[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Aug 10 21:28:04 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
38bb7891 by Salvatore Bonaccorso at 2021-08-10T22:27:38+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10689,7 +10689,7 @@ CVE-2021-33709 (A vulnerability has been identified in Teamcenter Active Workspa
CVE-2021-33708
RESERVED
CVE-2021-33707 (SAP NetWeaver Knowledge Management allows remote attackers to redirect ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-33706 (Due to improper input validation in InfraBox, logs can be modified by ...)
TODO: check
CVE-2021-33705
@@ -20659,7 +20659,7 @@ CVE-2021-29741 (IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to explo
CVE-2021-29740 (IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 sys ...)
NOT-FOR-US: IBM
CVE-2021-29739 (IBM Planning Analytics Local 2.0 could allow a remote attacker to obta ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-29738
RESERVED
CVE-2021-29737
@@ -39963,9 +39963,9 @@ CVE-2021-21603 (Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not esca
CVE-2021-21602 (Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows reading arbi ...)
- jenkins <removed>
CVE-2021-21601 (Dell EMC Data Protection Search, 19.4 and prior, and IDPA, 2.6.1 and p ...)
- TODO: check
+ NOT-FOR-US: EMC
CVE-2021-21600 (Dell EMC NetWorker, 19.4 or older, contain an uncontrolled resource co ...)
- TODO: check
+ NOT-FOR-US: EMC
CVE-2021-21599
RESERVED
CVE-2021-21598 (Dell Wyse ThinOS, versions 9.0, 9.1, and 9.1 MR1, contain a Sensitive ...)
@@ -44360,7 +44360,7 @@ CVE-2021-20351 (IBM Engineering products are vulnerable to cross-site scripting.
CVE-2021-20350 (IBM Engineering products are vulnerable to cross-site scripting. This ...)
NOT-FOR-US: IBM
CVE-2021-20349 (IBM Tivoli Workload Scheduler 9.4 and 9.5 is vulnerable to a stack-bas ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-20348 (IBM Jazz Foundation and IBM Engineering products are vulnerable to ser ...)
NOT-FOR-US: IBM
CVE-2021-20347 (IBM Jazz Foundation and IBM Engineering products are vulnerable to ser ...)
@@ -187298,15 +187298,15 @@ CVE-2018-17867 (The Port Forwarding functionality on DASAN H660GW devices allows
CVE-2018-17866 (Multiple cross-site scripting (XSS) vulnerabilities in includes/core/u ...)
NOT-FOR-US: "Ultimate Member - User Profile & Membership" plugin for WordPress
CVE-2018-17865 (** UNSUPPORTED WHEN ASSIGNED ** A cross-site scripting (XSS) vulnerabi ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-17864
RESERVED
CVE-2018-17863
RESERVED
CVE-2018-17862 (** UNSUPPORTED WHEN ASSIGNED ** A cross-site scripting (XSS) vulnerabi ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-17861 (** UNSUPPORTED WHEN ASSIGNED ** A cross-site scripting (XSS) vulnerabi ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-17860 (Cloudera CDH has Insecure Permissions because ALL cannot be revoked.Th ...)
NOT-FOR-US: Cloudera
CVE-2018-17859 (An issue was discovered in Joomla! before 3.8.13. Inadequate checks in ...)
@@ -321854,7 +321854,7 @@ CVE-2015-7733
CVE-2015-7732 (The Avira Mobile Security app before 1.5.11 for iOS sends sensitive lo ...)
NOT-FOR-US: Avira Mobile Security app
CVE-2015-7731 (SAP Mobile Platform 3.0 SP05 ClientHub allows attackers to obtain the ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2015-7730 (SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and Bus ...)
NOT-FOR-US: SAP BusinessObjects
CVE-2015-7729 (Eval injection in test-net.xsjs in the Web-based Development Workbench ...)
@@ -338160,9 +338160,9 @@ CVE-2015-2076 (The Auditing service in SAP BusinessObjects Edge 4.0 allows remot
CVE-2015-2075 (SAP BusinessObjects Edge 4.0 allows remote attackers to delete audit e ...)
NOT-FOR-US: SAP
CVE-2015-2074 (The File Repository Server (FRS) CORBA listener in SAP BussinessObject ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2015-2073 (The File RepositoRy Server (FRS) CORBA listener in SAP BussinessObject ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2015-2072 (Multiple cross-site scripting (XSS) vulnerabilities in SAP HANA 73 (1. ...)
NOT-FOR-US: SAP
CVE-2015-2071 (Directory traversal vulnerability in cm/newui/blog/export.jsp in eTouc ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/38bb7891449098818072107ae8b56cd753988511
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/38bb7891449098818072107ae8b56cd753988511
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210810/d3c08afe/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list