diff options
author | security tracker role <sectracker@soriano.debian.org> | 2021-09-10 08:10:20 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2021-09-10 08:10:20 +0000 |
commit | 355a0e444a6c415eb659749dd6bd4893c1fbcaa0 (patch) | |
tree | 2846786f2d68120c698759906d9f776b21060ed9 | |
parent | d9fc7aff5a7e690a1971e141700e39d1455af5d9 (diff) |
automatic update
-rw-r--r-- | data/CVE/list.2018 | 4 | ||||
-rw-r--r-- | data/CVE/list.2020 | 66 | ||||
-rw-r--r-- | data/CVE/list.2021 | 80 |
3 files changed, 87 insertions, 63 deletions
diff --git a/data/CVE/list.2018 b/data/CVE/list.2018 index f01d5de663..0a7197608c 100644 --- a/data/CVE/list.2018 +++ b/data/CVE/list.2018 @@ -3935,8 +3935,8 @@ CVE-2018-19959 RESERVED CVE-2018-19958 RESERVED -CVE-2018-19957 - RESERVED +CVE-2018-19957 (A vulnerability involving insufficient HTTP security headers has been ...) + TODO: check CVE-2018-19956 (The cross-site scripting vulnerability has been reported to affect ear ...) NOT-FOR-US: QNAP CVE-2018-19955 (The cross-site scripting vulnerability has been reported to affect ear ...) diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index 52d82c2d98..2dc80ec8c2 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -16134,7 +16134,7 @@ CVE-2020-24383 (An issue was discovered in FNET through 4.6.4. The code for proc NOT-FOR-US: FNET CVE-2020-24382 RESERVED -CVE-2020-24381 (** DISPUTED ** GUnet Open eClass Platform (aka openeclass) through 3.9 ...) +CVE-2020-24381 (GUnet Open eClass Platform (aka openeclass) before 3.11 might allow re ...) NOT-FOR-US: GUnet Open eClass Platform CVE-2020-24380 RESERVED @@ -26767,38 +26767,38 @@ CVE-2020-19297 RESERVED CVE-2020-19296 RESERVED -CVE-2020-19295 - RESERVED -CVE-2020-19294 - RESERVED -CVE-2020-19293 - RESERVED -CVE-2020-19292 - RESERVED -CVE-2020-19291 - RESERVED -CVE-2020-19290 - RESERVED -CVE-2020-19289 - RESERVED -CVE-2020-19288 - RESERVED -CVE-2020-19287 - RESERVED -CVE-2020-19286 - RESERVED -CVE-2020-19285 - RESERVED -CVE-2020-19284 - RESERVED -CVE-2020-19283 - RESERVED -CVE-2020-19282 - RESERVED -CVE-2020-19281 - RESERVED -CVE-2020-19280 - RESERVED +CVE-2020-19295 (A reflected cross-site scripting (XSS) vulnerability in the /weibo/top ...) + TODO: check +CVE-2020-19294 (A stored cross-site scripting (XSS) vulnerability in the /article/comm ...) + TODO: check +CVE-2020-19293 (A stored cross-site scripting (XSS) vulnerability in the /article/add ...) + TODO: check +CVE-2020-19292 (A stored cross-site scripting (XSS) vulnerability in the /question/ask ...) + TODO: check +CVE-2020-19291 (A stored cross-site scripting (XSS) vulnerability in the /weibo/publis ...) + TODO: check +CVE-2020-19290 (A stored cross-site scripting (XSS) vulnerability in the /weibo/commen ...) + TODO: check +CVE-2020-19289 (A stored cross-site scripting (XSS) vulnerability in the /member/pictu ...) + TODO: check +CVE-2020-19288 (A stored cross-site scripting (XSS) vulnerability in the /localhost/u ...) + TODO: check +CVE-2020-19287 (A stored cross-site scripting (XSS) vulnerability in the /group/post c ...) + TODO: check +CVE-2020-19286 (A stored cross-site scripting (XSS) vulnerability in the /question/det ...) + TODO: check +CVE-2020-19285 (A stored cross-site scripting (XSS) vulnerability in the /group/apply ...) + TODO: check +CVE-2020-19284 (A stored cross-site scripting (XSS) vulnerability in the /group/commen ...) + TODO: check +CVE-2020-19283 (A reflected cross-site scripting (XSS) vulnerability in the /newVersio ...) + TODO: check +CVE-2020-19282 (A reflected cross-site scripting (XSS) vulnerability in Jeesns 1.4.2 a ...) + TODO: check +CVE-2020-19281 (A stored cross-site scripting (XSS) vulnerability in the /manage/login ...) + TODO: check +CVE-2020-19280 (Jeesns 1.4.2 contains a cross-site request forgery (CSRF) which allows ...) + TODO: check CVE-2020-19279 RESERVED CVE-2020-19278 diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 317621c095..c07e666a33 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -1,3 +1,27 @@ +CVE-2021-40849 + RESERVED +CVE-2021-40848 + RESERVED +CVE-2021-40847 + RESERVED +CVE-2021-40846 + RESERVED +CVE-2021-40845 + RESERVED +CVE-2021-40844 + RESERVED +CVE-2021-40843 + RESERVED +CVE-2021-40842 + RESERVED +CVE-2021-40841 + RESERVED +CVE-2021-40840 + RESERVED +CVE-2021-40839 (The rencode package through 1.0.6 for Python allows an infinite loop i ...) + TODO: check +CVE-2021-40838 + RESERVED CVE-2021-40837 RESERVED CVE-2021-40836 @@ -3698,20 +3722,20 @@ CVE-2021-39208 RESERVED CVE-2021-39207 RESERVED -CVE-2021-39206 - RESERVED +CVE-2021-39206 (Pomerium is an open source identity-aware access proxy. Envoy, which P ...) + TODO: check CVE-2021-39205 RESERVED -CVE-2021-39204 - RESERVED -CVE-2021-39203 - RESERVED -CVE-2021-39202 - RESERVED -CVE-2021-39201 - RESERVED -CVE-2021-39200 - RESERVED +CVE-2021-39204 (Pomerium is an open source identity-aware access proxy. Envoy, which P ...) + TODO: check +CVE-2021-39203 (WordPress is a free and open-source content management system written ...) + TODO: check +CVE-2021-39202 (WordPress is a free and open-source content management system written ...) + TODO: check +CVE-2021-39201 (WordPress is a free and open-source content management system written ...) + TODO: check +CVE-2021-39200 (WordPress is a free and open-source content management system written ...) + TODO: check CVE-2021-39199 (remark-html is an open source nodejs library which compiles Markdown t ...) NOT-FOR-US: Node remark-html CVE-2021-39198 @@ -3797,8 +3821,8 @@ CVE-2021-39163 (Matrix is an ecosystem for open federated Instant Messaging and - matrix-synapse 1.41.1-1 NOTE: https://github.com/matrix-org/synapse/security/advisories/GHSA-jj53-8fmw-f2w2 NOTE: https://github.com/matrix-org/synapse/commit/cb35df940a828bc40b96daed997b5ad4c7842fd3 (v1.41.1) -CVE-2021-39162 - RESERVED +CVE-2021-39162 (Pomerium is an open source identity-aware access proxy. Envoy, which P ...) + TODO: check CVE-2021-39161 (Discourse is an open source platform for community discussion. In affe ...) NOT-FOR-US: Discourse CVE-2021-39160 (nbgitpuller is a Jupyter server extension to sync a git repository one ...) @@ -14550,14 +14574,14 @@ CVE-2021-34348 RESERVED CVE-2021-34347 RESERVED -CVE-2021-34346 - RESERVED -CVE-2021-34345 - RESERVED -CVE-2021-34344 - RESERVED -CVE-2021-34343 - RESERVED +CVE-2021-34346 (A stack buffer overflow vulnerability has been reported to affect QNAP ...) + TODO: check +CVE-2021-34345 (A stack buffer overflow vulnerability has been reported to affect QNAP ...) + TODO: check +CVE-2021-34344 (A stack buffer overflow vulnerability has been reported to affect QNAP ...) + TODO: check +CVE-2021-34343 (A stack buffer overflow vulnerability has been reported to affect QNAP ...) + TODO: check CVE-2021-3588 (The cli_feat_read_cb() function in src/gatt-database.c does not perfor ...) - bluez 5.55-3.1 (bug #989700) [buster] - bluez <not-affected> (Vulnerable code introduced later) @@ -18359,8 +18383,8 @@ CVE-2021-32726 (Nextcloud Server is a Nextcloud package that handles data storag - nextcloud-server <itp> (bug #941708) CVE-2021-32725 (Nextcloud Server is a Nextcloud package that handles data storage. In ...) - nextcloud-server <itp> (bug #941708) -CVE-2021-32724 - RESERVED +CVE-2021-32724 (check-spelling is a github action which provides CI spell checking. In ...) + TODO: check CVE-2021-32723 (Prism is a syntax highlighting library. Some languages before 1.24.0 a ...) NOT-FOR-US: Prism CVE-2021-32722 (GlobalNewFiles is a mediawiki extension. Versions prior to 48be7adb705 ...) @@ -28037,14 +28061,14 @@ CVE-2021-28818 (The Rendezvous Routing Daemon (rvrd), Rendezvous Secure Routing NOT-FOR-US: TIBCO CVE-2021-28817 (The Windows Installation component of TIBCO Software Inc.'s TIBCO Rend ...) NOT-FOR-US: TIBCO -CVE-2021-28816 - RESERVED +CVE-2021-28816 (A stack buffer overflow vulnerability has been reported to affect QNAP ...) + TODO: check CVE-2021-28815 (Insecure storage of sensitive information has been reported to affect ...) NOT-FOR-US: QNAP CVE-2021-28814 (An improper access control vulnerability has been reported to affect Q ...) NOT-FOR-US: QNAP -CVE-2021-28813 - RESERVED +CVE-2021-28813 (A vulnerability involving insecure storage of sensitive information ha ...) + TODO: check CVE-2021-28812 (A command injection vulnerability has been reported to affect certain ...) NOT-FOR-US: QNAP CVE-2021-28811 (If exploited, this command injection vulnerability could allow remote ...) |