diff options
| author | security tracker role <sectracker@soriano.debian.org> | 2021-12-07 20:10:17 +0000 |
|---|---|---|
| committer | security tracker role <sectracker@soriano.debian.org> | 2021-12-07 20:10:17 +0000 |
| commit | 04755cd4057dcb8812169141ed7bc33372dc4062 (patch) | |
| tree | 827c568057b115932b4865ecb8b75250388c04ec /data | |
| parent | 7043b903b121811100e74fa08f1c0829a6a1998c (diff) | |
automatic update
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/2020.list | 12 | ||||
| -rw-r--r-- | data/CVE/2021.list | 360 |
2 files changed, 192 insertions, 180 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 28298d7413..cf0f893d25 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -9041,8 +9041,8 @@ CVE-2020-27415 RESERVED CVE-2020-27414 (Mahavitaran android application 7.50 and prior transmit sensitive info ...) NOT-FOR-US: Mahavitaran android application -CVE-2020-27413 - RESERVED +CVE-2020-27413 (An issue was discovered in Mahavitaran android application 7.50 and be ...) + TODO: check CVE-2020-27412 RESERVED CVE-2020-27411 @@ -26482,8 +26482,8 @@ CVE-2020-19613 (Server Side Request Forgery (SSRF) vulnerability in saveUrlAs fu NOT-FOR-US: sunkaifei FlyCMS CVE-2020-19612 RESERVED -CVE-2020-19611 - RESERVED +CVE-2020-19611 (Cross Site Scripting (XSS) in redirect module of Racktables version 0. ...) + TODO: check CVE-2020-19610 RESERVED CVE-2020-19609 (Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff ...) @@ -44241,8 +44241,8 @@ CVE-2020-12142 (1. IPSec UDP key material can be retrieved from machine-to-machi NOT-FOR-US: EdgeConnect CVE-2020-12141 (An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and earlier ...) NOT-FOR-US: SNMP stack in Contiki-NG -CVE-2020-12140 - RESERVED +CVE-2020-12140 (A buffer overflow in os/net/mac/ble/ble-l2cap.c in the BLE stack in Co ...) + TODO: check CVE-2020-12139 RESERVED CVE-2020-12138 (AMD ATI atillk64.sys 5.11.9.0 allows low-privileged users to interact ...) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index c3465cc449..88aa5fce2e 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -1,3 +1,17 @@ +CVE-2021-44695 + RESERVED +CVE-2021-44694 + RESERVED +CVE-2021-44693 + RESERVED +CVE-2021-4079 + RESERVED +CVE-2021-4078 + RESERVED +CVE-2021-4077 + RESERVED +CVE-2021-4076 + RESERVED CVE-2021-44692 RESERVED CVE-2021-44691 @@ -391,8 +405,8 @@ CVE-2021-41836 RESERVED CVE-2021-4050 RESERVED -CVE-2021-4049 - RESERVED +CVE-2021-4049 (livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) ...) + TODO: check CVE-2021-44539 RESERVED CVE-2021-44538 @@ -417,8 +431,8 @@ CVE-2021-44529 RESERVED CVE-2021-44528 RESERVED -CVE-2021-44527 - RESERVED +CVE-2021-44527 (A vulnerability found in UniFi Switch firmware Version 5.43.35 and ear ...) + TODO: check CVE-2021-44526 RESERVED CVE-2021-44525 @@ -816,7 +830,7 @@ CVE-2021-4033 RESERVED CVE-2021-44353 RESERVED -CVE-2021-44352 (A Stack-based Buffer Overflow vlnerability exists in the Tenda AC15 V1 ...) +CVE-2021-44352 (A Stack-based Buffer Overflow vulnerability exists in the Tenda AC15 V ...) NOT-FOR-US: Tenda CVE-2021-44351 RESERVED @@ -1222,12 +1236,12 @@ CVE-2021-44189 RESERVED CVE-2021-44188 RESERVED -CVE-2021-44187 - RESERVED -CVE-2021-44186 - RESERVED -CVE-2021-44185 - RESERVED +CVE-2021-44187 (Adobe Bridge versions 11.1.1 (and earlier) are affected by an out-of-b ...) + TODO: check +CVE-2021-44186 (Adobe Bridge versions 11.1.1 (and earlier) are affected by an out-of-b ...) + TODO: check +CVE-2021-44185 (Adobe Bridge versions 11.1.1 (and earlier) are affected by an out-of-b ...) + TODO: check CVE-2021-44184 RESERVED CVE-2021-44183 @@ -2121,8 +2135,8 @@ CVE-2021-43807 RESERVED CVE-2021-43806 RESERVED -CVE-2021-43805 - RESERVED +CVE-2021-43805 (Solidus is a free, open-source ecommerce platform built on Rails. Vers ...) + TODO: check CVE-2021-43804 RESERVED CVE-2021-43803 @@ -2135,8 +2149,7 @@ CVE-2021-43800 (Wiki.js is a wiki app built on Node.js. Prior to version 2.5.254 NOT-FOR-US: Wiki.js CVE-2021-43799 RESERVED -CVE-2021-43798 - RESERVED +CVE-2021-43798 (Grafana is an open-source platform for monitoring and observability. G ...) - grafana <removed> CVE-2021-43797 RESERVED @@ -2154,8 +2167,8 @@ CVE-2021-43791 (Zulip is an open source group chat application that combines rea - zulip-server <itp> (bug #800052) CVE-2021-43790 (Lucet is a native WebAssembly compiler and runtime. There is a bug in ...) NOT-FOR-US: Lucet -CVE-2021-43789 - RESERVED +CVE-2021-43789 (PrestaShop is an Open Source e-commerce web application. Versions of P ...) + TODO: check CVE-2021-43788 (Nodebb is an open source Node.js based forum software. Prior to v1.18. ...) NOT-FOR-US: Nodebb CVE-2021-43787 (Nodebb is an open source Node.js based forum software. In affected ver ...) @@ -3687,10 +3700,10 @@ CVE-2021-43178 RESERVED CVE-2021-43177 RESERVED -CVE-2021-43176 - RESERVED -CVE-2021-43175 - RESERVED +CVE-2021-43176 (The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 ...) + TODO: check +CVE-2021-43175 (The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 ...) + TODO: check CVE-2021-3918 (json-schema is vulnerable to Improperly Controlled Modification of Obj ...) - node-json-schema 0.4.0+~7.0.9-1 (bug #999765) [bullseye] - node-json-schema <no-dsa> (Minor issue) @@ -6053,26 +6066,26 @@ CVE-2021-3875 (vim is vulnerable to Heap-based Buffer Overflow ...) NOTE: https://huntr.dev/bounties/5cdbc168-6ba1-4bc2-ba6c-28be12166a53/ NOTE: Search from cursor position introduced in: https://github.com/vim/vim/commit/04db26b36000a4677b95403ec94bd11f6cc73975 (v8.2.3110) NOTE: Fixed by: https://github.com/vim/vim/commit/35a319b77f897744eec1155b736e9372c9c5575f (v8.2.3489) -CVE-2021-42133 - RESERVED -CVE-2021-42132 - RESERVED -CVE-2021-42131 - RESERVED -CVE-2021-42130 - RESERVED -CVE-2021-42129 - RESERVED -CVE-2021-42128 - RESERVED -CVE-2021-42127 - RESERVED -CVE-2021-42126 - RESERVED -CVE-2021-42125 - RESERVED -CVE-2021-42124 - RESERVED +CVE-2021-42133 (An exposed dangerous function vulnerability exists in Ivanti Avalanche ...) + TODO: check +CVE-2021-42132 (A command Injection vulnerability exists in Ivanti Avalanche before 6. ...) + TODO: check +CVE-2021-42131 (A SQL Injection vulnerability exists in Ivanti Avalance before 6.3.3 a ...) + TODO: check +CVE-2021-42130 (A deserialization of untrusted data vulnerability exists in Ivanti Ava ...) + TODO: check +CVE-2021-42129 (A command injection vulnerability exists in Ivanti Avalanche before 6. ...) + TODO: check +CVE-2021-42128 (An exposed dangerous function vulnerability exists in Ivanti Avalanche ...) + TODO: check +CVE-2021-42127 (A deserialization of untrusted data vulnerability exists in Ivanti Ava ...) + TODO: check +CVE-2021-42126 (An improper authorization control vulnerability exists in Ivanti Avala ...) + TODO: check +CVE-2021-42125 (An unrestricted file upload vulnerability exists in Ivanti Avalanche b ...) + TODO: check +CVE-2021-42124 (An improper access control vulnerability exists in Ivanti Avalanche be ...) + TODO: check CVE-2021-42123 (Unrestricted File Upload in Web Applications operating on Business-DNA ...) NOT-FOR-US: Business-DNA Solutions CVE-2021-42122 (Insufficient Input Validation in Web Applications operating on Busines ...) @@ -7111,8 +7124,8 @@ CVE-2021-41718 RESERVED CVE-2021-41717 RESERVED -CVE-2021-41716 - RESERVED +CVE-2021-41716 (Maharashtra State Electricity Board Mahavitara Android Application 8.2 ...) + TODO: check CVE-2021-41715 RESERVED CVE-2021-41714 @@ -9120,8 +9133,8 @@ CVE-2021-40861 RESERVED CVE-2021-40860 RESERVED -CVE-2021-40859 - RESERVED +CVE-2021-40859 (Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B dev ...) + TODO: check CVE-2021-40858 RESERVED CVE-2021-40857 @@ -10990,16 +11003,16 @@ CVE-2021-40098 (An issue was discovered in Concrete CMS through 8.5.5. Path Trav NOT-FOR-US: Concrete CMS CVE-2021-40097 (An issue was discovered in Concrete CMS through 8.5.5. Authenticated p ...) NOT-FOR-US: Concrete CMS -CVE-2021-40096 - RESERVED -CVE-2021-40095 - RESERVED -CVE-2021-40094 - RESERVED -CVE-2021-40093 - RESERVED -CVE-2021-40092 - RESERVED +CVE-2021-40096 (A cross-site scripting (XSS) vulnerability in integration configuratio ...) + TODO: check +CVE-2021-40095 (An issue was discovered in SquaredUp for SCOM 5.2.1.6654. The Download ...) + TODO: check +CVE-2021-40094 (A DOM-based XSS vulnerability affects SquaredUp for SCOM 5.2.1.6654. I ...) + TODO: check +CVE-2021-40093 (A cross-site scripting (XSS) vulnerability in integration configuratio ...) + TODO: check +CVE-2021-40092 (A cross-site scripting (XSS) vulnerability in Image Tile in SquaredUp ...) + TODO: check CVE-2021-40091 (An SSRF issue was discovered in SquaredUp for SCOM 5.2.1.6654. ...) NOT-FOR-US: SquaredUp for SCOM CVE-2021-40090 @@ -11381,7 +11394,7 @@ CVE-2021-39924 (Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to - wireshark 3.6.0-1 NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17677 NOTE: https://www.wireshark.org/security/wnpa-sec-2021-10.html -CVE-2021-39923 (NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3 ...) +CVE-2021-39923 (Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 ...) - wireshark 3.6.0-1 NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17705 NOTE: https://www.wireshark.org/security/wnpa-sec-2021-15.html @@ -16226,8 +16239,8 @@ CVE-2021-37942 RESERVED CVE-2021-37941 RESERVED -CVE-2021-37940 - RESERVED +CVE-2021-37940 (An information disclosure via GET request server-side request forgery ...) + TODO: check CVE-2021-37939 (It was discovered that Kibana’s JIRA connector & IBM Resilie ...) NOT-FOR-US: IBM CVE-2021-37938 (It was discovered that on Windows operating systems specifically, Kiba ...) @@ -18195,98 +18208,98 @@ CVE-2021-37102 (There is a command injection vulnerability in CMA service module NOT-FOR-US: Huawei CVE-2021-37101 (There is an improper authorization vulnerability in AIS-BW50-00 9.0.6. ...) NOT-FOR-US: Huawei -CVE-2021-37100 - RESERVED -CVE-2021-37099 - RESERVED +CVE-2021-37100 (There is a Improper Authentication vulnerability in Huawei Smartphone. ...) + TODO: check +CVE-2021-37099 (There is a Path Traversal vulnerability in Huawei Smartphone.Successfu ...) + TODO: check CVE-2021-37098 RESERVED CVE-2021-37097 RESERVED -CVE-2021-37096 - RESERVED -CVE-2021-37095 - RESERVED -CVE-2021-37094 - RESERVED +CVE-2021-37096 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...) + TODO: check +CVE-2021-37095 (There is a Integer Overflow or Wraparound vulnerability in Huawei Smar ...) + TODO: check +CVE-2021-37094 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...) + TODO: check CVE-2021-37093 RESERVED CVE-2021-37092 RESERVED -CVE-2021-37091 - RESERVED -CVE-2021-37090 - RESERVED -CVE-2021-37089 - RESERVED -CVE-2021-37088 - RESERVED -CVE-2021-37087 - RESERVED -CVE-2021-37086 - RESERVED -CVE-2021-37085 - RESERVED -CVE-2021-37084 - RESERVED -CVE-2021-37083 - RESERVED -CVE-2021-37082 - RESERVED -CVE-2021-37081 - RESERVED -CVE-2021-37080 - RESERVED -CVE-2021-37079 - RESERVED -CVE-2021-37078 - RESERVED -CVE-2021-37077 - RESERVED -CVE-2021-37076 - RESERVED +CVE-2021-37091 (There is a Permissions,Privileges,and Access Controls vulnerability in ...) + TODO: check +CVE-2021-37090 (There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Succe ...) + TODO: check +CVE-2021-37089 (There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Succe ...) + TODO: check +CVE-2021-37088 (There is a Path Traversal vulnerability in Huawei Smartphone.Successfu ...) + TODO: check +CVE-2021-37087 (There is a Path Traversal vulnerability in Huawei Smartphone.Successfu ...) + TODO: check +CVE-2021-37086 (There is a Improper Preservation of Permissions vulnerability in Huawe ...) + TODO: check +CVE-2021-37085 (There is a Encoding timing vulnerability in Huawei Smartphone.Successf ...) + TODO: check +CVE-2021-37084 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...) + TODO: check +CVE-2021-37083 (There is a NULL Pointer Dereference vulnerability in Huawei Smartphone ...) + TODO: check +CVE-2021-37082 (There is a Race Condition vulnerability in Huawei Smartphone.Successfu ...) + TODO: check +CVE-2021-37081 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...) + TODO: check +CVE-2021-37080 (There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Succe ...) + TODO: check +CVE-2021-37079 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...) + TODO: check +CVE-2021-37078 (There is a Uncaught Exception vulnerability in Huawei Smartphone.Succe ...) + TODO: check +CVE-2021-37077 (There is a NULL Pointer Dereference vulnerability in Huawei Smartphone ...) + TODO: check +CVE-2021-37076 (There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Succe ...) + TODO: check CVE-2021-37075 RESERVED CVE-2021-37074 RESERVED -CVE-2021-37073 - RESERVED -CVE-2021-37072 - RESERVED -CVE-2021-37071 - RESERVED -CVE-2021-37070 - RESERVED +CVE-2021-37073 (There is a Race Condition vulnerability in Huawei Smartphone.Successfu ...) + TODO: check +CVE-2021-37072 (There is a Incorrect Calculation of Buffer Size vulnerability in Huawe ...) + TODO: check +CVE-2021-37071 (There is a Business Logic Errors vulnerability in Huawei Smartphone.Su ...) + TODO: check +CVE-2021-37070 (There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Succe ...) + TODO: check CVE-2021-37069 RESERVED -CVE-2021-37068 - RESERVED -CVE-2021-37067 - RESERVED -CVE-2021-37066 - RESERVED -CVE-2021-37065 - RESERVED -CVE-2021-37064 - RESERVED -CVE-2021-37063 - RESERVED -CVE-2021-37062 - RESERVED -CVE-2021-37061 - RESERVED -CVE-2021-37060 - RESERVED -CVE-2021-37059 - RESERVED -CVE-2021-37058 - RESERVED -CVE-2021-37057 - RESERVED -CVE-2021-37056 - RESERVED -CVE-2021-37055 - RESERVED +CVE-2021-37068 (There is a Resource Management Errors vulnerability in Huawei Smartpho ...) + TODO: check +CVE-2021-37067 (There is a Exposure of Sensitive Information to an Unauthorized Actor ...) + TODO: check +CVE-2021-37066 (There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Succe ...) + TODO: check +CVE-2021-37065 (There is a Integer Overflow or Wraparound vulnerability in Huawei Smar ...) + TODO: check +CVE-2021-37064 (There is a Improper Limitation of a Pathname to a Restricted Directory ...) + TODO: check +CVE-2021-37063 (There is a Cryptographic Issues vulnerability in Huawei Smartphone.Suc ...) + TODO: check +CVE-2021-37062 (There is a Improper Validation of Array Index vulnerability in Huawei ...) + TODO: check +CVE-2021-37061 (There is a Uncontrolled Resource Consumption vulnerability in Huawei S ...) + TODO: check +CVE-2021-37060 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...) + TODO: check +CVE-2021-37059 (There is a Weaknesses Introduced During Design ...) + TODO: check +CVE-2021-37058 (There is a Permissions,Privileges,and Access Controls vulnerability in ...) + TODO: check +CVE-2021-37057 (There is a Improper Validation of Array Index vulnerability in Huawei ...) + TODO: check +CVE-2021-37056 (There is an Improper permission control vulnerability in Huawei Smartp ...) + TODO: check +CVE-2021-37055 (There is a Logic bypass vulnerability in Huawei Smartphone.Successful ...) + TODO: check CVE-2021-37054 RESERVED CVE-2021-37053 @@ -18299,28 +18312,28 @@ CVE-2021-37050 RESERVED CVE-2021-37049 RESERVED -CVE-2021-37048 - RESERVED -CVE-2021-37047 - RESERVED -CVE-2021-37046 - RESERVED +CVE-2021-37048 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...) + TODO: check +CVE-2021-37047 (There is an Input verification vulnerability in Huawei Smartphone.Succ ...) + TODO: check +CVE-2021-37046 (There is a Memory leak vulnerability with the codec detection module i ...) + TODO: check CVE-2021-37045 RESERVED CVE-2021-37044 RESERVED -CVE-2021-37043 - RESERVED -CVE-2021-37042 - RESERVED -CVE-2021-37041 - RESERVED +CVE-2021-37043 (There is a Stack-based Buffer Overflow vulnerability in Huawei Smartph ...) + TODO: check +CVE-2021-37042 (There is an Improper verification vulnerability in Huawei Smartphone.S ...) + TODO: check +CVE-2021-37041 (There is an Improper verification vulnerability in Huawei Smartphone.S ...) + TODO: check CVE-2021-37040 RESERVED CVE-2021-37039 RESERVED -CVE-2021-37038 - RESERVED +CVE-2021-37038 (There is an Improper access control vulnerability in Huawei Smartphone ...) + TODO: check CVE-2021-37037 RESERVED CVE-2021-37036 (There is an information leakage vulnerability in FusionCompute 6.5.1, ...) @@ -18353,10 +18366,10 @@ CVE-2021-37023 (There is a Improper Access Control vulnerability in Huawei Smart NOT-FOR-US: Huawei CVE-2021-37022 (There is a Heap-based Buffer Overflow vulnerability in Huawei Smartpho ...) NOT-FOR-US: Huawei -CVE-2021-37021 - RESERVED -CVE-2021-37020 - RESERVED +CVE-2021-37021 (There is a Stack-based Buffer Overflow vulnerability in Huawei Smartph ...) + TODO: check +CVE-2021-37020 (There is a Stack-based Buffer Overflow vulnerability in Huawei Smartph ...) + TODO: check CVE-2021-37019 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...) NOT-FOR-US: Huawei CVE-2021-37018 (There is a Data Processing Errors vulnerability in Huawei Smartphone.S ...) @@ -18367,14 +18380,14 @@ CVE-2021-37016 (There is a Out-of-bounds Read vulnerability in Huawei Smartphone NOT-FOR-US: Huawei CVE-2021-37015 (There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Succe ...) NOT-FOR-US: Huawei -CVE-2021-37014 - RESERVED +CVE-2021-37014 (There is a Stack-based Buffer Overflow vulnerability in Huawei Smartph ...) + TODO: check CVE-2021-37013 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...) NOT-FOR-US: Huawei CVE-2021-37012 (There is a Data Processing Errors vulnerability in Huawei Smartphone.S ...) NOT-FOR-US: Huawei -CVE-2021-37011 - RESERVED +CVE-2021-37011 (There is a Stack-based Buffer Overflow vulnerability in Huawei Smartph ...) + TODO: check CVE-2021-37010 (There is a Exposure of Sensitive Information to an Unauthorized Actor ...) NOT-FOR-US: Huawei CVE-2021-37009 (There is a Configuration vulnerability in Huawei Smartphone.Successful ...) @@ -37387,7 +37400,7 @@ CVE-2021-3467 (A NULL pointer dereference flaw was found in the way Jasper versi - jasper <removed> NOTE: https://github.com/jasper-software/jasper/issues/268 NOTE: https://github.com/jasper-software/jasper/commit/c4144a6fdb2660794136d1daaa80682ee40b138b -CVE-2021-3466 (A flaw was found in libmicrohttpd in versions before 0.9.71. A missing ...) +CVE-2021-3466 (A flaw was found in libmicrohttpd. A missing bounds check in the post_ ...) - libmicrohttpd 0.9.71-1 [buster] - libmicrohttpd <not-affected> (Vulnerable code introduced later) [stretch] - libmicrohttpd <not-affected> (Vulnerable code introduced later) @@ -37478,14 +37491,14 @@ CVE-2021-29118 RESERVED CVE-2021-29117 RESERVED -CVE-2021-29116 - RESERVED -CVE-2021-29115 - RESERVED -CVE-2021-29114 - RESERVED -CVE-2021-29113 - RESERVED +CVE-2021-29116 (A stored Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Serve ...) + TODO: check +CVE-2021-29115 (An information disclosure vulnerability in the ArcGIS Service Director ...) + TODO: check +CVE-2021-29114 (A SQL injection vulnerability in feature services provided by Esri Arc ...) + TODO: check +CVE-2021-29113 (A remote file inclusion vulnerability in the ArcGIS Server help docume ...) + TODO: check CVE-2021-29112 RESERVED CVE-2021-29111 @@ -38460,8 +38473,7 @@ CVE-2021-28704 (PoD operations on misaligned GFNs T[his CNA information record r [buster] - xen <end-of-life> (DSA 4677-1) [stretch] - xen <end-of-life> (DSA 4602-1) NOTE: https://xenbits.xen.org/xsa/advisory-388.html -CVE-2021-28703 - RESERVED +CVE-2021-28703 (grant table v2 status pages may remain accessible after de-allocation ...) - xen 4.14.0+80-gd101b417b7-1 [buster] - xen <end-of-life> (DSA 4677-1) [stretch] - xen <end-of-life> (DSA 4602-1) @@ -47687,7 +47699,7 @@ CVE-2021-24893 RESERVED CVE-2021-24892 (Insecure Direct Object Reference in edit function of Advanced Forms (F ...) NOT-FOR-US: WordPress plugin -CVE-2021-24891 (The Elementor Website Builder WordPress plugin before 3.1.4 does not s ...) +CVE-2021-24891 (The Elementor Website Builder WordPress plugin before 3.4.8 does not s ...) NOT-FOR-US: WordPress plugin CVE-2021-24890 RESERVED @@ -51931,10 +51943,10 @@ CVE-2021-22958 (A Server-Side Request Forgery vulnerability was found in concret NOT-FOR-US: Concrete CMS CVE-2021-22957 (A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Pr ...) NOT-FOR-US: UniFi Protect -CVE-2021-22956 - RESERVED -CVE-2021-22955 - RESERVED +CVE-2021-22956 (An uncontrolled resource consumption vulnerability exists in Citrix AD ...) + TODO: check +CVE-2021-22955 (A unauthenticated denial of service vulnerability exists in Citrix ADC ...) + TODO: check CVE-2021-22954 RESERVED CVE-2021-22953 (A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to c ...) |