From e75b495fcf6c0e1b343c22a1057a62a1603ec370 Mon Sep 17 00:00:00 2001 From: security tracker role Date: Wed, 20 Jan 2021 20:10:29 +0000 Subject: automatic update --- data/CVE/list | 583 ++++++++++++++++++++++++++-------------------------------- 1 file changed, 264 insertions(+), 319 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index 96211f2cd0..2c26a42da3 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,9 @@ +CVE-2021-25642 + RESERVED +CVE-2021-25641 + RESERVED +CVE-2021-25640 + RESERVED CVE-2021-25639 RESERVED CVE-2021-25638 @@ -765,6 +771,8 @@ CVE-2021-25288 CVE-2021-25287 RESERVED CVE-2021-3185 [gstreamer: stack buffer overflow in gst_h264_slice_parse_dec_ref_pic_marking] + RESERVED + {DSA-4833-1 DLA-2528-1} - gst-plugins-bad1.0 1.18.1-1 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1917192 NOTE: https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/commit/11353b3f6e2f047cc37483d21e6a37ae558896bc @@ -780,7 +788,7 @@ CVE-2021-25282 RESERVED CVE-2021-25281 RESERVED -CVE-2021-21263 [Unexpected bindings in QueryBuilder] +CVE-2021-21263 (Laravel is a web application framework. Versions of Laravel before 6.2 ...) - php-laravel-framework 6.20.11+dfsg-1 (bug #980095) NOTE: https://blog.laravel.com/security-laravel-62011-7302-8221-released NOTE: https://github.com/laravel/framework/security/advisories/GHSA-3p32-j457-pg5x @@ -3603,8 +3611,8 @@ CVE-2021-3132 RESERVED CVE-2021-3131 (The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 enco ...) NOT-FOR-US: 1C:Enterprise -CVE-2021-3130 - RESERVED +CVE-2021-3130 (Within the Open-AudIT up to version 3.5.3 application, the web interfa ...) + TODO: check CVE-2021-3129 (Ignition before 2.5.2, as used in Laravel and other products, allows u ...) NOT-FOR-US: Ignition CVE-2021-3128 @@ -4829,8 +4837,8 @@ CVE-2021-23328 RESERVED CVE-2021-23327 RESERVED -CVE-2021-23326 - RESERVED +CVE-2021-23326 (This affects the package @graphql-tools/git-loader before 6.2.6. The u ...) + TODO: check CVE-2021-23325 RESERVED CVE-2021-23324 @@ -5003,8 +5011,8 @@ CVE-2021-3112 RESERVED CVE-2021-3111 (The Express Entries Dashboard in Concrete5 8.5.4 allows stored XSS via ...) NOT-FOR-US: Concrete5 -CVE-2021-3110 - RESERVED +CVE-2021-3110 (The store system in PrestaShop 1.7.7.0 allows time-based boolean SQL i ...) + TODO: check CVE-2021-3109 RESERVED CVE-2021-23242 (MERCUSYS Mercury X18G 1.0.5 devices allow Directory Traversal via ../ ...) @@ -10316,8 +10324,8 @@ CVE-2021-21271 RESERVED CVE-2021-21270 RESERVED -CVE-2021-21269 - RESERVED +CVE-2021-21269 (Keymaker is a Mastodon Community Finder based Matrix Community serverl ...) + TODO: check CVE-2021-21268 RESERVED CVE-2021-21267 @@ -13794,10 +13802,10 @@ CVE-2020-35274 (DotCMS Add Template with admin panel 20.11 is affected by cross- NOT-FOR-US: DotCMS CVE-2020-35273 (EgavilanMedia User Registration & Login System with Admin Panel 1. ...) NOT-FOR-US: EgavilanMedia User Registration & Login System with Admin Panel -CVE-2020-35272 - RESERVED -CVE-2020-35271 - RESERVED +CVE-2020-35272 (Employee Performance Evaluation System in PHP/MySQLi with Source Code ...) + TODO: check +CVE-2020-35271 (Employee Performance Evaluation System in PHP/MySQLi with Source Code ...) + TODO: check CVE-2020-35270 RESERVED CVE-2020-35269 (Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross ...) @@ -13906,8 +13914,8 @@ CVE-2020-35219 (The ASUS DSL-N17U modem with firmware 1.1.0.2 allows attackers t NOT-FOR-US: ASUS CVE-2020-35218 RESERVED -CVE-2020-35217 - RESERVED +CVE-2020-35217 (Vert.x-Web framework v4.0 milestone 1-4 does not perform a correct CSR ...) + TODO: check CVE-2020-35216 RESERVED CVE-2020-35215 @@ -14888,346 +14896,291 @@ CVE-2021-2133 RESERVED CVE-2021-2132 RESERVED -CVE-2021-2131 - RESERVED +CVE-2021-2131 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...) - virtualbox 6.1.18-dfsg-1 -CVE-2021-2130 - RESERVED +CVE-2021-2130 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...) - virtualbox 6.1.18-dfsg-1 -CVE-2021-2129 - RESERVED +CVE-2021-2129 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...) - virtualbox 6.1.18-dfsg-1 -CVE-2021-2128 - RESERVED +CVE-2021-2128 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...) - virtualbox 6.1.18-dfsg-1 -CVE-2021-2127 - RESERVED +CVE-2021-2127 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...) - virtualbox 6.1.18-dfsg-1 -CVE-2021-2126 - RESERVED +CVE-2021-2126 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...) - virtualbox 6.1.18-dfsg-1 -CVE-2021-2125 - RESERVED +CVE-2021-2125 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...) - virtualbox 6.1.18-dfsg-1 -CVE-2021-2124 - RESERVED +CVE-2021-2124 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...) - virtualbox 6.1.18-dfsg-1 -CVE-2021-2123 - RESERVED +CVE-2021-2123 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...) - virtualbox 6.1.18-dfsg-1 -CVE-2021-2122 - RESERVED +CVE-2021-2122 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 -CVE-2021-2121 - RESERVED +CVE-2021-2121 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...) - virtualbox 6.1.18-dfsg-1 -CVE-2021-2120 - RESERVED +CVE-2021-2120 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...) - virtualbox 6.1.18-dfsg-1 -CVE-2021-2119 - RESERVED +CVE-2021-2119 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...) - virtualbox 6.1.18-dfsg-1 -CVE-2021-2118 - RESERVED -CVE-2021-2117 - RESERVED -CVE-2021-2116 - RESERVED -CVE-2021-2115 - RESERVED -CVE-2021-2114 - RESERVED -CVE-2021-2113 - RESERVED -CVE-2021-2112 - RESERVED +CVE-2021-2118 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...) + TODO: check +CVE-2021-2117 (Vulnerability in the Oracle Application Express Survey Builder compone ...) + TODO: check +CVE-2021-2116 (Vulnerability in the Oracle Application Express Opportunity Tracker co ...) + TODO: check +CVE-2021-2115 (Vulnerability in the Oracle Common Applications Calendar product of Or ...) + TODO: check +CVE-2021-2114 (Vulnerability in the Oracle Common Applications Calendar product of Or ...) + TODO: check +CVE-2021-2113 (Vulnerability in the Oracle Financial Services Revenue Management and ...) + TODO: check +CVE-2021-2112 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...) - virtualbox 6.1.18-dfsg-1 -CVE-2021-2111 - RESERVED +CVE-2021-2111 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...) - virtualbox 6.1.18-dfsg-1 -CVE-2021-2110 - RESERVED -CVE-2021-2109 - RESERVED -CVE-2021-2108 - RESERVED -CVE-2021-2107 - RESERVED -CVE-2021-2106 - RESERVED -CVE-2021-2105 - RESERVED -CVE-2021-2104 - RESERVED -CVE-2021-2103 - RESERVED -CVE-2021-2102 - RESERVED -CVE-2021-2101 - RESERVED -CVE-2021-2100 - RESERVED -CVE-2021-2099 - RESERVED -CVE-2021-2098 - RESERVED -CVE-2021-2097 - RESERVED -CVE-2021-2096 - RESERVED +CVE-2021-2110 (Vulnerability in the Oracle Argus Safety product of Oracle Health Scie ...) + TODO: check +CVE-2021-2109 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) + TODO: check +CVE-2021-2108 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) + TODO: check +CVE-2021-2107 (Vulnerability in the Oracle Customer Interaction History product of Or ...) + TODO: check +CVE-2021-2106 (Vulnerability in the Oracle Customer Interaction History product of Or ...) + TODO: check +CVE-2021-2105 (Vulnerability in the Oracle Customer Interaction History product of Or ...) + TODO: check +CVE-2021-2104 (Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul ...) + TODO: check +CVE-2021-2103 (Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul ...) + TODO: check +CVE-2021-2102 (Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul ...) + TODO: check +CVE-2021-2101 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...) + TODO: check +CVE-2021-2100 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...) + TODO: check +CVE-2021-2099 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...) + TODO: check +CVE-2021-2098 (Vulnerability in the Oracle Email Center product of Oracle E-Business ...) + TODO: check +CVE-2021-2097 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...) + TODO: check +CVE-2021-2096 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite ...) + TODO: check CVE-2021-2095 RESERVED -CVE-2021-2094 - RESERVED -CVE-2021-2093 - RESERVED -CVE-2021-2092 - RESERVED -CVE-2021-2091 - RESERVED -CVE-2021-2090 - RESERVED -CVE-2021-2089 - RESERVED -CVE-2021-2088 - RESERVED +CVE-2021-2094 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...) + TODO: check +CVE-2021-2093 (Vulnerability in the Oracle Common Applications product of Oracle E-Bu ...) + TODO: check +CVE-2021-2092 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...) + TODO: check +CVE-2021-2091 (Vulnerability in the Oracle Scripting product of Oracle E-Business Sui ...) + TODO: check +CVE-2021-2090 (Vulnerability in the Oracle Email Center product of Oracle E-Business ...) + TODO: check +CVE-2021-2089 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite ...) + TODO: check +CVE-2021-2088 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 -CVE-2021-2087 - RESERVED +CVE-2021-2087 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 -CVE-2021-2086 - RESERVED +CVE-2021-2086 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...) - virtualbox 6.1.18-dfsg-1 -CVE-2021-2085 - RESERVED -CVE-2021-2084 - RESERVED -CVE-2021-2083 - RESERVED -CVE-2021-2082 - RESERVED -CVE-2021-2081 - RESERVED +CVE-2021-2085 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...) + TODO: check +CVE-2021-2084 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...) + TODO: check +CVE-2021-2083 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...) + TODO: check +CVE-2021-2082 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite ...) + TODO: check +CVE-2021-2081 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 -CVE-2021-2080 - RESERVED -CVE-2021-2079 - RESERVED -CVE-2021-2078 - RESERVED -CVE-2021-2077 - RESERVED -CVE-2021-2076 - RESERVED +CVE-2021-2080 (Vulnerability in the Oracle Configurator product of Oracle Supply Chai ...) + TODO: check +CVE-2021-2079 (Vulnerability in the Oracle Configurator product of Oracle Supply Chai ...) + TODO: check +CVE-2021-2078 (Vulnerability in the Oracle Configurator product of Oracle Supply Chai ...) + TODO: check +CVE-2021-2077 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite ...) + TODO: check +CVE-2021-2076 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 -CVE-2021-2075 - RESERVED -CVE-2021-2074 - RESERVED +CVE-2021-2075 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) + TODO: check +CVE-2021-2074 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...) - virtualbox 6.1.18-dfsg-1 -CVE-2021-2073 - RESERVED +CVE-2021-2073 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...) - virtualbox 6.1.18-dfsg-1 -CVE-2021-2072 - RESERVED +CVE-2021-2072 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 -CVE-2021-2071 - RESERVED -CVE-2021-2070 - RESERVED +CVE-2021-2071 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...) + TODO: check +CVE-2021-2070 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 -CVE-2021-2069 - RESERVED -CVE-2021-2068 - RESERVED -CVE-2021-2067 - RESERVED -CVE-2021-2066 - RESERVED -CVE-2021-2065 - RESERVED +CVE-2021-2069 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...) + TODO: check +CVE-2021-2068 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...) + TODO: check +CVE-2021-2067 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...) + TODO: check +CVE-2021-2066 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...) + TODO: check +CVE-2021-2065 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 -CVE-2021-2064 - RESERVED -CVE-2021-2063 - RESERVED -CVE-2021-2062 - RESERVED -CVE-2021-2061 - RESERVED +CVE-2021-2064 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) + TODO: check +CVE-2021-2063 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...) + TODO: check +CVE-2021-2062 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...) + TODO: check +CVE-2021-2061 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 -CVE-2021-2060 - RESERVED +CVE-2021-2060 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 - mysql-5.7 -CVE-2021-2059 - RESERVED -CVE-2021-2058 - RESERVED +CVE-2021-2059 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite ...) + TODO: check +CVE-2021-2058 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 -CVE-2021-2057 - RESERVED -CVE-2021-2056 - RESERVED +CVE-2021-2057 (Vulnerability in the Oracle Retail Customer Management and Segmentatio ...) + TODO: check +CVE-2021-2056 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 -CVE-2021-2055 - RESERVED +CVE-2021-2055 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 8.0.22-1 -CVE-2021-2054 - RESERVED +CVE-2021-2054 (Vulnerability in the RDBMS Sharding component of Oracle Database Serve ...) + TODO: check CVE-2021-2053 RESERVED -CVE-2021-2052 - RESERVED -CVE-2021-2051 - RESERVED -CVE-2021-2050 - RESERVED -CVE-2021-2049 - RESERVED -CVE-2021-2048 - RESERVED +CVE-2021-2052 (Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of ...) + TODO: check +CVE-2021-2051 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...) + TODO: check +CVE-2021-2050 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...) + TODO: check +CVE-2021-2049 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...) + TODO: check +CVE-2021-2048 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 -CVE-2021-2047 - RESERVED -CVE-2021-2046 - RESERVED +CVE-2021-2047 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) + TODO: check +CVE-2021-2046 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 -CVE-2021-2045 - RESERVED -CVE-2021-2044 - RESERVED -CVE-2021-2043 - RESERVED -CVE-2021-2042 - RESERVED +CVE-2021-2045 (Vulnerability in the Oracle Text component of Oracle Database Server. ...) + TODO: check +CVE-2021-2044 (Vulnerability in the PeopleSoft Enterprise FIN Payables product of Ora ...) + TODO: check +CVE-2021-2043 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...) + TODO: check +CVE-2021-2042 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 8.0.22-1 -CVE-2021-2041 - RESERVED -CVE-2021-2040 - RESERVED -CVE-2021-2039 - RESERVED -CVE-2021-2038 - RESERVED +CVE-2021-2041 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...) + TODO: check +CVE-2021-2040 (Vulnerability in the Oracle Argus Safety product of Oracle Health Scie ...) + TODO: check +CVE-2021-2039 (Vulnerability in the Siebel Core - Server Framework product of Oracle ...) + TODO: check +CVE-2021-2038 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2021-2037 RESERVED -CVE-2021-2036 - RESERVED +CVE-2021-2036 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 -CVE-2021-2035 - RESERVED -CVE-2021-2034 - RESERVED -CVE-2021-2033 - RESERVED -CVE-2021-2032 - RESERVED +CVE-2021-2035 (Vulnerability in the RDBMS Scheduler component of Oracle Database Serv ...) + TODO: check +CVE-2021-2034 (Vulnerability in the Oracle Common Applications Calendar product of Or ...) + TODO: check +CVE-2021-2033 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) + TODO: check +CVE-2021-2032 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 - mysql-5.7 -CVE-2021-2031 - RESERVED +CVE-2021-2031 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 -CVE-2021-2030 - RESERVED +CVE-2021-2030 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 8.0.22-1 -CVE-2021-2029 - RESERVED -CVE-2021-2028 - RESERVED +CVE-2021-2029 (Vulnerability in the Oracle Scripting product of Oracle E-Business Sui ...) + TODO: check +CVE-2021-2028 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 8.0.22-1 -CVE-2021-2027 - RESERVED -CVE-2021-2026 - RESERVED -CVE-2021-2025 - RESERVED -CVE-2021-2024 - RESERVED +CVE-2021-2027 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...) + TODO: check +CVE-2021-2026 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...) + TODO: check +CVE-2021-2025 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...) + TODO: check +CVE-2021-2024 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 -CVE-2021-2023 - RESERVED -CVE-2021-2022 - RESERVED +CVE-2021-2023 (Vulnerability in the Oracle Installed Base product of Oracle E-Busines ...) + TODO: check +CVE-2021-2022 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 - mysql-5.7 -CVE-2021-2021 - RESERVED +CVE-2021-2021 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 -CVE-2021-2020 - RESERVED +CVE-2021-2020 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 8.0.21-1 -CVE-2021-2019 - RESERVED +CVE-2021-2019 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 (Fixed before initial upload) -CVE-2021-2018 - RESERVED -CVE-2021-2017 - RESERVED -CVE-2021-2016 - RESERVED +CVE-2021-2018 (Vulnerability in the Advanced Networking Option component of Oracle Da ...) + TODO: check +CVE-2021-2017 (Vulnerability in the Oracle User Management product of Oracle E-Busine ...) + TODO: check +CVE-2021-2016 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 (Fixed before initial upload) -CVE-2021-2015 - RESERVED -CVE-2021-2014 - RESERVED +CVE-2021-2015 (Vulnerability in the Oracle Workflow product of Oracle E-Business Suit ...) + TODO: check +CVE-2021-2014 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-5.7 -CVE-2021-2013 - RESERVED -CVE-2021-2012 - RESERVED +CVE-2021-2013 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...) + TODO: check +CVE-2021-2012 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 8.0.21-1 -CVE-2021-2011 - RESERVED +CVE-2021-2011 (Vulnerability in the MySQL Client product of Oracle MySQL (component: ...) - mysql-8.0 - mysql-5.7 -CVE-2021-2010 - RESERVED +CVE-2021-2010 (Vulnerability in the MySQL Client product of Oracle MySQL (component: ...) - mysql-8.0 - mysql-5.7 -CVE-2021-2009 - RESERVED +CVE-2021-2009 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 (Fixed before initial upload) CVE-2021-2008 RESERVED -CVE-2021-2007 - RESERVED +CVE-2021-2007 (Vulnerability in the MySQL Client product of Oracle MySQL (component: ...) - mysql-8.0 (Fixed before initial upload) - mysql-5.7 -CVE-2021-2006 - RESERVED +CVE-2021-2006 (Vulnerability in the MySQL Client product of Oracle MySQL (component: ...) - mysql-8.0 8.0.21-1 -CVE-2021-2005 - RESERVED -CVE-2021-2004 - RESERVED -CVE-2021-2003 - RESERVED -CVE-2021-2002 - RESERVED +CVE-2021-2005 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...) + TODO: check +CVE-2021-2004 (Vulnerability in the Siebel Core - Server BizLogic Script product of O ...) + TODO: check +CVE-2021-2003 (Vulnerability in the Business Intelligence Enterprise Edition product ...) + TODO: check +CVE-2021-2002 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 -CVE-2021-2001 - RESERVED +CVE-2021-2001 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 (Fixed before initial upload) - mysql-5.7 -CVE-2021-2000 - RESERVED -CVE-2021-1999 - RESERVED -CVE-2021-1998 - RESERVED +CVE-2021-2000 (Vulnerability in the Unified Audit component of Oracle Database Server ...) + TODO: check +CVE-2021-1999 (Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracl ...) + TODO: check +CVE-2021-1998 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 -CVE-2021-1997 - RESERVED -CVE-2021-1996 - RESERVED -CVE-2021-1995 - RESERVED -CVE-2021-1994 - RESERVED -CVE-2021-1993 - RESERVED +CVE-2021-1997 (Vulnerability in the Oracle Hospitality Reporting and Analytics produc ...) + TODO: check +CVE-2021-1996 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) + TODO: check +CVE-2021-1995 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) + TODO: check +CVE-2021-1994 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) + TODO: check +CVE-2021-1993 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...) + TODO: check CVE-2021-1992 RESERVED CVE-2021-1991 @@ -19837,8 +19790,8 @@ CVE-2020-28485 RESERVED CVE-2020-28484 RESERVED -CVE-2020-28483 - RESERVED +CVE-2020-28483 (This affects all versions of package github.com/gin-gonic/gin. When gi ...) + TODO: check CVE-2020-28482 (This affects the package fastify-csrf before 3.0.0. 1. The generated c ...) NOT-FOR-US: Node fastify-csrf CVE-2020-28481 (The package socket.io before 2.4.0 are vulnerable to Insecure Defaults ...) @@ -19900,8 +19853,8 @@ CVE-2020-28454 RESERVED CVE-2020-28453 RESERVED -CVE-2020-28452 - RESERVED +CVE-2020-28452 (This affects the package com.softwaremill.akka-http-session:core_2.12 ...) + TODO: check CVE-2020-28451 RESERVED CVE-2020-28450 @@ -28521,40 +28474,33 @@ CVE-2020-25689 (A memory leak flaw was found in WildFly in all versions up to 21 - wildfly (bug #752018) CVE-2020-25688 (A flaw was found in rhacm versions before 2.0.5 and before 2.1.0. Two ...) NOT-FOR-US: Red Hat Advanced Cluster Management for Kubernetes (RHACM) -CVE-2020-25687 - RESERVED +CVE-2020-25687 (A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ...) - dnsmasq 2.83-1 NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1 NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a -CVE-2020-25686 - RESERVED +CVE-2020-25686 (A flaw was found in dnsmasq before version 2.83. When receiving a quer ...) - dnsmasq 2.83-1 NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1 NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=15b60ddf935a531269bb8c68198de012a4967156 NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=6a6e06fbb0d4690507ceaf2bb6f0d8910f3d4914 -CVE-2020-25685 - RESERVED +CVE-2020-25685 (A flaw was found in dnsmasq before version 2.83. When getting a reply ...) - dnsmasq 2.83-1 NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1 NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=2d765867c597db18be9d876c9c17e2c0fe1953cd NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=2024f9729713fd657d65e64c2e4e471baa0a3e5b -CVE-2020-25684 - RESERVED +CVE-2020-25684 (A flaw was found in dnsmasq before version 2.83. When getting a reply ...) - dnsmasq 2.83-1 NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1 NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=257ac0c5f7732cbc6aa96fdd3b06602234593aca -CVE-2020-25683 - RESERVED +CVE-2020-25683 (A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ...) - dnsmasq 2.83-1 NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1 NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a -CVE-2020-25682 - RESERVED +CVE-2020-25682 (A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerabili ...) - dnsmasq 2.83-1 NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1 NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a -CVE-2020-25681 - RESERVED +CVE-2020-25681 (A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ...) - dnsmasq 2.83-1 NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1 NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a @@ -38518,8 +38464,8 @@ CVE-2020-20951 RESERVED CVE-2020-20950 (Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip L ...) TODO: check -CVE-2020-20949 - RESERVED +CVE-2020-20949 (Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in STM32 crypt ...) + TODO: check CVE-2020-20948 RESERVED CVE-2020-20947 @@ -52074,8 +52020,8 @@ CVE-2020-14758 (Vulnerability in the Oracle Solaris product of Oracle Systems (c NOT-FOR-US: Oracle CVE-2020-14757 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) NOT-FOR-US: Oracle -CVE-2020-14756 - RESERVED +CVE-2020-14756 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...) + TODO: check CVE-2020-14755 RESERVED CVE-2020-14754 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...) @@ -53356,8 +53302,7 @@ CVE-2020-14361 (A flaw was found in X.Org Server before xorg-x11-server 1.20.9. - xorg-server 2:1.20.9-1 NOTE: https://lists.x.org/archives/xorg-announce/2020-August/003058.html NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/144849ea27230962227e62a943b399e2ab304787 -CVE-2020-14360 [Check SetMap request length carefully] - RESERVED +CVE-2020-14360 (A flaw was found in the X.Org Server before version 1.20.10. An out-of ...) {DSA-4803-1 DLA-2486-1} - xorg-server 2:1.20.10-1 (bug #976216) NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/446ff2d3177087b8173fa779fa5b77a2a128988b @@ -76545,8 +76490,8 @@ CVE-2020-6026 RESERVED CVE-2020-6025 RESERVED -CVE-2020-6024 - RESERVED +CVE-2020-6024 (Check Point SmartConsole before R80.20 Build 119, R80.30 before Build ...) + TODO: check CVE-2020-6023 (Check Point ZoneAlarm before version 15.8.139.18543 allows a local act ...) NOT-FOR-US: Check Point ZoneAlarm CVE-2020-6022 (Check Point ZoneAlarm before version 15.8.139.18543 allows a local act ...) @@ -79363,8 +79308,8 @@ CVE-2020-4985 RESERVED CVE-2020-4984 RESERVED -CVE-2020-4983 - RESERVED +CVE-2020-4983 (IBM Spectrum LSF 10.1 and IBM Spectrum LSF Suite 10.2 could allow a us ...) + TODO: check CVE-2020-4982 RESERVED CVE-2020-4981 @@ -79487,8 +79432,8 @@ CVE-2020-4923 RESERVED CVE-2020-4922 RESERVED -CVE-2020-4921 - RESERVED +CVE-2020-4921 (IBM Security Guardium 10.6 and 11.2 is vulnerable to SQL injection. A ...) + TODO: check CVE-2020-4920 RESERVED CVE-2020-4919 (IBM Cloud Pak System 2.3 has insufficient logout controls which could ...) @@ -79555,8 +79500,8 @@ CVE-2020-4889 RESERVED CVE-2020-4888 RESERVED -CVE-2020-4887 - RESERVED +CVE-2020-4887 (IBM AIX 7.1, 7.2 and AIX VIOS 3.1 could allow a local user to exploit ...) + TODO: check CVE-2020-4886 (IBM InfoSphere Information Server 11.7 stores sensitive information in ...) NOT-FOR-US: IBM CVE-2020-4885 @@ -79956,8 +79901,8 @@ CVE-2020-4690 RESERVED CVE-2020-4689 (IBM Security Guardium 11.2 is vulnerable to CVS Injection. A remote pr ...) NOT-FOR-US: IBM -CVE-2020-4688 - RESERVED +CVE-2020-4688 (IBM Security Guardium 10.6 and 11.2 could allow a local attacker to ex ...) + TODO: check CVE-2020-4687 (IBM Content Navigator 3.0.7 and 3.0.8 could allow an authenticated use ...) NOT-FOR-US: IBM CVE-2020-4686 (IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated ...) -- cgit v1.2.3