From f25c58c72bd1d696e976e5dcb32791b93a4ca334 Mon Sep 17 00:00:00 2001 From: security tracker role Date: Tue, 19 Jan 2021 08:10:18 +0000 Subject: automatic update --- data/CVE/list | 34 +++++++++++++++++++++++++++++----- 1 file changed, 29 insertions(+), 5 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index 0da572357b..8624b5e2eb 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,27 @@ +CVE-2021-3179 + RESERVED +CVE-2021-3178 (** DISPUTED ** fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, w ...) + TODO: check +CVE-2021-3177 (Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctyp ...) + TODO: check +CVE-2021-3176 + RESERVED +CVE-2021-3175 + RESERVED +CVE-2021-25312 + RESERVED +CVE-2021-25311 + RESERVED +CVE-2021-25310 + RESERVED +CVE-2021-25309 + RESERVED +CVE-2021-25308 + RESERVED +CVE-2021-25307 + RESERVED +CVE-2021-25306 + RESERVED CVE-2021-3174 RESERVED CVE-2021-25305 @@ -11104,8 +11128,8 @@ CVE-2021-20621 RESERVED CVE-2021-20620 RESERVED -CVE-2021-20619 - RESERVED +CVE-2021-20619 (Cross-site scripting vulnerability in GROWI (v4.2 Series) versions pri ...) + TODO: check CVE-2021-20618 (Privilege chaining vulnerability in acmailer ver. 4.0.2 and earlier, a ...) NOT-FOR-US: acmailer CVE-2021-20617 (Improper access control vulnerability in acmailer ver. 4.0.1 and earli ...) @@ -15714,8 +15738,8 @@ CVE-2020-29452 RESERVED CVE-2020-29451 RESERVED -CVE-2020-29450 - RESERVED +CVE-2020-29450 (Affected versions of Atlassian Confluence Server and Data Center allow ...) + TODO: check CVE-2020-29449 RESERVED CVE-2020-29448 @@ -16827,7 +16851,7 @@ CVE-2020-28951 (libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may enc NOT-FOR-US: libuci in OpenWrt CVE-2020-28950 (The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4 ...) NOT-FOR-US: installer of Kaspersky Anti-Ransomware Tool (KART) -CVE-2020-36193 [Disallow symlinks to out-of-path filenames] +CVE-2020-36193 (Tar.php in Archive_Tar through 1.4.11 allows write operations with Dir ...) - php-pear (bug #980428) NOTE: https://github.com/pear/Archive_Tar/commit/cde460582ff389404b5b3ccb59374e9b389de916 CVE-2020-28949 (Archive_Tar through 1.4.10 has :// filename sanitization only to addre ...) -- cgit v1.2.3