diff options
author | security tracker role <sectracker@soriano.debian.org> | 2021-06-12 08:10:30 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2021-06-12 08:10:30 +0000 |
commit | 13f417df62b37106fbae50f1bfb382a5fed83a18 (patch) | |
tree | 833946460bde0fe42ec97a0c9ae5b02fb2e4cc16 | |
parent | 71e2ef2a9d320f17cac735728151cb9d85ed89ac (diff) |
automatic update
-rw-r--r-- | data/CVE/2005.list | 2 | ||||
-rw-r--r-- | data/CVE/2008.list | 6 | ||||
-rw-r--r-- | data/CVE/2009.list | 36 | ||||
-rw-r--r-- | data/CVE/2017.list | 164 | ||||
-rw-r--r-- | data/CVE/2019.list | 24 | ||||
-rw-r--r-- | data/CVE/2020.list | 124 | ||||
-rw-r--r-- | data/CVE/2021.list | 61 |
7 files changed, 212 insertions, 205 deletions
diff --git a/data/CVE/2005.list b/data/CVE/2005.list index 4b96eeb19d..4621ef156e 100644 --- a/data/CVE/2005.list +++ b/data/CVE/2005.list @@ -5725,7 +5725,7 @@ CVE-2005-2494 (kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain ro {DSA-815-1} - kdebase 4:3.4.2-3 (bug #327039; medium) CVE-2005-2493 - RESERVED + REJECTED CVE-2005-2492 (The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allow ...) - linux-2.6 2.6.12-7 (bug #327416; medium) CVE-2005-2491 (Integer overflow in pcre_compile.c in Perl Compatible Regular Expressi ...) diff --git a/data/CVE/2008.list b/data/CVE/2008.list index bdb7d63b8c..bea62f6a6d 100644 --- a/data/CVE/2008.list +++ b/data/CVE/2008.list @@ -11011,7 +11011,7 @@ CVE-2008-2662 (Multiple integer overflows in the rb_str_buf_append function in R CVE-2008-2661 RESERVED CVE-2008-2660 - RESERVED + REJECTED CVE-2008-2659 RESERVED CVE-2008-2658 @@ -14302,7 +14302,7 @@ CVE-2008-1240 (LiveConnect in Mozilla Firefox before 2.0.0.13 and SeaMonkey befo - xulrunner 1.8.1.13-1 - iceape 1.1.9-1 CVE-2008-1239 - RESERVED + REJECTED CVE-2008-1238 (Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when gener ...) {DSA-1534-2 DSA-1535-1 DSA-1534-1 DSA-1532-1} - iceweasel 2.0.0.13-1 @@ -15141,7 +15141,7 @@ CVE-2008-0887 (gnome-screensaver before 2.22.1, when a remote authentication ser CVE-2008-0886 REJECTED CVE-2008-0885 - RESERVED + REJECTED CVE-2008-0884 (The Replace function in the capp-lspp-config script in the (1) lspp-ea ...) NOT-FOR-US: Red Hat Enterprise Linux NOTE: Seems Redhat specific diff --git a/data/CVE/2009.list b/data/CVE/2009.list index 65d04db888..843e515f35 100644 --- a/data/CVE/2009.list +++ b/data/CVE/2009.list @@ -1945,35 +1945,35 @@ CVE-2009-4306 (Unspecified vulnerability in the EXT4_IOC_MOVE_EXT (aka move exte [lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31) - linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.31) CVE-2009-4291 - RESERVED + REJECTED CVE-2009-4290 - RESERVED + REJECTED CVE-2009-4289 - RESERVED + REJECTED CVE-2009-4288 - RESERVED + REJECTED CVE-2009-4287 - RESERVED + REJECTED CVE-2009-4286 - RESERVED + REJECTED CVE-2009-4285 - RESERVED + REJECTED CVE-2009-4284 - RESERVED + REJECTED CVE-2009-4283 - RESERVED + REJECTED CVE-2009-4282 - RESERVED + REJECTED CVE-2009-4281 - RESERVED + REJECTED CVE-2009-4280 - RESERVED + REJECTED CVE-2009-4279 - RESERVED + REJECTED CVE-2009-4278 - RESERVED + REJECTED CVE-2009-4277 - RESERVED + REJECTED CVE-2009-4276 REJECTED CVE-2009-4275 @@ -3076,7 +3076,7 @@ CVE-2009-3894 (Multiple untrusted search path vulnerabilities in dstat before 0. [etch] - dstat <no-dsa> (Minor issue) NOTE: http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog CVE-2009-3893 - RESERVED + REJECTED CVE-2009-3891 (Cross-site scripting (XSS) vulnerability in wp-admin/press-this.php in ...) - wordpress 2.8.6-1 (low) [etch] - wordpress <not-affected> (Vulnerable code not present) @@ -5885,7 +5885,7 @@ CVE-2009-2901 (The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 - tomcat6 <not-affected> (Windows-only) - tomcat5.5 <not-affected> (Windows-only) CVE-2009-2900 - RESERVED + REJECTED CVE-2009-2899 (The monitor perl script in the Sybase database plug-in in SpringSource ...) NOT-FOR-US: SpringSource Hyperic HQ CVE-2009-2898 (Cross-site scripting (XSS) vulnerability in the Alerts list feature in ...) @@ -11600,7 +11600,7 @@ CVE-2009-0787 (The ecryptfs_write_metadata_to_contents function in the eCryptfs CVE-2009-0786 REJECTED CVE-2009-0785 - RESERVED + REJECTED CVE-2009-0784 (Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.2009031 ...) {DSA-1755-1} - systemtap 0.0.20090314-2 diff --git a/data/CVE/2017.list b/data/CVE/2017.list index 3f5aafdc3e..3ccbca1b72 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -37942,55 +37942,55 @@ CVE-2017-5781 (A CSRF vulnerability in HPE Matrix Operating Environment version CVE-2017-5780 (A remote clickjacking vulnerability in HPE Matrix Operating Environmen ...) NOT-FOR-US: HPE Matrix Operating Environment CVE-2017-5779 - RESERVED + REJECTED CVE-2017-5778 - RESERVED + REJECTED CVE-2017-5777 - RESERVED + REJECTED CVE-2017-5776 - RESERVED + REJECTED CVE-2017-5775 - RESERVED + REJECTED CVE-2017-5774 - RESERVED + REJECTED CVE-2017-5773 - RESERVED + REJECTED CVE-2017-5772 - RESERVED + REJECTED CVE-2017-5771 - RESERVED + REJECTED CVE-2017-5770 - RESERVED + REJECTED CVE-2017-5769 - RESERVED + REJECTED CVE-2017-5768 - RESERVED + REJECTED CVE-2017-5767 - RESERVED + REJECTED CVE-2017-5766 - RESERVED + REJECTED CVE-2017-5765 - RESERVED + REJECTED CVE-2017-5764 - RESERVED + REJECTED CVE-2017-5763 - RESERVED + REJECTED CVE-2017-5762 - RESERVED + REJECTED CVE-2017-5761 - RESERVED + REJECTED CVE-2017-5760 - RESERVED + REJECTED CVE-2017-5759 - RESERVED + REJECTED CVE-2017-5758 - RESERVED + REJECTED CVE-2017-5757 - RESERVED + REJECTED CVE-2017-5756 - RESERVED + REJECTED CVE-2017-5755 - RESERVED + REJECTED CVE-2017-5754 (Systems with microprocessors utilizing speculative execution and indir ...) {DSA-4120-1 DSA-4082-1 DSA-4078-1 DLA-1232-1} - linux 4.14.12-1 @@ -38032,37 +38032,37 @@ CVE-2017-5753 (Systems with microprocessors utilizing speculative execution and NOTE: Paper: https://spectreattack.com/spectre.pdf NOTE: https://01.org/security/advisories/intel-oss-10002 CVE-2017-5752 - RESERVED + REJECTED CVE-2017-5751 - RESERVED + REJECTED CVE-2017-5750 - RESERVED + REJECTED CVE-2017-5749 - RESERVED + REJECTED CVE-2017-5748 - RESERVED + REJECTED CVE-2017-5747 - RESERVED + REJECTED CVE-2017-5746 - RESERVED + REJECTED CVE-2017-5745 - RESERVED + REJECTED CVE-2017-5744 - RESERVED + REJECTED CVE-2017-5743 - RESERVED + REJECTED CVE-2017-5742 - RESERVED + REJECTED CVE-2017-5741 - RESERVED + REJECTED CVE-2017-5740 - RESERVED + REJECTED CVE-2017-5739 - RESERVED + REJECTED CVE-2017-5738 (Escalation of privilege vulnerability in admin portal for Intel Unite ...) NOT-FOR-US: Intel Unite App CVE-2017-5737 - RESERVED + REJECTED CVE-2017-5736 (An elevation of privilege in Intel Software Guard Extensions Platform ...) NOT-FOR-US: Intel CVE-2017-5735 @@ -38078,31 +38078,31 @@ CVE-2017-5731 (Bounds checking in Tianocompress before November 7, 2017 may allo NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=150 NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-tianocompress-bounds-checking-issues.html CVE-2017-5730 - RESERVED + REJECTED CVE-2017-5729 (Frame replay vulnerability in Wi-Fi subsystem in Intel Dual-Band and T ...) NOT-FOR-US: Intel CVE-2017-5728 - RESERVED + REJECTED CVE-2017-5727 (Pointer dereference in subsystem in Intel Graphics Driver 15.40.x.x, 1 ...) NOT-FOR-US: Intel CVE-2017-5726 - RESERVED + REJECTED CVE-2017-5725 - RESERVED + REJECTED CVE-2017-5724 - RESERVED + REJECTED CVE-2017-5723 - RESERVED + REJECTED CVE-2017-5722 (Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, N ...) NOT-FOR-US: Intel CVE-2017-5721 (Insufficient input validation in system firmware for Intel NUC7i3BNK, ...) NOT-FOR-US: Intel CVE-2017-5720 - RESERVED + REJECTED CVE-2017-5719 (A vulnerability in the Intel Deep Learning Training Tool Beta 1 allows ...) NOT-FOR-US: Intel CVE-2017-5718 - RESERVED + REJECTED CVE-2017-5717 (Type Confusion in Content Protection HECI Service in Intel Graphics Dr ...) NOT-FOR-US: Intel graphics driver CVE-2017-5716 @@ -38149,9 +38149,9 @@ CVE-2017-5715 (Systems with microprocessors utilizing speculative execution and - xen 4.11.1~pre+1.733450b39b-1 [jessie] - xen <ignored> (Too intrusive to backport) CVE-2017-5714 - RESERVED + REJECTED CVE-2017-5713 - RESERVED + REJECTED CVE-2017-5712 (Buffer overflow in Active Management Technology (AMT) in Intel Managea ...) NOT-FOR-US: Intel CVE-2017-5711 (Multiple buffer overflows in Active Management Technology (AMT) in Int ...) @@ -38173,7 +38173,7 @@ CVE-2017-5704 (Platform sample code firmware included with 4th Gen Intel Core Pr CVE-2017-5703 (Configuration of SPI Flash in platforms based on multiple Intel platfo ...) NOT-FOR-US: Intel CVE-2017-5702 - RESERVED + REJECTED CVE-2017-5701 (Insecure platform configuration in system firmware for Intel NUC7i3BNK ...) NOT-FOR-US: Intel CVE-2017-5700 (Insufficient protection of password storage in system firmware for Int ...) @@ -38198,13 +38198,13 @@ CVE-2017-5692 (Out-of-bounds read condition in older versions of some Intel Grap CVE-2017-5691 (Incorrect check in Intel processors from 6th and 7th Generation Intel ...) NOT-FOR-US: Intel CPUs CVE-2017-5690 - RESERVED + REJECTED CVE-2017-5689 (An unprivileged network attacker could gain system privileges to provi ...) NOT-FOR-US: Intel AMT CVE-2017-5688 (There is an escalation of privilege vulnerability in the Intel Solid S ...) NOT-FOR-US: Intel Solid State Drive Toolbox CVE-2017-5687 - RESERVED + REJECTED CVE-2017-5686 (The BIOS in Intel NUC systems based on 6th Gen Intel Core processors p ...) NOT-FOR-US: BIOS in Intel NUC systems CVE-2017-5685 (The BIOS in Intel NUC systems based on 6th Gen Intel Core processors p ...) @@ -38216,7 +38216,7 @@ CVE-2017-5683 (Privilege escalation in IntelHAXM.sys driver in the Intel Hardwar CVE-2017-5682 (Intel PSET Application Install wrapper of Intel Parallel Studio XE, In ...) NOT-FOR-US: Intel PSET CVE-2017-5680 - RESERVED + REJECTED CVE-2017-5848 (The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in ...) {DSA-3818-1 DLA-2164-1 DLA-830-1} - gst-plugins-bad1.0 1.10.4-1 (low) @@ -42686,9 +42686,9 @@ CVE-2017-4053 (Command Injection vulnerability in the web interface in McAfee Ad CVE-2017-4052 (Authentication Bypass vulnerability in the web interface in McAfee Adv ...) NOT-FOR-US: McAfee CVE-2017-4051 - RESERVED + REJECTED CVE-2017-4050 - RESERVED + REJECTED CVE-2017-4049 REJECTED CVE-2017-4048 @@ -42716,7 +42716,7 @@ CVE-2017-4038 CVE-2017-4037 REJECTED CVE-2017-4036 - RESERVED + REJECTED CVE-2017-4035 REJECTED CVE-2017-4034 @@ -42796,7 +42796,7 @@ CVE-2017-3998 CVE-2017-3997 REJECTED CVE-2017-3996 - RESERVED + REJECTED CVE-2017-3995 REJECTED CVE-2017-3994 @@ -42812,7 +42812,7 @@ CVE-2017-3990 CVE-2017-3989 REJECTED CVE-2017-3988 - RESERVED + REJECTED CVE-2017-3987 REJECTED CVE-2017-3986 @@ -42848,7 +42848,7 @@ CVE-2017-3972 (Infrastructure-based foot printing vulnerability in the web inter CVE-2017-3971 (Cryptanalysis vulnerability in the web interface in McAfee Network Sec ...) NOT-FOR-US: McAfee CVE-2017-3970 - RESERVED + REJECTED CVE-2017-3969 (Abuse of communication channels vulnerability in the server in McAfee ...) NOT-FOR-US: McAfee CVE-2017-3968 (Session fixation vulnerability in the web interface in McAfee Network ...) @@ -42914,7 +42914,7 @@ CVE-2017-3939 CVE-2017-3938 REJECTED CVE-2017-3937 - RESERVED + REJECTED CVE-2017-3936 (OS Command Injection vulnerability in McAfee ePolicy Orchestrator (ePO ...) NOT-FOR-US: McAfee CVE-2017-3935 (Network Data Loss Prevention is vulnerable to MIME type sniffing which ...) @@ -42924,7 +42924,7 @@ CVE-2017-3934 (Missing HTTP Strict Transport Security state information vulnerab CVE-2017-3933 (Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network ...) NOT-FOR-US: McAfee Network Data Loss Prevention CVE-2017-3932 - RESERVED + REJECTED CVE-2017-3931 REJECTED CVE-2017-3930 @@ -42932,45 +42932,45 @@ CVE-2017-3930 CVE-2017-3929 REJECTED CVE-2017-3928 - RESERVED + REJECTED CVE-2017-3927 - RESERVED + REJECTED CVE-2017-3926 - RESERVED + REJECTED CVE-2017-3925 - RESERVED + REJECTED CVE-2017-3924 - RESERVED + REJECTED CVE-2017-3923 - RESERVED + REJECTED CVE-2017-3922 - RESERVED + REJECTED CVE-2017-3921 - RESERVED + REJECTED CVE-2017-3920 - RESERVED + REJECTED CVE-2017-3919 - RESERVED + REJECTED CVE-2017-3918 - RESERVED + REJECTED CVE-2017-3917 - RESERVED + REJECTED CVE-2017-3916 - RESERVED + REJECTED CVE-2017-3915 - RESERVED + REJECTED CVE-2017-3914 - RESERVED + REJECTED CVE-2017-3913 - RESERVED + REJECTED CVE-2017-3912 (Bypassing password security vulnerability in McAfee Application and Ch ...) NOT-FOR-US: McAfee CVE-2017-3911 - RESERVED + REJECTED CVE-2017-3910 - RESERVED + REJECTED CVE-2017-3909 - RESERVED + REJECTED CVE-2017-3908 REJECTED CVE-2017-3907 (Code Injection vulnerability in the ePolicy Orchestrator (ePO) extensi ...) @@ -42980,7 +42980,7 @@ CVE-2017-3906 CVE-2017-3905 REJECTED CVE-2017-3904 - RESERVED + REJECTED CVE-2017-3903 REJECTED CVE-2017-3902 (Cross-site scripting (XSS) vulnerability in the Web user interface (UI ...) diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 53d2504afc..66d0c4b64f 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -12,62 +12,62 @@ CVE-2019-25043 (ModSecurity 3.x before 3.0.4 mishandles key-value pair parsing, [buster] - modsecurity <no-dsa> (Minor issue) NOTE: https://github.com/SpiderLabs/ModSecurity/issues/2566 NOTE: https://github.com/SpiderLabs/ModSecurity/commit/9cac167fafd180902c2aa5dc6141aae874127199 -CVE-2019-25042 (Unbound before 1.9.5 allows an out-of-bounds write via a compressed na ...) +CVE-2019-25042 (** DISPUTED ** Unbound before 1.9.5 allows an out-of-bounds write via ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound <end-of-life> (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/6c3a0b54ed8ace93d5b5ca7b8078dc87e75cd640 -CVE-2019-25041 (Unbound before 1.9.5 allows an assertion failure via a compressed name ...) +CVE-2019-25041 (** DISPUTED ** Unbound before 1.9.5 allows an assertion failure via a ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound <end-of-life> (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/2d444a5037acff6024630b88092d9188f2f5d8fe -CVE-2019-25040 (Unbound before 1.9.5 allows an infinite loop via a compressed name in ...) +CVE-2019-25040 (** DISPUTED ** Unbound before 1.9.5 allows an infinite loop via a comp ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound <end-of-life> (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/2d444a5037acff6024630b88092d9188f2f5d8fe -CVE-2019-25039 (Unbound before 1.9.5 allows an integer overflow in a size calculation ...) +CVE-2019-25039 (** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in a si ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound <end-of-life> (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/02080f6b180232f43b77f403d0c038e9360a460f -CVE-2019-25038 (Unbound before 1.9.5 allows an integer overflow in a size calculation ...) +CVE-2019-25038 (** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in a si ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound <end-of-life> (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/02080f6b180232f43b77f403d0c038e9360a460f -CVE-2019-25037 (Unbound before 1.9.5 allows an assertion failure and denial of service ...) +CVE-2019-25037 (** DISPUTED ** Unbound before 1.9.5 allows an assertion failure and de ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound <end-of-life> (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/d2eb78e871153f22332d30c6647f3815148f21e5 -CVE-2019-25036 (Unbound before 1.9.5 allows an assertion failure and denial of service ...) +CVE-2019-25036 (** DISPUTED ** Unbound before 1.9.5 allows an assertion failure and de ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound <end-of-life> (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/f5e06689d193619c57c33270c83f5e40781a261d -CVE-2019-25035 (Unbound before 1.9.5 allows an out-of-bounds write in sldns_bget_token ...) +CVE-2019-25035 (** DISPUTED ** Unbound before 1.9.5 allows an out-of-bounds write in s ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound <end-of-life> (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/fa23ee8f31ba9a018c720ea822faaee639dc7a9c -CVE-2019-25034 (Unbound before 1.9.5 allows an integer overflow in sldns_str2wire_dnam ...) +CVE-2019-25034 (** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in sldn ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound <end-of-life> (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/a3545867fcdec50307c776ce0af28d07046a52dd -CVE-2019-25033 (Unbound before 1.9.5 allows an integer overflow in the regional alloca ...) +CVE-2019-25033 (** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in the ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound <end-of-life> (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/226298bbd36f1f0fd9608e98c2ae85988b7bbdb8 -CVE-2019-25032 (Unbound before 1.9.5 allows an integer overflow in the regional alloca ...) +CVE-2019-25032 (** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in the ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound <end-of-life> (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/226298bbd36f1f0fd9608e98c2ae85988b7bbdb8 -CVE-2019-25031 (Unbound before 1.9.5 allows configuration injection in create_unbound_ ...) +CVE-2019-25031 (** DISPUTED ** Unbound before 1.9.5 allows configuration injection in ...) {DLA-2652-1} - unbound 1.9.6-1 [stretch] - unbound <end-of-life> (No longer supported, see DSA 4694) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 331b331135..70e521fabb 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -40811,89 +40811,89 @@ CVE-2020-13011 CVE-2020-13010 RESERVED CVE-2020-13009 - RESERVED + REJECTED CVE-2020-13008 - RESERVED + REJECTED CVE-2020-13007 - RESERVED + REJECTED CVE-2020-13006 - RESERVED + REJECTED CVE-2020-13005 - RESERVED + REJECTED CVE-2020-13004 - RESERVED + REJECTED CVE-2020-13003 - RESERVED + REJECTED CVE-2020-13002 - RESERVED + REJECTED CVE-2020-13001 - RESERVED + REJECTED CVE-2020-13000 - RESERVED + REJECTED CVE-2020-12999 - RESERVED + REJECTED CVE-2020-12998 - RESERVED + REJECTED CVE-2020-12997 - RESERVED + REJECTED CVE-2020-12996 - RESERVED + REJECTED CVE-2020-12995 - RESERVED + REJECTED CVE-2020-12994 - RESERVED + REJECTED CVE-2020-12993 - RESERVED + REJECTED CVE-2020-12992 - RESERVED + REJECTED CVE-2020-12991 - RESERVED + REJECTED CVE-2020-12990 - RESERVED + REJECTED CVE-2020-12989 - RESERVED + REJECTED CVE-2020-12988 - RESERVED + REJECTED CVE-2020-12987 - RESERVED + REJECTED CVE-2020-12986 - RESERVED + REJECTED CVE-2020-12985 - RESERVED + REJECTED CVE-2020-12984 - RESERVED + REJECTED CVE-2020-12983 - RESERVED + REJECTED CVE-2020-12982 - RESERVED + REJECTED CVE-2020-12981 - RESERVED + REJECTED CVE-2020-12980 - RESERVED + REJECTED CVE-2020-12979 - RESERVED + REJECTED CVE-2020-12978 - RESERVED + REJECTED CVE-2020-12977 - RESERVED + REJECTED CVE-2020-12976 - RESERVED + REJECTED CVE-2020-12975 - RESERVED + REJECTED CVE-2020-12974 - RESERVED + REJECTED CVE-2020-12973 - RESERVED + REJECTED CVE-2020-12972 - RESERVED + REJECTED CVE-2020-12971 - RESERVED + REJECTED CVE-2020-12970 - RESERVED + REJECTED CVE-2020-12969 - RESERVED + REJECTED CVE-2020-12968 - RESERVED + REJECTED CVE-2020-12967 (The lack of nested page table protection in the AMD SEV/SEV-ES feature ...) NOT-FOR-US: AMD CVE-2020-12966 @@ -40911,11 +40911,11 @@ CVE-2020-12961 CVE-2020-12960 RESERVED CVE-2020-12959 - RESERVED + REJECTED CVE-2020-12958 RESERVED CVE-2020-12957 - RESERVED + REJECTED CVE-2020-12956 RESERVED CVE-2020-12955 @@ -40947,7 +40947,7 @@ CVE-2020-12943 CVE-2020-12942 RESERVED CVE-2020-12941 - RESERVED + REJECTED CVE-2020-12940 RESERVED CVE-2020-12939 @@ -40957,9 +40957,9 @@ CVE-2020-12938 CVE-2020-12937 RESERVED CVE-2020-12936 - RESERVED + REJECTED CVE-2020-12935 - RESERVED + REJECTED CVE-2020-12934 RESERVED CVE-2020-12933 (A denial of service vulnerability exists in the D3DKMTEscape handler f ...) @@ -40979,31 +40979,31 @@ CVE-2020-12927 (A potential vulnerability in a dynamically loaded AMD driver in CVE-2020-12926 (The Trusted Platform Modules (TPM) reference software may not properly ...) NOT-FOR-US: AMD CVE-2020-12925 - RESERVED + REJECTED CVE-2020-12924 - RESERVED + REJECTED CVE-2020-12923 - RESERVED + REJECTED CVE-2020-12922 - RESERVED + REJECTED CVE-2020-12921 - RESERVED + REJECTED CVE-2020-12920 RESERVED CVE-2020-12919 - RESERVED + REJECTED CVE-2020-12918 RESERVED CVE-2020-12917 - RESERVED + REJECTED CVE-2020-12916 - RESERVED + REJECTED CVE-2020-12915 - RESERVED + REJECTED CVE-2020-12914 - RESERVED + REJECTED CVE-2020-12913 - RESERVED + REJECTED CVE-2020-12912 (A potential vulnerability in the AMD extension to Linux "hwmon" servic ...) - linux 5.9.9-1 (unimportant) [buster] - linux <not-affected> (Vulnerable driver introduced later) @@ -41015,15 +41015,15 @@ CVE-2020-12912 (A potential vulnerability in the AMD extension to Linux "hwmon" CVE-2020-12911 (A denial of service vulnerability exists in the D3DKMTCreateAllocation ...) NOT-FOR-US: AMD ATIKMDAG.SYS CVE-2020-12910 - RESERVED + REJECTED CVE-2020-12909 - RESERVED + REJECTED CVE-2020-12908 RESERVED CVE-2020-12907 RESERVED CVE-2020-12906 - RESERVED + REJECTED CVE-2020-12905 RESERVED CVE-2020-12904 @@ -41043,7 +41043,7 @@ CVE-2020-12898 CVE-2020-12897 RESERVED CVE-2020-12896 - RESERVED + REJECTED CVE-2020-12895 RESERVED CVE-2020-12894 diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 8a5cbf9a52..95646e4f44 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -1,3 +1,21 @@ +CVE-2021-3600 + RESERVED +CVE-2021-3599 + RESERVED +CVE-2021-34681 + RESERVED +CVE-2021-34680 + RESERVED +CVE-2021-34679 (Thycotic Password Reset Server before 5.3.0 allows credential disclosu ...) + TODO: check +CVE-2021-34678 + RESERVED +CVE-2021-34677 + RESERVED +CVE-2021-34676 + RESERVED +CVE-2021-34675 + RESERVED CVE-2021-3598 RESERVED CVE-2021-3597 @@ -4643,38 +4661,27 @@ CVE-2021-32559 RESERVED CVE-2021-32558 RESERVED -CVE-2021-32557 - RESERVED +CVE-2021-32557 (It was discovered that the process_report() function in data/whoopsie- ...) NOT-FOR-US: Apport -CVE-2021-32556 - RESERVED +CVE-2021-32556 (It was discovered that the get_modified_conffiles() function in backen ...) NOT-FOR-US: Apport -CVE-2021-32555 - RESERVED +CVE-2021-32555 (It was discovered that read_file() in apport/hookutils.py would follow ...) NOT-FOR-US: Apport -CVE-2021-32554 - RESERVED +CVE-2021-32554 (It was discovered that read_file() in apport/hookutils.py would follow ...) NOT-FOR-US: Apport -CVE-2021-32553 - RESERVED +CVE-2021-32553 (It was discovered that read_file() in apport/hookutils.py would follow ...) NOT-FOR-US: Apport -CVE-2021-32552 - RESERVED +CVE-2021-32552 (It was discovered that read_file() in apport/hookutils.py would follow ...) NOT-FOR-US: Apport -CVE-2021-32551 - RESERVED +CVE-2021-32551 (It was discovered that read_file() in apport/hookutils.py would follow ...) NOT-FOR-US: Apport -CVE-2021-32550 - RESERVED +CVE-2021-32550 (It was discovered that read_file() in apport/hookutils.py would follow ...) NOT-FOR-US: Apport -CVE-2021-32549 - RESERVED +CVE-2021-32549 (It was discovered that read_file() in apport/hookutils.py would follow ...) NOT-FOR-US: Apport -CVE-2021-32548 - RESERVED +CVE-2021-32548 (It was discovered that read_file() in apport/hookutils.py would follow ...) NOT-FOR-US: Apport -CVE-2021-32547 - RESERVED +CVE-2021-32547 (It was discovered that read_file() in apport/hookutils.py would follow ...) NOT-FOR-US: Apport CVE-2021-32546 RESERVED @@ -6083,7 +6090,7 @@ CVE-2021-3527 (A flaw was found in the USB redirector device (usb-redir) of QEMU CVE-2021-3526 RESERVED CVE-2021-3525 - RESERVED + REJECTED CVE-2021-3524 (A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gate ...) - ceph 14.2.21-1 (bug #988889) [buster] - ceph <no-dsa> (Minor issue) @@ -20244,8 +20251,8 @@ CVE-2021-3258 (Question2Answer Q2A Ultimate SEO Version 1.3 is affected by cross NOT-FOR-US: Question2Answer Q2A Ultimate SEO CVE-2021-3257 RESERVED -CVE-2021-3256 - RESERVED +CVE-2021-3256 (KuaiFanCMS V5.x contains an arbitrary file read vulnerability in the h ...) + TODO: check CVE-2021-3255 RESERVED CVE-2021-3254 @@ -30198,8 +30205,8 @@ CVE-2021-21384 (shescape is a simple shell escape package for JavaScript. In she NOT-FOR-US: shescape CVE-2021-21383 (Wiki.js an open-source wiki app built on Node.js. Wiki.js before versi ...) NOT-FOR-US: Wiki.js -CVE-2021-21382 - RESERVED +CVE-2021-21382 (Restund is an open source NAT traversal server. The restund TURN serve ...) + TODO: check CVE-2021-21380 (XWiki Platform is a generic wiki platform offering runtime services fo ...) NOT-FOR-US: XWiki CVE-2021-21379 (XWiki Platform is a generic wiki platform offering runtime services fo ...) |