
-CVE-2020-27868
-	RESERVED
-CVE-2020-27867
-	RESERVED
-CVE-2020-27866
-	RESERVED
-CVE-2020-27865
-	RESERVED
-CVE-2020-27864
-	RESERVED
-CVE-2020-27863
-	RESERVED
-CVE-2020-27862
-	RESERVED
-CVE-2020-27861
-	RESERVED
-CVE-2020-27860
-	RESERVED
+CVE-2020-27869 (This vulnerability allows remote attackers to escalate privileges on a ...)
+	TODO: check
+CVE-2020-27868 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+	TODO: check
+CVE-2020-27867 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+	TODO: check
+CVE-2020-27866 (This vulnerability allows network-adjacent attackers to bypass authent ...)
+	TODO: check
+CVE-2020-27865 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+	TODO: check
+CVE-2020-27864 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+	TODO: check
+CVE-2020-27863 (This vulnerability allows network-adjacent attackers to disclose sensi ...)
+	TODO: check
+CVE-2020-27862 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+	TODO: check
+CVE-2020-27861 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+	TODO: check
+CVE-2020-27860 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+	TODO: check
 CVE-2020-27859 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: NEC ESMPRO Manager
 CVE-2020-27858 (This vulnerability allows remote attackers to disclose sensitive infor ...)
@@ -49319,8 +49319,8 @@ CVE-2020-9308 (archive_read_support_format_rar5.c in libarchive before 3.4.2 att
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20459
 	NOTE: https://github.com/libarchive/libarchive/pull/1326
 	NOTE: https://github.com/libarchive/libarchive/commit/94821008d6eea81e315c5881cdf739202961040a
-CVE-2020-9307
-	RESERVED
+CVE-2020-9307 (Hirschmann OS2, RSP, and RSPE devices before HiOS 08.3.00 allow a deni ...)
+	TODO: check
 CVE-2020-9306
 	RESERVED
 CVE-2020-9305
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index a1f55e17f0..90a82af557 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -1,3 +1,15 @@
+CVE-2021-27201
+	RESERVED
+CVE-2021-27200
+	RESERVED
+CVE-2021-27199
+	RESERVED
+CVE-2021-27198
+	RESERVED
+CVE-2021-27197
+	RESERVED
+CVE-2021-27196
+	RESERVED
 CVE-2021-27195
 	RESERVED
 CVE-2021-27194
@@ -10,8 +22,8 @@ CVE-2021-27191 (The get-ip-range package before 4.0.0 for Node.js is vulnerable
 	TODO: check
 CVE-2021-3408
 	RESERVED
-CVE-2021-27190
-	RESERVED
+CVE-2021-27190 (PEEL Shopping cart 9.3.0 allows utilisateurs/change_params.php Address ...)
+	TODO: check
 CVE-2021-27189
 	RESERVED
 CVE-2021-27188
@@ -11299,8 +11311,8 @@ CVE-2021-21978
 	RESERVED
 CVE-2021-21977
 	RESERVED
-CVE-2021-21976
-	RESERVED
+CVE-2021-21976 (vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8. ...)
+	TODO: check
 CVE-2021-21975
 	RESERVED
 CVE-2021-21974
@@ -12347,11 +12359,11 @@ CVE-2021-21471 (In CLA-Assistant, versions before 2.8.5, due to improper access
 	NOT-FOR-US: CLA-Assistant
 CVE-2021-21470 (SAP EPM Add-in for Microsoft Office, version - 1010 and SAP EPM Add-in ...)
 	NOT-FOR-US: SAP
-CVE-2021-21469 (When security guidelines for SAP NetWeaver Master Data Management, ver ...)
+CVE-2021-21469 (When security guidelines for SAP NetWeaver Master Data Management runn ...)
 	NOT-FOR-US: SAP
 CVE-2021-21468 (The BW Database Interface does not perform necessary authorization che ...)
 	NOT-FOR-US: SAP
-CVE-2021-21467 (SAP Banking Services (Generic Market Data) 400, 450, and 500 does not  ...)
+CVE-2021-21467 (SAP Banking Services (Generic Market Data) does not perform necessary  ...)
 	NOT-FOR-US: SAP
 CVE-2021-21466 (SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 75 ...)
 	NOT-FOR-US: SAP
@@ -12665,10 +12677,10 @@ CVE-2021-21313
 	RESERVED
 CVE-2021-21312
 	RESERVED
-CVE-2021-21311
-	RESERVED
-CVE-2021-21310
-	RESERVED
+CVE-2021-21311 (Adminer is an open-source database management in a single PHP file. In ...)
+	TODO: check
+CVE-2021-21310 (NextAuth.js (next-auth) is am open source authentication solution for  ...)
+	TODO: check
 CVE-2021-21309
 	RESERVED
 CVE-2021-21308
@@ -13282,109 +13294,109 @@ CVE-2021-21065
 	RESERVED
 CVE-2021-21064
 	RESERVED
-CVE-2021-21063
-	RESERVED
-CVE-2021-21062
-	RESERVED
-CVE-2021-21061
-	RESERVED
-CVE-2021-21060
-	RESERVED
-CVE-2021-21059
-	RESERVED
-CVE-2021-21058
-	RESERVED
-CVE-2021-21057
-	RESERVED
+CVE-2021-21063 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+	TODO: check
+CVE-2021-21062 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+	TODO: check
+CVE-2021-21061 (Acrobat Pro DC versions versions 2020.013.20074 (and earlier), 2020.00 ...)
+	TODO: check
+CVE-2021-21060 (Adobe Acrobat Pro DC versions 2020.013.20074 (and earlier), 2020.001.3 ...)
+	TODO: check
+CVE-2021-21059 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+	TODO: check
+CVE-2021-21058 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+	TODO: check
+CVE-2021-21057 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+	TODO: check
 CVE-2021-21056
 	RESERVED
-CVE-2021-21055
-	RESERVED
-CVE-2021-21054
-	RESERVED
-CVE-2021-21053
-	RESERVED
-CVE-2021-21052
-	RESERVED
-CVE-2021-21051
-	RESERVED
-CVE-2021-21050
-	RESERVED
-CVE-2021-21049
-	RESERVED
-CVE-2021-21048
-	RESERVED
-CVE-2021-21047
-	RESERVED
-CVE-2021-21046
-	RESERVED
-CVE-2021-21045
-	RESERVED
-CVE-2021-21044
-	RESERVED
+CVE-2021-21055 (Adobe Dreamweaver versions 21.0 (and earlier) and 20.2 (and earlier) i ...)
+	TODO: check
+CVE-2021-21054 (Adobe Illustrator version 25.1 (and earlier) is affected by an Out-of- ...)
+	TODO: check
+CVE-2021-21053 (Adobe Illustrator version 25.1 (and earlier) is affected by an Out-of- ...)
+	TODO: check
+CVE-2021-21052 (Adobe Animate version 21.0.2 (and earlier) is affected by an Out-of-bo ...)
+	TODO: check
+CVE-2021-21051 (Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) ...)
+	TODO: check
+CVE-2021-21050 (Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) ...)
+	TODO: check
+CVE-2021-21049 (Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) ...)
+	TODO: check
+CVE-2021-21048 (Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) ...)
+	TODO: check
+CVE-2021-21047 (Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) ...)
+	TODO: check
+CVE-2021-21046 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+	TODO: check
+CVE-2021-21045 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+	TODO: check
+CVE-2021-21044 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+	TODO: check
 CVE-2021-21043 (ACS Commons version 4.9.2 (and earlier) suffers from a Reflected Cross ...)
 	NOT-FOR-US: Adobe
-CVE-2021-21042
-	RESERVED
-CVE-2021-21041
-	RESERVED
-CVE-2021-21040
-	RESERVED
-CVE-2021-21039
-	RESERVED
-CVE-2021-21038
-	RESERVED
-CVE-2021-21037
-	RESERVED
-CVE-2021-21036
-	RESERVED
-CVE-2021-21035
-	RESERVED
-CVE-2021-21034
-	RESERVED
-CVE-2021-21033
-	RESERVED
-CVE-2021-21032
-	RESERVED
-CVE-2021-21031
-	RESERVED
-CVE-2021-21030
-	RESERVED
-CVE-2021-21029
-	RESERVED
-CVE-2021-21028
-	RESERVED
-CVE-2021-21027
-	RESERVED
-CVE-2021-21026
-	RESERVED
-CVE-2021-21025
-	RESERVED
-CVE-2021-21024
-	RESERVED
-CVE-2021-21023
-	RESERVED
-CVE-2021-21022
-	RESERVED
-CVE-2021-21021
-	RESERVED
-CVE-2021-21020
-	RESERVED
-CVE-2021-21019
-	RESERVED
-CVE-2021-21018
-	RESERVED
-CVE-2021-21017
-	RESERVED
-CVE-2021-21016
-	RESERVED
-CVE-2021-21015
-	RESERVED
-CVE-2021-21014
-	RESERVED
-CVE-2021-21013 (Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bound ...)
+CVE-2021-21042 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+	TODO: check
+CVE-2021-21041 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+	TODO: check
+CVE-2021-21040 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+	TODO: check
+CVE-2021-21039 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+	TODO: check
+CVE-2021-21038 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+	TODO: check
+CVE-2021-21037 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+	TODO: check
+CVE-2021-21036 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+	TODO: check
+CVE-2021-21035 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+	TODO: check
+CVE-2021-21034 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+	TODO: check
+CVE-2021-21033 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+	TODO: check
+CVE-2021-21032 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+	TODO: check
+CVE-2021-21031 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+	TODO: check
+CVE-2021-21030 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+	TODO: check
+CVE-2021-21029 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+	TODO: check
+CVE-2021-21028 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+	TODO: check
+CVE-2021-21027 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+	TODO: check
+CVE-2021-21026 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+	TODO: check
+CVE-2021-21025 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+	TODO: check
+CVE-2021-21024 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+	TODO: check
+CVE-2021-21023 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+	TODO: check
+CVE-2021-21022 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+	TODO: check
+CVE-2021-21021 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+	TODO: check
+CVE-2021-21020 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+	TODO: check
+CVE-2021-21019 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+	TODO: check
+CVE-2021-21018 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+	TODO: check
+CVE-2021-21017 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
+	TODO: check
+CVE-2021-21016 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+	TODO: check
+CVE-2021-21015 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+	TODO: check
+CVE-2021-21014 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
+	TODO: check
+CVE-2021-21013 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
 	NOT-FOR-US: Adobe
-CVE-2021-21012 (Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bound ...)
+CVE-2021-21012 (Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 ...)
 	NOT-FOR-US: Adobe
 CVE-2021-21011 (Adobe Captivate 2019 version 11.5.1.499 (and earlier) is affected by a ...)
 	NOT-FOR-US: Adobe
@@ -14106,40 +14118,40 @@ CVE-2021-20653
 	RESERVED
 CVE-2021-20652 (Cross-site request forgery (CSRF) vulnerability in Name Directory 1.17 ...)
 	NOT-FOR-US: Name Directory
-CVE-2021-20651
-	RESERVED
-CVE-2021-20650
-	RESERVED
-CVE-2021-20649
-	RESERVED
-CVE-2021-20648
-	RESERVED
-CVE-2021-20647
-	RESERVED
-CVE-2021-20646
-	RESERVED
-CVE-2021-20645
-	RESERVED
-CVE-2021-20644
-	RESERVED
-CVE-2021-20643
-	RESERVED
-CVE-2021-20642
-	RESERVED
-CVE-2021-20641
-	RESERVED
-CVE-2021-20640
-	RESERVED
-CVE-2021-20639
-	RESERVED
-CVE-2021-20638
-	RESERVED
-CVE-2021-20637
-	RESERVED
-CVE-2021-20636
-	RESERVED
-CVE-2021-20635
-	RESERVED
+CVE-2021-20651 (Directory traversal vulnerability in ELECOM File Manager all versions  ...)
+	TODO: check
+CVE-2021-20650 (Cross-site request forgery (CSRF) vulnerability in ELECOM NCC-EWF100RM ...)
+	TODO: check
+CVE-2021-20649 (ELECOM WRC-300FEBK-S contains an improper certificate validation vulne ...)
+	TODO: check
+CVE-2021-20648 (ELECOM WRC-300FEBK-S allows an attacker with administrator rights to e ...)
+	TODO: check
+CVE-2021-20647 (Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK- ...)
+	TODO: check
+CVE-2021-20646 (Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK- ...)
+	TODO: check
+CVE-2021-20645 (Cross-site scripting vulnerability in ELECOM WRC-300FEBK-A allows remo ...)
+	TODO: check
+CVE-2021-20644 (ELECOM WRC-1467GHBK-A allows arbitrary scripts to be executed on the u ...)
+	TODO: check
+CVE-2021-20643 (Improper access control vulnerability in ELECOM LD-PS/U1 allows remote ...)
+	TODO: check
+CVE-2021-20642 (Improper check or handling of exceptional conditions in LOGITEC LAN-W3 ...)
+	TODO: check
+CVE-2021-20641 (Cross-site request forgery (CSRF) vulnerability in LOGITEC LAN-W300N/R ...)
+	TODO: check
+CVE-2021-20640 (Buffer overflow vulnerability in LOGITEC LAN-W300N/PGRB allows an atta ...)
+	TODO: check
+CVE-2021-20639 (LOGITEC LAN-W300N/PGRB allows an attacker with administrative privileg ...)
+	TODO: check
+CVE-2021-20638 (LOGITEC LAN-W300N/PGRB allows an attacker with administrative privileg ...)
+	TODO: check
+CVE-2021-20637 (Improper check or handling of exceptional conditions in LOGITEC LAN-W3 ...)
+	TODO: check
+CVE-2021-20636 (Cross-site request forgery (CSRF) vulnerability in LOGITEC LAN-W300N/P ...)
+	TODO: check
+CVE-2021-20635 (Improper restriction of excessive authentication attempts in LOGITEC L ...)
+	TODO: check
 CVE-2021-20634
 	RESERVED
 CVE-2021-20633
author	security tracker role <sectracker@soriano.debian.org>	2021-02-12 08:10:22 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2021-02-12 08:10:22 +0000
commit	514f979a6454d305b01a5c307c22d5957f3deb56 (patch)
tree	6f597b583581db7d461e61172bf35bce086a34bc /data
parent	d6e8741179a3ac1535951b361d90bc466b4447e7 (diff)