[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Feb 17 20:21:52 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5f230682 by Salvatore Bonaccorso at 2021-02-17T21:21:28+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2021-27362 (The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a Read Access Vio ...)
-	TODO: check
+	NOT-FOR-US: WPG plugin for IrfanView
 CVE-2021-27361
 	RESERVED
 CVE-2021-27360
@@ -277,7 +277,7 @@ CVE-2021-27226
 CVE-2021-27225
 	RESERVED
 CVE-2021-27224 (The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a user-mode write ...)
-	TODO: check
+	NOT-FOR-US: WPG plugin for IrfanView
 CVE-2021-27223
 	RESERVED
 CVE-2021-27222
@@ -1211,7 +1211,7 @@ CVE-2021-26811
 CVE-2021-26810
 	RESERVED
 CVE-2021-26809 (PHPGurukul Car Rental Project version 2.0 suffers from a remote shell  ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul Car Rental Project
 CVE-2021-26808
 	RESERVED
 CVE-2021-26807
@@ -3888,9 +3888,9 @@ CVE-2021-25782
 CVE-2021-25781
 	RESERVED
 CVE-2021-25780 (An arbitrary file upload vulnerability has been identified in posts.ph ...)
-	TODO: check
+	NOT-FOR-US: Baby Care System
 CVE-2021-25779 (Baby Care System v1.0 is vulnerable to SQL injection via the 'id' para ...)
-	TODO: check
+	NOT-FOR-US: Baby Care System
 CVE-2021-25778 (In JetBrains TeamCity before 2020.2.1, permissions during user deletio ...)
 	NOT-FOR-US: JetBrains TeamCity
 CVE-2021-25777 (In JetBrains TeamCity before 2020.2.1, permissions during token remova ...)
@@ -7990,7 +7990,7 @@ CVE-2021-23887
 CVE-2021-23886
 	RESERVED
 CVE-2021-23885 (Privilege escalation vulnerability in McAfee Web Gateway (MWG) prior t ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2021-23884
 	RESERVED
 CVE-2021-23883 (A Null Pointer Dereference vulnerability in McAfee Endpoint Security ( ...)
@@ -10098,11 +10098,11 @@ CVE-2021-22857 (The CGE page with download function contains a Directory Travers
 CVE-2021-22856 (The CGE property management system contains SQL Injection vulnerabilit ...)
 	TODO: check
 CVE-2021-22855 (The specific function of HR Portal of Soar Cloud System accepts any ty ...)
-	TODO: check
+	NOT-FOR-US: HR Portal of Soar Cloud System
 CVE-2021-22854 (The HR Portal of Soar Cloud System fails to filter specific parameters ...)
-	TODO: check
+	NOT-FOR-US: HR Portal of Soar Cloud System
 CVE-2021-22853 (The HR Portal of Soar Cloud System fails to manage access control. Whi ...)
-	TODO: check
+	NOT-FOR-US: HR Portal of Soar Cloud System
 CVE-2021-22852 (HGiga EIP product contains SQL Injection vulnerability. Attackers can  ...)
 	NOT-FOR-US: HGiga EIP
 CVE-2021-22851 (HGiga EIP product contains SQL Injection vulnerability. Attackers can  ...)
@@ -13354,9 +13354,9 @@ CVE-2020-36005
 CVE-2020-36004
 	RESERVED
 CVE-2020-36003 (The id parameter in detail.php of Online Book Store v1.0 is vulnerable ...)
-	TODO: check
+	NOT-FOR-US: Online Book Store
 CVE-2020-36002 (Seat-Reservation-System 1.0 has a SQL injection vulnerability in index ...)
-	TODO: check
+	NOT-FOR-US: Seat-Reservation-System
 CVE-2020-36001
 	RESERVED
 CVE-2020-36000
@@ -18348,7 +18348,7 @@ CVE-2020-35341
 CVE-2020-35340
 	RESERVED
 CVE-2020-35339 (In 74cms version 5.0.1, there is a remote code execution vulnerability ...)
-	TODO: check
+	NOT-FOR-US: 74cms
 CVE-2020-35338 (The Web Administrative Interface in Mobile Viewpoint Wireless Multiple ...)
 	NOT-FOR-US: Mobile Viewpoint Wireless Multiplex Terminal (WMT) Playout Server
 CVE-2020-35337
@@ -23420,7 +23420,7 @@ CVE-2021-1418
 CVE-2021-1417
 	RESERVED
 CVE-2021-1416 (Multiple vulnerabilities in the Admin portal of Cisco Identity Service ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1415
 	RESERVED
 CVE-2021-1414
@@ -23428,7 +23428,7 @@ CVE-2021-1414
 CVE-2021-1413
 	RESERVED
 CVE-2021-1412 (Multiple vulnerabilities in the Admin portal of Cisco Identity Service ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1411
 	RESERVED
 CVE-2021-1410
@@ -23496,7 +23496,7 @@ CVE-2021-1380
 CVE-2021-1379
 	RESERVED
 CVE-2021-1378 (A vulnerability in the SSH service of the Cisco StarOS operating syste ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1377
 	RESERVED
 CVE-2021-1376
@@ -23508,7 +23508,7 @@ CVE-2021-1374
 CVE-2021-1373
 	RESERVED
 CVE-2021-1372 (A vulnerability in Cisco Webex Meetings Desktop App and Webex Producti ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1371
 	RESERVED
 CVE-2021-1370 (A vulnerability in a CLI command of Cisco IOS XR Software for the Cisc ...)
@@ -23520,7 +23520,7 @@ CVE-2021-1368
 CVE-2021-1367
 	RESERVED
 CVE-2021-1366 (A vulnerability in the interprocess communication (IPC) channel of Cis ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1365
 	RESERVED
 CVE-2021-1364 (Multiple vulnerabilities in Cisco Unified Communications Manager IM &a ...)
@@ -23550,7 +23550,7 @@ CVE-2021-1353 (A vulnerability in the IPv4 protocol handling of Cisco StarOS cou
 CVE-2021-1352
 	RESERVED
 CVE-2021-1351 (A vulnerability in the web-based interface of Cisco Webex Meetings cou ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1350 (A vulnerability in the web UI of Cisco Umbrella could allow an unauthe ...)
 	NOT-FOR-US: Cisco
 CVE-2021-1349 (A vulnerability in the web-based management interface of Cisco SD-WAN  ...)
@@ -60423,17 +60423,17 @@ CVE-2020-13557 (A use after free vulnerability exists in the JavaScript engine o
 CVE-2020-13556 (An out-of-bounds write vulnerability exists in the Ethernet/IP server  ...)
 	NOT-FOR-US: EIP Stack Group OpENer
 CVE-2020-13555 (An exploitable local privilege elevation vulnerability exists in the f ...)
-	TODO: check
+	NOT-FOR-US: Advantech WebAccess/SCADA
 CVE-2020-13554
 	RESERVED
 CVE-2020-13553 (An exploitable local privilege elevation vulnerability exists in the f ...)
-	TODO: check
+	NOT-FOR-US: Advantech WebAccess/SCADA
 CVE-2020-13552 (An exploitable local privilege elevation vulnerability exists in the f ...)
-	TODO: check
+	NOT-FOR-US: Advantech WebAccess/SCADA
 CVE-2020-13551 (An exploitable local privilege elevation vulnerability exists in the f ...)
-	TODO: check
+	NOT-FOR-US: Advantech WebAccess/SCADA
 CVE-2020-13550 (A local file inclusion vulnerability exists in the installation functi ...)
-	TODO: check
+	NOT-FOR-US: Advantech WebAccess/SCADA
 CVE-2020-13549
 	RESERVED
 CVE-2020-13548 (In Foxit Reader 10.1.0.37527, a specially crafted PDF document can tri ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5f230682203a23301136e6df585df14f0517bbb0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5f230682203a23301136e6df585df14f0517bbb0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210217/584d3269/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list