diff options
author | security tracker role <sectracker@soriano.debian.org> | 2021-12-01 08:10:19 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2021-12-01 08:10:19 +0000 |
commit | 40924b1100646635e108ff048d9a0ac6e004ef0c (patch) | |
tree | 14f4a12557d64471b490954ec7bf0d02ff4af055 /data/CVE/list.2021 | |
parent | e95e978ef3cc786be2a5c18dddaf79e2e77c0b4b (diff) |
automatic update
Diffstat (limited to 'data/CVE/list.2021')
-rw-r--r-- | data/CVE/list.2021 | 140 |
1 files changed, 82 insertions, 58 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index fe4f277c2b..9a6c99d6c7 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -1,3 +1,27 @@ +CVE-2021-44470 + RESERVED +CVE-2021-4037 + RESERVED +CVE-2021-4036 + RESERVED +CVE-2021-37409 + RESERVED +CVE-2021-37405 + RESERVED +CVE-2021-33847 + RESERVED +CVE-2021-26950 + RESERVED +CVE-2021-26258 + RESERVED +CVE-2021-26257 + RESERVED +CVE-2021-26251 + RESERVED +CVE-2021-23223 + RESERVED +CVE-2021-23179 + RESERVED CVE-2021-44464 RESERVED CVE-2021-44453 @@ -476,8 +500,8 @@ CVE-2021-4028 [use-after-free in RDMA listen()] NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2027201 CVE-2021-4027 RESERVED -CVE-2021-4026 - RESERVED +CVE-2021-4026 (bookstack is vulnerable to Improper Access Control ...) + TODO: check CVE-2021-4025 RESERVED CVE-2021-44235 @@ -2584,12 +2608,12 @@ CVE-2021-43362 RESERVED CVE-2021-43361 RESERVED -CVE-2021-43360 - RESERVED -CVE-2021-43359 - RESERVED -CVE-2021-43358 - RESERVED +CVE-2021-43360 (Sunnet eHRD e-mail delivery task schedule’s serialization functi ...) + TODO: check +CVE-2021-43359 (Sunnet eHRD has broken access control vulnerability, which allows a re ...) + TODO: check +CVE-2021-43358 (Sunnet eHRD has inadequate filtering for special characters in URLs, w ...) + TODO: check CVE-2021-3928 (vim is vulnerable to Stack-based Buffer Overflow ...) - vim <unfixed> [stretch] - vim <no-dsa> (Minor issue) @@ -2686,7 +2710,7 @@ CVE-2021-43322 CVE-2021-43321 RESERVED CVE-2021-43320 - RESERVED + REJECTED CVE-2021-43319 (Zoho ManageEngine Network Configuration Manager before 125488 is vulne ...) NOT-FOR-US: Zoho ManageEngine CVE-2021-43318 @@ -4370,8 +4394,8 @@ CVE-2021-42566 (myfactory.FMS before 7.1-912 allows XSS via the Error parameter. NOT-FOR-US: myfactory.FMS CVE-2021-42565 (myfactory.FMS before 7.1-912 allows XSS via the UID parameter. ...) NOT-FOR-US: myfactory.FMS -CVE-2021-42564 - RESERVED +CVE-2021-42564 (An open redirect through HTML injection in confidential messages in Cr ...) + TODO: check CVE-2021-42563 (There is an Unquoted Service Path in NI Service Locator (nisvcloc.exe) ...) NOT-FOR-US: NI Service Locator CVE-2021-3893 @@ -7467,8 +7491,8 @@ CVE-2021-41258 (Kirby is an open source file structured CMS. In affected version NOT-FOR-US: Kirby CVE-2021-41257 RESERVED -CVE-2021-41256 - RESERVED +CVE-2021-41256 (nextcloud news-android is an Android client for the Nextcloud news/fee ...) + TODO: check CVE-2021-41255 RESERVED CVE-2021-41254 (kustomize-controller is a Kubernetes operator, specialized in running ...) @@ -8566,8 +8590,8 @@ CVE-2021-40811 RESERVED CVE-2021-40810 RESERVED -CVE-2021-40809 - RESERVED +CVE-2021-40809 (An issue was discovered in Jamf Pro before 10.32.0, aka PI-009921. An ...) + TODO: check CVE-2021-40808 RESERVED CVE-2021-40807 @@ -10276,8 +10300,8 @@ CVE-2021-40103 (An issue was discovered in Concrete CMS through 8.5.5. Path Trav NOT-FOR-US: Concrete CMS CVE-2021-40102 (An issue was discovered in Concrete CMS through 8.5.5. Arbitrary File ...) NOT-FOR-US: Concrete CMS -CVE-2021-40101 - RESERVED +CVE-2021-40101 (An issue was discovered in Concrete CMS before 8.5.7. The Dashboard al ...) + TODO: check CVE-2021-40100 (An issue was discovered in Concrete CMS through 8.5.5. Stored XSS can ...) NOT-FOR-US: Concrete CMS CVE-2021-40099 (An issue was discovered in Concrete CMS through 8.5.5. Fetching the up ...) @@ -12053,7 +12077,7 @@ CVE-2021-3729 (firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) .. NOT-FOR-US: firefly-iii CVE-2021-3728 (firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) ...) NOT-FOR-US: firefly-iii -CVE-2021-39303 (The server in Jamf Pro before 10.32.0 has a vulnerability affecting in ...) +CVE-2021-39303 (The server in Jamf Pro before 10.32.0 has an SSRF vulnerability, aka P ...) NOT-FOR-US: Jamf Pro CVE-2021-39302 (MISP 2.4.148, in certain configurations, allows SQL injection via the ...) NOT-FOR-US: MISP @@ -19130,16 +19154,16 @@ CVE-2021-36332 (Dell EMC CloudLink 7.1 and all prior versions contain a HTML and NOT-FOR-US: EMC CVE-2021-36331 RESERVED -CVE-2021-36330 - RESERVED -CVE-2021-36329 - RESERVED -CVE-2021-36328 - RESERVED -CVE-2021-36327 - RESERVED -CVE-2021-36326 - RESERVED +CVE-2021-36330 (Dell EMC Streaming Data Platform versions before 1.3 contain an Insuff ...) + TODO: check +CVE-2021-36329 (Dell EMC Streaming Data Platform versions before 1.3 contain an Indire ...) + TODO: check +CVE-2021-36328 (Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Inj ...) + TODO: check +CVE-2021-36327 (Dell EMC Streaming Data Platform versions before 1.3 contain a Server ...) + TODO: check +CVE-2021-36326 (Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL ...) + TODO: check CVE-2021-36325 (Dell BIOS contains an improper input validation vulnerability. A local ...) NOT-FOR-US: Dell CVE-2021-36324 (Dell BIOS contains an improper input validation vulnerability. A local ...) @@ -56315,42 +56339,42 @@ CVE-2021-20866 RESERVED CVE-2021-20865 RESERVED -CVE-2021-20864 - RESERVED -CVE-2021-20863 - RESERVED -CVE-2021-20862 - RESERVED -CVE-2021-20861 - RESERVED -CVE-2021-20860 - RESERVED -CVE-2021-20859 - RESERVED -CVE-2021-20858 - RESERVED -CVE-2021-20857 - RESERVED -CVE-2021-20856 - RESERVED -CVE-2021-20855 - RESERVED -CVE-2021-20854 - RESERVED -CVE-2021-20853 - RESERVED -CVE-2021-20852 - RESERVED -CVE-2021-20851 - RESERVED +CVE-2021-20864 (Improper access control vulnerability in ELECOM routers (WRC-1167GST2 ...) + TODO: check +CVE-2021-20863 (OS command injection vulnerability in ELECOM routers (WRC-1167GST2 fir ...) + TODO: check +CVE-2021-20862 (Improper access control vulnerability in ELECOM routers (WRC-1167GST2 ...) + TODO: check +CVE-2021-20861 (Improper access control vulnerability in ELECOM LAN routers (WRC-1167G ...) + TODO: check +CVE-2021-20860 (Cross-site request forgery (CSRF) vulnerability in ELECOM LAN routers ...) + TODO: check +CVE-2021-20859 (ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST ...) + TODO: check +CVE-2021-20858 (Cross-site scripting vulnerability in ELECOM LAN router WRC-2533GHBK-I ...) + TODO: check +CVE-2021-20857 (Cross-site scripting vulnerability in ELECOM LAN router WRC-2533GHBK-I ...) + TODO: check +CVE-2021-20856 (Cross-site scripting vulnerability in ELECOM LAN routers (WRH-733GBK f ...) + TODO: check +CVE-2021-20855 (Cross-site scripting vulnerability in ELECOM LAN routers (WRH-733GBK f ...) + TODO: check +CVE-2021-20854 (ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733G ...) + TODO: check +CVE-2021-20853 (ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733G ...) + TODO: check +CVE-2021-20852 (Buffer overflow vulnerability in ELECOM LAN routers (WRH-733GBK firmwa ...) + TODO: check +CVE-2021-20851 (Cross-site request forgery (CSRF) vulnerability in Browser and Operati ...) + TODO: check CVE-2021-20850 (PowerCMS XMLRPC API of PowerCMS 5.19 and earlier, PowerCMS 4.49 and ea ...) NOT-FOR-US: PowerCMS CVE-2021-20849 RESERVED CVE-2021-20848 (Cross-site scripting vulnerability in rwtxt versions prior to v1.8.6 a ...) NOT-FOR-US: rwtxt -CVE-2021-20847 - RESERVED +CVE-2021-20847 (Cross-site scripting vulnerability in Wi-Fi STATION SH-52A (38JP_1_11G ...) + TODO: check CVE-2021-20846 (Cross-site request forgery (CSRF) vulnerability in Push Notifications ...) NOT-FOR-US: WordPress plugin CVE-2021-20845 (Cross-site request forgery (CSRF) vulnerability in Unlimited Sitemap G ...) |