[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Aug 19 21:32:11 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3efb1bab by Salvatore Bonaccorso at 2021-08-19T22:31:42+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5701,7 +5701,7 @@ CVE-2021-36764 (In CODESYS Gateway V3 before 3.5.17.10, there is a NULL Pointer
CVE-2021-36763 (In CODESYS V3 web server before 3.5.17.10, files or directories are ac ...)
NOT-FOR-US: CODESYS V3 web server
CVE-2021-36762 (An issue was discovered in HCC Embedded InterNiche NicheStack through ...)
- TODO: check
+ NOT-FOR-US: HCC Embedded InterNiche NicheStack
CVE-2021-36761
RESERVED
CVE-2021-36760
@@ -10504,7 +10504,7 @@ CVE-2021-34647
CVE-2021-34646
RESERVED
CVE-2021-34645 (The Shopping Cart & eCommerce Store WordPress plugin is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-34644 (The Multiplayer Games WordPress plugin is vulnerable to Reflected Cros ...)
NOT-FOR-US: WordPress plugin
CVE-2021-34643 (The Skaut bazar WordPress plugin is vulnerable to Reflected Cross-Site ...)
@@ -17186,7 +17186,7 @@ CVE-2021-3520 (There's a flaw in lz4. An attacker who submits a crafted file to
CVE-2021-31869 (Pimcore AdminBundle version 6.8.0 and earlier suffers from a SQL injec ...)
NOT-FOR-US: Pimcore
CVE-2021-31868 (Rapid7 Nexpose version 6.6.95 and earlier allows authenticated users o ...)
- TODO: check
+ NOT-FOR-US: Rapid7 Nexpose
CVE-2021-31867 (Pimcore Customer Data Framework version 3.0.0 and earlier suffers from ...)
NOT-FOR-US: Pimcore
CVE-2021-3519
@@ -18475,9 +18475,9 @@ CVE-2021-3500 (A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflo
CVE-2021-31402 (The dio package 4.0.0 for Dart allows CRLF injection if the attacker c ...)
NOT-FOR-US: dio package for Dart
CVE-2021-31401 (An issue was discovered in tcp_rcv() in nptcp.c in HCC embedded InterN ...)
- TODO: check
+ NOT-FOR-US: HCC embedded InterNiche
CVE-2021-31400 (An issue was discovered in tcp_pulloutofband() in tcp_in.c in HCC embe ...)
- TODO: check
+ NOT-FOR-US: HCC embedded InterNiche
CVE-2021-31399 (On 2N Access Unit 2.0 2.31.0.40.5 devices, an attacker can pose as the ...)
NOT-FOR-US: On 2N Access Unit devices
CVE-2021-31398
@@ -18631,7 +18631,7 @@ CVE-2021-31340 (A vulnerability has been identified in SIMATIC RF166C (All versi
CVE-2021-31339 (A vulnerability has been identified in Mendix Excel Importer Module (A ...)
NOT-FOR-US: Mendix Excel Importer Module
CVE-2021-31338 (A vulnerability has been identified in SINEMA Remote Connect Client (A ...)
- TODO: check
+ NOT-FOR-US: SINEMA Remote Connect Client
CVE-2021-31337 (The Telnet service of the SIMATIC HMI Comfort Panels system component ...)
NOT-FOR-US: Siemens
CVE-2021-31336
@@ -18908,11 +18908,11 @@ CVE-2021-31229 (An issue was discovered in libezxml.a in ezXML 0.8.6. The functi
[buster] - netcdf-parallel <no-dsa> (Minor issue)
NOTE: https://sourceforge.net/p/ezxml/bugs/26/
CVE-2021-31228 (An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnera ...)
- TODO: check
+ NOT-FOR-US: HCC embedded InterNiche
CVE-2021-31227 (An issue was discovered in HCC embedded InterNiche 4.0.1. A potential ...)
- TODO: check
+ NOT-FOR-US: HCC embedded InterNiche
CVE-2021-31226 (An issue was discovered in HCC embedded InterNiche 4.0.1. A potential ...)
- TODO: check
+ NOT-FOR-US: HCC embedded InterNiche
CVE-2021-31225 (SES Evolution before 2.1.0 allows deleting some resources not currentl ...)
NOT-FOR-US: SES Evolution
CVE-2021-31224 (SES Evolution before 2.1.0 allows duplicating an existing security pol ...)
@@ -23946,7 +23946,7 @@ CVE-2021-29282
CVE-2021-29281
RESERVED
CVE-2021-29280 (In TP-Link Wireless N Router WR840N an ARP poisoning attack can cause ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2021-29279 (There is a integer overflow in function filter_core/filter_props.c:gf_ ...)
- gpac 1.0.1+dfsg1-4 (bug #987323)
[buster] - gpac <not-affected> (Vulnerable code not present)
@@ -27076,11 +27076,11 @@ CVE-2021-28003
CVE-2021-28002 (A persistent cross-site scripting vulnerability was discovered in the ...)
TODO: check
CVE-2021-28001 (A cross-site scripting vulnerability was discovered in the Comments pa ...)
- TODO: check
+ NOT-FOR-US: Textpattern CMS
CVE-2021-28000 (A persistent cross-site scripting vulnerability was discovered in Loca ...)
- TODO: check
+ NOT-FOR-US: Local Services Search Engine Management System Project
CVE-2021-27999 (A SQL injection vulnerability was discovered in the editid parameter i ...)
- TODO: check
+ NOT-FOR-US: Local Services Search Engine Management System Project
CVE-2021-27998
RESERVED
CVE-2021-27997
@@ -27520,7 +27520,7 @@ CVE-2021-27824
CVE-2021-27823 (An information disclosure vulnerability was discovered in /index.class ...)
NOT-FOR-US: NetWave
CVE-2021-27822 (A persistent cross site scripting (XSS) vulnerability in the Add Categ ...)
- TODO: check
+ NOT-FOR-US: Vehicle Parking Management System
CVE-2021-27821 (The Web Interface for OpenWRT LuCI version 19.07 and lower has been di ...)
NOT-FOR-US: OpenWRT LuCI
CVE-2021-27820
@@ -28084,7 +28084,7 @@ CVE-2021-3414
RESERVED
NOT-FOR-US: Red Hat Satellite
CVE-2021-27565 (The web server in InterNiche NicheStack through 4.0.1 allows remote at ...)
- TODO: check
+ NOT-FOR-US: InterNiche NicheStack
CVE-2021-27564 (A stored XSS issue exists in Appspace 6.2.4. After a user is authentic ...)
NOT-FOR-US: Appspace
CVE-2021-27563
@@ -43542,11 +43542,11 @@ CVE-2020-35687 (PHPFusion version 9.03.90 is vulnerable to CSRF attack which lea
CVE-2020-35686 (The SECOMN service in Sound Research DCHU model software component mod ...)
NOT-FOR-US: Sound Research
CVE-2020-35685 (An issue was discovered in HCC Nichestack 3.0. The code that generates ...)
- TODO: check
+ NOT-FOR-US: HCC Nichestack
CVE-2020-35684 (An issue was discovered in HCC Nichestack 3.0. The code that parses TC ...)
- TODO: check
+ NOT-FOR-US: HCC Nichestack
CVE-2020-35683 (An issue was discovered in HCC Nichestack 3.0. The code that parses IC ...)
- TODO: check
+ NOT-FOR-US: HCC Nichestack
CVE-2020-35682 (Zoho ManageEngine ServiceDesk Plus before 11134 allows an Authenticati ...)
NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
CVE-2020-35681 (Django Channels 3.x before 3.0.3 allows remote attackers to obtain sen ...)
@@ -53128,7 +53128,7 @@ CVE-2021-1563 (Multiple vulnerabilities in the implementation of the Cisco Disco
CVE-2021-1562 (A vulnerability in the XSI-Actions interface of Cisco BroadWorks Appli ...)
NOT-FOR-US: Cisco
CVE-2021-1561 (A vulnerability in the spam quarantine feature of Cisco Secure Email a ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1560 (Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an ...)
NOT-FOR-US: Cisco
CVE-2021-1559 (Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an ...)
@@ -74594,13 +74594,13 @@ CVE-2020-20647
CVE-2020-20646
RESERVED
CVE-2020-20645 (Cross Site Scripting (XSS) vulnerability exists in EyouCMS1.3.6 in the ...)
- TODO: check
+ NOT-FOR-US: EyouCMS
CVE-2020-20644
RESERVED
CVE-2020-20643
RESERVED
CVE-2020-20642 (Cross Site Request Forgery (CSRF) vulnerability exists in EyouCMS 1.3. ...)
- TODO: check
+ NOT-FOR-US: EyouCMS
CVE-2020-20641
RESERVED
CVE-2020-20640 (Cross Site Scripting (XSS) vulnerability in ECShop 4.0 due to security ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3efb1bab2fa4af3ff55298d5234dcf91dade0204
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3efb1bab2fa4af3ff55298d5234dcf91dade0204
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210819/f35487b1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list