From 5a84624f6bf6e3113f33037d52ef1ac20444455e Mon Sep 17 00:00:00 2001 From: security tracker role Date: Wed, 3 Nov 2021 08:10:21 +0000 Subject: automatic update --- data/CVE/2017.list | 3 +- data/CVE/2018.list | 12 ++- data/CVE/2019.list | 4 +- data/CVE/2020.list | 14 ++- data/CVE/2021.list | 246 ++++++++++++++++++++++++++++++++--------------------- 5 files changed, 161 insertions(+), 118 deletions(-) diff --git a/data/CVE/2017.list b/data/CVE/2017.list index c45ba46eec..76bb9db8c2 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -40203,8 +40203,7 @@ CVE-2017-5124 (Incorrect application of sandboxing in Blink in Google Chrome pri - chromium-browser 62.0.3202.75-1 [jessie] - chromium-browser (End of life, see DSA 4020) [wheezy] - chromium-browser (Not supported in Wheezy) -CVE-2017-5123 [waitid() not calling access_ok()] - RESERVED +CVE-2017-5123 (Insufficient data validation in waitid allowed an user to escape sandb ...) - linux 4.13.4-2 [stretch] - linux (Vulnerable code not present) [jessie] - linux (Vulnerable code not present) diff --git a/data/CVE/2018.list b/data/CVE/2018.list index e9b9a6a98f..38e597126f 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -40426,8 +40426,7 @@ CVE-2018-6126 (A precision error in Skia in Google Chrome prior to 67.0.3396.62 - firefox-esr 52.8.1esr-1 - skia (bug #818180) NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-14/ -CVE-2018-6125 - RESERVED +CVE-2018-6125 (Insufficient policy enforcement in USB in Google Chrome on Windows pri ...) {DSA-4237-1} - chromium-browser 67.0.3396.62-1 [jessie] - chromium-browser (End of life, see DSA 4020) @@ -40442,8 +40441,7 @@ CVE-2018-6123 (A use after free in Blink in Google Chrome prior to 67.0.3396.62 - chromium-browser 67.0.3396.62-1 [jessie] - chromium-browser (End of life, see DSA 4020) [wheezy] - chromium-browser (Not supported in Wheezy) -CVE-2018-6122 - RESERVED +CVE-2018-6122 (Type confusion in WebAssembly in Google Chrome prior to 66.0.3359.139 ...) {DSA-4237-1} - chromium-browser 66.0.3359.181-1 [jessie] - chromium-browser (End of life, see DSA 4020) @@ -40758,10 +40756,10 @@ CVE-2018-6060 (Use after free in WebAudio in Google Chrome prior to 65.0.3325.14 [jessie] - chromium-browser (End of life, see DSA 4020) [wheezy] - chromium-browser (Not supported in Wheezy) CVE-2018-6059 - RESERVED + REJECTED - chromium-browser (Chromium doesn't bundle Flash) CVE-2018-6058 - RESERVED + REJECTED - chromium-browser (Chromium doesn't bundle Flash) CVE-2018-6057 (Lack of special casing of Android ashmem in Google Chrome prior to 65. ...) {DSA-4182-1} @@ -40831,7 +40829,7 @@ CVE-2018-6045 (Insufficient policy enforcement in DevTools in Google Chrome prio [jessie] - chromium-browser (End of life, see DSA 4020) [wheezy] - chromium-browser (Not supported in Wheezy) CVE-2018-6044 - RESERVED + REJECTED {DSA-4256-1} - chromium-browser 68.0.3440.75-1 [jessie] - chromium-browser (End of life, see DSA 4020) diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 74d6006f59..cb1a4e9365 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -18726,7 +18726,7 @@ CVE-2019-13778 CVE-2019-13777 RESERVED CVE-2019-13776 - RESERVED + REJECTED CVE-2019-13775 RESERVED CVE-2019-13774 @@ -40736,7 +40736,7 @@ CVE-2019-5864 (Insufficient data validation in CORS in Google Chrome prior to 76 - chromium 76.0.3809.87-1 [stretch] - chromium (see DSA 4562) CVE-2019-5863 - RESERVED + REJECTED - chromium (Windows-specific) CVE-2019-5862 (Insufficient data validation in AppCache in Google Chrome prior to 76. ...) {DSA-4500-1} diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 723091e492..dd6d2d20c3 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -7887,8 +7887,7 @@ CVE-2020-27821 (A flaw was found in the memory management API of QEMU during the NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1902651 NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=4bfb024bc76973d40a359476dc0291f46e435442 NOTE: Introduced by: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=48564041a73adbbff52834f9edbe3806fceefab7 (v3.0) -CVE-2020-27820 [use-after-free in nouveau kernel module] - RESERVED +CVE-2020-27820 (A vulnerability was found in Linux kernel, where a use-after-frees in ...) - linux (unimportant) NOTE: No security impact, requires physical access to the computer CVE-2020-27819 (An issue was discovered in libxls before and including 1.6.1 when read ...) @@ -33897,8 +33896,7 @@ CVE-2020-16050 RESERVED CVE-2020-16049 RESERVED -CVE-2020-16048 - RESERVED +CVE-2020-16048 (Out of bounds read in ANGLE allowed a remote attacker to obtain sensit ...) - firefox (Only affects Windows) - firefox-esr (Only affects Windows) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1926979 @@ -58101,8 +58099,8 @@ CVE-2020-6493 (Use after free in WebAuthentication in Google Chrome prior to 83. {DSA-4714-1} - chromium 83.0.4103.106-1 [stretch] - chromium (see DSA 4562) -CVE-2020-6492 - RESERVED +CVE-2020-6492 (Use after free in ANGLE in Google Chrome prior to 83.0.4103.97 allowed ...) + TODO: check CVE-2020-6491 (Insufficient data validation in site information in Google Chrome prio ...) {DSA-4714-1} - chromium 83.0.4103.83-1 @@ -59516,8 +59514,8 @@ CVE-2020-5957 (NVIDIA Windows GPU Display Driver, all versions, contains a vulne NOT-FOR-US: Nvidia driver for Windows CVE-2020-5956 RESERVED -CVE-2020-5955 - RESERVED +CVE-2020-5955 (An issue was discovered in Int15MicrocodeSmm in Insyde InsydeH2O befor ...) + TODO: check CVE-2020-5954 RESERVED CVE-2020-5953 diff --git a/data/CVE/2021.list b/data/CVE/2021.list index e9e272e669..3e86d9392e 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -1,4 +1,86 @@ -CVE-2021-43267 [tipc: fix size validations for the MSG_CRYPTO type] +CVE-2021-43296 + RESERVED +CVE-2021-43295 + RESERVED +CVE-2021-43294 + RESERVED +CVE-2021-43293 + RESERVED +CVE-2021-43292 + RESERVED +CVE-2021-43291 + RESERVED +CVE-2021-43290 + RESERVED +CVE-2021-43289 + RESERVED +CVE-2021-43288 + RESERVED +CVE-2021-43287 + RESERVED +CVE-2021-43286 + RESERVED +CVE-2021-43285 + RESERVED +CVE-2021-43284 + RESERVED +CVE-2021-43283 + RESERVED +CVE-2021-43282 + RESERVED +CVE-2021-43281 + RESERVED +CVE-2021-43280 + RESERVED +CVE-2021-43279 + RESERVED +CVE-2021-43278 + RESERVED +CVE-2021-43277 + RESERVED +CVE-2021-43276 + RESERVED +CVE-2021-43275 + RESERVED +CVE-2021-43274 + RESERVED +CVE-2021-43273 + RESERVED +CVE-2021-43272 + RESERVED +CVE-2021-43271 + RESERVED +CVE-2021-43270 (Datalust Seq.App.HtmlEmail (aka Seq.App.EmailPlus) 3.1.0-dev-00148, 3. ...) + TODO: check +CVE-2021-43269 + RESERVED +CVE-2021-43268 + RESERVED +CVE-2021-43266 (In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exporting col ...) + TODO: check +CVE-2021-43265 (In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, certain tag s ...) + TODO: check +CVE-2021-43264 (In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, adjusting the ...) + TODO: check +CVE-2021-43263 + RESERVED +CVE-2021-43262 + RESERVED +CVE-2021-43261 + RESERVED +CVE-2021-43260 + RESERVED +CVE-2021-43259 + RESERVED +CVE-2021-43258 + RESERVED +CVE-2021-43257 + RESERVED +CVE-2021-3923 + RESERVED +CVE-2021-3922 + RESERVED +CVE-2021-43267 (An issue was discovered in net/tipc/crypto.c in the Linux kernel befor ...) - linux [buster] - linux (Vulnerable code introduced later) [stretch] - linux (Vulnerable code introduced later) @@ -1217,8 +1299,8 @@ CVE-2021-42699 RESERVED CVE-2021-42698 RESERVED -CVE-2021-42697 - RESERVED +CVE-2021-42697 (Akka HTTP 10.1.x and 10.2.x before 10.2.7 can encounter stack exhausti ...) + TODO: check CVE-2021-42696 RESERVED CVE-2021-42695 @@ -4318,8 +4400,8 @@ CVE-2021-41314 (Certain NETGEAR smart switches are affected by a \n injection in NOT-FOR-US: NETGEAR CVE-2021-41313 (Affected versions of Atlassian Jira Server and Data Center allow authe ...) NOT-FOR-US: Atlassian -CVE-2021-41312 - RESERVED +CVE-2021-41312 (Affected versions of Atlassian Jira Server and Data Center allow a rem ...) + TODO: check CVE-2021-41311 RESERVED CVE-2021-41310 (Affected versions of Atlassian Jira Server and Data Center allow anony ...) @@ -4974,8 +5056,8 @@ CVE-2021-41038 RESERVED CVE-2021-41037 RESERVED -CVE-2021-41036 - RESERVED +CVE-2021-41036 (In versions prior to 1.1 of the Eclipse Paho MQTT C Client, the client ...) + TODO: check CVE-2021-41035 (In Eclipse Openj9 before version 0.29.0, the JVM does not throw Illega ...) NOT-FOR-US: Eclipse OpenJ9 CVE-2021-41034 (The build of some language stacks of Eclipse Che version 6 includes pu ...) @@ -9245,10 +9327,10 @@ CVE-2021-39240 (An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before NOTE: https://git.haproxy.org/?p=haproxy.git;a=commit;h=a495e0d94876c9d39763db319f609351907a31e8 CVE-2021-39239 (A vulnerability in XML processing in Apache Jena, in versions up to 4. ...) NOT-FOR-US: Apache Jena -CVE-2021-39238 - RESERVED -CVE-2021-39237 - RESERVED +CVE-2021-39238 (Certain HP Enterprise LaserJet, HP LaserJet Managed, HP Enterprise Pag ...) + TODO: check +CVE-2021-39237 (Certain HP LaserJet, HP LaserJet Managed, HP PageWide, and HP PageWide ...) + TODO: check CVE-2021-39236 RESERVED CVE-2021-39235 @@ -10951,22 +11033,19 @@ CVE-2021-38503 - firefox-esr 91.3.0esr-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-48/#CVE-2021-38503 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-49/#CVE-2021-38503 -CVE-2021-38502 - RESERVED +CVE-2021-38502 (Thunderbird ignored the configuration to require STARTTLS security for ...) [experimental] - thunderbird 1:91.2.0-1 - thunderbird NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-47/#CVE-2021-38502 TODO: double check, it was only referenced in mfsa2021-47 but not mfsa2021-46, but issue is about attack on SMTP STARTTLS connections -CVE-2021-38501 - RESERVED +CVE-2021-38501 (Mozilla developers reported memory safety bugs present in Firefox 92 a ...) - firefox 93.0-1 - firefox-esr (Only affect Firefox 91 not in any supported suite in vulnerable version) - thunderbird (Only affects Thunderbird 91 not in any supported suite in vulnerable version) NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/#CVE-2021-38501 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-45/#CVE-2021-38501 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-47/#CVE-2021-38501 -CVE-2021-38500 - RESERVED +CVE-2021-38500 (Mozilla developers reported memory safety bugs present in Firefox 92 a ...) {DSA-4981-1 DLA-2782-1} - firefox 93.0-1 - firefox-esr 91.2.0esr-1 @@ -10977,28 +11056,24 @@ CVE-2021-38500 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-45/#CVE-2021-38500 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-46/#CVE-2021-38500 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-47/#CVE-2021-38500 -CVE-2021-38499 - RESERVED +CVE-2021-38499 (Mozilla developers reported memory safety bugs present in Firefox 92. ...) - firefox 93.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/#CVE-2021-38499 -CVE-2021-38498 - RESERVED +CVE-2021-38498 (During process shutdown, a document could have caused a use-after-free ...) - firefox 93.0-1 - firefox-esr (Only affect Firefox 91 not in any supported suite in vulnerable version) - thunderbird (Only affects Thunderbird 91 not in any supported suite in vulnerable version) NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/#CVE-2021-38498 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-45/#CVE-2021-38498 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-47/#CVE-2021-38498 -CVE-2021-38497 - RESERVED +CVE-2021-38497 (Through use of reportValidity() and window.open(), a plain-text valida ...) - firefox 93.0-1 - firefox-esr (Only affect Firefox 91 not in any supported suite in vulnerable version) - thunderbird (Only affects Thunderbird 91 not in any supported suite in vulnerable version) NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/#CVE-2021-38497 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-45/#CVE-2021-38497 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-47/#CVE-2021-38497 -CVE-2021-38496 - RESERVED +CVE-2021-38496 (During operations on MessageTasks, a task may have been removed while ...) {DSA-4981-1 DLA-2782-1} - firefox 93.0-1 - firefox-esr 91.2.0esr-1 @@ -11009,16 +11084,13 @@ CVE-2021-38496 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-45/#CVE-2021-38496 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-46/#CVE-2021-38496 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-47/#CVE-2021-38496 -CVE-2021-38495 - RESERVED +CVE-2021-38495 (Mozilla developers reported memory safety bugs present in Thunderbird ...) - thunderbird (Vulnerable code introduced later) NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-41/#CVE-2021-38495 -CVE-2021-38494 - RESERVED +CVE-2021-38494 (Mozilla developers reported memory safety bugs present in Firefox 91. ...) - firefox 92.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-38/#CVE-2021-38494 -CVE-2021-38493 - RESERVED +CVE-2021-38493 (Mozilla developers reported memory safety bugs present in Firefox 91 a ...) {DSA-4973-1 DSA-4969-1 DLA-2757-1 DLA-2756-1} - firefox 92.0-1 - firefox-esr 78.14.0esr-1 @@ -11026,16 +11098,14 @@ CVE-2021-38493 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-42/#CVE-2021-38493 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-39/#CVE-2021-38493 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-38/#CVE-2021-38493 -CVE-2021-38492 - RESERVED +CVE-2021-38492 (When delegating navigations to the operating system, Firefox would acc ...) - firefox (Only affects Windows) - firefox-esr (Only affects Windows) - thunderbird (Only affects Windows) NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-42/#CVE-2021-38492 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-39/#CVE-2021-38492 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-38/#CVE-2021-38492 -CVE-2021-38491 - RESERVED +CVE-2021-38491 (Mixed-content checks were unable to analyze opaque origins which led t ...) - firefox 92.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-38/#CVE-2021-38491 CVE-2021-38490 (Altova MobileTogether Server before 7.3 SP1 allows XML exponential ent ...) @@ -12229,84 +12299,64 @@ CVE-2021-37997 RESERVED - chromium [stretch] - chromium (see DSA 4562) -CVE-2021-37996 - RESERVED +CVE-2021-37996 (Insufficient validation of untrusted input Downloads in Google Chrome ...) - chromium [stretch] - chromium (see DSA 4562) -CVE-2021-37995 - RESERVED +CVE-2021-37995 (Inappropriate implementation in WebApp Installer in Google Chrome prio ...) - chromium [stretch] - chromium (see DSA 4562) -CVE-2021-37994 - RESERVED +CVE-2021-37994 (Inappropriate implementation in iFrame Sandbox in Google Chrome prior ...) - chromium [stretch] - chromium (see DSA 4562) -CVE-2021-37993 - RESERVED +CVE-2021-37993 (Use after free in PDF Accessibility in Google Chrome prior to 95.0.463 ...) - chromium [stretch] - chromium (see DSA 4562) -CVE-2021-37992 - RESERVED +CVE-2021-37992 (Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 ...) - chromium [stretch] - chromium (see DSA 4562) -CVE-2021-37991 - RESERVED +CVE-2021-37991 (Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote att ...) - chromium [stretch] - chromium (see DSA 4562) -CVE-2021-37990 - RESERVED +CVE-2021-37990 (Inappropriate implementation in WebView in Google Chrome on Android pr ...) - chromium [stretch] - chromium (see DSA 4562) -CVE-2021-37989 - RESERVED +CVE-2021-37989 (Inappropriate implementation in Blink in Google Chrome prior to 95.0.4 ...) - chromium [stretch] - chromium (see DSA 4562) -CVE-2021-37988 - RESERVED +CVE-2021-37988 (Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allo ...) - chromium [stretch] - chromium (see DSA 4562) -CVE-2021-37987 - RESERVED +CVE-2021-37987 (Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 ...) - chromium [stretch] - chromium (see DSA 4562) -CVE-2021-37986 - RESERVED +CVE-2021-37986 (Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.5 ...) - chromium [stretch] - chromium (see DSA 4562) -CVE-2021-37985 - RESERVED +CVE-2021-37985 (Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a ...) - chromium [stretch] - chromium (see DSA 4562) -CVE-2021-37984 - RESERVED +CVE-2021-37984 (Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 ...) - chromium [stretch] - chromium (see DSA 4562) -CVE-2021-37983 - RESERVED +CVE-2021-37983 (Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 all ...) - chromium [stretch] - chromium (see DSA 4562) -CVE-2021-37982 - RESERVED +CVE-2021-37982 (Use after free in Incognito in Google Chrome prior to 95.0.4638.54 all ...) - chromium [stretch] - chromium (see DSA 4562) -CVE-2021-37981 - RESERVED +CVE-2021-37981 (Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 al ...) - chromium [stretch] - chromium (see DSA 4562) -CVE-2021-37980 - RESERVED +CVE-2021-37980 (Inappropriate implementation in Sandbox in Google Chrome prior to 94.0 ...) - chromium [stretch] - chromium (see DSA 4562) -CVE-2021-37979 - RESERVED +CVE-2021-37979 (heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 ...) - chromium [stretch] - chromium (see DSA 4562) -CVE-2021-37978 - RESERVED +CVE-2021-37978 (Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 a ...) - chromium [stretch] - chromium (see DSA 4562) -CVE-2021-37977 - RESERVED +CVE-2021-37977 (Use after free in Garbage Collection in Google Chrome prior to 94.0.46 ...) - chromium [stretch] - chromium (see DSA 4562) CVE-2021-37976 (Inappropriate implementation in Memory in Google Chrome prior to 94.0. ...) @@ -12358,7 +12408,7 @@ CVE-2021-37961 (Use after free in Tab Strip in Google Chrome prior to 94.0.4606. - chromium [stretch] - chromium (see DSA 4562) CVE-2021-37960 - RESERVED + REJECTED - chromium [stretch] - chromium (see DSA 4562) CVE-2021-37959 (Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 ...) @@ -29670,7 +29720,7 @@ CVE-2021-30632 (Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 - chromium 93.0.4577.82-1 [stretch] - chromium (see DSA 4562) CVE-2021-30631 - RESERVED + REJECTED - chromium 93.0.4577.82-1 [stretch] - chromium (see DSA 4562) CVE-2021-30630 (Inappropriate implementation in Blink in Google Chrome prior to 93.0.4 ...) @@ -31352,14 +31402,12 @@ CVE-2021-29995 (A Cross Site Request Forgery (CSRF) issue in Server Console in C NOT-FOR-US: CloverDX CVE-2021-29994 RESERVED -CVE-2021-29993 - RESERVED +CVE-2021-29993 (Firefox for Android allowed navigations through the `intent://` protoc ...) - firefox (Specific to Android) NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-38/#CVE-2021-29993 CVE-2021-29992 RESERVED -CVE-2021-29991 - RESERVED +CVE-2021-29991 (Firefox incorrectly accepted a newline in a HTTP/3 header, interpretti ...) - firefox 91.0.1-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-37/#CVE-2021-29991 CVE-2021-29990 (Mozilla developers and community members reported memory safety bugs p ...) @@ -53415,22 +53463,22 @@ CVE-2021-20709 (Improper validation of integrity check value vulnerability in NE NOT-FOR-US: Aterm firmware CVE-2021-20708 (NEC Aterm devices (Aterm WF1200CR firmware Ver1.3.2 and earlier, Aterm ...) NOT-FOR-US: Aterm firmware -CVE-2021-20707 - RESERVED -CVE-2021-20706 - RESERVED -CVE-2021-20705 - RESERVED -CVE-2021-20704 - RESERVED -CVE-2021-20703 - RESERVED -CVE-2021-20702 - RESERVED -CVE-2021-20701 - RESERVED -CVE-2021-20700 - RESERVED +CVE-2021-20707 (Improper input validation vulnerability in the Transaction Server CLUS ...) + TODO: check +CVE-2021-20706 (Improper input validation vulnerability in the WebManager CLUSTERPRO X ...) + TODO: check +CVE-2021-20705 (Improper input validation vulnerability in the WebManager CLUSTERPRO X ...) + TODO: check +CVE-2021-20704 (Buffer overflow vulnerability in the compatible API with previous vers ...) + TODO: check +CVE-2021-20703 (Buffer overflow vulnerability in the Transaction Server CLUSTERPRO X 1 ...) + TODO: check +CVE-2021-20702 (Buffer overflow vulnerability in the Transaction Server CLUSTERPRO X 1 ...) + TODO: check +CVE-2021-20701 (Buffer overflow vulnerability in the Disk Agent CLUSTERPRO X 1.0 for W ...) + TODO: check +CVE-2021-20700 (Buffer overflow vulnerability in the Disk Agent CLUSTERPRO X 1.0 for W ...) + TODO: check CVE-2021-20699 (Sharp NEC Displays ((UN462A R1.300 and prior to it, UN462VA R1.300 and ...) NOT-FOR-US: SHARP CVE-2021-20698 (Sharp NEC Displays (UN462A R1.300 and prior to it, UN462VA R1.300 and ...) @@ -55023,8 +55071,8 @@ CVE-2021-20137 RESERVED CVE-2021-20136 (ManageEngine Log360 Builds < 5235 are affected by an improper acces ...) NOT-FOR-US: ManageEngine -CVE-2021-20135 - RESERVED +CVE-2021-20135 (Nessus versions 8.15.2 and earlier were found to contain a local privi ...) + TODO: check CVE-2021-20134 RESERVED CVE-2021-20133 -- cgit v1.2.3