Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 292b6f13 by security tracker role at 2023-12-29T20:12:08+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,171 @@ +CVE-2023-7171 (A vulnerability was found in Novel-Plus up to 4.2.0. It has been decla ...) + TODO: check +CVE-2023-7166 (A vulnerability classified as problematic has been found in Novel-Plus ...) + TODO: check +CVE-2023-7114 (Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths ...) + TODO: check +CVE-2023-7113 (Mattermost version 8.1.6 and earlier fails to sanitize channel mention ...) + TODO: check +CVE-2023-7080 (The V8 inspector intentionally allows arbitrary code execution within ...) + TODO: check +CVE-2023-7079 (Sending specially crafted HTTP requests and inspector messages to Wran ...) + TODO: check +CVE-2023-7078 (Sending specially crafted HTTP requests to Miniflare's server could re ...) + TODO: check +CVE-2023-52139 (Misskey is an open source, decentralized social media platform. Third- ...) + TODO: check +CVE-2023-52137 (The [`tj-actions/verify-changed-files`](https://github.com/tj-actions/ ...) + TODO: check +CVE-2023-52135 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) + TODO: check +CVE-2023-51688 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) + TODO: check +CVE-2023-51687 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) + TODO: check +CVE-2023-51676 (Server-Side Request Forgery (SSRF) vulnerability in Leevio Happy Addon ...) + TODO: check +CVE-2023-51675 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in A ...) + TODO: check +CVE-2023-51663 (Hail is an open-source, general-purpose, Python-based data analysis to ...) + TODO: check +CVE-2023-51545 (Cross-Site Request Forgery (CSRF), Deserialization of Untrusted Data v ...) + TODO: check +CVE-2023-51541 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-51527 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) + TODO: check +CVE-2023-51517 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in C ...) + TODO: check +CVE-2023-51505 (Deserialization of Untrusted Data vulnerability in realmag777 Active P ...) + TODO: check +CVE-2023-51475 (Unrestricted Upload of File with Dangerous Type vulnerability in IOSS ...) + TODO: check +CVE-2023-51473 (Unrestricted Upload of File with Dangerous Type vulnerability in Pixel ...) + TODO: check +CVE-2023-51470 (Deserialization of Untrusted Data vulnerability in Jacques Malgrange R ...) + TODO: check +CVE-2023-51468 (Unrestricted Upload of File with Dangerous Type vulnerability in Jacqu ...) + TODO: check +CVE-2023-51422 (Deserialization of Untrusted Data vulnerability in Saleswonder Team We ...) + TODO: check +CVE-2023-51421 (Unrestricted Upload of File with Dangerous Type vulnerability in Soft8 ...) + TODO: check +CVE-2023-51420 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...) + TODO: check +CVE-2023-51419 (Unrestricted Upload of File with Dangerous Type vulnerability in Berth ...) + TODO: check +CVE-2023-51417 (Unrestricted Upload of File with Dangerous Type vulnerability in Joris ...) + TODO: check +CVE-2023-51414 (Deserialization of Untrusted Data vulnerability in EnvialoSimple Env\x ...) + TODO: check +CVE-2023-51412 (Unrestricted Upload of File with Dangerous Type vulnerability in Piotn ...) + TODO: check +CVE-2023-51411 (Unrestricted Upload of File with Dangerous Type vulnerability in Shabt ...) + TODO: check +CVE-2023-51410 (Unrestricted Upload of File with Dangerous Type vulnerability in WPVib ...) + TODO: check +CVE-2023-51402 (Cross-Site Request Forgery (CSRF) vulnerability in Brain Storm Force U ...) + TODO: check +CVE-2023-51399 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-51397 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-51396 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-51378 (Cross-Site Request Forgery (CSRF) vulnerability in Rise Themes Rise Bl ...) + TODO: check +CVE-2023-51374 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-51373 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-51372 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-51371 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-51361 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-51358 (Cross-Site Request Forgery (CSRF) vulnerability in Bright Plugins Bloc ...) + TODO: check +CVE-2023-51354 (Cross-Site Request Forgery (CSRF) vulnerability in WebbaPlugins Appoin ...) + TODO: check +CVE-2023-50902 (Cross-Site Request Forgery (CSRF) vulnerability in WPExpertsio New Use ...) + TODO: check +CVE-2023-50901 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-50896 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-50893 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-50892 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-50891 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-50889 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-50881 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-50880 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-50879 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-50878 (Cross-Site Request Forgery (CSRF) vulnerability in InspireUI MStore AP ...) + TODO: check +CVE-2023-50837 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) + TODO: check +CVE-2023-50572 (An issue in the component GroovyEngine.execute of jline-groovy v3.24.1 ...) + TODO: check +CVE-2023-50571 (easy-rules-mvel v4.1.0 was discovered to contain a remote code executi ...) + TODO: check +CVE-2023-50570 (An issue in the component IPAddressBitsDivision of IPAddress v5.1.0 le ...) + TODO: check +CVE-2023-4675 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) + TODO: check +CVE-2023-4674 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) + TODO: check +CVE-2023-4541 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) + TODO: check +CVE-2023-4468 (A vulnerability was found in Poly Trio 8800 and Trio C60. It has been ...) + TODO: check +CVE-2023-4467 (A vulnerability was found in Poly Trio 8800 7.2.6.0019 and classified ...) + TODO: check +CVE-2023-4466 (A vulnerability has been found in Poly CCX 400, CCX 600, Trio 8800 and ...) + TODO: check +CVE-2023-4465 (A vulnerability, which was classified as problematic, was found in Pol ...) + TODO: check +CVE-2023-4464 (A vulnerability, which was classified as critical, has been found in P ...) + TODO: check +CVE-2023-4463 (A vulnerability classified as problematic was found in Poly CCX 400, C ...) + TODO: check +CVE-2023-4462 (A vulnerability classified as problematic has been found in Poly CCX 4 ...) + TODO: check +CVE-2023-49830 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...) + TODO: check +CVE-2023-47840 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...) + TODO: check +CVE-2023-47804 (Apache OpenOffice documents can contain links that call internal macro ...) + TODO: check +CVE-2023-46623 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...) + TODO: check +CVE-2023-45751 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...) + TODO: check +CVE-2023-44089 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-44088 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) + TODO: check +CVE-2023-41815 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-41814 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-41813 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) + TODO: check +CVE-2023-40606 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...) + TODO: check +CVE-2023-32517 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in P ...) + TODO: check +CVE-2023-32101 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in P ...) + TODO: check +CVE-2023-32095 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...) + TODO: check CVE-2023-7161 (A vulnerability classified as critical has been found in Netentsec NS- ...) NOT-FOR-US: Netentsec NS-ASG Application Security Gateway CVE-2023-7160 (A vulnerability was found in SourceCodester Engineers Online Portal 1. ...) @@ -14,7 +182,7 @@ CVE-2023-7155 (A vulnerability, which was classified as critical, was found in S NOT-FOR-US: SourceCodester Free and Open Source Inventory Management System CVE-2023-7152 (A vulnerability, which was classified as critical, has been found in M ...) NOT-FOR-US: MicroPython -CVE-2023-7150 (A vulnerability classified as critical was found in Chic Beauty Salon ...) +CVE-2023-7150 (A vulnerability classified as critical was found in Campcodes Chic Bea ...) NOT-FOR-US: Chic Beauty Salon CVE-2023-7149 (A vulnerability was found in code-projects QR Code Generator 1.0. It h ...) NOT-FOR-US: code-projects QR Code Generator @@ -1515,25 +1683,25 @@ CVE-2023-34027 (Deserialization of Untrusted Data vulnerability in Rajnish Arora CVE-2019-25158 (A vulnerability has been found in pedroetb tts-api up to 2.1.4 and cla ...) NOT-FOR-US: pedroetb tts-api CVE-2023-50762 (When processing a PGP/MIME payload that contains digitally signed text ...) - {DSA-5582-1} + {DSA-5582-1 DLA-3698-1} - thunderbird 1:115.6.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-50762 CVE-2023-50761 (The signature of a digitally signed S/MIME email message may optionall ...) - {DSA-5582-1} + {DSA-5582-1 DLA-3698-1} - thunderbird 1:115.6.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-50761 CVE-2023-6862 (A use-after-free was identified in the `nsDNSService::Init`. This iss ...) - {DSA-5582-1 DSA-5581-1} + {DSA-5582-1 DSA-5581-1 DLA-3698-1 DLA-3697-1} - firefox-esr 115.6.0esr-1 - thunderbird 1:115.6.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6862 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-6862 CVE-2023-6873 (Memory safety bugs present in Firefox 120. Some of these bugs showed e ...) - {DSA-5582-1} + {DSA-5582-1 DLA-3698-1} - firefox 121.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6873 CVE-2023-6864 (Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thun ...) - {DSA-5582-1 DSA-5581-1} + {DSA-5582-1 DSA-5581-1 DLA-3698-1 DLA-3697-1} - firefox 121.0-1 - firefox-esr 115.6.0esr-1 - thunderbird 1:115.6.0-1 @@ -1541,7 +1709,7 @@ CVE-2023-6864 (Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-6864 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6864 CVE-2023-6863 (The `ShutdownObserver()` was susceptible to potentially undefined beha ...) - {DSA-5581-1} + {DSA-5581-1 DLA-3697-1} - firefox 121.0-1 - firefox-esr 115.6.0esr-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6863 @@ -1562,7 +1730,7 @@ CVE-2023-6868 (In some instances, the user-agent would allow push requests which - firefox <not-affected> (Android-specific) NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6868 CVE-2023-6861 (The `nsWindow::PickerOpen(void)` method was susceptible to a heap buff ...) - {DSA-5582-1 DSA-5581-1} + {DSA-5582-1 DSA-5581-1 DLA-3698-1 DLA-3697-1} - firefox 121.0-1 - firefox-esr 115.6.0esr-1 - thunderbird 1:115.6.0-1 @@ -1570,13 +1738,13 @@ CVE-2023-6861 (The `nsWindow::PickerOpen(void)` method was susceptible to a heap NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-6861 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6861 CVE-2023-6867 (The timing of a button click causing a popup to disappear was approxim ...) - {DSA-5581-1} + {DSA-5581-1 DLA-3697-1} - firefox 121.0-1 - firefox-esr 115.6.0esr-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6867 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6867 CVE-2023-6860 (The `VideoBridge` allowed any content process to use textures produced ...) - {DSA-5582-1 DSA-5581-1} + {DSA-5582-1 DSA-5581-1 DLA-3698-1 DLA-3697-1} - firefox 121.0-1 - firefox-esr 115.6.0esr-1 - thunderbird 1:115.6.0-1 @@ -1587,7 +1755,7 @@ CVE-2023-6866 (TypedArrays can be fallible and lacked proper exception handling. - firefox 121.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6866 CVE-2023-6859 (A use-after-free condition affected TLS socket creation when under mem ...) - {DSA-5582-1 DSA-5581-1} + {DSA-5582-1 DSA-5581-1 DLA-3698-1 DLA-3697-1} - firefox 121.0-1 - firefox-esr 115.6.0esr-1 - thunderbird 1:115.6.0-1 @@ -1595,7 +1763,7 @@ CVE-2023-6859 (A use-after-free condition affected TLS socket creation when unde NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-6859 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6859 CVE-2023-6858 (Firefox was susceptible to a heap buffer overflow in `nsTextFragment` ...) - {DSA-5582-1 DSA-5581-1} + {DSA-5582-1 DSA-5581-1 DLA-3698-1 DLA-3697-1} - firefox 121.0-1 - firefox-esr 115.6.0esr-1 - thunderbird 1:115.6.0-1 @@ -1603,7 +1771,7 @@ CVE-2023-6858 (Firefox was susceptible to a heap buffer overflow in `nsTextFragm NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-6858 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6858 CVE-2023-6857 (When resolving a symlink, a race may occur where the buffer passed to ...) - {DSA-5582-1 DSA-5581-1} + {DSA-5582-1 DSA-5581-1 DLA-3698-1 DLA-3697-1} - firefox 121.0-1 - firefox-esr 115.6.0esr-1 - thunderbird 1:115.6.0-1 @@ -1611,13 +1779,13 @@ CVE-2023-6857 (When resolving a symlink, a race may occur where the buffer passe NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-6857 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6857 CVE-2023-6865 (`EncryptingOutputStream` was susceptible to exposing uninitialized dat ...) - {DSA-5581-1} + {DSA-5581-1 DLA-3697-1} - firefox 121.0-1 - firefox-esr 115.6.0esr-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6865 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6865 CVE-2023-6856 (The WebGL `DrawElementsInstanced` method was susceptible to a heap buf ...) - {DSA-5582-1 DSA-5581-1} + {DSA-5582-1 DSA-5581-1 DLA-3698-1 DLA-3697-1} - firefox 121.0-1 - firefox-esr 115.6.0esr-1 - thunderbird 1:115.6.0-1 @@ -34667,8 +34835,8 @@ CVE-2023-31250 (The file download facility doesn't sufficiently sanitize file pa NOTE: https://www.drupal.org/sa-core-2023-005 CVE-2023-31238 (A vulnerability has been identified in POWER METER SICAM Q100 (All ver ...) NOT-FOR-US: Siemens -CVE-2023-31237 - RESERVED +CVE-2023-31237 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in D ...) + TODO: check CVE-2023-31236 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in unFo ...) NOT-FOR-US: WordPress plugin CVE-2023-31235 (Cross-Site Request Forgery (CSRF) vulnerability in Roland Barker, xnau ...) @@ -34683,8 +34851,8 @@ CVE-2023-31231 (Unrestricted Upload of File with Dangerous Type vulnerability in NOT-FOR-US: WordPress plugin CVE-2023-31230 (Cross-Site Request Forgery (CSRF) vulnerability in Haoqisir Baidu Tong ...) NOT-FOR-US: Haoqisir Baidu Tongji generator -CVE-2023-31229 - RESERVED +CVE-2023-31229 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in W ...) + TODO: check CVE-2023-31228 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Crea ...) NOT-FOR-US: WordPress plugin CVE-2023-31227 (The hwPartsDFR module has a vulnerability in API calling verification. ...) @@ -35173,8 +35341,8 @@ CVE-2023-31097 RESERVED CVE-2023-31096 (An issue was discovered in Broadcom) LSI PCI-SV92EX Soft Modem Kernel ...) NOT-FOR-US: Broadcom -CVE-2023-31095 - RESERVED +CVE-2023-31095 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in C ...) + TODO: check CVE-2023-31094 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Lauri Ka ...) NOT-FOR-US: WooCommerce plugin CVE-2023-31093 (Cross-Site Request Forgery (CSRF) vulnerability in Chronosly Chronosly ...) @@ -42274,8 +42442,8 @@ CVE-2023-28788 (Improper Neutralization of Special Elements used in an SQL Comma NOT-FOR-US: WordPress plugin CVE-2023-28787 RESERVED -CVE-2023-28786 - RESERVED +CVE-2023-28786 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in S ...) + TODO: check CVE-2023-28785 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...) NOT-FOR-US: WordPress plugin CVE-2023-28784 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Contest ...) @@ -53825,8 +53993,8 @@ CVE-2023-25056 (Cross-Site Request Forgery (CSRF) vulnerability in SlickRemix Fe NOT-FOR-US: WordPress plugin CVE-2023-25055 (Cross-Site Request Forgery (CSRF) vulnerability in Amit Agarwal Google ...) NOT-FOR-US: WordPress plugin -CVE-2023-25054 - RESERVED +CVE-2023-25054 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...) + TODO: check CVE-2023-25053 RESERVED CVE-2023-25052 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tepl ...) @@ -61313,10 +61481,10 @@ CVE-2023-22679 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i NOT-FOR-US: WordPress plugin CVE-2023-22678 (Cross-Site Request Forgery (CSRF) vulnerability inRafael DerySuperior ...) NOT-FOR-US: WordPress plugin -CVE-2023-22677 - RESERVED -CVE-2023-22676 - RESERVED +CVE-2023-22677 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...) + TODO: check +CVE-2023-22676 (Missing Authorization vulnerability in Anders Thorborg.This issue affe ...) + TODO: check CVE-2023-22675 RESERVED CVE-2023-22674 (Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability ...) @@ -76285,8 +76453,8 @@ CVE-2022-44591 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i NOT-FOR-US: WordPress plugin CVE-2022-44590 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...) NOT-FOR-US: WordPress plugin -CVE-2022-44589 - RESERVED +CVE-2022-44589 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) + TODO: check CVE-2022-44588 (Unauth. SQL Injection vulnerability inCryptocurrency Widgets Pack Plug ...) NOT-FOR-US: WordPress plugin CVE-2022-44587 @@ -194644,31 +194812,31 @@ CVE-2021-28448 (Visual Studio Code Kubernetes Tools Remote Code Execution Vulner NOT-FOR-US: Microsoft CVE-2021-28447 (Windows Early Launch Antimalware Driver Security Feature Bypass Vulner ...) NOT-FOR-US: Microsoft -CVE-2021-28446 (Windows Portmapping Information Disclosure Vulnerability) +CVE-2021-28446 (<p>N/A</p>) NOT-FOR-US: Microsoft CVE-2021-28445 (Windows Network File System Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-28444 (Windows Hyper-V Security Feature Bypass Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28443 (Windows Console Driver Denial of Service Vulnerability This CVE ID is ...) +CVE-2021-28443 (Windows Console Driver Denial of Service Vulnerability) NOT-FOR-US: Microsoft CVE-2021-28442 (Windows TCP/IP Information Disclosure Vulnerability) NOT-FOR-US: Microsoft CVE-2021-28441 (Windows Hyper-V Information Disclosure Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28440 (Windows Installer Elevation of Privilege Vulnerability This CVE ID is ...) +CVE-2021-28440 (Windows Installer Elevation of Privilege Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28439 (Windows TCP/IP Driver Denial of Service Vulnerability This CVE ID is u ...) +CVE-2021-28439 (Windows TCP/IP Driver Denial of Service Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28438 (Windows Console Driver Denial of Service Vulnerability This CVE ID is ...) +CVE-2021-28438 (Windows Console Driver Denial of Service Vulnerability) NOT-FOR-US: Microsoft CVE-2021-28437 (Windows Installer Information Disclosure Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28436 (Windows Speech Runtime Elevation of Privilege Vulnerability This CVE I ...) +CVE-2021-28436 (Windows Speech Runtime Elevation of Privilege Vulnerability) NOT-FOR-US: Microsoft CVE-2021-28435 (Windows Event Tracing Information Disclosure Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28434 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28434 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-28433 RESERVED @@ -194829,77 +194997,77 @@ CVE-2021-28360 RESERVED CVE-2021-28359 (The "origin" parameter passed to some of the endpoints like '/trigger' ...) - airflow <itp> (bug #819700) -CVE-2021-28358 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28358 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28357 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28357 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28356 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28356 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28355 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28355 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28354 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28354 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28353 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28353 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28352 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28352 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28351 (Windows Speech Runtime Elevation of Privilege Vulnerability This CVE I ...) +CVE-2021-28351 (Windows Speech Runtime Elevation of Privilege Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28350 (Windows GDI+ Remote Code Execution Vulnerability This CVE ID is unique ...) +CVE-2021-28350 (Windows GDI+ Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28349 (Windows GDI+ Remote Code Execution Vulnerability This CVE ID is unique ...) +CVE-2021-28349 (Windows GDI+ Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28348 (Windows GDI+ Remote Code Execution Vulnerability This CVE ID is unique ...) +CVE-2021-28348 (Windows GDI+ Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28347 (Windows Speech Runtime Elevation of Privilege Vulnerability This CVE I ...) +CVE-2021-28347 (Windows Speech Runtime Elevation of Privilege Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28346 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28346 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28345 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28345 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28344 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28344 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28343 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28343 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28342 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28342 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28341 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28341 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28340 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28340 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28339 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28339 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28338 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28338 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28337 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28337 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28336 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28336 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28335 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28335 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28334 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28334 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28333 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28333 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28332 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28332 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28331 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28331 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28330 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28330 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28329 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28329 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28328 (Windows DNS Information Disclosure Vulnerability This CVE ID is unique ...) +CVE-2021-28328 (Windows DNS Information Disclosure Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28327 (Remote Procedure Call Runtime Remote Code Execution Vulnerability This ...) +CVE-2021-28327 (Remote Procedure Call Runtime Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-28326 (Windows AppX Deployment Server Denial of Service Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28325 (Windows SMB Information Disclosure Vulnerability This CVE ID is unique ...) +CVE-2021-28325 (Windows SMB Information Disclosure Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28324 (Windows SMB Information Disclosure Vulnerability This CVE ID is unique ...) +CVE-2021-28324 (Windows SMB Information Disclosure Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28323 (Windows DNS Information Disclosure Vulnerability This CVE ID is unique ...) +CVE-2021-28323 (Windows DNS Information Disclosure Vulnerability) NOT-FOR-US: Microsoft CVE-2021-28322 (Diagnostics Hub Standard Collector Service Elevation of Privilege Vuln ...) NOT-FOR-US: Microsoft @@ -194907,7 +195075,7 @@ CVE-2021-28321 (Diagnostics Hub Standard Collector Service Elevation of Privileg NOT-FOR-US: Microsoft CVE-2021-28320 (Windows Resource Manager PSM Service Extension Elevation of Privilege ...) NOT-FOR-US: Microsoft -CVE-2021-28319 (Windows TCP/IP Driver Denial of Service Vulnerability This CVE ID is u ...) +CVE-2021-28319 (Windows TCP/IP Driver Denial of Service Vulnerability) NOT-FOR-US: Microsoft CVE-2021-28318 (Windows GDI+ Information Disclosure Vulnerability) NOT-FOR-US: Microsoft @@ -194915,7 +195083,7 @@ CVE-2021-28317 (Microsoft Windows Codecs Library Information Disclosure Vulnerab NOT-FOR-US: Microsoft CVE-2021-28316 (Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28315 (Windows Media Video Decoder Remote Code Execution Vulnerability This C ...) +CVE-2021-28315 (Windows Media Video Decoder Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-28314 (Windows Hyper-V Elevation of Privilege Vulnerability) NOT-FOR-US: Microsoft @@ -194925,9 +195093,9 @@ CVE-2021-28312 (Windows NTFS Denial of Service Vulnerability) NOT-FOR-US: Microsoft CVE-2021-28311 (Windows Application Compatibility Cache Denial of Service Vulnerabilit ...) NOT-FOR-US: Microsoft -CVE-2021-28310 (Win32k Elevation of Privilege Vulnerability This CVE ID is unique from ...) +CVE-2021-28310 (Win32k Elevation of Privilege Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-28309 (Windows Kernel Information Disclosure Vulnerability This CVE ID is uni ...) +CVE-2021-28309 (Windows Kernel Information Disclosure Vulnerability) NOT-FOR-US: Microsoft CVE-2021-28308 (An issue was discovered in the fltk crate before 0.15.3 for Rust. Ther ...) NOT-FOR-US: Rust crate fltk @@ -197948,11 +198116,11 @@ CVE-2021-27097 (The boot loader in Das U-Boot before 2021.04-rc2 mishandles a mo NOTE: https://github.com/u-boot/u-boot/commit/b6f4c757959f8850e1299a77c8e5713da78e8ec0 CVE-2021-27096 (NTFS Elevation of Privilege Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-27095 (Windows Media Video Decoder Remote Code Execution Vulnerability This C ...) +CVE-2021-27095 (Windows Media Video Decoder Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-27094 (Windows Early Launch Antimalware Driver Security Feature Bypass Vulner ...) NOT-FOR-US: Microsoft -CVE-2021-27093 (Windows Kernel Information Disclosure Vulnerability This CVE ID is uni ...) +CVE-2021-27093 (Windows Kernel Information Disclosure Vulnerability) NOT-FOR-US: Microsoft CVE-2021-27092 (Azure AD Web Sign-in Security Feature Bypass Vulnerability) NOT-FOR-US: Microsoft @@ -197978,11 +198146,11 @@ CVE-2021-27082 (Quantum Development Kit for Visual Studio Code Remote Code Execu NOT-FOR-US: Microsoft CVE-2021-27081 (Visual Studio Code ESLint Extension Remote Code Execution Vulnerabilit ...) NOT-FOR-US: Microsoft -CVE-2021-27080 (Azure Sphere Unsigned Code Execution Vulnerability This CVE ID is uniq ...) +CVE-2021-27080 (Azure Sphere Unsigned Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-27079 (Windows Media Photo Codec Information Disclosure Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-27078 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...) +CVE-2021-27078 (Microsoft Exchange Server Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-27077 (Windows Win32k Elevation of Privilege Vulnerability This CVE ID is uni ...) NOT-FOR-US: Microsoft @@ -197990,11 +198158,11 @@ CVE-2021-27076 (Microsoft SharePoint Server Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-27075 (Azure Virtual Machine Information Disclosure Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-27074 (Azure Sphere Unsigned Code Execution Vulnerability This CVE ID is uniq ...) +CVE-2021-27074 (Azure Sphere Unsigned Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-27073 RESERVED -CVE-2021-27072 (Win32k Elevation of Privilege Vulnerability This CVE ID is unique from ...) +CVE-2021-27072 (Win32k Elevation of Privilege Vulnerability) NOT-FOR-US: Microsoft CVE-2021-27071 RESERVED @@ -198008,43 +198176,43 @@ CVE-2021-27067 (Azure DevOps Server and Team Foundation Server Information Discl NOT-FOR-US: Microsoft CVE-2021-27066 (Windows Admin Center Security Feature Bypass Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-27065 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...) +CVE-2021-27065 (Microsoft Exchange Server Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-27064 (Visual Studio Installer Elevation of Privilege Vulnerability) NOT-FOR-US: Microsoft CVE-2021-27063 (Windows DNS Server Denial of Service Vulnerability This CVE ID is uniq ...) NOT-FOR-US: Microsoft -CVE-2021-27062 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...) +CVE-2021-27062 (HEVC Video Extensions Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-27061 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...) +CVE-2021-27061 (HEVC Video Extensions Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-27060 (Visual Studio Code Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-27059 (Microsoft Office Remote Code Execution Vulnerability This CVE ID is un ...) +CVE-2021-27059 (Microsoft Office Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-27058 (Microsoft Office ClickToRun Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-27057 (Microsoft Office Remote Code Execution Vulnerability This CVE ID is un ...) +CVE-2021-27057 (Microsoft Office Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-27056 (Microsoft PowerPoint Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-27055 (Microsoft Visio Security Feature Bypass Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-27054 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...) +CVE-2021-27054 (Microsoft Excel Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-27053 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...) +CVE-2021-27053 (Microsoft Excel Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-27052 (Microsoft SharePoint Server Information Disclosure Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-27051 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...) +CVE-2021-27051 (HEVC Video Extensions Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-27050 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...) +CVE-2021-27050 (HEVC Video Extensions Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-27049 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...) +CVE-2021-27049 (HEVC Video Extensions Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-27048 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...) +CVE-2021-27048 (HEVC Video Extensions Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-27047 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...) +CVE-2021-27047 (HEVC Video Extensions Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-27046 (A Memory Corruption vulnerability for PDF files in Autodesk Navisworks ...) NOT-FOR-US: Autodesk @@ -198434,7 +198602,7 @@ CVE-2021-26904 (LMA ISIDA Retriever 5.2 allows SQL Injection.) NOT-FOR-US: LMA ISIDA Retriever CVE-2021-26903 (LMA ISIDA Retriever 5.2 is vulnerable to XSS via query['text'].) NOT-FOR-US: LMA ISIDA Retriever -CVE-2021-26902 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...) +CVE-2021-26902 (HEVC Video Extensions Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-26901 (Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID ...) NOT-FOR-US: Microsoft @@ -198522,15 +198690,15 @@ CVE-2021-26860 (Windows App-V Overlay Filter Elevation of Privilege Vulnerabilit NOT-FOR-US: Microsoft CVE-2021-26859 (Microsoft Power BI Information Disclosure Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-26858 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...) +CVE-2021-26858 (Microsoft Exchange Server Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-26857 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...) +CVE-2021-26857 (Microsoft Exchange Server Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-26856 RESERVED -CVE-2021-26855 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...) +CVE-2021-26855 (Microsoft Exchange Server Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-26854 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...) +CVE-2021-26854 (Microsoft Exchange Server Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-26853 RESERVED @@ -198910,7 +199078,7 @@ CVE-2021-26703 (EPrints 3.4.2 allows remote attackers to read arbitrary files an NOT-FOR-US: EPrints CVE-2021-26702 (EPrints 3.4.2 exposes a reflected XSS opportunity in the dataset param ...) NOT-FOR-US: EPrints -CVE-2021-26701 (.NET Core Remote Code Execution Vulnerability This CVE ID is unique fr ...) +CVE-2021-26701 (.NET Core Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-26700 (Visual Studio Code npm-script Extension Remote Code Execution Vulnerab ...) NOT-FOR-US: Microsoft @@ -199637,13 +199805,13 @@ CVE-2021-26417 (Windows Overlay Filter Information Disclosure Vulnerability) NOT-FOR-US: Microsoft CVE-2021-26416 (Windows Hyper-V Denial of Service Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-26415 (Windows Installer Elevation of Privilege Vulnerability This CVE ID is ...) +CVE-2021-26415 (Windows Installer Elevation of Privilege Vulnerability) NOT-FOR-US: Microsoft CVE-2021-26414 (Windows DCOM Server Security Feature Bypass) NOT-FOR-US: Microsoft CVE-2021-26413 (Windows Installer Spoofing Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-26412 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...) +CVE-2021-26412 (Microsoft Exchange Server Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-26411 (Internet Explorer Memory Corruption Vulnerability) NOT-FOR-US: Microsoft @@ -205240,23 +205408,23 @@ CVE-2021-24114 (Microsoft Teams iOS Information Disclosure Vulnerability) NOT-FOR-US: Microsoft CVE-2021-24113 (Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-24112 (.NET Core Remote Code Execution Vulnerability This CVE ID is unique fr ...) +CVE-2021-24112 (.NET Core Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-24111 (.NET Framework Denial of Service Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-24110 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...) +CVE-2021-24110 (HEVC Video Extensions Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-24109 (Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerabilit ...) NOT-FOR-US: Microsoft -CVE-2021-24108 (Microsoft Office Remote Code Execution Vulnerability This CVE ID is un ...) +CVE-2021-24108 (Microsoft Office Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-24107 (Windows Event Tracing Information Disclosure Vulnerability) NOT-FOR-US: Microsoft CVE-2021-24106 (Windows DirectX Information Disclosure Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-24105 (Package Managers Configurations Remote Code Execution Vulnerability) +CVE-2021-24105 (<p>Depending on configuration of various package managers it is possib ...) NOT-FOR-US: Microsoft -CVE-2021-24104 (Microsoft SharePoint Spoofing Vulnerability) +CVE-2021-24104 (Microsoft SharePoint Server Spoofing Vulnerability) NOT-FOR-US: Microsoft CVE-2021-24103 (Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID ...) NOT-FOR-US: Microsoft @@ -205286,7 +205454,7 @@ CVE-2021-24091 (Windows Camera Codec Pack Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-24090 (Windows Error Reporting Elevation of Privilege Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-24089 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...) +CVE-2021-24089 (HEVC Video Extensions Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-24088 (Windows Local Spooler Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft @@ -205294,7 +205462,7 @@ CVE-2021-24087 (Azure IoT CLI extension Elevation of Privilege Vulnerability) NOT-FOR-US: Microsoft CVE-2021-24086 (Windows TCP/IP Denial of Service Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-24085 (Microsoft Exchange Server Spoofing Vulnerability This CVE ID is unique ...) +CVE-2021-24085 (Microsoft Exchange Server Spoofing Vulnerability) NOT-FOR-US: Microsoft CVE-2021-24084 (Windows Mobile Device Management Information Disclosure Vulnerability) NOT-FOR-US: Microsoft @@ -205324,13 +205492,13 @@ CVE-2021-24072 (Microsoft SharePoint Server Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-24071 (Microsoft SharePoint Information Disclosure Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-24070 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...) +CVE-2021-24070 (Microsoft Excel Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-24069 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...) +CVE-2021-24069 (Microsoft Excel Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-24068 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...) +CVE-2021-24068 (Microsoft Excel Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-24067 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...) +CVE-2021-24067 (Microsoft Excel Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-24066 (Microsoft SharePoint Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft @@ -220324,7 +220492,7 @@ CVE-2021-1732 (Windows Win32k Elevation of Privilege Vulnerability This CVE ID i NOT-FOR-US: Microsoft CVE-2021-1731 (PFX Encryption Security Feature Bypass Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-1730 (Microsoft Exchange Server Spoofing Vulnerability This CVE ID is unique ...) +CVE-2021-1730 (<p>A spoofing vulnerability exists in Microsoft Exchange Server which ...) NOT-FOR-US: Microsoft CVE-2021-1729 (Windows Update Stack Setup Elevation of Privilege Vulnerability) NOT-FOR-US: Microsoft @@ -220332,7 +220500,7 @@ CVE-2021-1728 (System Center Operations Manager Elevation of Privilege Vulnerabi NOT-FOR-US: Microsoft CVE-2021-1727 (Windows Installer Elevation of Privilege Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-1726 (Microsoft SharePoint Spoofing Vulnerability) +CVE-2021-1726 (Microsoft SharePoint Server Spoofing Vulnerability) NOT-FOR-US: Microsoft CVE-2021-1725 (Bot Framework SDK Information Disclosure Vulnerability) NOT-FOR-US: Bot Framework SDK @@ -220346,21 +220514,21 @@ CVE-2021-1721 (.NET Core and Visual Studio Denial of Service Vulnerability) NOT-FOR-US: Microsoft .NET CVE-2021-1720 RESERVED -CVE-2021-1719 (Microsoft SharePoint Elevation of Privilege Vulnerability This CVE ID ...) +CVE-2021-1719 (Microsoft SharePoint Elevation of Privilege Vulnerability) NOT-FOR-US: Microsoft CVE-2021-1718 (Microsoft SharePoint Server Tampering Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-1717 (Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from ...) +CVE-2021-1717 (Microsoft SharePoint Server Spoofing Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-1716 (Microsoft Word Remote Code Execution Vulnerability This CVE ID is uniq ...) +CVE-2021-1716 (Microsoft Word Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-1715 (Microsoft Word Remote Code Execution Vulnerability This CVE ID is uniq ...) +CVE-2021-1715 (Microsoft Word Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-1714 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...) +CVE-2021-1714 (Microsoft Excel Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-1713 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...) +CVE-2021-1713 (Microsoft Excel Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-1712 (Microsoft SharePoint Elevation of Privilege Vulnerability This CVE ID ...) +CVE-2021-1712 (Microsoft SharePoint Elevation of Privilege Vulnerability) NOT-FOR-US: Microsoft CVE-2021-1711 (Microsoft Office Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft @@ -220496,13 +220664,13 @@ CVE-2021-1646 (Windows WLAN Service Elevation of Privilege Vulnerability) NOT-FOR-US: Microsoft CVE-2021-1645 (Windows Docker Information Disclosure Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-1644 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...) +CVE-2021-1644 (HEVC Video Extensions Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft -CVE-2021-1643 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...) +CVE-2021-1643 (HEVC Video Extensions Remote Code Execution Vulnerability) NOT-FOR-US: Microsoft CVE-2021-1642 (Windows AppX Deployment Extensions Elevation of Privilege Vulnerabilit ...) NOT-FOR-US: Microsoft -CVE-2021-1641 (Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from ...) +CVE-2021-1641 (Microsoft SharePoint Server Spoofing Vulnerability) NOT-FOR-US: Microsoft CVE-2021-1640 (Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID ...) NOT-FOR-US: Microsoft @@ -252196,8 +252364,8 @@ CVE-2020-17165 RESERVED CVE-2020-17164 RESERVED -CVE-2020-17163 - RESERVED +CVE-2020-17163 (Visual Studio Code Python Extension Remote Code Execution Vulnerabilit ...) + TODO: check CVE-2020-17162 (Microsoft Windows Security Feature Bypass Vulnerability) NOT-FOR-US: Microsoft CVE-2020-17161 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/292b6f13f2f35fb41686f9270fdd91cfe586fecb -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/292b6f13f2f35fb41686f9270fdd91cfe586fecb You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
