[Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Dec 15 20:33:11 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cb6b015a by Salvatore Bonaccorso at 2021-12-15T21:32:28+01:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11888,7 +11888,7 @@ CVE-2021-3833 (Integria IMS login check uses a loose comparator ("==") to compar
CVE-2021-3832 (Integria IMS in its 5.0.92 version is vulnerable to a Remote Code Exec ...)
NOT-FOR-US: Integria IMS
CVE-2021-3831 (gnuboard5 is vulnerable to Improper Neutralization of Input During Web ...)
- TODO: check
+ NOT-FOR-US: gnuboard5
CVE-2021-41765 (A SQL injection issue in pages/edit_fields/9_ajax/add_keyword.php of R ...)
NOT-FOR-US: ResourceSpace
CVE-2021-41764 (A cross-site request forgery (CSRF) vulnerability exists in Streama up ...)
@@ -12341,7 +12341,7 @@ CVE-2021-3823 (Improper Limitation of a Pathname to a Restricted Directory ('Pat
CVE-2021-3822 (jsoneditor is vulnerable to Inefficient Regular Expression Complexity ...)
NOT-FOR-US: jsoneditor
CVE-2021-41560 (OpenCATS through 0.9.6 allows remote attackers to execute arbitrary co ...)
- TODO: check
+ NOT-FOR-US: OpenCATS
CVE-2021-41559
RESERVED
CVE-2021-41558 (The set_user extension module before 3.0.0 for PostgreSQL allows Proce ...)
@@ -12764,7 +12764,7 @@ CVE-2021-41367 (NTFS Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-41366 (Credential Security Support Provider Protocol (CredSSP) Elevation of P ...)
NOT-FOR-US: Microsoft
CVE-2021-41365 (Microsoft Defender for IoT Remote Code Execution Vulnerability This CV ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-41364
RESERVED
CVE-2021-41363 (Intune Management Extension Security Feature Bypass Vulnerability ...)
@@ -12774,7 +12774,7 @@ CVE-2021-41362
CVE-2021-41361 (Active Directory Federation Server Spoofing Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-41360 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-41359
RESERVED
CVE-2021-41358
@@ -12828,7 +12828,7 @@ CVE-2021-41335 (Windows Kernel Elevation of Privilege Vulnerability ...)
CVE-2021-41334 (Windows Desktop Bridge Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-41333 (Windows Print Spooler Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-41332 (Windows Print Spooler Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-41331 (Windows Media Audio Decoder Remote Code Execution Vulnerability ...)
@@ -14072,9 +14072,9 @@ CVE-2021-40829 (Connections initialized by the AWS IoT Device SDK v2 for Java (v
CVE-2021-40828 (Connections initialized by the AWS IoT Device SDK v2 for Java (version ...)
NOT-FOR-US: AWS IoT Device SDK
CVE-2021-40827 (Clementine Music Player through 1.3.1 (when a GLib 2.0.0 DLL is used) ...)
- TODO: check
+ NOT-FOR-US: Clementine Music Player
CVE-2021-40826 (Clementine Music Player through 1.3.1 is vulnerable to a User Mode Wri ...)
- TODO: check
+ NOT-FOR-US: Clementine Music Player
CVE-2021-40825 (nLight ECLYPSE (nECY) system Controllers running software prior to 1.1 ...)
NOT-FOR-US: nLight ECLYPSE (nECY) system Controllers
CVE-2021-40824 (A logic error in the room key sharing functionality of Element Android ...)
@@ -14970,9 +14970,9 @@ CVE-2021-40455 (Windows Installer Spoofing Vulnerability ...)
CVE-2021-40454 (Rich Text Edit Control Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-40453 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-40452 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-40451
RESERVED
CVE-2021-40450 (Win32k Elevation of Privilege Vulnerability This CVE ID is unique from ...)
@@ -14994,7 +14994,7 @@ CVE-2021-40443 (Windows Common Log File System Driver Elevation of Privilege Vul
CVE-2021-40442 (Microsoft Excel Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-40441 (Windows Media Center Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-40440 (Microsoft Dynamics Business Central Cross-site Scripting Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-3764 [DoS in ccp_run_aes_gcm_cmd() function]
@@ -23630,7 +23630,7 @@ CVE-2021-36890
CVE-2021-36889
RESERVED
CVE-2021-36888 (Unauthenticated Arbitrary Options Update vulnerability leading to full ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-36887
RESERVED
CVE-2021-36886
@@ -24661,7 +24661,7 @@ CVE-2021-36452
CVE-2021-36451
RESERVED
CVE-2021-36450 (Verint Workforce Optimization (WFO) 15.2.8.10048 allows XSS via the co ...)
- TODO: check
+ NOT-FOR-US: Verint
CVE-2021-36449
RESERVED
CVE-2021-36448
@@ -59538,7 +59538,7 @@ CVE-2021-22281
CVE-2021-22280
RESERVED
CVE-2021-22279 (A Missing Authentication vulnerability in RobotWare for the OmniCore r ...)
- TODO: check
+ NOT-FOR-US: ABB / OmniCore robot controller
CVE-2021-22278 (A certificate validation vulnerability in PCM600 Update Manager allows ...)
NOT-FOR-US: PCM600 Update Manager
CVE-2021-22277
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb6b015a916f60a1dd836f69b1db0751b690f6df
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb6b015a916f60a1dd836f69b1db0751b690f6df
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211215/f0c0c958/attachment.htm>
More information about the debian-security-tracker-commits
mailing list