diff options
| author | security tracker role <sectracker@soriano.debian.org> | 2021-03-31 08:10:28 +0000 |
|---|---|---|
| committer | security tracker role <sectracker@soriano.debian.org> | 2021-03-31 08:10:28 +0000 |
| commit | da2aa8d2c0cf22d5fc17f4264506677a453314ed (patch) | |
| tree | a0d006b88ef1af15ddfc3bd752f567ba523f1bad | |
| parent | 370189ea18cefcb95ebcac5c47273df7564b18bc (diff) | |
automatic update
| -rw-r--r-- | data/CVE/list.2020 | 12 | ||||
| -rw-r--r-- | data/CVE/list.2021 | 20 |
2 files changed, 26 insertions, 6 deletions
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index 45543ecd60..1030e75814 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -1,3 +1,7 @@ +CVE-2020-36285 + RESERVED +CVE-2020-36284 + RESERVED CVE-2020-36283 (HID OMNIKEY 5427 and OMNIKEY 5127 readers are vulnerable to CSRF when ...) NOT-FOR-US: HID OMNIKEY 5427 and OMNIKEY 5127 readers CVE-2020-36282 (JMS Client for RabbitMQ 1.x before 1.15.2 and 2.x before 2.2.0 is vuln ...) @@ -13905,8 +13909,8 @@ CVE-2020-24997 CVE-2020-24996 (There is an invalid memory access in the function TextString::~TextStr ...) - xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed) NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=42028 -CVE-2020-24995 - RESERVED +CVE-2020-24995 (Buffer overflow vulnerability in sniff_channel_order function in aacde ...) + TODO: check CVE-2020-24994 (Stack overflow in the parse_tag function in libass/ass_parse.c in liba ...) - libass 1:0.15.0-1 [buster] - libass <no-dsa> (Minor issue) @@ -15239,8 +15243,8 @@ CVE-2020-24392 (In voloko twitter-stream 0.1.10, missing TLS hostname validation [buster] - ruby-twitter-stream <no-dsa> (Minor issue) [stretch] - ruby-twitter-stream <no-dsa> (Minor issue) NOTE: https://securitylab.github.com/advisories/GHSL-2020-097-voloko-twitter-stream -CVE-2020-24391 - RESERVED +CVE-2020-24391 (mongo-express before 1.0.0 offers support for certain advanced syntax ...) + TODO: check CVE-2020-24390 (eonweb in EyesOfNetwork before 5.3-7 does not properly escape the user ...) NOT-FOR-US: EyesOfNetwork (EON) CVE-2020-24389 diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 5bea967a0e..6f4a58a3a4 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -1,3 +1,19 @@ +CVE-2021-29653 + RESERVED +CVE-2021-29652 + RESERVED +CVE-2021-29651 + RESERVED +CVE-2021-29650 (An issue was discovered in the Linux kernel before 5.11.11. The netfil ...) + TODO: check +CVE-2021-29649 (An issue was discovered in the Linux kernel before 5.11.11. The user m ...) + TODO: check +CVE-2021-29648 (An issue was discovered in the Linux kernel before 5.11.11. The BPF su ...) + TODO: check +CVE-2021-29647 (An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvm ...) + TODO: check +CVE-2021-29646 (An issue was discovered in the Linux kernel before 5.11.11. tipc_nl_re ...) + TODO: check CVE-2021-3480 RESERVED CVE-2021-3479 [Out-of-memory caused by allocation of a very large buffer] @@ -18136,8 +18152,8 @@ CVE-2021-21415 RESERVED CVE-2021-21414 RESERVED -CVE-2021-21413 - RESERVED +CVE-2021-21413 (isolated-vm is a library for nodejs which gives you access to v8's Iso ...) + TODO: check CVE-2021-21412 (Potential for arbitrary code execution in npm package @thi.ng/egf `#gp ...) TODO: check CVE-2021-21411 (OAuth2-Proxy is an open source reverse proxy that provides authenticat ...) |