[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Wed Jan 13 17:21:38 GMT 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5b4a7d68 by Moritz Muehlenhoff at 2021-01-13T18:21:25+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -39,11 +39,11 @@ CVE-2021-23922
CVE-2021-23921
RESERVED
CVE-2020-36191 (JupyterHub 1.1.0 allows CSRF in the admin panel via a request that lac ...)
- TODO: check
+ NOT-FOR-US: JupyterHub
CVE-2020-36190 (RailsAdmin (aka rails_admin) before 1.4.3 and 2.x before 2.0.2 allows ...)
- TODO: check
+ NOT-FOR-US: RailsAdmin
CVE-2021-3134 (Mubu 2.2.1 allows local users to gain privileges to execute commands, ...)
- TODO: check
+ NOT-FOR-US: Mubu
CVE-2021-3133 (The Elementor Contact Form DB plugin before 1.6 for WordPress allows C ...)
NOT-FOR-US: Elementor Contact Form DB plugin for WordPress
CVE-2021-3132
@@ -53,7 +53,7 @@ CVE-2021-3131
CVE-2021-3130
RESERVED
CVE-2021-3129 (Ignition before 2.5.2, as used in Laravel and other products, allows u ...)
- TODO: check
+ NOT-FOR-US: Ignition
CVE-2021-3128
RESERVED
CVE-2021-23920
@@ -255,7 +255,7 @@ CVE-2021-3118 (** UNSUPPORTED WHEN ASSIGNED ** EVOLUCARE ECSIMAGING (aka ECS Ima
CVE-2021-3117
RESERVED
CVE-2021-3116 (before_upstream_connection in AuthPlugin in http/proxy/auth.py in prox ...)
- TODO: check
+ NOT-FOR-US: proxy.py
CVE-2021-3115
RESERVED
CVE-2021-3114
@@ -4122,7 +4122,7 @@ CVE-2021-3013
CVE-2021-3012
RESERVED
CVE-2021-3011 (An electromagnetic-wave side-channel issue was discovered on NXP Smart ...)
- TODO: check
+ NOT-FOR-US: NXP
CVE-2021-3010
RESERVED
CVE-2021-3009
@@ -5827,19 +5827,19 @@ CVE-2021-21473
CVE-2021-21472
RESERVED
CVE-2021-21471 (In CLA-Assistant, versions before 2.8.5, due to improper access contro ...)
- TODO: check
+ NOT-FOR-US: CLA-Assistant
CVE-2021-21470 (SAP EPM Add-in for Microsoft Office, version - 1010 and SAP EPM Add-in ...)
NOT-FOR-US: SAP
CVE-2021-21469 (When security guidelines for SAP NetWeaver Master Data Management, ver ...)
NOT-FOR-US: SAP
CVE-2021-21468 (The BW Database Interface does not perform necessary authorization che ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-21467 (SAP Banking Services (Generic Market Data) 400, 450, and 500 does not ...)
NOT-FOR-US: SAP
CVE-2021-21466 (SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 75 ...)
NOT-FOR-US: SAP
CVE-2021-21465 (The BW Database Interface allows an attacker with low privileges to ex ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-21464 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
NOT-FOR-US: SAP
CVE-2021-21463 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
@@ -6267,7 +6267,7 @@ CVE-2020-35688
CVE-2020-35687
RESERVED
CVE-2020-35686 (The SECOMN service in Sound Research DCHU model software component mod ...)
- TODO: check
+ NOT-FOR-US: Sound Research
CVE-2020-35685
RESERVED
CVE-2020-35684
@@ -12507,11 +12507,11 @@ CVE-2021-1727
CVE-2021-1726
RESERVED
CVE-2021-1725 (Bot Framework SDK Information Disclosure Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Bot Framework SDK
CVE-2021-1724
RESERVED
CVE-2021-1723 (ASP.NET Core and Visual Studio Denial of Service Vulnerability ...)
- TODO: check
+ NOT-FOR-US: ASP.NET Core and Visual Studio
CVE-2021-1722
RESERVED
CVE-2021-1721
@@ -12645,7 +12645,7 @@ CVE-2021-1658 (Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-1657 (Windows Fax Compose Form Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-1656 (TPM Device Driver Information Disclosure Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-1655 (Windows CSC Service Elevation of Privilege Vulnerability This CVE ID i ...)
NOT-FOR-US: Microsoft
CVE-2021-1654 (Windows CSC Service Elevation of Privilege Vulnerability This CVE ID i ...)
@@ -16281,7 +16281,7 @@ CVE-2020-28397
CVE-2020-28396 (A vulnerability has been identified in SICAM A8000 CP-8000 (All versio ...)
NOT-FOR-US: Siemens
CVE-2020-28395 (A vulnerability has been identified in SCALANCE X-300 switch family (i ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-28394
RESERVED
CVE-2020-28393
@@ -16289,9 +16289,9 @@ CVE-2020-28393
CVE-2020-28392
RESERVED
CVE-2020-28391 (A vulnerability has been identified in SCALANCE X-200 switch family (i ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-28390 (A vulnerability has been identified in Opcenter Execution Core (V8.2), ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-28389
RESERVED
CVE-2020-28388
@@ -16299,17 +16299,17 @@ CVE-2020-28388
CVE-2020-28387
RESERVED
CVE-2020-28386 (A vulnerability has been identified in Solid Edge (All Versions < S ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-28385
RESERVED
CVE-2020-28384 (A vulnerability has been identified in Solid Edge (All Versions < S ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-28383 (A vulnerability has been identified in JT2Go (All Versions < V13.1. ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-28382 (A vulnerability has been identified in Solid Edge (All Versions < S ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-28381 (A vulnerability has been identified in Solid Edge (All Versions < S ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-28380
RESERVED
CVE-2020-28379
@@ -17909,7 +17909,7 @@ CVE-2021-0322 (In onCreate of SlicePermissionActivity.java, there is a possible
CVE-2021-0321 (In enforceDumpPermissionForPackage of ActivityManagerService.java, the ...)
NOT-FOR-US: Android
CVE-2021-0320 (In is_device_locked and set_device_locked of keystore_keymaster_enforc ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-0319 (In checkCallerIsSystemOr of CompanionDeviceManagerService.java, there ...)
NOT-FOR-US: Android
CVE-2021-0318 (In appendEventsToCacheLocked of SensorEventConnection.cpp, there is a ...)
@@ -17917,7 +17917,7 @@ CVE-2021-0318 (In appendEventsToCacheLocked of SensorEventConnection.cpp, there
CVE-2021-0317 (In createOrUpdate of Permission.java and related code, there is possib ...)
NOT-FOR-US: Android
CVE-2021-0316 (In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible out of ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-0315 (In onCreate of GrantCredentialsPermissionActivity.java, there is a pos ...)
NOT-FOR-US: Android
CVE-2021-0314
@@ -17925,15 +17925,15 @@ CVE-2021-0314
CVE-2021-0313 (In isWordBreakAfter of LayoutUtils.cpp, there is a possible way to slo ...)
NOT-FOR-US: Android
CVE-2021-0312 (In WAVSource::read of WAVExtractor.cpp, there is a possible out of bou ...)
- TODO: check
+ NOT-FOR-US: Android media framework
CVE-2021-0311 (In ElementaryStreamQueue::dequeueAccessUnitH264() of ESQueue.cpp, ther ...)
- TODO: check
+ NOT-FOR-US: Android media framework
CVE-2021-0310 (In LazyServiceRegistrar of LazyServiceRegistrar.cpp, there is a possib ...)
NOT-FOR-US: Android
CVE-2021-0309 (In onCreate of grantCredentialsPermissionActivity, there is a confused ...)
NOT-FOR-US: Android
CVE-2021-0308 (In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-0307 (In updatePermissionSourcePackage of PermissionManagerService.java, the ...)
NOT-FOR-US: Android
CVE-2021-0306 (In addAllPermissions of PermissionManagerService.java, there is a poss ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b4a7d68e8b2446ffbe7d2585e3f4f0ad7c7e139
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b4a7d68e8b2446ffbe7d2585e3f4f0ad7c7e139
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210113/cb8af7b6/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list