summaryrefslogtreecommitdiffstats
path: root/data/CVE/2021.list
diff options
context:
space:
mode:
Diffstat (limited to 'data/CVE/2021.list')
-rw-r--r--data/CVE/2021.list122
1 files changed, 69 insertions, 53 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 99bb101940..c0c9e34915 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -1,3 +1,23 @@
+CVE-2021-27965 (The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2 ...)
+ TODO: check
+CVE-2021-27964 (SonLogger before 6.4.1 is affected by Unauthenticated Arbitrary File U ...)
+ TODO: check
+CVE-2021-27963 (SonLogger before 6.4.1 is affected by user creation with any user perm ...)
+ TODO: check
+CVE-2021-27962
+ RESERVED
+CVE-2021-27961
+ RESERVED
+CVE-2021-27960
+ RESERVED
+CVE-2021-27959
+ RESERVED
+CVE-2021-27958
+ RESERVED
+CVE-2021-27957
+ RESERVED
+CVE-2021-27956
+ RESERVED
CVE-2021-27955
RESERVED
CVE-2021-27954
@@ -1352,8 +1372,8 @@ CVE-2021-27316
RESERVED
CVE-2021-27315
RESERVED
-CVE-2021-27314
- RESERVED
+CVE-2021-27314 (SQL injection in admin.php in doctor appointment system 1.0 allows an ...)
+ TODO: check
CVE-2021-27313
RESERVED
CVE-2021-27312
@@ -2047,10 +2067,10 @@ CVE-2021-26991
RESERVED
CVE-2021-26990
RESERVED
-CVE-2021-26989
- RESERVED
-CVE-2021-26988
- RESERVED
+CVE-2021-26989 (Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P9 a ...)
+ TODO: check
+CVE-2021-26988 (Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 a ...)
+ TODO: check
CVE-2021-26987
RESERVED
CVE-2021-26986
@@ -2163,14 +2183,12 @@ CVE-2021-23217
RESERVED
CVE-2021-23201
RESERVED
-CVE-2021-3404
- RESERVED
+CVE-2021-3404 (In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote att ...)
- libytnef 1.9.3-3 (bug #982596)
[buster] - libytnef <no-dsa> (Minor issue)
[stretch] - libytnef <no-dsa> (Minor issue)
NOTE: https://github.com/Yeraze/ytnef/issues/86
-CVE-2021-3403
- RESERVED
+CVE-2021-3403 (In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows ...)
- libytnef 1.9.3-3 (bug #982594)
[buster] - libytnef <no-dsa> (Minor issue)
[stretch] - libytnef <no-dsa> (Minor issue)
@@ -2376,13 +2394,11 @@ CVE-2021-26910 (Firejail before 0.9.64.4 allows attackers to bypass intended acc
NOTE: Fix (disabled overlayfs): https://github.com/netblue30/firejail/commit/97d8a03cad19501f017587cc4e47d8418273834b
NOTE: https://unparalleled.eu/publications/2021/advisory-unpar-2021-0.txt
NOTE: https://unparalleled.eu/blog/2021/20210208-rigged-race-against-firejail-for-local-root/
-CVE-2021-24032 [zstd allows for race-opening files being compressed or uncompressed]
- RESERVED
+CVE-2021-24032 (Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for ...)
{DSA-4859-1 DLA-2573-1}
- libzstd 1.4.8+dfsg-2 (bug #982519)
NOTE: https://github.com/facebook/zstd/issues/2491
-CVE-2021-24031 [zstd adds read permissions to files while being compressed or uncompressed]
- RESERVED
+CVE-2021-24031 (In the Zstandard command-line utility prior to v1.4.1, output files we ...)
{DSA-4850-1 DLA-2573-1}
- libzstd 1.4.8+dfsg-1 (bug #981404)
NOTE: https://github.com/facebook/zstd/issues/1630
@@ -3722,8 +3738,8 @@ CVE-2021-3327
RESERVED
CVE-2021-26294
RESERVED
-CVE-2021-26293
- RESERVED
+CVE-2021-26293 (An issue was discovered in AfterLogic Aurora through 8.5.3 and WebMail ...)
+ TODO: check
CVE-2021-26292
RESERVED
CVE-2021-26291
@@ -5926,42 +5942,42 @@ CVE-2021-25350
RESERVED
CVE-2021-25349
RESERVED
-CVE-2021-25348
- RESERVED
-CVE-2021-25347
- RESERVED
-CVE-2021-25346
- RESERVED
-CVE-2021-25345
- RESERVED
-CVE-2021-25344
- RESERVED
-CVE-2021-25343
- RESERVED
-CVE-2021-25342
- RESERVED
-CVE-2021-25341
- RESERVED
-CVE-2021-25340
- RESERVED
-CVE-2021-25339
- RESERVED
-CVE-2021-25338
- RESERVED
-CVE-2021-25337
- RESERVED
-CVE-2021-25336
- RESERVED
-CVE-2021-25335
- RESERVED
-CVE-2021-25334
- RESERVED
-CVE-2021-25333
- RESERVED
-CVE-2021-25332
- RESERVED
-CVE-2021-25331
- RESERVED
+CVE-2021-25348 (Improper permission grant check in Samsung Internet prior to version 1 ...)
+ TODO: check
+CVE-2021-25347 (Hijacking vulnerability in Samsung Email application version prior to ...)
+ TODO: check
+CVE-2021-25346 (A possible arbitrary memory overwrite vulnerabilities in quram library ...)
+ TODO: check
+CVE-2021-25345 (Graphic format mismatch while converting video format in hwcomposer pr ...)
+ TODO: check
+CVE-2021-25344 (Missing permission check in knox_custom service prior to SMR Mar-2021 ...)
+ TODO: check
+CVE-2021-25343 (Calling of non-existent provider in Samsung Members prior to version 2 ...)
+ TODO: check
+CVE-2021-25342 (Calling of non-existent provider in SMP sdk prior to version 3.0.9 all ...)
+ TODO: check
+CVE-2021-25341 (Calling of non-existent provider in S Assistant prior to version 6.5.0 ...)
+ TODO: check
+CVE-2021-25340 (Improper access control vulnerability in Samsung keyboard version prio ...)
+ TODO: check
+CVE-2021-25339 (Improper address validation in HArx in Samsung mobile devices prior to ...)
+ TODO: check
+CVE-2021-25338 (Improper memory access control in RKP in Samsung mobile devices prior ...)
+ TODO: check
+CVE-2021-25337 (Improper access control in clipboard service in Samsung mobile devices ...)
+ TODO: check
+CVE-2021-25336 (Improper access control in NotificationManagerService in Samsung mobil ...)
+ TODO: check
+CVE-2021-25335 (Improper lockscreen status check in cocktailbar service in Samsung mob ...)
+ TODO: check
+CVE-2021-25334 (Improper input check in wallpaper service in Samsung mobile devices pr ...)
+ TODO: check
+CVE-2021-25333 (Improper access control in Samsung Pay mini application prior to v4.0. ...)
+ TODO: check
+CVE-2021-25332 (Improper access control in Samsung Pay mini application prior to v4.0. ...)
+ TODO: check
+CVE-2021-25331 (Improper access control in Samsung Pay mini application prior to v4.0. ...)
+ TODO: check
CVE-2021-25330 (Calling of non-existent provider in MobileWips application prior to SM ...)
NOT-FOR-US: MobileWips application
CVE-2021-3184 (MISP 2.4.136 has XSS via a crafted URL to the app/View/Elements/global ...)
@@ -12412,7 +12428,7 @@ CVE-2021-22298 (There is a logic vulnerability in Huawei Gauss100 OLTP Product.
NOT-FOR-US: Huawei
CVE-2021-22297
RESERVED
-CVE-2021-22296 (A component of the HarmonyOS 2.0 has a DoS vulnerability. Local attack ...)
+CVE-2021-22296 (A component of HarmonyOS 2.0 has a DoS vulnerability. Local attackers ...)
NOT-FOR-US: HarmonyOS
CVE-2021-22295
RESERVED

© 2014-2022 Faster IT GmbH | imprint | privacy policy