automatic update

author: security tracker role <sectracker@soriano.debian.org> 2021-01-20 20:10:29 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2021-01-20 20:10:29 +0000
commit: e75b495fcf6c0e1b343c22a1057a62a1603ec370 (patch)
tree: 037170e8136fa56f570f9301269ab56710e6855c
parent: 59ca08c39ddff5f40680b85f6d29f5f5a3acf4dd (diff)
1 files changed, 264 insertions, 319 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 96211f2cd0..2c26a42da3 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,9 @@
+CVE-2021-25642
+	RESERVED
+CVE-2021-25641
+	RESERVED
+CVE-2021-25640
+	RESERVED
 CVE-2021-25639
 	RESERVED
 CVE-2021-25638
@@ -765,6 +771,8 @@ CVE-2021-25288
 CVE-2021-25287
 	RESERVED
 CVE-2021-3185 [gstreamer: stack buffer overflow in gst_h264_slice_parse_dec_ref_pic_marking]
+	RESERVED
+	{DSA-4833-1 DLA-2528-1}
 	- gst-plugins-bad1.0 1.18.1-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1917192
 	NOTE: https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/commit/11353b3f6e2f047cc37483d21e6a37ae558896bc
@@ -780,7 +788,7 @@ CVE-2021-25282
 	RESERVED
 CVE-2021-25281
 	RESERVED
-CVE-2021-21263 [Unexpected bindings in QueryBuilder]
+CVE-2021-21263 (Laravel is a web application framework. Versions of Laravel before 6.2 ...)
 	- php-laravel-framework 6.20.11+dfsg-1 (bug #980095)
 	NOTE: https://blog.laravel.com/security-laravel-62011-7302-8221-released
 	NOTE: https://github.com/laravel/framework/security/advisories/GHSA-3p32-j457-pg5x
@@ -3603,8 +3611,8 @@ CVE-2021-3132
 	RESERVED
 CVE-2021-3131 (The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 enco ...)
 	NOT-FOR-US: 1C:Enterprise
-CVE-2021-3130
-	RESERVED
+CVE-2021-3130 (Within the Open-AudIT up to version 3.5.3 application, the web interfa ...)
+	TODO: check
 CVE-2021-3129 (Ignition before 2.5.2, as used in Laravel and other products, allows u ...)
 	NOT-FOR-US: Ignition
 CVE-2021-3128
@@ -4829,8 +4837,8 @@ CVE-2021-23328
 	RESERVED
 CVE-2021-23327
 	RESERVED
-CVE-2021-23326
-	RESERVED
+CVE-2021-23326 (This affects the package @graphql-tools/git-loader before 6.2.6. The u ...)
+	TODO: check
 CVE-2021-23325
 	RESERVED
 CVE-2021-23324
@@ -5003,8 +5011,8 @@ CVE-2021-3112
 	RESERVED
 CVE-2021-3111 (The Express Entries Dashboard in Concrete5 8.5.4 allows stored XSS via ...)
 	NOT-FOR-US: Concrete5
-CVE-2021-3110
-	RESERVED
+CVE-2021-3110 (The store system in PrestaShop 1.7.7.0 allows time-based boolean SQL i ...)
+	TODO: check
 CVE-2021-3109
 	RESERVED
 CVE-2021-23242 (MERCUSYS Mercury X18G 1.0.5 devices allow Directory Traversal via ../  ...)
@@ -10316,8 +10324,8 @@ CVE-2021-21271
 	RESERVED
 CVE-2021-21270
 	RESERVED
-CVE-2021-21269
-	RESERVED
+CVE-2021-21269 (Keymaker is a Mastodon Community Finder based Matrix Community serverl ...)
+	TODO: check
 CVE-2021-21268
 	RESERVED
 CVE-2021-21267
@@ -13794,10 +13802,10 @@ CVE-2020-35274 (DotCMS Add Template with admin panel 20.11 is affected by cross-
 	NOT-FOR-US: DotCMS
 CVE-2020-35273 (EgavilanMedia User Registration &amp; Login System with Admin Panel 1. ...)
 	NOT-FOR-US: EgavilanMedia User Registration & Login System with Admin Panel
-CVE-2020-35272
-	RESERVED
-CVE-2020-35271
-	RESERVED
+CVE-2020-35272 (Employee Performance Evaluation System in PHP/MySQLi with Source Code  ...)
+	TODO: check
+CVE-2020-35271 (Employee Performance Evaluation System in PHP/MySQLi with Source Code  ...)
+	TODO: check
 CVE-2020-35270
 	RESERVED
 CVE-2020-35269 (Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross ...)
@@ -13906,8 +13914,8 @@ CVE-2020-35219 (The ASUS DSL-N17U modem with firmware 1.1.0.2 allows attackers t
 	NOT-FOR-US: ASUS
 CVE-2020-35218
 	RESERVED
-CVE-2020-35217
-	RESERVED
+CVE-2020-35217 (Vert.x-Web framework v4.0 milestone 1-4 does not perform a correct CSR ...)
+	TODO: check
 CVE-2020-35216
 	RESERVED
 CVE-2020-35215
@@ -14888,346 +14896,291 @@ CVE-2021-2133
 	RESERVED
 CVE-2021-2132
 	RESERVED
-CVE-2021-2131
-	RESERVED
+CVE-2021-2131 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.18-dfsg-1
-CVE-2021-2130
-	RESERVED
+CVE-2021-2130 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.18-dfsg-1
-CVE-2021-2129
-	RESERVED
+CVE-2021-2129 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.18-dfsg-1
-CVE-2021-2128
-	RESERVED
+CVE-2021-2128 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.18-dfsg-1
-CVE-2021-2127
-	RESERVED
+CVE-2021-2127 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.18-dfsg-1
-CVE-2021-2126
-	RESERVED
+CVE-2021-2126 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.18-dfsg-1
-CVE-2021-2125
-	RESERVED
+CVE-2021-2125 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.18-dfsg-1
-CVE-2021-2124
-	RESERVED
+CVE-2021-2124 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.18-dfsg-1
-CVE-2021-2123
-	RESERVED
+CVE-2021-2123 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.18-dfsg-1
-CVE-2021-2122
-	RESERVED
+CVE-2021-2122 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
-CVE-2021-2121
-	RESERVED
+CVE-2021-2121 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.18-dfsg-1
-CVE-2021-2120
-	RESERVED
+CVE-2021-2120 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.18-dfsg-1
-CVE-2021-2119
-	RESERVED
+CVE-2021-2119 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.18-dfsg-1
-CVE-2021-2118
-	RESERVED
-CVE-2021-2117
-	RESERVED
-CVE-2021-2116
-	RESERVED
-CVE-2021-2115
-	RESERVED
-CVE-2021-2114
-	RESERVED
-CVE-2021-2113
-	RESERVED
-CVE-2021-2112
-	RESERVED
+CVE-2021-2118 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
+	TODO: check
+CVE-2021-2117 (Vulnerability in the Oracle Application Express Survey Builder compone ...)
+	TODO: check
+CVE-2021-2116 (Vulnerability in the Oracle Application Express Opportunity Tracker co ...)
+	TODO: check
+CVE-2021-2115 (Vulnerability in the Oracle Common Applications Calendar product of Or ...)
+	TODO: check
+CVE-2021-2114 (Vulnerability in the Oracle Common Applications Calendar product of Or ...)
+	TODO: check
+CVE-2021-2113 (Vulnerability in the Oracle Financial Services Revenue Management and  ...)
+	TODO: check
+CVE-2021-2112 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.18-dfsg-1
-CVE-2021-2111
-	RESERVED
+CVE-2021-2111 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.18-dfsg-1
-CVE-2021-2110
-	RESERVED
-CVE-2021-2109
-	RESERVED
-CVE-2021-2108
-	RESERVED
-CVE-2021-2107
-	RESERVED
-CVE-2021-2106
-	RESERVED
-CVE-2021-2105
-	RESERVED
-CVE-2021-2104
-	RESERVED
-CVE-2021-2103
-	RESERVED
-CVE-2021-2102
-	RESERVED
-CVE-2021-2101
-	RESERVED
-CVE-2021-2100
-	RESERVED
-CVE-2021-2099
-	RESERVED
-CVE-2021-2098
-	RESERVED
-CVE-2021-2097
-	RESERVED
-CVE-2021-2096
-	RESERVED
+CVE-2021-2110 (Vulnerability in the Oracle Argus Safety product of Oracle Health Scie ...)
+	TODO: check
+CVE-2021-2109 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2021-2108 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2021-2107 (Vulnerability in the Oracle Customer Interaction History product of Or ...)
+	TODO: check
+CVE-2021-2106 (Vulnerability in the Oracle Customer Interaction History product of Or ...)
+	TODO: check
+CVE-2021-2105 (Vulnerability in the Oracle Customer Interaction History product of Or ...)
+	TODO: check
+CVE-2021-2104 (Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul  ...)
+	TODO: check
+CVE-2021-2103 (Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul  ...)
+	TODO: check
+CVE-2021-2102 (Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul  ...)
+	TODO: check
+CVE-2021-2101 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
+	TODO: check
+CVE-2021-2100 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
+	TODO: check
+CVE-2021-2099 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+	TODO: check
+CVE-2021-2098 (Vulnerability in the Oracle Email Center product of Oracle E-Business  ...)
+	TODO: check
+CVE-2021-2097 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
+	TODO: check
+CVE-2021-2096 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite  ...)
+	TODO: check
 CVE-2021-2095
 	RESERVED
-CVE-2021-2094
-	RESERVED
-CVE-2021-2093
-	RESERVED
-CVE-2021-2092
-	RESERVED
-CVE-2021-2091
-	RESERVED
-CVE-2021-2090
-	RESERVED
-CVE-2021-2089
-	RESERVED
-CVE-2021-2088
-	RESERVED
+CVE-2021-2094 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
+	TODO: check
+CVE-2021-2093 (Vulnerability in the Oracle Common Applications product of Oracle E-Bu ...)
+	TODO: check
+CVE-2021-2092 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+	TODO: check
+CVE-2021-2091 (Vulnerability in the Oracle Scripting product of Oracle E-Business Sui ...)
+	TODO: check
+CVE-2021-2090 (Vulnerability in the Oracle Email Center product of Oracle E-Business  ...)
+	TODO: check
+CVE-2021-2089 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite  ...)
+	TODO: check
+CVE-2021-2088 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
-CVE-2021-2087
-	RESERVED
+CVE-2021-2087 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
-CVE-2021-2086
-	RESERVED
+CVE-2021-2086 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.18-dfsg-1
-CVE-2021-2085
-	RESERVED
-CVE-2021-2084
-	RESERVED
-CVE-2021-2083
-	RESERVED
-CVE-2021-2082
-	RESERVED
-CVE-2021-2081
-	RESERVED
+CVE-2021-2085 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+	TODO: check
+CVE-2021-2084 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+	TODO: check
+CVE-2021-2083 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
+	TODO: check
+CVE-2021-2082 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite  ...)
+	TODO: check
+CVE-2021-2081 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
-CVE-2021-2080
-	RESERVED
-CVE-2021-2079
-	RESERVED
-CVE-2021-2078
-	RESERVED
-CVE-2021-2077
-	RESERVED
-CVE-2021-2076
-	RESERVED
+CVE-2021-2080 (Vulnerability in the Oracle Configurator product of Oracle Supply Chai ...)
+	TODO: check
+CVE-2021-2079 (Vulnerability in the Oracle Configurator product of Oracle Supply Chai ...)
+	TODO: check
+CVE-2021-2078 (Vulnerability in the Oracle Configurator product of Oracle Supply Chai ...)
+	TODO: check
+CVE-2021-2077 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite  ...)
+	TODO: check
+CVE-2021-2076 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
-CVE-2021-2075
-	RESERVED
-CVE-2021-2074
-	RESERVED
+CVE-2021-2075 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2021-2074 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.18-dfsg-1
-CVE-2021-2073
-	RESERVED
+CVE-2021-2073 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.18-dfsg-1
-CVE-2021-2072
-	RESERVED
+CVE-2021-2072 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
-CVE-2021-2071
-	RESERVED
-CVE-2021-2070
-	RESERVED
+CVE-2021-2071 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+	TODO: check
+CVE-2021-2070 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
-CVE-2021-2069
-	RESERVED
-CVE-2021-2068
-	RESERVED
-CVE-2021-2067
-	RESERVED
-CVE-2021-2066
-	RESERVED
-CVE-2021-2065
-	RESERVED
+CVE-2021-2069 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+	TODO: check
+CVE-2021-2068 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+	TODO: check
+CVE-2021-2067 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+	TODO: check
+CVE-2021-2066 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+	TODO: check
+CVE-2021-2065 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
-CVE-2021-2064
-	RESERVED
-CVE-2021-2063
-	RESERVED
-CVE-2021-2062
-	RESERVED
-CVE-2021-2061
-	RESERVED
+CVE-2021-2064 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2021-2063 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+	TODO: check
+CVE-2021-2062 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
+	TODO: check
+CVE-2021-2061 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
-CVE-2021-2060
-	RESERVED
+CVE-2021-2060 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
 	- mysql-5.7 <unfixed>
-CVE-2021-2059
-	RESERVED
-CVE-2021-2058
-	RESERVED
+CVE-2021-2059 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite  ...)
+	TODO: check
+CVE-2021-2058 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
-CVE-2021-2057
-	RESERVED
-CVE-2021-2056
-	RESERVED
+CVE-2021-2057 (Vulnerability in the Oracle Retail Customer Management and Segmentatio ...)
+	TODO: check
+CVE-2021-2056 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
-CVE-2021-2055
-	RESERVED
+CVE-2021-2055 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 8.0.22-1
-CVE-2021-2054
-	RESERVED
+CVE-2021-2054 (Vulnerability in the RDBMS Sharding component of Oracle Database Serve ...)
+	TODO: check
 CVE-2021-2053
 	RESERVED
-CVE-2021-2052
-	RESERVED
-CVE-2021-2051
-	RESERVED
-CVE-2021-2050
-	RESERVED
-CVE-2021-2049
-	RESERVED
-CVE-2021-2048
-	RESERVED
+CVE-2021-2052 (Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of  ...)
+	TODO: check
+CVE-2021-2051 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
+	TODO: check
+CVE-2021-2050 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
+	TODO: check
+CVE-2021-2049 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
+	TODO: check
+CVE-2021-2048 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
-CVE-2021-2047
-	RESERVED
-CVE-2021-2046
-	RESERVED
+CVE-2021-2047 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2021-2046 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
-CVE-2021-2045
-	RESERVED
-CVE-2021-2044
-	RESERVED
-CVE-2021-2043
-	RESERVED
-CVE-2021-2042
-	RESERVED
+CVE-2021-2045 (Vulnerability in the Oracle Text component of Oracle Database Server.  ...)
+	TODO: check
+CVE-2021-2044 (Vulnerability in the PeopleSoft Enterprise FIN Payables product of Ora ...)
+	TODO: check
+CVE-2021-2043 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+	TODO: check
+CVE-2021-2042 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 8.0.22-1
-CVE-2021-2041
-	RESERVED
-CVE-2021-2040
-	RESERVED
-CVE-2021-2039
-	RESERVED
-CVE-2021-2038
-	RESERVED
+CVE-2021-2041 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+	TODO: check
+CVE-2021-2040 (Vulnerability in the Oracle Argus Safety product of Oracle Health Scie ...)
+	TODO: check
+CVE-2021-2039 (Vulnerability in the Siebel Core - Server Framework product of Oracle  ...)
+	TODO: check
+CVE-2021-2038 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
 CVE-2021-2037
 	RESERVED
-CVE-2021-2036
-	RESERVED
+CVE-2021-2036 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
-CVE-2021-2035
-	RESERVED
-CVE-2021-2034
-	RESERVED
-CVE-2021-2033
-	RESERVED
-CVE-2021-2032
-	RESERVED
+CVE-2021-2035 (Vulnerability in the RDBMS Scheduler component of Oracle Database Serv ...)
+	TODO: check
+CVE-2021-2034 (Vulnerability in the Oracle Common Applications Calendar product of Or ...)
+	TODO: check
+CVE-2021-2033 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2021-2032 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
 	- mysql-5.7 <unfixed>
-CVE-2021-2031
-	RESERVED
+CVE-2021-2031 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
-CVE-2021-2030
-	RESERVED
+CVE-2021-2030 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 8.0.22-1
-CVE-2021-2029
-	RESERVED
-CVE-2021-2028
-	RESERVED
+CVE-2021-2029 (Vulnerability in the Oracle Scripting product of Oracle E-Business Sui ...)
+	TODO: check
+CVE-2021-2028 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 8.0.22-1
-CVE-2021-2027
-	RESERVED
-CVE-2021-2026
-	RESERVED
-CVE-2021-2025
-	RESERVED
-CVE-2021-2024
-	RESERVED
+CVE-2021-2027 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
+	TODO: check
+CVE-2021-2026 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
+	TODO: check
+CVE-2021-2025 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+	TODO: check
+CVE-2021-2024 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
-CVE-2021-2023
-	RESERVED
-CVE-2021-2022
-	RESERVED
+CVE-2021-2023 (Vulnerability in the Oracle Installed Base product of Oracle E-Busines ...)
+	TODO: check
+CVE-2021-2022 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
 	- mysql-5.7 <unfixed>
-CVE-2021-2021
-	RESERVED
+CVE-2021-2021 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
-CVE-2021-2020
-	RESERVED
+CVE-2021-2020 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 8.0.21-1
-CVE-2021-2019
-	RESERVED
+CVE-2021-2019 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <not-affected> (Fixed before initial upload)
-CVE-2021-2018
-	RESERVED
-CVE-2021-2017
-	RESERVED
-CVE-2021-2016
-	RESERVED
+CVE-2021-2018 (Vulnerability in the Advanced Networking Option component of Oracle Da ...)
+	TODO: check
+CVE-2021-2017 (Vulnerability in the Oracle User Management product of Oracle E-Busine ...)
+	TODO: check
+CVE-2021-2016 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <not-affected> (Fixed before initial upload)
-CVE-2021-2015
-	RESERVED
-CVE-2021-2014
-	RESERVED
+CVE-2021-2015 (Vulnerability in the Oracle Workflow product of Oracle E-Business Suit ...)
+	TODO: check
+CVE-2021-2014 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <unfixed>
-CVE-2021-2013
-	RESERVED
-CVE-2021-2012
-	RESERVED
+CVE-2021-2013 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
+	TODO: check
+CVE-2021-2012 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 8.0.21-1
-CVE-2021-2011
-	RESERVED
+CVE-2021-2011 (Vulnerability in the MySQL Client product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
 	- mysql-5.7 <unfixed>
-CVE-2021-2010
-	RESERVED
+CVE-2021-2010 (Vulnerability in the MySQL Client product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
 	- mysql-5.7 <unfixed>
-CVE-2021-2009
-	RESERVED
+CVE-2021-2009 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <not-affected> (Fixed before initial upload)
 CVE-2021-2008
 	RESERVED
-CVE-2021-2007
-	RESERVED
+CVE-2021-2007 (Vulnerability in the MySQL Client product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.7 <unfixed>
-CVE-2021-2006
-	RESERVED
+CVE-2021-2006 (Vulnerability in the MySQL Client product of Oracle MySQL (component:  ...)
 	- mysql-8.0 8.0.21-1
-CVE-2021-2005
-	RESERVED
-CVE-2021-2004
-	RESERVED
-CVE-2021-2003
-	RESERVED
-CVE-2021-2002
-	RESERVED
+CVE-2021-2005 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+	TODO: check
+CVE-2021-2004 (Vulnerability in the Siebel Core - Server BizLogic Script product of O ...)
+	TODO: check
+CVE-2021-2003 (Vulnerability in the Business Intelligence Enterprise Edition product  ...)
+	TODO: check
+CVE-2021-2002 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
-CVE-2021-2001
-	RESERVED
+CVE-2021-2001 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.7 <unfixed>
-CVE-2021-2000
-	RESERVED
-CVE-2021-1999
-	RESERVED
-CVE-2021-1998
-	RESERVED
+CVE-2021-2000 (Vulnerability in the Unified Audit component of Oracle Database Server ...)
+	TODO: check
+CVE-2021-1999 (Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracl ...)
+	TODO: check
+CVE-2021-1998 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
-CVE-2021-1997
-	RESERVED
-CVE-2021-1996
-	RESERVED
-CVE-2021-1995
-	RESERVED
-CVE-2021-1994
-	RESERVED
-CVE-2021-1993
-	RESERVED
+CVE-2021-1997 (Vulnerability in the Oracle Hospitality Reporting and Analytics produc ...)
+	TODO: check
+CVE-2021-1996 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2021-1995 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2021-1994 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2021-1993 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
+	TODO: check
 CVE-2021-1992
 	RESERVED
 CVE-2021-1991
@@ -19837,8 +19790,8 @@ CVE-2020-28485
 	RESERVED
 CVE-2020-28484
 	RESERVED
-CVE-2020-28483
-	RESERVED
+CVE-2020-28483 (This affects all versions of package github.com/gin-gonic/gin. When gi ...)
+	TODO: check
 CVE-2020-28482 (This affects the package fastify-csrf before 3.0.0. 1. The generated c ...)
 	NOT-FOR-US: Node fastify-csrf
 CVE-2020-28481 (The package socket.io before 2.4.0 are vulnerable to Insecure Defaults ...)
@@ -19900,8 +19853,8 @@ CVE-2020-28454
 	RESERVED
 CVE-2020-28453
 	RESERVED
-CVE-2020-28452
-	RESERVED
+CVE-2020-28452 (This affects the package com.softwaremill.akka-http-session:core_2.12  ...)
+	TODO: check
 CVE-2020-28451
 	RESERVED
 CVE-2020-28450
@@ -28521,40 +28474,33 @@ CVE-2020-25689 (A memory leak flaw was found in WildFly in all versions up to 21
 	- wildfly <itp> (bug #752018)
 CVE-2020-25688 (A flaw was found in rhacm versions before 2.0.5 and before 2.1.0. Two  ...)
 	NOT-FOR-US: Red Hat Advanced Cluster Management for Kubernetes (RHACM)
-CVE-2020-25687
-	RESERVED
+CVE-2020-25687 (A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ...)
 	- dnsmasq 2.83-1
 	NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a
-CVE-2020-25686
-	RESERVED
+CVE-2020-25686 (A flaw was found in dnsmasq before version 2.83. When receiving a quer ...)
 	- dnsmasq 2.83-1
 	NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=15b60ddf935a531269bb8c68198de012a4967156
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=6a6e06fbb0d4690507ceaf2bb6f0d8910f3d4914
-CVE-2020-25685
-	RESERVED
+CVE-2020-25685 (A flaw was found in dnsmasq before version 2.83. When getting a reply  ...)
 	- dnsmasq 2.83-1
 	NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=2d765867c597db18be9d876c9c17e2c0fe1953cd
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=2024f9729713fd657d65e64c2e4e471baa0a3e5b
-CVE-2020-25684
-	RESERVED
+CVE-2020-25684 (A flaw was found in dnsmasq before version 2.83. When getting a reply  ...)
 	- dnsmasq 2.83-1
 	NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=257ac0c5f7732cbc6aa96fdd3b06602234593aca
-CVE-2020-25683
-	RESERVED
+CVE-2020-25683 (A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ...)
 	- dnsmasq 2.83-1
 	NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a
-CVE-2020-25682
-	RESERVED
+CVE-2020-25682 (A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerabili ...)
 	- dnsmasq 2.83-1
 	NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a
-CVE-2020-25681
-	RESERVED
+CVE-2020-25681 (A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ...)
 	- dnsmasq 2.83-1
 	NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
 	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a
@@ -38518,8 +38464,8 @@ CVE-2020-20951
 	RESERVED
 CVE-2020-20950 (Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip L ...)
 	TODO: check
-CVE-2020-20949
-	RESERVED
+CVE-2020-20949 (Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in STM32 crypt ...)
+	TODO: check
 CVE-2020-20948
 	RESERVED
 CVE-2020-20947
@@ -52074,8 +52020,8 @@ CVE-2020-14758 (Vulnerability in the Oracle Solaris product of Oracle Systems (c
 	NOT-FOR-US: Oracle
 CVE-2020-14757 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
 	NOT-FOR-US: Oracle
-CVE-2020-14756
-	RESERVED
+CVE-2020-14756 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...)
+	TODO: check
 CVE-2020-14755
 	RESERVED
 CVE-2020-14754 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
@@ -53356,8 +53302,7 @@ CVE-2020-14361 (A flaw was found in X.Org Server before xorg-x11-server 1.20.9.
 	- xorg-server 2:1.20.9-1
 	NOTE: https://lists.x.org/archives/xorg-announce/2020-August/003058.html
 	NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/144849ea27230962227e62a943b399e2ab304787
-CVE-2020-14360 [Check SetMap request length carefully]
-	RESERVED
+CVE-2020-14360 (A flaw was found in the X.Org Server before version 1.20.10. An out-of ...)
 	{DSA-4803-1 DLA-2486-1}
 	- xorg-server 2:1.20.10-1 (bug #976216)
 	NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/446ff2d3177087b8173fa779fa5b77a2a128988b
@@ -76545,8 +76490,8 @@ CVE-2020-6026
 	RESERVED
 CVE-2020-6025
 	RESERVED
-CVE-2020-6024
-	RESERVED
+CVE-2020-6024 (Check Point SmartConsole before R80.20 Build 119, R80.30 before Build  ...)
+	TODO: check
 CVE-2020-6023 (Check Point ZoneAlarm before version 15.8.139.18543 allows a local act ...)
 	NOT-FOR-US: Check Point ZoneAlarm
 CVE-2020-6022 (Check Point ZoneAlarm before version 15.8.139.18543 allows a local act ...)
@@ -79363,8 +79308,8 @@ CVE-2020-4985
 	RESERVED
 CVE-2020-4984
 	RESERVED
-CVE-2020-4983
-	RESERVED
+CVE-2020-4983 (IBM Spectrum LSF 10.1 and IBM Spectrum LSF Suite 10.2 could allow a us ...)
+	TODO: check
 CVE-2020-4982
 	RESERVED
 CVE-2020-4981
@@ -79487,8 +79432,8 @@ CVE-2020-4923
 	RESERVED
 CVE-2020-4922
 	RESERVED
-CVE-2020-4921
-	RESERVED
+CVE-2020-4921 (IBM Security Guardium 10.6 and 11.2 is vulnerable to SQL injection. A  ...)
+	TODO: check
 CVE-2020-4920
 	RESERVED
 CVE-2020-4919 (IBM Cloud Pak System 2.3 has insufficient logout controls which could  ...)
@@ -79555,8 +79500,8 @@ CVE-2020-4889
 	RESERVED
 CVE-2020-4888
 	RESERVED
-CVE-2020-4887
-	RESERVED
+CVE-2020-4887 (IBM AIX 7.1, 7.2 and AIX VIOS 3.1 could allow a local user to exploit  ...)
+	TODO: check
 CVE-2020-4886 (IBM InfoSphere Information Server 11.7 stores sensitive information in ...)
 	NOT-FOR-US: IBM
 CVE-2020-4885
@@ -79956,8 +79901,8 @@ CVE-2020-4690
 	RESERVED
 CVE-2020-4689 (IBM Security Guardium 11.2 is vulnerable to CVS Injection. A remote pr ...)
 	NOT-FOR-US: IBM
-CVE-2020-4688
-	RESERVED
+CVE-2020-4688 (IBM Security Guardium 10.6 and 11.2 could allow a local attacker to ex ...)
+	TODO: check
 CVE-2020-4687 (IBM Content Navigator 3.0.7 and 3.0.8 could allow an authenticated use ...)
 	NOT-FOR-US: IBM
 CVE-2020-4686 (IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated  ...)
author	security tracker role <sectracker@soriano.debian.org>	2021-01-20 20:10:29 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2021-01-20 20:10:29 +0000
commit	e75b495fcf6c0e1b343c22a1057a62a1603ec370 (patch)
tree	037170e8136fa56f570f9301269ab56710e6855c
parent	59ca08c39ddff5f40680b85f6d29f5f5a3acf4dd (diff)