[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Thu Jan 21 08:25:53 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
33ab3d73 by Salvatore Bonaccorso at 2021-01-21T09:25:38+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -768,7 +768,7 @@ CVE-2021-3166 (An issue was discovered on ASUS DSL-N14U-B1 1.1.2.3_805 devices.
CVE-2021-3165
RESERVED
CVE-2021-3164 (ChurchRota 2.6.4 is vulnerable to authenticated remote code execution. ...)
- TODO: check
+ NOT-FOR-US: ChurchRota
CVE-2021-3163
RESERVED
CVE-2021-25301
@@ -3643,7 +3643,7 @@ CVE-2021-3132
CVE-2021-3131 (The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 enco ...)
NOT-FOR-US: 1C:Enterprise
CVE-2021-3130 (Within the Open-AudIT up to version 3.5.3 application, the web interfa ...)
- TODO: check
+ NOT-FOR-US: Open-AudIT
CVE-2021-3129 (Ignition before 2.5.2, as used in Laravel and other products, allows u ...)
NOT-FOR-US: Ignition
CVE-2021-3128
@@ -5043,7 +5043,7 @@ CVE-2021-3112
CVE-2021-3111 (The Express Entries Dashboard in Concrete5 8.5.4 allows stored XSS via ...)
NOT-FOR-US: Concrete5
CVE-2021-3110 (The store system in PrestaShop 1.7.7.0 allows time-based boolean SQL i ...)
- TODO: check
+ NOT-FOR-US: PrestaShop
CVE-2021-3109
RESERVED
CVE-2021-23242 (MERCUSYS Mercury X18G 1.0.5 devices allow Directory Traversal via ../ ...)
@@ -13834,9 +13834,9 @@ CVE-2020-35274 (DotCMS Add Template with admin panel 20.11 is affected by cross-
CVE-2020-35273 (EgavilanMedia User Registration & Login System with Admin Panel 1. ...)
NOT-FOR-US: EgavilanMedia User Registration & Login System with Admin Panel
CVE-2020-35272 (Employee Performance Evaluation System in PHP/MySQLi with Source Code ...)
- TODO: check
+ NOT-FOR-US: Employee Performance Evaluation System in PHP/MySQLi with Source Code
CVE-2020-35271 (Employee Performance Evaluation System in PHP/MySQLi with Source Code ...)
- TODO: check
+ NOT-FOR-US: Employee Performance Evaluation System in PHP/MySQLi with Source Code
CVE-2020-35270
RESERVED
CVE-2020-35269 (Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross ...)
@@ -13946,7 +13946,7 @@ CVE-2020-35219 (The ASUS DSL-N17U modem with firmware 1.1.0.2 allows attackers t
CVE-2020-35218
RESERVED
CVE-2020-35217 (Vert.x-Web framework v4.0 milestone 1-4 does not perform a correct CSR ...)
- TODO: check
+ NOT-FOR-US: Vert.x-Web framework
CVE-2020-35216
RESERVED
CVE-2020-35215
@@ -14954,65 +14954,65 @@ CVE-2021-2120 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtu
CVE-2021-2119 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
CVE-2021-2118 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2117 (Vulnerability in the Oracle Application Express Survey Builder compone ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2116 (Vulnerability in the Oracle Application Express Opportunity Tracker co ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2115 (Vulnerability in the Oracle Common Applications Calendar product of Or ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2114 (Vulnerability in the Oracle Common Applications Calendar product of Or ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2113 (Vulnerability in the Oracle Financial Services Revenue Management and ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2112 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
CVE-2021-2111 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
CVE-2021-2110 (Vulnerability in the Oracle Argus Safety product of Oracle Health Scie ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2109 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2108 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2107 (Vulnerability in the Oracle Customer Interaction History product of Or ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2106 (Vulnerability in the Oracle Customer Interaction History product of Or ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2105 (Vulnerability in the Oracle Customer Interaction History product of Or ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2104 (Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2103 (Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2102 (Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2101 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2100 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2099 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2098 (Vulnerability in the Oracle Email Center product of Oracle E-Business ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2097 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2096 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2095
RESERVED
CVE-2021-2094 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2093 (Vulnerability in the Oracle Common Applications product of Oracle E-Bu ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2092 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2091 (Vulnerability in the Oracle Scripting product of Oracle E-Business Sui ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2090 (Vulnerability in the Oracle Email Center product of Oracle E-Business ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2089 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2088 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
CVE-2021-2087 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
@@ -15020,27 +15020,27 @@ CVE-2021-2087 (Vulnerability in the MySQL Server product of Oracle MySQL (compon
CVE-2021-2086 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
CVE-2021-2085 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2084 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2083 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2082 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2081 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
CVE-2021-2080 (Vulnerability in the Oracle Configurator product of Oracle Supply Chai ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2079 (Vulnerability in the Oracle Configurator product of Oracle Supply Chai ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2078 (Vulnerability in the Oracle Configurator product of Oracle Supply Chai ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2077 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2076 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
CVE-2021-2075 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2074 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.18-dfsg-1
CVE-2021-2073 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
@@ -15048,36 +15048,36 @@ CVE-2021-2073 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtu
CVE-2021-2072 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
CVE-2021-2071 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2070 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
CVE-2021-2069 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2068 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2067 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2066 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2065 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
CVE-2021-2064 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2063 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2062 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2061 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
CVE-2021-2060 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
- mysql-5.7 <unfixed>
CVE-2021-2059 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2058 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
CVE-2021-2057 (Vulnerability in the Oracle Retail Customer Management and Segmentatio ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2056 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
CVE-2021-2055 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
@@ -24183,7 +24183,7 @@ CVE-2020-27585 (Quick Heal Total Security before 19.0 allows attackers with loca
CVE-2020-27584
RESERVED
CVE-2020-27583 (** UNSUPPORTED WHEN ASSIGNED ** IBM InfoSphere Information Server 8.5. ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-27582
RESERVED
CVE-2020-27581
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33ab3d7333abc7f09ae81c6224b593a178ec405b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33ab3d7333abc7f09ae81c6224b593a178ec405b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210121/eb2e8efe/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list