From f8eaae8035a4def48e73da309afacecb2e114cb8 Mon Sep 17 00:00:00 2001 From: security tracker role Date: Wed, 20 Jan 2021 08:10:19 +0000 Subject: automatic update --- data/CVE/list | 726 ++++++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 678 insertions(+), 48 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index e500fba603..acfa8a5c2a 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,633 @@ +CVE-2021-25639 + RESERVED +CVE-2021-25638 + RESERVED +CVE-2021-25637 + RESERVED +CVE-2021-25636 + RESERVED +CVE-2021-25635 + RESERVED +CVE-2021-25634 + RESERVED +CVE-2021-25633 + RESERVED +CVE-2021-25632 + RESERVED +CVE-2021-25631 + RESERVED +CVE-2021-25630 + RESERVED +CVE-2021-25629 + RESERVED +CVE-2021-25628 + RESERVED +CVE-2021-25627 + RESERVED +CVE-2021-25626 + RESERVED +CVE-2021-25625 + RESERVED +CVE-2021-25624 + RESERVED +CVE-2021-25623 + RESERVED +CVE-2021-25622 + RESERVED +CVE-2021-25621 + RESERVED +CVE-2021-25620 + RESERVED +CVE-2021-25619 + RESERVED +CVE-2021-25618 + RESERVED +CVE-2021-25617 + RESERVED +CVE-2021-25616 + RESERVED +CVE-2021-25615 + RESERVED +CVE-2021-25614 + RESERVED +CVE-2021-25613 + RESERVED +CVE-2021-25612 + RESERVED +CVE-2021-25611 + RESERVED +CVE-2021-25610 + RESERVED +CVE-2021-25609 + RESERVED +CVE-2021-25608 + RESERVED +CVE-2021-25607 + RESERVED +CVE-2021-25606 + RESERVED +CVE-2021-25605 + RESERVED +CVE-2021-25604 + RESERVED +CVE-2021-25603 + RESERVED +CVE-2021-25602 + RESERVED +CVE-2021-25601 + RESERVED +CVE-2021-25600 + RESERVED +CVE-2021-25599 + RESERVED +CVE-2021-25598 + RESERVED +CVE-2021-25597 + RESERVED +CVE-2021-25596 + RESERVED +CVE-2021-25595 + RESERVED +CVE-2021-25594 + RESERVED +CVE-2021-25593 + RESERVED +CVE-2021-25592 + RESERVED +CVE-2021-25591 + RESERVED +CVE-2021-25590 + RESERVED +CVE-2021-25589 + RESERVED +CVE-2021-25588 + RESERVED +CVE-2021-25587 + RESERVED +CVE-2021-25586 + RESERVED +CVE-2021-25585 + RESERVED +CVE-2021-25584 + RESERVED +CVE-2021-25583 + RESERVED +CVE-2021-25582 + RESERVED +CVE-2021-25581 + RESERVED +CVE-2021-25580 + RESERVED +CVE-2021-25579 + RESERVED +CVE-2021-25578 + RESERVED +CVE-2021-25577 + RESERVED +CVE-2021-25576 + RESERVED +CVE-2021-25575 + RESERVED +CVE-2021-25574 + RESERVED +CVE-2021-25573 + RESERVED +CVE-2021-25572 + RESERVED +CVE-2021-25571 + RESERVED +CVE-2021-25570 + RESERVED +CVE-2021-25569 + RESERVED +CVE-2021-25568 + RESERVED +CVE-2021-25567 + RESERVED +CVE-2021-25566 + RESERVED +CVE-2021-25565 + RESERVED +CVE-2021-25564 + RESERVED +CVE-2021-25563 + RESERVED +CVE-2021-25562 + RESERVED +CVE-2021-25561 + RESERVED +CVE-2021-25560 + RESERVED +CVE-2021-25559 + RESERVED +CVE-2021-25558 + RESERVED +CVE-2021-25557 + RESERVED +CVE-2021-25556 + RESERVED +CVE-2021-25555 + RESERVED +CVE-2021-25554 + RESERVED +CVE-2021-25553 + RESERVED +CVE-2021-25552 + RESERVED +CVE-2021-25551 + RESERVED +CVE-2021-25550 + RESERVED +CVE-2021-25549 + RESERVED +CVE-2021-25548 + RESERVED +CVE-2021-25547 + RESERVED +CVE-2021-25546 + RESERVED +CVE-2021-25545 + RESERVED +CVE-2021-25544 + RESERVED +CVE-2021-25543 + RESERVED +CVE-2021-25542 + RESERVED +CVE-2021-25541 + RESERVED +CVE-2021-25540 + RESERVED +CVE-2021-25539 + RESERVED +CVE-2021-25538 + RESERVED +CVE-2021-25537 + RESERVED +CVE-2021-25536 + RESERVED +CVE-2021-25535 + RESERVED +CVE-2021-25534 + RESERVED +CVE-2021-25533 + RESERVED +CVE-2021-25532 + RESERVED +CVE-2021-25531 + RESERVED +CVE-2021-25530 + RESERVED +CVE-2021-25529 + RESERVED +CVE-2021-25528 + RESERVED +CVE-2021-25527 + RESERVED +CVE-2021-25526 + RESERVED +CVE-2021-25525 + RESERVED +CVE-2021-25524 + RESERVED +CVE-2021-25523 + RESERVED +CVE-2021-25522 + RESERVED +CVE-2021-25521 + RESERVED +CVE-2021-25520 + RESERVED +CVE-2021-25519 + RESERVED +CVE-2021-25518 + RESERVED +CVE-2021-25517 + RESERVED +CVE-2021-25516 + RESERVED +CVE-2021-25515 + RESERVED +CVE-2021-25514 + RESERVED +CVE-2021-25513 + RESERVED +CVE-2021-25512 + RESERVED +CVE-2021-25511 + RESERVED +CVE-2021-25510 + RESERVED +CVE-2021-25509 + RESERVED +CVE-2021-25508 + RESERVED +CVE-2021-25507 + RESERVED +CVE-2021-25506 + RESERVED +CVE-2021-25505 + RESERVED +CVE-2021-25504 + RESERVED +CVE-2021-25503 + RESERVED +CVE-2021-25502 + RESERVED +CVE-2021-25501 + RESERVED +CVE-2021-25500 + RESERVED +CVE-2021-25499 + RESERVED +CVE-2021-25498 + RESERVED +CVE-2021-25497 + RESERVED +CVE-2021-25496 + RESERVED +CVE-2021-25495 + RESERVED +CVE-2021-25494 + RESERVED +CVE-2021-25493 + RESERVED +CVE-2021-25492 + RESERVED +CVE-2021-25491 + RESERVED +CVE-2021-25490 + RESERVED +CVE-2021-25489 + RESERVED +CVE-2021-25488 + RESERVED +CVE-2021-25487 + RESERVED +CVE-2021-25486 + RESERVED +CVE-2021-25485 + RESERVED +CVE-2021-25484 + RESERVED +CVE-2021-25483 + RESERVED +CVE-2021-25482 + RESERVED +CVE-2021-25481 + RESERVED +CVE-2021-25480 + RESERVED +CVE-2021-25479 + RESERVED +CVE-2021-25478 + RESERVED +CVE-2021-25477 + RESERVED +CVE-2021-25476 + RESERVED +CVE-2021-25475 + RESERVED +CVE-2021-25474 + RESERVED +CVE-2021-25473 + RESERVED +CVE-2021-25472 + RESERVED +CVE-2021-25471 + RESERVED +CVE-2021-25470 + RESERVED +CVE-2021-25469 + RESERVED +CVE-2021-25468 + RESERVED +CVE-2021-25467 + RESERVED +CVE-2021-25466 + RESERVED +CVE-2021-25465 + RESERVED +CVE-2021-25464 + RESERVED +CVE-2021-25463 + RESERVED +CVE-2021-25462 + RESERVED +CVE-2021-25461 + RESERVED +CVE-2021-25460 + RESERVED +CVE-2021-25459 + RESERVED +CVE-2021-25458 + RESERVED +CVE-2021-25457 + RESERVED +CVE-2021-25456 + RESERVED +CVE-2021-25455 + RESERVED +CVE-2021-25454 + RESERVED +CVE-2021-25453 + RESERVED +CVE-2021-25452 + RESERVED +CVE-2021-25451 + RESERVED +CVE-2021-25450 + RESERVED +CVE-2021-25449 + RESERVED +CVE-2021-25448 + RESERVED +CVE-2021-25447 + RESERVED +CVE-2021-25446 + RESERVED +CVE-2021-25445 + RESERVED +CVE-2021-25444 + RESERVED +CVE-2021-25443 + RESERVED +CVE-2021-25442 + RESERVED +CVE-2021-25441 + RESERVED +CVE-2021-25440 + RESERVED +CVE-2021-25439 + RESERVED +CVE-2021-25438 + RESERVED +CVE-2021-25437 + RESERVED +CVE-2021-25436 + RESERVED +CVE-2021-25435 + RESERVED +CVE-2021-25434 + RESERVED +CVE-2021-25433 + RESERVED +CVE-2021-25432 + RESERVED +CVE-2021-25431 + RESERVED +CVE-2021-25430 + RESERVED +CVE-2021-25429 + RESERVED +CVE-2021-25428 + RESERVED +CVE-2021-25427 + RESERVED +CVE-2021-25426 + RESERVED +CVE-2021-25425 + RESERVED +CVE-2021-25424 + RESERVED +CVE-2021-25423 + RESERVED +CVE-2021-25422 + RESERVED +CVE-2021-25421 + RESERVED +CVE-2021-25420 + RESERVED +CVE-2021-25419 + RESERVED +CVE-2021-25418 + RESERVED +CVE-2021-25417 + RESERVED +CVE-2021-25416 + RESERVED +CVE-2021-25415 + RESERVED +CVE-2021-25414 + RESERVED +CVE-2021-25413 + RESERVED +CVE-2021-25412 + RESERVED +CVE-2021-25411 + RESERVED +CVE-2021-25410 + RESERVED +CVE-2021-25409 + RESERVED +CVE-2021-25408 + RESERVED +CVE-2021-25407 + RESERVED +CVE-2021-25406 + RESERVED +CVE-2021-25405 + RESERVED +CVE-2021-25404 + RESERVED +CVE-2021-25403 + RESERVED +CVE-2021-25402 + RESERVED +CVE-2021-25401 + RESERVED +CVE-2021-25400 + RESERVED +CVE-2021-25399 + RESERVED +CVE-2021-25398 + RESERVED +CVE-2021-25397 + RESERVED +CVE-2021-25396 + RESERVED +CVE-2021-25395 + RESERVED +CVE-2021-25394 + RESERVED +CVE-2021-25393 + RESERVED +CVE-2021-25392 + RESERVED +CVE-2021-25391 + RESERVED +CVE-2021-25390 + RESERVED +CVE-2021-25389 + RESERVED +CVE-2021-25388 + RESERVED +CVE-2021-25387 + RESERVED +CVE-2021-25386 + RESERVED +CVE-2021-25385 + RESERVED +CVE-2021-25384 + RESERVED +CVE-2021-25383 + RESERVED +CVE-2021-25382 + RESERVED +CVE-2021-25381 + RESERVED +CVE-2021-25380 + RESERVED +CVE-2021-25379 + RESERVED +CVE-2021-25378 + RESERVED +CVE-2021-25377 + RESERVED +CVE-2021-25376 + RESERVED +CVE-2021-25375 + RESERVED +CVE-2021-25374 + RESERVED +CVE-2021-25373 + RESERVED +CVE-2021-25372 + RESERVED +CVE-2021-25371 + RESERVED +CVE-2021-25370 + RESERVED +CVE-2021-25369 + RESERVED +CVE-2021-25368 + RESERVED +CVE-2021-25367 + RESERVED +CVE-2021-25366 + RESERVED +CVE-2021-25365 + RESERVED +CVE-2021-25364 + RESERVED +CVE-2021-25363 + RESERVED +CVE-2021-25362 + RESERVED +CVE-2021-25361 + RESERVED +CVE-2021-25360 + RESERVED +CVE-2021-25359 + RESERVED +CVE-2021-25358 + RESERVED +CVE-2021-25357 + RESERVED +CVE-2021-25356 + RESERVED +CVE-2021-25355 + RESERVED +CVE-2021-25354 + RESERVED +CVE-2021-25353 + RESERVED +CVE-2021-25352 + RESERVED +CVE-2021-25351 + RESERVED +CVE-2021-25350 + RESERVED +CVE-2021-25349 + RESERVED +CVE-2021-25348 + RESERVED +CVE-2021-25347 + RESERVED +CVE-2021-25346 + RESERVED +CVE-2021-25345 + RESERVED +CVE-2021-25344 + RESERVED +CVE-2021-25343 + RESERVED +CVE-2021-25342 + RESERVED +CVE-2021-25341 + RESERVED +CVE-2021-25340 + RESERVED +CVE-2021-25339 + RESERVED +CVE-2021-25338 + RESERVED +CVE-2021-25337 + RESERVED +CVE-2021-25336 + RESERVED +CVE-2021-25335 + RESERVED +CVE-2021-25334 + RESERVED +CVE-2021-25333 + RESERVED +CVE-2021-25332 + RESERVED +CVE-2021-25331 + RESERVED +CVE-2021-25330 + RESERVED +CVE-2020-36198 + RESERVED +CVE-2020-36197 + RESERVED +CVE-2020-36196 + RESERVED +CVE-2020-36195 + RESERVED +CVE-2020-36194 + RESERVED CVE-2021-3184 (MISP 2.4.136 has XSS via a crafted URL to the app/View/Elements/global ...) NOT-FOR-US: MISP CVE-2021-3183 (Files.com Fat Client 3.3.6 allows authentication bypass because the cl ...) @@ -2922,8 +3552,8 @@ CVE-2021-23937 RESERVED CVE-2021-3138 (In Discourse 2.7.0 through beta1, a rate-limit bypass leads to a bypas ...) NOT-FOR-US: Discourse -CVE-2021-3137 - RESERVED +CVE-2021-3137 (XWiki 12.10.2 allows XSS via an SVG document to the upload feature of ...) + TODO: check CVE-2021-3136 RESERVED CVE-2021-3135 @@ -9695,8 +10325,8 @@ CVE-2021-21265 RESERVED CVE-2021-21264 RESERVED -CVE-2021-21263 - RESERVED +CVE-2021-21263 (Laravel is a web application framework. Versions of Laravel before 6.2 ...) + TODO: check CVE-2021-21262 RESERVED CVE-2021-21260 @@ -15195,8 +15825,8 @@ CVE-2020-29599 (ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles NOTE: broken between 78c7532f3ff5424de06e5d807cbb35c041bd2990 (6.9.4-2) and 8787fc6de99078fde055bd400b14e1ce3a2971f9 (6.9.8-1) NOTE: '-authenticate' replaced by '-define authenticate=' between 8787fc6de99078fde055bd400b14e1ce3a2971f9 (6.9.8-1) and 83ec5b above NOTE: - bimodal ('-define delegate:bimodal=true' + pdf->(e)ps delegates, %a expansion) after 78c7532f3ff5424de06e5d807cbb35c041bd2990 (6.9.4-2) -CVE-2020-29598 - RESERVED +CVE-2020-29598 (The My AIA SG application 1.2.6 for Android allows attackers to obtain ...) + TODO: check CVE-2020-29597 (IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file ...) NOT-FOR-US: IncomCMS CVE-2020-29596 (MiniWeb HTTP server 0.8.19 allows remote attackers to cause a denial o ...) @@ -17465,8 +18095,8 @@ CVE-2020-28709 RESERVED CVE-2020-28708 RESERVED -CVE-2020-28707 - RESERVED +CVE-2020-28707 (The Stockdio Historical Chart plugin before 2.8.1 for WordPress is aff ...) + TODO: check CVE-2020-28706 RESERVED CVE-2020-28705 @@ -22190,12 +22820,12 @@ CVE-2020-27854 RESERVED CVE-2020-27853 (Wire before 2020-10-16 allows remote attackers to cause a denial of se ...) NOT-FOR-US: Wire app -CVE-2020-27852 - RESERVED -CVE-2020-27851 - RESERVED -CVE-2020-27850 - RESERVED +CVE-2020-27852 (A stored Cross-Site Scripting (XSS) vulnerability in the survey featur ...) + TODO: check +CVE-2020-27851 (Multiple stored HTML injection vulnerabilities in the "poll" and "quiz ...) + TODO: check +CVE-2020-27850 (A stored Cross-Site Scripting (XSS) vulnerability in forms import feat ...) + TODO: check CVE-2020-27849 RESERVED CVE-2020-27848 (dotCMS before 20.10.1 allows SQL injection, as demonstrated by the /ap ...) @@ -24085,18 +24715,18 @@ CVE-2020-27271 RESERVED CVE-2020-27270 (SOOIL Developments CoLtd DiabecareRS, AnyDana-i ,AnyDana-A, communicat ...) TODO: check -CVE-2020-27269 - RESERVED -CVE-2020-27268 - RESERVED +CVE-2020-27269 (In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, ...) + TODO: check +CVE-2020-27268 (In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, ...) + TODO: check CVE-2020-27267 (KEPServerEX v6.0 to v6.9, ThingWorx Kepware Server v6.8 and v6.9, Thin ...) NOT-FOR-US: KEPServerEX -CVE-2020-27266 - RESERVED +CVE-2020-27266 (In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, ...) + TODO: check CVE-2020-27265 (KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, Th ...) NOT-FOR-US: KEPServerEX -CVE-2020-27264 - RESERVED +CVE-2020-27264 (In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, ...) + TODO: check CVE-2020-27263 (KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, Th ...) NOT-FOR-US: KEPServerEX CVE-2020-27262 (Innokas Yhtymä Oy Vital Signs Monitor VC150 prior to Version 1.7. ...) @@ -24107,12 +24737,12 @@ CVE-2020-27260 (Innokas Yhtymä Oy Vital Signs Monitor VC150 prior to Versio NOT-FOR-US: Innokas Yhtyma Oy CVE-2020-27259 RESERVED -CVE-2020-27258 - RESERVED +CVE-2020-27258 (In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, ...) + TODO: check CVE-2020-27257 RESERVED -CVE-2020-27256 - RESERVED +CVE-2020-27256 (In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, ...) + TODO: check CVE-2020-27255 (A heap overflow vulnerability exists within FactoryTalk Linx Version 6 ...) NOT-FOR-US: FactoryTalk CVE-2020-27254 (Emerson Rosemount X-STREAM Gas AnalyzerX-STREAM enhanced XEGP, XEGK, X ...) @@ -28597,8 +29227,8 @@ CVE-2020-25387 RESERVED CVE-2020-25386 RESERVED -CVE-2020-25385 - RESERVED +CVE-2020-25385 (Nagios Log Server 2.1.7 contains a cross-site scripting (XSS) vulnerab ...) + TODO: check CVE-2020-25384 RESERVED CVE-2020-25383 @@ -40957,16 +41587,16 @@ CVE-2020-19366 RESERVED CVE-2020-19365 RESERVED -CVE-2020-19364 - RESERVED -CVE-2020-19363 - RESERVED -CVE-2020-19362 - RESERVED -CVE-2020-19361 - RESERVED -CVE-2020-19360 - RESERVED +CVE-2020-19364 (OpenEMR 5.0.1 allows an authenticated attacker to upload and execute m ...) + TODO: check +CVE-2020-19363 (Vtiger CRM v7.2.0 allows an attacker to display hidden files, list dir ...) + TODO: check +CVE-2020-19362 (Reflected XSS in Vtiger CRM v7.2.0 in vtigercrm/index.php? through the ...) + TODO: check +CVE-2020-19361 (Reflected XSS in Medintux v2.16.000 CCAM.php by manipulating the mot1 ...) + TODO: check +CVE-2020-19360 (Local file inclusion in FHEM 6.0 allows in fhem/FileLog_logWrapper fil ...) + TODO: check CVE-2020-19359 RESERVED CVE-2020-19358 @@ -52376,10 +53006,10 @@ CVE-2020-14412 (NeDi 1.9C is vulnerable to Remote Command Execution. System-Snap NOT-FOR-US: NeDi CVE-2020-14411 RESERVED -CVE-2020-14410 - RESERVED -CVE-2020-14409 - RESERVED +CVE-2020-14410 (SDL (Simple DirectMedia Layer) through 2.0.12 has a heap-based buffer ...) + TODO: check +CVE-2020-14409 (SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow ...) + TODO: check CVE-2020-14408 (An issue was discovered in Agentejo Cockpit 0.10.2. Insufficient sanit ...) NOT-FOR-US: Agentejo Cockpit CVE-2020-14407 @@ -55929,10 +56559,10 @@ CVE-2020-13136 (D-Link DSP-W215 1.26b03 devices send an obfuscated hash that can NOT-FOR-US: D-Link CVE-2020-13135 (D-Link DSP-W215 1.26b03 devices allow information disclosure by interc ...) NOT-FOR-US: D-Link -CVE-2020-13134 - RESERVED -CVE-2020-13133 - RESERVED +CVE-2020-13134 (Tufin SecureChange prior to R19.3 HF3 and R20-1 HF1 are vulnerable to ...) + TODO: check +CVE-2020-13133 (Tufin SecureChange prior to R19.3 HF3 and R20-1 HF1 are vulnerable to ...) + TODO: check CVE-2020-13132 (An issue was discovered in Yubico libykpiv before 2.1.0. An attacker c ...) - yubico-piv-tool 2.1.1-1 (bug #972644) [stretch] - yubico-piv-tool (Vulnerable code not present) @@ -58894,8 +59524,8 @@ CVE-2020-11999 (FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v CVE-2020-11998 (A regression has been introduced in the commit preventing JMX re-bind. ...) - activemq (Only affects 5.15.12) NOTE: http://activemq.apache.org/security-advisories.data/CVE-2020-11998-announcement.txt -CVE-2020-11997 - RESERVED +CVE-2020-11997 (Apache Guacamole 1.2.0 and earlier do not consistently restrict access ...) + TODO: check CVE-2020-11996 (A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat ...) {DSA-4727-1 DLA-2279-1} - tomcat9 9.0.36-1 -- cgit v1.2.3