From 88748b0694348ef55d75a58dab7108248e3f9487 Mon Sep 17 00:00:00 2001 From: security tracker role Date: Thu, 1 Apr 2021 08:10:20 +0000 Subject: automatic update --- data/CVE/2020.list | 52 ++++- data/CVE/2021.list | 597 +++++++++++++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 624 insertions(+), 25 deletions(-) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 6b8fe0e964..555adc8df9 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1,3 +1,43 @@ +CVE-2020-36305 + RESERVED +CVE-2020-36304 + RESERVED +CVE-2020-36303 + RESERVED +CVE-2020-36302 + RESERVED +CVE-2020-36301 + RESERVED +CVE-2020-36300 + RESERVED +CVE-2020-36299 + RESERVED +CVE-2020-36298 + RESERVED +CVE-2020-36297 + RESERVED +CVE-2020-36296 + RESERVED +CVE-2020-36295 + RESERVED +CVE-2020-36294 + RESERVED +CVE-2020-36293 + RESERVED +CVE-2020-36292 + RESERVED +CVE-2020-36291 + RESERVED +CVE-2020-36290 + RESERVED +CVE-2020-36289 + RESERVED +CVE-2020-36288 + RESERVED +CVE-2020-36287 + RESERVED +CVE-2020-36286 (The membersOf of JQL search function in Jira Server and Data Center be ...) + TODO: check CVE-2020-36285 RESERVED CVE-2020-36284 @@ -127,8 +167,8 @@ CVE-2020-36240 (The ResourceDownloadRewriteRule class in Crowd before version 4. NOT-FOR-US: Atlassian CVE-2020-36239 RESERVED -CVE-2020-36238 - RESERVED +CVE-2020-36238 (The /rest/api/1.0/render resource in Jira Server and Data Center befor ...) + TODO: check CVE-2020-36237 (Affected versions of Atlassian Jira Server and Data Center allow unaut ...) NOT-FOR-US: Atlassian CVE-2020-36236 (Affected versions of Atlassian Jira Server and Data Center allow remot ...) @@ -2398,8 +2438,8 @@ CVE-2020-35310 REJECTED CVE-2020-35309 (Bakeshop Online Ordering System in PHP/MySQLi 1.0 is affected by cross ...) NOT-FOR-US: Bakeshop Online Ordering System in PHP/MySQLi -CVE-2020-35308 - RESERVED +CVE-2020-35308 (CONQUEST DICOM SERVER before 1.5.0 has a code execution vulnerability ...) + TODO: check CVE-2020-35307 RESERVED CVE-2020-35306 @@ -14910,8 +14950,8 @@ CVE-2020-24552 (Atop Technology industrial 3G/4G gateway contains Command Inject NOT-FOR-US: Atop Technology industrial 3G/4G gateway CVE-2020-24551 (IProom MMC+ Server login page does not validate specific parameters pr ...) NOT-FOR-US: IProom MMC+ Server -CVE-2020-24550 - RESERVED +CVE-2020-24550 (An Open Redirect vulnerability in EpiServer Find before 13.2.7 allows ...) + TODO: check CVE-2020-24549 (openMAINT before 1.1-2.4.2 allows remote authenticated users to run ar ...) NOT-FOR-US: openMAINT CVE-2020-24548 (Ericom Access Server 9.2.0 (for AccessNow and Ericom Blaze) allows SSR ...) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 73ab684cef..86d5afa972 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -1,3 +1,561 @@ +CVE-2021-29942 (An issue was discovered in the reorder crate through 2021-02-24 for Ru ...) + TODO: check +CVE-2021-29941 (An issue was discovered in the reorder crate through 2021-02-24 for Ru ...) + TODO: check +CVE-2021-29940 (An issue was discovered in the through crate through 2021-02-18 for Ru ...) + TODO: check +CVE-2021-29939 (An issue was discovered in the stackvector crate through 2021-02-19 fo ...) + TODO: check +CVE-2021-29938 (An issue was discovered in the slice-deque crate through 2021-02-19 fo ...) + TODO: check +CVE-2021-29937 (An issue was discovered in the telemetry crate through 2021-02-17 for ...) + TODO: check +CVE-2021-29936 (An issue was discovered in the adtensor crate through 2021-01-11 for R ...) + TODO: check +CVE-2021-29935 (An issue was discovered in the rocket crate before 0.4.7 for Rust. uri ...) + TODO: check +CVE-2021-29934 (An issue was discovered in PartialReader in the uu_od crate before 0.0 ...) + TODO: check +CVE-2021-29933 (An issue was discovered in the insert_many crate through 2021-01-26 fo ...) + TODO: check +CVE-2021-29932 (An issue was discovered in the parse_duration crate through 2021-03-18 ...) + TODO: check +CVE-2021-29931 (An issue was discovered in the arenavec crate through 2021-01-12 for R ...) + TODO: check +CVE-2021-29930 (An issue was discovered in the arenavec crate through 2021-01-12 for R ...) + TODO: check +CVE-2021-29929 (An issue was discovered in the endian_trait crate through 2021-01-04 f ...) + TODO: check +CVE-2021-29928 + RESERVED +CVE-2021-29927 + RESERVED +CVE-2021-29926 + RESERVED +CVE-2021-29925 + RESERVED +CVE-2021-29924 + RESERVED +CVE-2021-29923 + RESERVED +CVE-2021-29922 + RESERVED +CVE-2021-29921 + RESERVED +CVE-2021-29920 + RESERVED +CVE-2021-29919 + RESERVED +CVE-2021-29918 + RESERVED +CVE-2021-29917 + RESERVED +CVE-2021-29916 + RESERVED +CVE-2021-29915 + RESERVED +CVE-2021-29914 + RESERVED +CVE-2021-29913 + RESERVED +CVE-2021-29912 + RESERVED +CVE-2021-29911 + RESERVED +CVE-2021-29910 + RESERVED +CVE-2021-29909 + RESERVED +CVE-2021-29908 + RESERVED +CVE-2021-29907 + RESERVED +CVE-2021-29906 + RESERVED +CVE-2021-29905 + RESERVED +CVE-2021-29904 + RESERVED +CVE-2021-29903 + RESERVED +CVE-2021-29902 + RESERVED +CVE-2021-29901 + RESERVED +CVE-2021-29900 + RESERVED +CVE-2021-29899 + RESERVED +CVE-2021-29898 + RESERVED +CVE-2021-29897 + RESERVED +CVE-2021-29896 + RESERVED +CVE-2021-29895 + RESERVED +CVE-2021-29894 + RESERVED +CVE-2021-29893 + RESERVED +CVE-2021-29892 + RESERVED +CVE-2021-29891 + RESERVED +CVE-2021-29890 + RESERVED +CVE-2021-29889 + RESERVED +CVE-2021-29888 + RESERVED +CVE-2021-29887 + RESERVED +CVE-2021-29886 + RESERVED +CVE-2021-29885 + RESERVED +CVE-2021-29884 + RESERVED +CVE-2021-29883 + RESERVED +CVE-2021-29882 + RESERVED +CVE-2021-29881 + RESERVED +CVE-2021-29880 + RESERVED +CVE-2021-29879 + RESERVED +CVE-2021-29878 + RESERVED +CVE-2021-29877 + RESERVED +CVE-2021-29876 + RESERVED +CVE-2021-29875 + RESERVED +CVE-2021-29874 + RESERVED +CVE-2021-29873 + RESERVED +CVE-2021-29872 + RESERVED +CVE-2021-29871 + RESERVED +CVE-2021-29870 + RESERVED +CVE-2021-29869 + RESERVED +CVE-2021-29868 + RESERVED +CVE-2021-29867 + RESERVED +CVE-2021-29866 + RESERVED +CVE-2021-29865 + RESERVED +CVE-2021-29864 + RESERVED +CVE-2021-29863 + RESERVED +CVE-2021-29862 + RESERVED +CVE-2021-29861 + RESERVED +CVE-2021-29860 + RESERVED +CVE-2021-29859 + RESERVED +CVE-2021-29858 + RESERVED +CVE-2021-29857 + RESERVED +CVE-2021-29856 + RESERVED +CVE-2021-29855 + RESERVED +CVE-2021-29854 + RESERVED +CVE-2021-29853 + RESERVED +CVE-2021-29852 + RESERVED +CVE-2021-29851 + RESERVED +CVE-2021-29850 + RESERVED +CVE-2021-29849 + RESERVED +CVE-2021-29848 + RESERVED +CVE-2021-29847 + RESERVED +CVE-2021-29846 + RESERVED +CVE-2021-29845 + RESERVED +CVE-2021-29844 + RESERVED +CVE-2021-29843 + RESERVED +CVE-2021-29842 + RESERVED +CVE-2021-29841 + RESERVED +CVE-2021-29840 + RESERVED +CVE-2021-29839 + RESERVED +CVE-2021-29838 + RESERVED +CVE-2021-29837 + RESERVED +CVE-2021-29836 + RESERVED +CVE-2021-29835 + RESERVED +CVE-2021-29834 + RESERVED +CVE-2021-29833 + RESERVED +CVE-2021-29832 + RESERVED +CVE-2021-29831 + RESERVED +CVE-2021-29830 + RESERVED +CVE-2021-29829 + RESERVED +CVE-2021-29828 + RESERVED +CVE-2021-29827 + RESERVED +CVE-2021-29826 + RESERVED +CVE-2021-29825 + RESERVED +CVE-2021-29824 + RESERVED +CVE-2021-29823 + RESERVED +CVE-2021-29822 + RESERVED +CVE-2021-29821 + RESERVED +CVE-2021-29820 + RESERVED +CVE-2021-29819 + RESERVED +CVE-2021-29818 + RESERVED +CVE-2021-29817 + RESERVED +CVE-2021-29816 + RESERVED +CVE-2021-29815 + RESERVED +CVE-2021-29814 + RESERVED +CVE-2021-29813 + RESERVED +CVE-2021-29812 + RESERVED +CVE-2021-29811 + RESERVED +CVE-2021-29810 + RESERVED +CVE-2021-29809 + RESERVED +CVE-2021-29808 + RESERVED +CVE-2021-29807 + RESERVED +CVE-2021-29806 + RESERVED +CVE-2021-29805 + RESERVED +CVE-2021-29804 + RESERVED +CVE-2021-29803 + RESERVED +CVE-2021-29802 + RESERVED +CVE-2021-29801 + RESERVED +CVE-2021-29800 + RESERVED +CVE-2021-29799 + RESERVED +CVE-2021-29798 + RESERVED +CVE-2021-29797 + RESERVED +CVE-2021-29796 + RESERVED +CVE-2021-29795 + RESERVED +CVE-2021-29794 + RESERVED +CVE-2021-29793 + RESERVED +CVE-2021-29792 + RESERVED +CVE-2021-29791 + RESERVED +CVE-2021-29790 + RESERVED +CVE-2021-29789 + RESERVED +CVE-2021-29788 + RESERVED +CVE-2021-29787 + RESERVED +CVE-2021-29786 + RESERVED +CVE-2021-29785 + RESERVED +CVE-2021-29784 + RESERVED +CVE-2021-29783 + RESERVED +CVE-2021-29782 + RESERVED +CVE-2021-29781 + RESERVED +CVE-2021-29780 + RESERVED +CVE-2021-29779 + RESERVED +CVE-2021-29778 + RESERVED +CVE-2021-29777 + RESERVED +CVE-2021-29776 + RESERVED +CVE-2021-29775 + RESERVED +CVE-2021-29774 + RESERVED +CVE-2021-29773 + RESERVED +CVE-2021-29772 + RESERVED +CVE-2021-29771 + RESERVED +CVE-2021-29770 + RESERVED +CVE-2021-29769 + RESERVED +CVE-2021-29768 + RESERVED +CVE-2021-29767 + RESERVED +CVE-2021-29766 + RESERVED +CVE-2021-29765 + RESERVED +CVE-2021-29764 + RESERVED +CVE-2021-29763 + RESERVED +CVE-2021-29762 + RESERVED +CVE-2021-29761 + RESERVED +CVE-2021-29760 + RESERVED +CVE-2021-29759 + RESERVED +CVE-2021-29758 + RESERVED +CVE-2021-29757 + RESERVED +CVE-2021-29756 + RESERVED +CVE-2021-29755 + RESERVED +CVE-2021-29754 + RESERVED +CVE-2021-29753 + RESERVED +CVE-2021-29752 + RESERVED +CVE-2021-29751 + RESERVED +CVE-2021-29750 + RESERVED +CVE-2021-29749 + RESERVED +CVE-2021-29748 + RESERVED +CVE-2021-29747 + RESERVED +CVE-2021-29746 + RESERVED +CVE-2021-29745 + RESERVED +CVE-2021-29744 + RESERVED +CVE-2021-29743 + RESERVED +CVE-2021-29742 + RESERVED +CVE-2021-29741 + RESERVED +CVE-2021-29740 + RESERVED +CVE-2021-29739 + RESERVED +CVE-2021-29738 + RESERVED +CVE-2021-29737 + RESERVED +CVE-2021-29736 + RESERVED +CVE-2021-29735 + RESERVED +CVE-2021-29734 + RESERVED +CVE-2021-29733 + RESERVED +CVE-2021-29732 + RESERVED +CVE-2021-29731 + RESERVED +CVE-2021-29730 + RESERVED +CVE-2021-29729 + RESERVED +CVE-2021-29728 + RESERVED +CVE-2021-29727 + RESERVED +CVE-2021-29726 + RESERVED +CVE-2021-29725 + RESERVED +CVE-2021-29724 + RESERVED +CVE-2021-29723 + RESERVED +CVE-2021-29722 + RESERVED +CVE-2021-29721 + RESERVED +CVE-2021-29720 + RESERVED +CVE-2021-29719 + RESERVED +CVE-2021-29718 + RESERVED +CVE-2021-29717 + RESERVED +CVE-2021-29716 + RESERVED +CVE-2021-29715 + RESERVED +CVE-2021-29714 + RESERVED +CVE-2021-29713 + RESERVED +CVE-2021-29712 + RESERVED +CVE-2021-29711 + RESERVED +CVE-2021-29710 + RESERVED +CVE-2021-29709 + RESERVED +CVE-2021-29708 + RESERVED +CVE-2021-29707 + RESERVED +CVE-2021-29706 + RESERVED +CVE-2021-29705 + RESERVED +CVE-2021-29704 + RESERVED +CVE-2021-29703 + RESERVED +CVE-2021-29702 + RESERVED +CVE-2021-29701 + RESERVED +CVE-2021-29700 + RESERVED +CVE-2021-29699 + RESERVED +CVE-2021-29698 + RESERVED +CVE-2021-29697 + RESERVED +CVE-2021-29696 + RESERVED +CVE-2021-29695 + RESERVED +CVE-2021-29694 + RESERVED +CVE-2021-29693 + RESERVED +CVE-2021-29692 + RESERVED +CVE-2021-29691 + RESERVED +CVE-2021-29690 + RESERVED +CVE-2021-29689 + RESERVED +CVE-2021-29688 + RESERVED +CVE-2021-29687 + RESERVED +CVE-2021-29686 + RESERVED +CVE-2021-29685 + RESERVED +CVE-2021-29684 + RESERVED +CVE-2021-29683 + RESERVED +CVE-2021-29682 + RESERVED +CVE-2021-29681 + RESERVED +CVE-2021-29680 + RESERVED +CVE-2021-29679 + RESERVED +CVE-2021-29678 + RESERVED +CVE-2021-29677 + RESERVED +CVE-2021-29676 + RESERVED +CVE-2021-29675 + RESERVED +CVE-2021-29674 + RESERVED +CVE-2021-29673 + RESERVED +CVE-2021-29672 + RESERVED +CVE-2021-29671 + RESERVED +CVE-2021-29670 + RESERVED +CVE-2021-29669 + RESERVED +CVE-2021-29668 + RESERVED +CVE-2021-29667 + RESERVED +CVE-2021-29666 + RESERVED +CVE-2021-29665 + RESERVED +CVE-2021-29664 + RESERVED CVE-2021-29663 (CourseMS (aka Course Registration Management System) 2.1 is affected b ...) NOT-FOR-US: CourseMS (aka Course Registration Management System) CVE-2021-29661 @@ -684,8 +1242,8 @@ CVE-2021-29351 RESERVED CVE-2021-29350 RESERVED -CVE-2021-29349 - RESERVED +CVE-2021-29349 (Mahara 20.10 is affected by Cross Site Request Forgery (CSRF) that all ...) + TODO: check CVE-2021-29348 RESERVED CVE-2021-29347 @@ -908,8 +1466,8 @@ CVE-2021-29253 RESERVED CVE-2021-29252 RESERVED -CVE-2021-29251 - RESERVED +CVE-2021-29251 (BTCPay Server before 1.0.7.1 mishandles the policy setting in which us ...) + TODO: check CVE-2021-29250 RESERVED CVE-2021-29249 (BTCPay Server before 1.0.6.0, when the payment button is used, has a p ...) @@ -1269,8 +1827,8 @@ CVE-2021-29085 RESERVED CVE-2021-29084 RESERVED -CVE-2021-29083 - RESERVED +CVE-2021-29083 (Improper neutralization of special elements used in an OS command in S ...) + TODO: check CVE-2021-3460 RESERVED CVE-2021-3459 @@ -1453,8 +2011,8 @@ CVE-2021-28996 RESERVED CVE-2021-28995 RESERVED -CVE-2021-28994 - RESERVED +CVE-2021-28994 (kopano-ical (formerly zarafa-ical) in Kopano Groupware Core through 8. ...) + TODO: check CVE-2021-28993 RESERVED CVE-2021-28992 @@ -5089,7 +5647,7 @@ CVE-2021-27360 RESERVED CVE-2021-27359 RESERVED -CVE-2021-27358 (The snapshot feature in Grafana before 7.4.1 can allow an unauthentica ...) +CVE-2021-27358 (The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unaut ...) - grafana CVE-2021-27357 RESERVED @@ -5112,8 +5670,8 @@ CVE-2021-27351 (The Terminate Session feature in the Telegram application throug NOTE: not affected) CVE-2021-27350 RESERVED -CVE-2021-27349 - RESERVED +CVE-2021-27349 (Advanced Order Export before 3.1.8 for WooCommerce allows XSS, a diffe ...) + TODO: check CVE-2021-27348 RESERVED CVE-2021-27347 @@ -5383,8 +5941,8 @@ CVE-2021-27222 (In the "Time in Status" app before 4.13.0 for Jira, remote authe NOT-FOR-US: "Time in Status" app CVE-2021-27221 (** DISPUTED ** MikroTik RouterOS 6.47.9 allows remote authenticated ft ...) NOT-FOR-US: MikroTik RouterOS -CVE-2021-27220 - RESERVED +CVE-2021-27220 (An issue was discovered in PRTG Network Monitor before 21.1.66.1623. B ...) + TODO: check CVE-2021-27217 (An issue was discovered in the _send_secure_msg() function of Yubico y ...) NOT-FOR-US: YubiHSM 2 SDK CVE-2021-27216 @@ -5975,8 +6533,8 @@ CVE-2021-26951 (An issue was discovered in the calamine crate before 0.17.0 for NOT-FOR-US: Rust crate calamine CVE-2021-26944 RESERVED -CVE-2021-26943 - RESERVED +CVE-2021-26943 (The UX360CA BIOS through 303 on ASUS laptops allow an attacker (with t ...) + TODO: check CVE-2021-26942 RESERVED CVE-2021-26941 @@ -8123,8 +8681,8 @@ CVE-2021-26073 RESERVED CVE-2021-26072 RESERVED -CVE-2021-26071 - RESERVED +CVE-2021-26071 (The SetFeatureEnabled.jspa resource in Jira Server and Data Center bef ...) + TODO: check CVE-2021-26070 (Affected versions of Atlassian Jira Server and Data Center allow remot ...) NOT-FOR-US: Atlassian CVE-2021-26069 (Affected versions of Atlassian Jira Server and Data Center allow unaut ...) @@ -14182,6 +14740,7 @@ CVE-2021-23360 (This affects the package killport before 1.0.2. If (attacker-con CVE-2021-23359 (This affects all versions of package port-killer. If (attacker-control ...) NOT-FOR-US: Node port-killer CVE-2021-23358 (The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 a ...) + {DLA-2613-1} - underscore 1.9.1~dfsg-2 (bug #986171) NOTE: https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984 CVE-2021-23357 (All versions of package github.com/tyktechnologies/tyk/gateway are vul ...) @@ -15872,8 +16431,8 @@ CVE-2021-22540 RESERVED CVE-2021-22539 RESERVED -CVE-2021-22538 - RESERVED +CVE-2021-22538 (A privilege escalation vulnerability impacting the Google Exposure Not ...) + TODO: check CVE-2021-22537 RESERVED CVE-2021-22536 -- cgit v1.2.3