From a1f09a3b49501c173ffabe9329ce52b3d5b46393 Mon Sep 17 00:00:00 2001 From: security tracker role Date: Sat, 3 Apr 2021 08:10:22 +0000 Subject: automatic update --- data/CVE/2020.list | 16 ++++++++-------- data/CVE/2021.list | 28 ++++++++++++++++------------ 2 files changed, 24 insertions(+), 20 deletions(-) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 8ec71c9ae1..e3175743e7 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -7914,8 +7914,8 @@ CVE-2020-27670 (An issue was discovered in Xen through 4.14.x allowing x86 guest - xen 4.14.0+80-gd101b417b7-1 [stretch] - xen (DSA 4602-1) NOTE: https://xenbits.xen.org/xsa/advisory-347.html -CVE-2020-27600 - RESERVED +CVE-2020-27600 (HNAP1/control/SetMasterWLanSettings.php in D-Link D-Link Router DIR-84 ...) + TODO: check CVE-2020-27599 RESERVED CVE-2020-27598 @@ -20968,18 +20968,18 @@ CVE-2020-21592 RESERVED CVE-2020-21591 RESERVED -CVE-2020-21590 - RESERVED +CVE-2020-21590 (Directory traversal in coreframe/app/template/admin/index.php in WUZHI ...) + TODO: check CVE-2020-21589 RESERVED -CVE-2020-21588 - RESERVED +CVE-2020-21588 (Buffer overflow in Core FTP LE v2.2 allows local attackers to cause a ...) + TODO: check CVE-2020-21587 RESERVED CVE-2020-21586 RESERVED -CVE-2020-21585 - RESERVED +CVE-2020-21585 (Vulnerability in emlog v6.0.0 allows user to upload webshells via zip ...) + TODO: check CVE-2020-21584 RESERVED CVE-2020-21583 diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 8af485a7d0..fc129595ed 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -1,3 +1,7 @@ +CVE-2021-30126 (Lightmeter ControlCenter 1.1.0 through 1.5.x before 1.5.1 allows anyon ...) + TODO: check +CVE-2021-30125 (Jamf Pro before 10.28.0 allows XSS related to inventory history, aka P ...) + TODO: check CVE-2021-30124 RESERVED CVE-2021-30123 @@ -98,12 +102,12 @@ CVE-2021-30076 RESERVED CVE-2021-30075 RESERVED -CVE-2021-30074 - RESERVED +CVE-2021-30074 (docsify 4.12.1 is affected by Cross Site Scripting (XSS) because the s ...) + TODO: check CVE-2021-30073 RESERVED -CVE-2021-30072 - RESERVED +CVE-2021-30072 (An issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 devices. ...) + TODO: check CVE-2021-30071 RESERVED CVE-2021-30070 @@ -2537,8 +2541,8 @@ CVE-2021-28943 RESERVED CVE-2021-28942 RESERVED -CVE-2021-28941 - RESERVED +CVE-2021-28941 (Because of no validation on a curl command in MagpieRSS 0.72 in the /e ...) + TODO: check CVE-2021-28940 (Because of a incorrect escaped exec command in MagpieRSS in 0.72 in th ...) NOT-FOR-US: MagpieRSS CVE-2021-28939 @@ -18885,16 +18889,16 @@ CVE-2021-21535 RESERVED CVE-2021-21534 RESERVED -CVE-2021-21533 - RESERVED -CVE-2021-21532 - RESERVED +CVE-2021-21533 (Wyse Management Suite versions up to 3.2 contains a vulnerability wher ...) + TODO: check +CVE-2021-21532 (Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper manageme ...) + TODO: check CVE-2021-21531 RESERVED CVE-2021-21530 RESERVED -CVE-2021-21529 - RESERVED +CVE-2021-21529 (Dell System Update (DSU) 1.9 and earlier versions contain a denial of ...) + TODO: check CVE-2021-21528 RESERVED CVE-2021-21527 -- cgit v1.2.3