[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Aug 30 21:41:56 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
94234aac by Salvatore Bonaccorso at 2021-08-30T22:41:33+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4194,13 +4194,13 @@ CVE-2021-38395
CVE-2021-38394
RESERVED
CVE-2021-38393 (A Blind SQL injection vulnerability exists in the /DataHandler/Handler ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2021-38392
RESERVED
CVE-2021-38391 (A Blind SQL injection vulnerability exists in the /DataHandler/AM/AM_H ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2021-38390 (A Blind SQL injection vulnerability exists in the /DataHandler/Handler ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2021-38389
RESERVED
CVE-2021-38388
@@ -4327,9 +4327,9 @@ CVE-2021-38345
CVE-2021-38344
RESERVED
CVE-2021-38343 (The Nested Pages WordPress plugin <= 3.1.15 was vulnerable to an Op ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38342 (The Nested Pages WordPress plugin <= 3.1.15 was vulnerable to Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38341
RESERVED
CVE-2021-38340
@@ -5381,7 +5381,7 @@ CVE-2021-37913
CVE-2021-37912
RESERVED
CVE-2021-37911 (The management interface of BenQ smart wireless conference projector d ...)
- TODO: check
+ NOT-FOR-US: BenQ smart wireless conference projector
CVE-2021-37910
RESERVED
CVE-2021-37909
@@ -6458,7 +6458,7 @@ CVE-2021-37423
CVE-2021-37422
RESERVED
CVE-2021-37421 (Zoho ManageEngine ADSelfService Plus 6103 and prior is vulnerable to a ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-37420
RESERVED
CVE-2021-37419
@@ -6466,9 +6466,9 @@ CVE-2021-37419
CVE-2021-37418
RESERVED
CVE-2021-37417 (Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAP ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-37416 (Zoho ManageEngine ADSelfService Plus version 6103 and prior is vulnera ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-37415
RESERVED
CVE-2021-37414
@@ -9908,7 +9908,7 @@ CVE-2021-3629
- undertow <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1977362
CVE-2021-3628 (OpenKM Community Edition in its 6.3.10 version is vulnerable to authen ...)
- TODO: check
+ NOT-FOR-US: OpenKM
CVE-2021-3627
RESERVED
CVE-2021-35940 (An out-of-bounds array read in the apr_time_exp*() functions was fixed ...)
@@ -12749,7 +12749,7 @@ CVE-2021-34670
CVE-2021-34669
RESERVED
CVE-2021-34668 (The WordPress Real Media Library WordPress plugin is vulnerable to Sto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-34667 (The Calendar_plugin WordPress plugin is vulnerable to Reflected Cross- ...)
NOT-FOR-US: WordPress plugin
CVE-2021-34666 (The Add Sidebar WordPress plugin is vulnerable to Reflected Cross-Site ...)
@@ -12793,7 +12793,7 @@ CVE-2021-34648
CVE-2021-34647
RESERVED
CVE-2021-34646 (Versions up to, and including, 5.4.3, of the Booster for WooCommerce W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-34645 (The Shopping Cart & eCommerce Store WordPress plugin is vulnerable ...)
NOT-FOR-US: WordPress plugin
CVE-2021-34644 (The Multiplayer Games WordPress plugin is vulnerable to Reflected Cros ...)
@@ -16510,7 +16510,7 @@ CVE-2021-33057
CVE-2021-33056 (Belledonne Belle-sip before 4.5.20, as used in Linphone and other prod ...)
NOT-FOR-US: Belledonne Belle-sip
CVE-2021-33055 (Zoho ManageEngine ADSelfService Plus through 6102 allows unauthenticat ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-33054 (SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not valida ...)
{DLA-2707-1}
- sogo 5.1.1-1 (bug #989479)
@@ -16618,7 +16618,7 @@ CVE-2021-33021
CVE-2021-33020
RESERVED
CVE-2021-33019 (A stack-based buffer overflow vulnerability in Delta Electronics DOPSo ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2021-33018
RESERVED
CVE-2021-33017
@@ -16642,7 +16642,7 @@ CVE-2021-33009
CVE-2021-33008
RESERVED
CVE-2021-33007 (A heap-based buffer overflow in Delta Electronics TPEditor: v1.98.06 a ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2021-33006
RESERVED
CVE-2021-33005
@@ -16650,7 +16650,7 @@ CVE-2021-33005
CVE-2021-33004 (The affected product is vulnerable to memory corruption condition due ...)
NOT-FOR-US: WebAccess HMI Designer
CVE-2021-33003 (Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an atta ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2021-33002 (Opening a maliciously crafted project file may cause an out-of-bounds ...)
NOT-FOR-US: WebAccess HMI Designer
CVE-2021-33001
@@ -16674,7 +16674,7 @@ CVE-2021-32993
CVE-2021-32992 (FATEK Automation WinProladder Versions 3.30 and prior do not properly ...)
NOT-FOR-US: FATEK Automation WinProladder
CVE-2021-32991 (Delta Electronics DIAEnergie Version 1.7.5 and prior is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2021-32990 (FATEK Automation WinProladder Versions 3.30 and prior are vulnerable t ...)
NOT-FOR-US: FATEK Automation WinProladder
CVE-2021-32989
@@ -16690,7 +16690,7 @@ CVE-2021-32985
CVE-2021-32984
RESERVED
CVE-2021-32983 (A Blind SQL injection vulnerability exists in the /DataHandler/Handler ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2021-32982
RESERVED
CVE-2021-32981
@@ -16722,7 +16722,7 @@ CVE-2021-32969
CVE-2021-32968
RESERVED
CVE-2021-32967 (Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an atta ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2021-32966
RESERVED
CVE-2021-32965
@@ -16746,7 +16746,7 @@ CVE-2021-32957
CVE-2021-32956 (Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to re ...)
NOT-FOR-US: Advantech WebAccess/SCADA
CVE-2021-32955 (Delta Electronics DIAEnergie Version 1.7.5 and prior allows unrestrict ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2021-32954 (Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a ...)
NOT-FOR-US: Advantech WebAccess/SCADA
CVE-2021-32953
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/94234aacdd01b45245cadc30bd5aabcc0c4727e5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/94234aacdd01b45245cadc30bd5aabcc0c4727e5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210830/cc18c8cf/attachment.htm>
More information about the debian-security-tracker-commits
mailing list