From a1381fc1ed1126fa66413e60db1e34695fd8786a Mon Sep 17 00:00:00 2001 From: security tracker role Date: Wed, 31 Mar 2021 08:10:28 +0000 Subject: automatic update --- data/CVE/2020.list | 12 ++++++++---- data/CVE/2021.list | 20 ++++++++++++++++++-- 2 files changed, 26 insertions(+), 6 deletions(-) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 45543ecd60..1030e75814 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1,3 +1,7 @@ +CVE-2020-36285 + RESERVED +CVE-2020-36284 + RESERVED CVE-2020-36283 (HID OMNIKEY 5427 and OMNIKEY 5127 readers are vulnerable to CSRF when ...) NOT-FOR-US: HID OMNIKEY 5427 and OMNIKEY 5127 readers CVE-2020-36282 (JMS Client for RabbitMQ 1.x before 1.15.2 and 2.x before 2.2.0 is vuln ...) @@ -13905,8 +13909,8 @@ CVE-2020-24997 CVE-2020-24996 (There is an invalid memory access in the function TextString::~TextStr ...) - xpdf (xpdf in Debian uses poppler, which is fixed) NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=42028 -CVE-2020-24995 - RESERVED +CVE-2020-24995 (Buffer overflow vulnerability in sniff_channel_order function in aacde ...) + TODO: check CVE-2020-24994 (Stack overflow in the parse_tag function in libass/ass_parse.c in liba ...) - libass 1:0.15.0-1 [buster] - libass (Minor issue) @@ -15239,8 +15243,8 @@ CVE-2020-24392 (In voloko twitter-stream 0.1.10, missing TLS hostname validation [buster] - ruby-twitter-stream (Minor issue) [stretch] - ruby-twitter-stream (Minor issue) NOTE: https://securitylab.github.com/advisories/GHSL-2020-097-voloko-twitter-stream -CVE-2020-24391 - RESERVED +CVE-2020-24391 (mongo-express before 1.0.0 offers support for certain advanced syntax ...) + TODO: check CVE-2020-24390 (eonweb in EyesOfNetwork before 5.3-7 does not properly escape the user ...) NOT-FOR-US: EyesOfNetwork (EON) CVE-2020-24389 diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 5bea967a0e..6f4a58a3a4 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -1,3 +1,19 @@ +CVE-2021-29653 + RESERVED +CVE-2021-29652 + RESERVED +CVE-2021-29651 + RESERVED +CVE-2021-29650 (An issue was discovered in the Linux kernel before 5.11.11. The netfil ...) + TODO: check +CVE-2021-29649 (An issue was discovered in the Linux kernel before 5.11.11. The user m ...) + TODO: check +CVE-2021-29648 (An issue was discovered in the Linux kernel before 5.11.11. The BPF su ...) + TODO: check +CVE-2021-29647 (An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvm ...) + TODO: check +CVE-2021-29646 (An issue was discovered in the Linux kernel before 5.11.11. tipc_nl_re ...) + TODO: check CVE-2021-3480 RESERVED CVE-2021-3479 [Out-of-memory caused by allocation of a very large buffer] @@ -18136,8 +18152,8 @@ CVE-2021-21415 RESERVED CVE-2021-21414 RESERVED -CVE-2021-21413 - RESERVED +CVE-2021-21413 (isolated-vm is a library for nodejs which gives you access to v8's Iso ...) + TODO: check CVE-2021-21412 (Potential for arbitrary code execution in npm package @thi.ng/egf `#gp ...) TODO: check CVE-2021-21411 (OAuth2-Proxy is an open source reverse proxy that provides authenticat ...) -- cgit v1.2.3