[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Aug 17 21:23:47 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4c74ff04 by Salvatore Bonaccorso at 2021-08-17T22:23:14+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6915,7 +6915,7 @@ CVE-2021-36122 (An issue was discovered in Echo ShareCare 8.15.5. The UnzipFile
 CVE-2021-36121 (An issue was discovered in Echo ShareCare 8.15.5. The file-upload feat ...)
 	NOT-FOR-US: Echo ShareCare
 CVE-2021-3633 (A DLL preloading vulnerability was reported in Lenovo Driver Managemen ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2021-36120
 	RESERVED
 CVE-2021-36119
@@ -8413,7 +8413,7 @@ CVE-2021-35494
 CVE-2021-35493
 	RESERVED
 CVE-2021-3619 (Rapid7 Velociraptor 0.5.9 and prior is vulnerable to a post-authentica ...)
-	TODO: check
+	NOT-FOR-US: Rapid7 Velociraptor
 CVE-2021-35492
 	RESERVED
 CVE-2021-35491
@@ -8477,11 +8477,11 @@ CVE-2021-3618
 	NOTE: sendmail: Fixed in 3.16.1: https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
 	NOTE: exim4 has config option: https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
 CVE-2021-3617 (A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E th ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2021-3616 (A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E th ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2021-3615 (A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E th ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2021-3614 (A vulnerability was reported on some Lenovo Notebook systems that coul ...)
 	NOT-FOR-US: Lenovo
 CVE-2021-35474 (Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache ...)
@@ -24229,7 +24229,7 @@ CVE-2021-3460 (The Motorola MH702x devices, prior to version 2.0.0.301, do not p
 CVE-2021-3459 (A privilege escalation vulnerability was reported in the MM1000 device ...)
 	TODO: check
 CVE-2021-3458 (The Motorola MM1000 device configuration portal can be accessed withou ...)
-	TODO: check
+	NOT-FOR-US: Motorola MM1000 device configuration portal
 CVE-2021-29082 (Certain NETGEAR devices are affected by disclosure of sensitive inform ...)
 	NOT-FOR-US: NETGEAR
 CVE-2021-29081 (Certain NETGEAR devices are affected by a stack-based buffer overflow  ...)
@@ -40685,7 +40685,7 @@ CVE-2021-22158 (The Proofpoint Insider Threat Management Server (formerly Observ
 CVE-2021-22157 (Proofpoint Insider Threat Management Server (formerly ObserveIT Server ...)
 	NOT-FOR-US: Proofpoint Insider Threat Management Server
 CVE-2021-22156 (An integer overflow vulnerability in the calloc() function of the C ru ...)
-	TODO: check
+	NOT-FOR-US: BlackBerry
 CVE-2021-22155 (An Authentication Bypass vulnerability in the SAML Authentication comp ...)
 	NOT-FOR-US: BlackBerry Workspaces Server
 CVE-2021-22154 (An Information Disclosure vulnerability in the Management Console comp ...)
@@ -41362,7 +41362,7 @@ CVE-2021-21834
 CVE-2021-21833 (An improper array index validation vulnerability exists in the TIF IP_ ...)
 	NOT-FOR-US: Accusoft ImageGear
 CVE-2021-21832 (A VULNERABILITY_CLASS vulnerability exists in the FEATURE functionalit ...)
-	TODO: check
+	NOT-FOR-US: Disc Soft Ltd Deamon Tools Pro
 CVE-2021-21831 (A use-after-free vulnerability exists in the JavaScript engine of Foxi ...)
 	NOT-FOR-US: Foxit
 CVE-2021-21830 (A heap-based buffer overflow vulnerability exists in the XML Decompres ...)
@@ -50497,7 +50497,7 @@ CVE-2020-29550 (An issue was discovered in URVE Build 24.03.2020. The password o
 CVE-2020-29549
 	RESERVED
 CVE-2020-29548 (An issue was discovered in SmarterTools SmarterMail through 100.0.7537 ...)
-	TODO: check
+	NOT-FOR-US: SmarterTools
 CVE-2020-29547
 	RESERVED
 CVE-2020-29546
@@ -52386,7 +52386,7 @@ CVE-2020-28848
 CVE-2020-28847
 	RESERVED
 CVE-2020-28846 (Cross Site Request Forgery (CSRF) vulnerability exists in SeaCMS 10.7  ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2020-28845 (A CSV injection vulnerability in the Admin portal for Netskope 75.0 al ...)
 	NOT-FOR-US: Admin portal for Netskope
 CVE-2020-28844
@@ -69621,7 +69621,7 @@ CVE-2020-22939
 CVE-2020-22938
 	RESERVED
 CVE-2020-22937 (A remote code execution (RCE) in e/install/index.php of EmpireCMS 7.5  ...)
-	TODO: check
+	NOT-FOR-US: EmpireCMS
 CVE-2020-22936
 	RESERVED
 CVE-2020-22935



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c74ff04531640765b4fa241a37cbd4433418c13

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c74ff04531640765b4fa241a37cbd4433418c13
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210817/85462932/attachment.htm>

More information about the debian-security-tracker-commits mailing list