Neil Williams pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f5bc0502 by Neil Williams at 2022-04-20T10:36:08+01:00
Process some NFUs
- - - - -
db79c64b by Neil Williams at 2022-04-20T11:18:26+01:00
CVE-2021-44481 to 44510 - fis-gtm unfixed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -26470,7 +26470,7 @@ CVE-2021-4098 (Insufficient data validation in Mojo in
Google Chrome prior to 96
CVE-2021-4097 (phpservermon is vulnerable to Improper Neutralization of CRLF
Sequence ...)
NOT-FOR-US: phpservermon
CVE-2021-4096 (The Fancy Product Designer plugin for WordPress is vulnerable
to Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-21822 (NVIDIA FLARE contains a vulnerability in the admin interface,
where an ...)
NOT-FOR-US: NVIDIA
CVE-2022-21821 (NVIDIA CUDA Toolkit SDK contains an integer overflow
vulnerability in ...)
@@ -27526,65 +27526,152 @@ CVE-2015-20105 (The ClickBank Affiliate Ads
WordPress plugin through 1.20 does n
CVE-2021-44511
RESERVED
CVE-2021-44510 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- TODO: check
+ - fis-gtm <unfixed> (bug #1009900)
+ NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
+ NOTE: https://sourceforge.net/projects/fis-gtm/files/
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check upstream to find out which changes affect which CVE
CVE-2021-44509 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- TODO: check
+ - fis-gtm <unfixed> (bug #1009900)
+ NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
+ NOTE: https://sourceforge.net/projects/fis-gtm/files/
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check upstream to find out which changes affect which CVE
CVE-2021-44508 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- TODO: check
+ - fis-gtm <unfixed> (bug #1009900)
+ NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
+ NOTE: https://sourceforge.net/projects/fis-gtm/files/
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check upstream to find out which changes affect which CVE
CVE-2021-44507 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- TODO: check
+ - fis-gtm <unfixed> (bug #1009900)
+ NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
+ NOTE: https://sourceforge.net/projects/fis-gtm/files/
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check upstream to find out which changes affect which CVE
CVE-2021-44506 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- TODO: check
+ - fis-gtm <unfixed> (bug #1009900)
+ NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
+ NOTE: https://sourceforge.net/projects/fis-gtm/files/
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check upstream to find out which changes affect which CVE
CVE-2021-44505 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- TODO: check
+ - fis-gtm <unfixed> (bug #1009900)
+ NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
+ NOTE: https://sourceforge.net/projects/fis-gtm/files/
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check upstream to find out which changes affect which CVE
CVE-2021-44504 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- TODO: check
+ - fis-gtm <unfixed>
+ NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
+ NOTE: https://sourceforge.net/projects/fis-gtm/files/
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check upstream to find out which changes affect which CVE
CVE-2021-44503 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- TODO: check
+ - fis-gtm <unfixed> (bug #1009900)
+ NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
+ NOTE: https://sourceforge.net/projects/fis-gtm/files/
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check upstream to find out which changes affect which CVE
CVE-2021-44502 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- TODO: check
+ - fis-gtm <unfixed> (bug #1009900)
+ NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
+ NOTE: https://sourceforge.net/projects/fis-gtm/files/
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check upstream to find out which changes affect which CVE
CVE-2021-44501 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- TODO: check
+ - fis-gtm <unfixed> (bug #1009900)
+ NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
+ NOTE: https://sourceforge.net/projects/fis-gtm/files/
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check upstream to find out which changes affect which CVE
CVE-2021-44500 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- TODO: check
+ - fis-gtm <unfixed> (bug #1009900)
+ NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
+ NOTE: https://sourceforge.net/projects/fis-gtm/files/
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check upstream to find out which changes affect which CVE
CVE-2021-44499 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- TODO: check
+ - fis-gtm <unfixed> (bug #1009900)
+ NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
+ NOTE: https://sourceforge.net/projects/fis-gtm/files/
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check upstream to find out which changes affect which CVE
CVE-2021-44498 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- TODO: check
+ - fis-gtm <unfixed> (bug #1009900)
+ NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
+ NOTE: https://sourceforge.net/projects/fis-gtm/files/
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check upstream to find out which changes affect which CVE
CVE-2021-44497 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- TODO: check
+ - fis-gtm <unfixed> (bug #1009900)
+ NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
+ NOTE: https://sourceforge.net/projects/fis-gtm/files/
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check upstream to find out which changes affect which CVE
CVE-2021-44496 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- TODO: check
+ - fis-gtm <unfixed>
+ NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
+ NOTE: https://sourceforge.net/projects/fis-gtm/files/
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check upstream to find out which changes affect which CVE
CVE-2021-44495 (An issue was discovered in YottaDB through r1.32 and V7.0-000
and FIS ...)
- TODO: check
+ - fis-gtm <unfixed> (bug #1009900)
+ NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
+ NOTE: https://sourceforge.net/projects/fis-gtm/files/
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check upstream to find out which changes affect which CVE
CVE-2021-44494 (An issue was discovered in YottaDB through r1.32 and V7.0-000
and FIS ...)
- TODO: check
+ - fis-gtm <unfixed> (bug #1009900)
+ NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
+ NOTE: https://sourceforge.net/projects/fis-gtm/files/
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check upstream to find out which changes affect which CVE
CVE-2021-44493 (An issue was discovered in YottaDB through r1.32 and V7.0-000
and FIS ...)
- TODO: check
+ - fis-gtm <unfixed> (bug #1009900)
+ NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
+ NOTE: https://sourceforge.net/projects/fis-gtm/files/
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check upstream to find out which changes affect which CVE
CVE-2021-44492 (An issue was discovered in YottaDB through r1.32 and V7.0-000
and FIS ...)
- TODO: check
+ - fis-gtm <unfixed> (bug #1009900)
+ NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
+ NOTE: https://sourceforge.net/projects/fis-gtm/files/
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check upstream to find out which changes affect which CVE
CVE-2021-44491 (An issue was discovered in YottaDB through r1.32 and V7.0-000.
Using c ...)
- TODO: check
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check - unclear if affects only YottaDB
CVE-2021-44490 (An issue was discovered in YottaDB through r1.32 and V7.0-000.
Using c ...)
- TODO: check
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check - unclear if affects only YottaDB
CVE-2021-44489 (An issue was discovered in YottaDB through r1.32 and V7.0-000.
Using c ...)
- TODO: check
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check - unclear if affects only YottaDB
CVE-2021-44488 (An issue was discovered in YottaDB through r1.32 and V7.0-000.
Using c ...)
- TODO: check
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check - unclear if affects only YottaDB
CVE-2021-44487 (An issue was discovered in YottaDB through r1.32 and V7.0-000.
A lack ...)
- TODO: check
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check - unclear if affects only YottaDB
CVE-2021-44486 (An issue was discovered in YottaDB through r1.32 and V7.0-000.
Using c ...)
- TODO: check
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check - unclear if affects only YottaDB
CVE-2021-44485 (An issue was discovered in YottaDB through r1.32 and V7.0-000.
A lack ...)
- TODO: check
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check - unclear if affects only YottaDB
CVE-2021-44484 (An issue was discovered in YottaDB through r1.32 and V7.0-000.
A lack ...)
- TODO: check
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check - unclear if affects only YottaDB
CVE-2021-44483 (An issue was discovered in YottaDB through r1.32 and V7.0-000.
A lack ...)
- TODO: check
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check - unclear if affects only YottaDB
CVE-2021-44482 (An issue was discovered in YottaDB through r1.32 and V7.0-000.
A lack ...)
- TODO: check
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check - unclear if affects only YottaDB
CVE-2021-44481 (An issue was discovered in YottaDB through r1.32 and V7.0-000.
A lack ...)
- TODO: check
+ NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
+ TODO: check - unclear if affects only YottaDB
CVE-2021-44480 (Wokka Lokka Q50 devices through 2021-11-30 allow remote
attackers (who ...)
NOT-FOR-US: Wokka Lokka Q50 devices
CVE-2021-44479 (NXP Kinetis K82 devices have a buffer over-read via a crafted
wlength ...)
@@ -80200,7 +80287,7 @@ CVE-2021-25122 (When responding to new h2c connection
requests, Apache Tomcat ve
CVE-2021-25121
RESERVED
CVE-2021-25120 (The Easy Social Feed Free and Pro WordPress plugins before
6.2.7 do no ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-25119
RESERVED
CVE-2021-25118 (The Yoast SEO WordPress plugin before 17.3 discloses the full
internal ...)
@@ -84307,13 +84394,13 @@ CVE-2021-23288 (The vulnerability exists due to
insufficient validation of input
CVE-2021-23287 (The vulnerability exists due to insufficient validation of
input of ce ...)
NOT-FOR-US: Eaton Intelligent Power Manager (IPM)
CVE-2021-23286 (Eaton Intelligent Power Manager Infrastructure (IPM
Infrastructure) ve ...)
- TODO: check
+ NOT-FOR-US: Eaton Intelligent Power Manager (IPM)
CVE-2021-23285 (Eaton Intelligent Power Manager Infrastructure (IPM
Infrastructure) ve ...)
- TODO: check
+ NOT-FOR-US: Eaton Intelligent Power Manager (IPM)
CVE-2021-23284 (Eaton Intelligent Power Manager Infrastructure (IPM
Infrastructure) ve ...)
- TODO: check
+ NOT-FOR-US: Eaton Intelligent Power Manager (IPM)
CVE-2021-23283 (Eaton Intelligent Power Protector (IPP) prior to version 1.69
is vulne ...)
- TODO: check
+ NOT-FOR-US: Eaton Intelligent Power Manager (IPM)
CVE-2021-23282
RESERVED
CVE-2021-23281 (Eaton Intelligent Power Manager (IPM) prior to 1.69 is
vulnerable to u ...)
@@ -87360,7 +87447,7 @@ CVE-2021-21969 (An out-of-bounds write vulnerability
exists in the HandleSeaClou
CVE-2021-21968 (A file write vulnerability exists in the OTA update task
functionality ...)
NOT-FOR-US: Sealevel Systems
CVE-2021-21967 (An out-of-bounds write vulnerability exists in the OTA update
task fun ...)
- TODO: check
+ NOT-FOR-US: Sealevel Systems
CVE-2021-21966 (An information disclosure vulnerability exists in the HTTP
Server /pin ...)
NOT-FOR-US: Texas Instruments
CVE-2021-21965 (A denial of service vulnerability exists in the SeaMax remote
configur ...)
@@ -87382,7 +87469,7 @@ CVE-2021-21958 (A heap-based buffer overflow
vulnerability exists in the Hword H
CVE-2021-21957 (A privilege escalation vulnerability exists in the Remote
Server funct ...)
NOT-FOR-US: Dream Report ODS Remote Connector
CVE-2021-21956 (A php unserialize vulnerability exists in the Ai-Bolit
functionality o ...)
- TODO: check
+ NOT-FOR-US: Imunify360
CVE-2021-21955 (An authentication bypass vulnerability exists in the
get_aes_key_info_ ...)
NOT-FOR-US: Anker Eufy Homebase
CVE-2021-21954 (A command execution vulnerability exists in the
wifi_country_code_upda ...)
@@ -87396,29 +87483,29 @@ CVE-2021-21951 (An out-of-bounds write vulnerability
exists in the CMD_DEVICE_GE
CVE-2021-21950 (An out-of-bounds write vulnerability exists in the
CMD_DEVICE_GET_SERV ...)
NOT-FOR-US: Anker Eufy Homebase
CVE-2021-21949 (An improper array index validation vulnerability exists in the
JPEG-JF ...)
- TODO: check
+ NOT-FOR-US: Accusoft ImageGear
CVE-2021-21948 (A heap-based buffer overflow vulnerability exists in the
readDatHeadVe ...)
- TODO: check
+ NOT-FOR-US: chitubox
CVE-2021-21947 (Two heap-based buffer overflow vulnerabilities exists in the
JPEG-JFIF ...)
- TODO: check
+ NOT-FOR-US: Accusoft ImageGear
CVE-2021-21946 (Two heap-based buffer overflow vulnerabilities exists in the
JPEG-JFIF ...)
- TODO: check
+ NOT-FOR-US: Accusoft ImageGear
CVE-2021-21945 (Two heap-based buffer overflow vulnerabilities exist in the
TIFF parse ...)
- TODO: check
+ NOT-FOR-US: Accusoft ImageGear
CVE-2021-21944 (Two heap-based buffer overflow vulnerabilities exist in the
TIFF parse ...)
- TODO: check
+ NOT-FOR-US: Accusoft ImageGear
CVE-2021-21943 (A heap-based buffer overflow vulnerability exists in the XWD
parser fu ...)
- TODO: check
+ NOT-FOR-US: Accusoft ImageGear
CVE-2021-21942 (An out-of-bounds write vulnerability exists in the TIFF YCbCr
image pa ...)
- TODO: check
+ NOT-FOR-US: Accusoft ImageGear
CVE-2021-21941 (A use-after-free vulnerability exists in the pushMuxer
CreatePushThrea ...)
NOT-FOR-US: Anker Eufy Homebase
CVE-2021-21940 (A heap-based buffer overflow vulnerability exists in the
pushMuxer pro ...)
NOT-FOR-US: Anker Eufy Homebase
CVE-2021-21939 (A heap-based buffer overflow vulnerability exists in the XWD
parser fu ...)
- TODO: check
+ NOT-FOR-US: Accusoft ImageGear
CVE-2021-21938 (A heap-based buffer overflow vulnerability exists in the
Palette box p ...)
- TODO: check
+ NOT-FOR-US: Accusoft ImageGear
CVE-2021-21937 (A specially-crafted HTTP request can lead to SQL injection. An
attacke ...)
NOT-FOR-US: Advantech
CVE-2021-21936 (A specially-crafted HTTP request can lead to SQL injection. An
attacke ...)
@@ -87466,7 +87553,7 @@ CVE-2021-21916 (An exploitable SQL injection
vulnerability exist in the ‘g
CVE-2021-21915 (An exploitable SQL injection vulnerability exist in the
‘group_l ...)
NOT-FOR-US: Advantech
CVE-2021-21914 (A heap-based buffer overflow vulnerability exists in the
DecoderStream ...)
- TODO: check
+ NOT-FOR-US: Accusoft ImageGear
CVE-2021-21913 (An information disclosure vulnerability exists in the WiFi
Smart Mesh ...)
NOT-FOR-US: D-LINK
CVE-2021-21912 (A privilege escalation vulnerability exists in the Windows
version of ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/572eb582aad1183009622cbfb217e64a78a31a18...db79c64bcb3da93975717a50692e39073d8214fd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/572eb582aad1183009622cbfb217e64a78a31a18...db79c64bcb3da93975717a50692e39073d8214fd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
