Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a25966ca by security tracker role at 2021-11-10T08:10:15+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,41 @@
+CVE-2021-43575 (** DISPUTED ** KNX ETS6 through 6.0.0 uses the hard-coded
password ETS ...)
+ TODO: check
+CVE-2021-43574
+ RESERVED
+CVE-2021-43573
+ RESERVED
+CVE-2021-43572 (The verify function in the Stark Bank Python ECDSA library
(ecdsa-pyth ...)
+ TODO: check
+CVE-2021-43571 (The verify function in the Stark Bank Node.js ECDSA library
(ecdsa-nod ...)
+ TODO: check
+CVE-2021-43570 (The verify function in the Stark Bank Java ECDSA library
(ecdsa-java) ...)
+ TODO: check
+CVE-2021-43569 (The verify function in the Stark Bank .NET ECDSA library
(ecdsa-dotnet ...)
+ TODO: check
+CVE-2021-43568 (The verify function in the Stark Bank Elixir ECDSA library
(ecdsa-elix ...)
+ TODO: check
+CVE-2021-43567
+ RESERVED
+CVE-2021-43566
+ RESERVED
+CVE-2021-43565
+ RESERVED
+CVE-2021-43564
+ RESERVED
+CVE-2021-43563
+ RESERVED
+CVE-2021-43562
+ RESERVED
+CVE-2021-43561
+ RESERVED
+CVE-2021-43560
+ RESERVED
+CVE-2021-43559
+ RESERVED
+CVE-2021-43558
+ RESERVED
+CVE-2021-3942
+ RESERVED
CVE-2021-43557
RESERVED
CVE-2021-3941
@@ -1761,10 +1799,10 @@ CVE-2021-43211
RESERVED
CVE-2021-43210
RESERVED
-CVE-2021-43209
- RESERVED
-CVE-2021-43208
- RESERVED
+CVE-2021-43209 (3D Viewer Remote Code Execution Vulnerability This CVE ID is
unique fr ...)
+ TODO: check
+CVE-2021-43208 (3D Viewer Remote Code Execution Vulnerability This CVE ID is
unique fr ...)
+ TODO: check
CVE-2021-43207
RESERVED
CVE-2021-43206
@@ -4986,22 +5024,22 @@ CVE-2021-42325 (Froxlor through 0.10.29.1 allows SQL
injection in Database/Manag
NOT-FOR-US: Froxlor
CVE-2021-42324
RESERVED
-CVE-2021-42323
- RESERVED
-CVE-2021-42322
- RESERVED
-CVE-2021-42321
- RESERVED
+CVE-2021-42323 (Azure RTOS Information Disclosure Vulnerability This CVE ID is
unique ...)
+ TODO: check
+CVE-2021-42322 (Visual Studio Code Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-42321 (Microsoft Exchange Server Remote Code Execution Vulnerability
...)
+ TODO: check
CVE-2021-42320
RESERVED
-CVE-2021-42319
- RESERVED
+CVE-2021-42319 (Visual Studio Elevation of Privilege Vulnerability ...)
+ TODO: check
CVE-2021-42318
RESERVED
CVE-2021-42317
RESERVED
-CVE-2021-42316
- RESERVED
+CVE-2021-42316 (Microsoft Dynamics 365 (on-premises) Remote Code Execution
Vulnerabili ...)
+ TODO: check
CVE-2021-42315
RESERVED
CVE-2021-42314
@@ -5022,70 +5060,70 @@ CVE-2021-42307
RESERVED
CVE-2021-42306
RESERVED
-CVE-2021-42305
- RESERVED
-CVE-2021-42304
- RESERVED
-CVE-2021-42303
- RESERVED
-CVE-2021-42302
- RESERVED
-CVE-2021-42301
- RESERVED
-CVE-2021-42300
- RESERVED
+CVE-2021-42305 (Microsoft Exchange Server Spoofing Vulnerability This CVE ID
is unique ...)
+ TODO: check
+CVE-2021-42304 (Azure RTOS Elevation of Privilege Vulnerability This CVE ID is
unique ...)
+ TODO: check
+CVE-2021-42303 (Azure RTOS Elevation of Privilege Vulnerability This CVE ID is
unique ...)
+ TODO: check
+CVE-2021-42302 (Azure RTOS Elevation of Privilege Vulnerability This CVE ID is
unique ...)
+ TODO: check
+CVE-2021-42301 (Azure RTOS Information Disclosure Vulnerability This CVE ID is
unique ...)
+ TODO: check
+CVE-2021-42300 (Azure Sphere Tampering Vulnerability ...)
+ TODO: check
CVE-2021-42299 (Microsoft Surface Pro 3 Security Feature Bypass Vulnerability
...)
NOT-FOR-US: Microsoft
-CVE-2021-42298
- RESERVED
+CVE-2021-42298 (Microsoft Defender Remote Code Execution Vulnerability ...)
+ TODO: check
CVE-2021-42297
RESERVED
-CVE-2021-42296
- RESERVED
+CVE-2021-42296 (Microsoft Word Remote Code Execution Vulnerability ...)
+ TODO: check
CVE-2021-42295
RESERVED
CVE-2021-42294
RESERVED
CVE-2021-42293
RESERVED
-CVE-2021-42292
- RESERVED
-CVE-2021-42291
- RESERVED
+CVE-2021-42292 (Microsoft Excel Security Feature Bypass Vulnerability ...)
+ TODO: check
+CVE-2021-42291 (Active Directory Domain Services Elevation of Privilege
Vulnerability ...)
+ TODO: check
CVE-2021-42290
RESERVED
CVE-2021-42289
RESERVED
-CVE-2021-42288
- RESERVED
-CVE-2021-42287
- RESERVED
-CVE-2021-42286
- RESERVED
-CVE-2021-42285
- RESERVED
-CVE-2021-42284
- RESERVED
-CVE-2021-42283
- RESERVED
-CVE-2021-42282
- RESERVED
+CVE-2021-42288 (Windows Hello Security Feature Bypass Vulnerability ...)
+ TODO: check
+CVE-2021-42287 (Active Directory Domain Services Elevation of Privilege
Vulnerability ...)
+ TODO: check
+CVE-2021-42286 (Windows Core Shell SI Host Extension Framework for Composable
Shell El ...)
+ TODO: check
+CVE-2021-42285 (Windows Kernel Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-42284 (Windows Hyper-V Denial of Service Vulnerability ...)
+ TODO: check
+CVE-2021-42283 (NTFS Elevation of Privilege Vulnerability This CVE ID is
unique from C ...)
+ TODO: check
+CVE-2021-42282 (Active Directory Domain Services Elevation of Privilege
Vulnerability ...)
+ TODO: check
CVE-2021-42281
RESERVED
-CVE-2021-42280
- RESERVED
-CVE-2021-42279
- RESERVED
-CVE-2021-42278
- RESERVED
-CVE-2021-42277
- RESERVED
-CVE-2021-42276
- RESERVED
-CVE-2021-42275
- RESERVED
-CVE-2021-42274
- RESERVED
+CVE-2021-42280 (Windows Feedback Hub Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-42279 (Chakra Scripting Engine Memory Corruption Vulnerability ...)
+ TODO: check
+CVE-2021-42278 (Active Directory Domain Services Elevation of Privilege
Vulnerability ...)
+ TODO: check
+CVE-2021-42277 (Diagnostics Hub Standard Collector Elevation of Privilege
Vulnerabilit ...)
+ TODO: check
+CVE-2021-42276 (Microsoft Windows Media Foundation Remote Code Execution
Vulnerability ...)
+ TODO: check
+CVE-2021-42275 (Microsoft COM for Windows Remote Code Execution Vulnerability
...)
+ TODO: check
+CVE-2021-42274 (Windows Hyper-V Discrete Device Assignment (DDA) Denial of
Service Vul ...)
+ TODO: check
CVE-2021-42273
RESERVED
CVE-2021-42272
@@ -7194,34 +7232,34 @@ CVE-2021-3816
RESERVED
CVE-2021-41380 (** DISPUTED ** RealVNC Viewer 6.21.406 allows remote VNC
servers to ca ...)
NOT-FOR-US: RealVNC
-CVE-2021-41379
- RESERVED
-CVE-2021-41378
- RESERVED
-CVE-2021-41377
- RESERVED
-CVE-2021-41376
- RESERVED
-CVE-2021-41375
- RESERVED
-CVE-2021-41374
- RESERVED
-CVE-2021-41373
- RESERVED
-CVE-2021-41372
- RESERVED
-CVE-2021-41371
- RESERVED
-CVE-2021-41370
- RESERVED
+CVE-2021-41379 (Windows Installer Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-41378 (Windows NTFS Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2021-41377 (Windows Fast FAT File System Driver Elevation of Privilege
Vulnerabili ...)
+ TODO: check
+CVE-2021-41376 (Azure Sphere Information Disclosure Vulnerability This CVE ID
is uniqu ...)
+ TODO: check
+CVE-2021-41375 (Azure Sphere Information Disclosure Vulnerability This CVE ID
is uniqu ...)
+ TODO: check
+CVE-2021-41374 (Azure Sphere Information Disclosure Vulnerability This CVE ID
is uniqu ...)
+ TODO: check
+CVE-2021-41373 (FSLogix Information Disclosure Vulnerability ...)
+ TODO: check
+CVE-2021-41372 (Power BI Report Server Spoofing Vulnerability ...)
+ TODO: check
+CVE-2021-41371 (Windows Remote Desktop Protocol (RDP) Information Disclosure
Vulnerabi ...)
+ TODO: check
+CVE-2021-41370 (NTFS Elevation of Privilege Vulnerability This CVE ID is
unique from C ...)
+ TODO: check
CVE-2021-41369
RESERVED
-CVE-2021-41368
- RESERVED
-CVE-2021-41367
- RESERVED
-CVE-2021-41366
- RESERVED
+CVE-2021-41368 (Microsoft Access Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2021-41367 (NTFS Elevation of Privilege Vulnerability This CVE ID is
unique from C ...)
+ TODO: check
+CVE-2021-41366 (Credential Security Support Provider Protocol (CredSSP)
Elevation of P ...)
+ TODO: check
CVE-2021-41365
RESERVED
CVE-2021-41364
@@ -7240,8 +7278,8 @@ CVE-2021-41358
RESERVED
CVE-2021-41357 (Win32k Elevation of Privilege Vulnerability This CVE ID is
unique from ...)
NOT-FOR-US: Microsoft
-CVE-2021-41356
- RESERVED
+CVE-2021-41356 (Windows Denial of Service Vulnerability ...)
+ TODO: check
CVE-2021-41355 (.NET Core and Visual Studio Information Disclosure
Vulnerability ...)
NOT-FOR-US: Microsoft .NET
CVE-2021-41354 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting
Vulnerabilit ...)
@@ -7250,12 +7288,12 @@ CVE-2021-41353 (Microsoft Dynamics 365 (on-premises)
Spoofing Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-41352 (SCOM Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2021-41351
- RESERVED
+CVE-2021-41351 (Microsoft Edge (Chrome based) Spoofing on IE Mode ...)
+ TODO: check
CVE-2021-41350 (Microsoft Exchange Server Spoofing Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2021-41349
- RESERVED
+CVE-2021-41349 (Microsoft Exchange Server Spoofing Vulnerability This CVE ID
is unique ...)
+ TODO: check
CVE-2021-41348 (Microsoft Exchange Server Elevation of Privilege Vulnerability
...)
NOT-FOR-US: Microsoft
CVE-2021-41347 (Windows AppX Deployment Service Elevation of Privilege
Vulnerability ...)
@@ -9399,8 +9437,8 @@ CVE-2021-40444 (Microsoft MSHTML Remote Code Execution
Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-40443 (Windows Common Log File System Driver Elevation of Privilege
Vulnerabi ...)
NOT-FOR-US: Microsoft
-CVE-2021-40442
- RESERVED
+CVE-2021-40442 (Microsoft Excel Remote Code Execution Vulnerability ...)
+ TODO: check
CVE-2021-40441
RESERVED
CVE-2021-40440 (Microsoft Dynamics Business Central Cross-site Scripting
Vulnerability ...)
@@ -13596,10 +13634,10 @@ CVE-2021-38668
RESERVED
CVE-2021-38667 (Windows Print Spooler Elevation of Privilege Vulnerability
This CVE ID ...)
NOT-FOR-US: Microsoft
-CVE-2021-38666
- RESERVED
-CVE-2021-38665
- RESERVED
+CVE-2021-38666 (Remote Desktop Client Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2021-38665 (Remote Desktop Protocol Client Information Disclosure
Vulnerability ...)
+ TODO: check
CVE-2021-38664
RESERVED
CVE-2021-38663 (Windows exFAT File System Information Disclosure Vulnerability
...)
@@ -13666,8 +13704,8 @@ CVE-2021-38633 (Windows Common Log File System Driver
Elevation of Privilege Vul
NOT-FOR-US: Microsoft
CVE-2021-38632 (BitLocker Security Feature Bypass Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2021-38631
- RESERVED
+CVE-2021-38631 (Windows Remote Desktop Protocol (RDP) Information Disclosure
Vulnerabi ...)
+ TODO: check
CVE-2021-38630 (Windows Event Tracing Elevation of Privilege Vulnerability
This CVE ID ...)
NOT-FOR-US: Microsoft
CVE-2021-38629 (Windows Ancillary Function Driver for WinSock Information
Disclosure V ...)
@@ -17327,10 +17365,10 @@ CVE-2021-37161 (A buffer overflow issue was
discovered in the HMI3 Control Panel
NOT-FOR-US: Swisslog Healthcare Nexus Panel
CVE-2021-37160 (A firmware validation issue was discovered in HMI3 Control
Panel in Sw ...)
NOT-FOR-US: Swisslog Healthcare Nexus Panel
-CVE-2021-37158
- RESERVED
-CVE-2021-37157
- RESERVED
+CVE-2021-37158 (An issue was discovered in OpenGamePanel OGP-Agent-Linux
through 2021- ...)
+ TODO: check
+CVE-2021-37157 (An issue was discovered in OpenGamePanel OGP-Agent-Linux
through 2021- ...)
+ TODO: check
CVE-2021-37156 (Redmine 4.2.0 and 4.2.1 allow existing user sessions to
continue upon ...)
- redmine <not-affected> (Only affected 4.2.0 and 4.2.1 upstream)
NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
@@ -17823,8 +17861,8 @@ CVE-2021-36959 (Windows Authenticode Spoofing
Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-36958 (Windows Print Spooler Remote Code Execution Vulnerability This
CVE ID ...)
NOT-FOR-US: Microsoft
-CVE-2021-36957
- RESERVED
+CVE-2021-36957 (Windows Desktop Bridge Elevation of Privilege Vulnerability
...)
+ TODO: check
CVE-2021-36956 (Azure Sphere Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-36955 (Windows Common Log File System Driver Elevation of Privilege
Vulnerabi ...)
@@ -21327,10 +21365,10 @@ CVE-2021-35491 (A Cross-Site Request Forgery (CSRF)
vulnerability in Wowza Strea
NOT-FOR-US: Wowza Streaming Engine
CVE-2021-35490
RESERVED
-CVE-2021-35489
- RESERVED
-CVE-2021-35488
- RESERVED
+CVE-2021-35489 (Thruk 2.40-2 allows
/thruk/#cgi-bin/extinfo.cgi?type=2&host={HOSTN ...)
+ TODO: check
+CVE-2021-35488 (Thruk 2.40-2 allows
/thruk/#cgi-bin/status.cgi?style=combined&titl ...)
+ TODO: check
CVE-2021-35487
RESERVED
CVE-2021-35486
@@ -43876,10 +43914,10 @@ CVE-2021-26446
RESERVED
CVE-2021-26445
RESERVED
-CVE-2021-26444
- RESERVED
-CVE-2021-26443
- RESERVED
+CVE-2021-26444 (Azure RTOS Information Disclosure Vulnerability This CVE ID is
unique ...)
+ TODO: check
+CVE-2021-26443 (Microsoft Virtual Machine Bus (VMBus) Remote Code Execution
Vulnerabil ...)
+ TODO: check
CVE-2021-26442 (Windows HTTP.sys Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Siemens
CVE-2021-26441 (Storage Spaces Controller Elevation of Privilege Vulnerability
This CV ...)
@@ -52412,8 +52450,8 @@ CVE-2021-22872 (Revive Adserver before 5.1.0 is
vulnerable to a reflected cross-
NOT-FOR-US: Revive Adserver
CVE-2021-22871 (Revive Adserver before 5.1.0 permits any user with a manager
account t ...)
NOT-FOR-US: Revive Adserver
-CVE-2021-22870
- RESERVED
+CVE-2021-22870 (A path traversal vulnerability was identified in GitHub Pages
builds o ...)
+ TODO: check
CVE-2021-22869 (An improper access control vulnerability in GitHub Enterprise
Server a ...)
NOT-FOR-US: GitHub Enterprise Server
CVE-2021-22868 (A path traversal vulnerability was identified in GitHub
Enterprise Ser ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a25966ca7b47010d65d6fe031b2632df660bf0b3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a25966ca7b47010d65d6fe031b2632df660bf0b3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
