[Git][security-tracker-team/security-tracker][master] Process more NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Jan 28 08:22:27 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f80344d7 by Salvatore Bonaccorso at 2021-01-28T09:22:06+01:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,7 +3,7 @@ CVE-2021-3333
 CVE-2021-3332
 	RESERVED
 CVE-2021-3331 (WinSCP before 5.17.10 allows remote attackers to execute arbitrary pro ...)
-	TODO: check
+	NOT-FOR-US: WinSCP
 CVE-2021-3330
 	RESERVED
 CVE-2021-3329
@@ -87,7 +87,7 @@ CVE-2021-3320
 CVE-2021-3319
 	RESERVED
 CVE-2021-3318 (attach/ajax.php in DzzOffice through 2.02.1 allows XSS via the editori ...)
-	TODO: check
+	NOT-FOR-US: DzzOffice
 CVE-2021-26274
 	RESERVED
 CVE-2021-26273
@@ -570,7 +570,7 @@ CVE-2021-26069
 CVE-2021-26068
 	RESERVED
 CVE-2021-26067 (Affected versions of Atlassian Bamboo allow an unauthenticated remote  ...)
-	TODO: check
+	NOT-FOR-US: Atlassian
 CVE-2021-26066
 	RESERVED
 CVE-2021-26065
@@ -8148,11 +8148,11 @@ CVE-2021-22657
 CVE-2021-22656
 	RESERVED
 CVE-2021-22655 (Multiple out-of-bounds read issues have been identified in the way the ...)
-	TODO: check
+	NOT-FOR-US: Fuji Electric
 CVE-2021-22654
 	RESERVED
 CVE-2021-22653 (Multiple out-of-bounds write issues have been identified in the way th ...)
-	TODO: check
+	NOT-FOR-US: Fuji Electric
 CVE-2021-22652
 	RESERVED
 CVE-2021-22651
@@ -8176,15 +8176,15 @@ CVE-2021-22643
 CVE-2021-22642
 	RESERVED
 CVE-2021-22641 (A heap-based buffer overflow issue has been identified in the way the  ...)
-	TODO: check
+	NOT-FOR-US: Fuji Electric
 CVE-2021-22640
 	RESERVED
 CVE-2021-22639 (An uninitialized pointer issue has been identified in the way the appl ...)
-	TODO: check
+	NOT-FOR-US: Fuji Electric
 CVE-2021-22638
 	RESERVED
 CVE-2021-22637 (Multiple stack-based buffer overflow issues have been identified in th ...)
-	TODO: check
+	NOT-FOR-US: Fuji Electric
 CVE-2021-22636
 	RESERVED
 CVE-2021-22635
@@ -10797,7 +10797,7 @@ CVE-2020-36014
 CVE-2020-36013
 	RESERVED
 CVE-2020-36012 (Stored XSS vulnerability in BDTASK Multi-Store Inventory Management Sy ...)
-	TODO: check
+	NOT-FOR-US: BDTASK Multi-Store Inventory Management System
 CVE-2020-36011 (A cross-site scripting (XSS) issue in Add Patient Form in QDOCS Smart  ...)
 	NOT-FOR-US: QDOCS Smart Hospital Management System
 CVE-2020-36010
@@ -26630,15 +26630,15 @@ CVE-2020-27301
 CVE-2020-27300
 	RESERVED
 CVE-2020-27299 (The affected product is vulnerable to an out-of-bounds read, which may ...)
-	TODO: check
+	NOT-FOR-US: OPC UA Tunneller
 CVE-2020-27298 (Philips Interventional Workspot (Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1 ...)
 	NOT-FOR-US: Philips
 CVE-2020-27297 (The affected product is vulnerable to a heap-based buffer overflow, wh ...)
-	TODO: check
+	NOT-FOR-US: OPC UA Tunneller
 CVE-2020-27296
 	RESERVED
 CVE-2020-27295 (The affected product has uncontrolled resource consumption issues, whi ...)
-	TODO: check
+	NOT-FOR-US: OPC UA Tunneller
 CVE-2020-27294
 	RESERVED
 CVE-2020-27293 (Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior has a type conf ...)
@@ -26652,7 +26652,7 @@ CVE-2020-27290
 CVE-2020-27289 (Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior has a null poin ...)
 	NOT-FOR-US: Delta Electronics CNCSoft-B
 CVE-2020-27288 (An untrusted pointer dereference has been identified in the way TPEdit ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics (Delta)
 CVE-2020-27287 (Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior is vulnerable t ...)
 	NOT-FOR-US: Delta Electronics CNCSoft-B
 CVE-2020-27286
@@ -26660,7 +26660,7 @@ CVE-2020-27286
 CVE-2020-27285 (The default configuration of Crimson 3.1 (Build versions prior to 3119 ...)
 	NOT-FOR-US: Crimson
 CVE-2020-27284 (TPEditor (v1.98 and prior) is vulnerable to two out-of-bounds write in ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics (Delta)
 CVE-2020-27283 (An attacker could send a specially crafted message to Crimson 3.1 (Bui ...)
 	NOT-FOR-US: Crimson
 CVE-2020-27282
@@ -26668,7 +26668,7 @@ CVE-2020-27282
 CVE-2020-27281 (A stack-based buffer overflow may exist in Delta Electronics CNCSoft S ...)
 	NOT-FOR-US: Delta Electronics CNCSoft ScreenEditor
 CVE-2020-27280 (A use after free issue has been identified in the way ISPSoft(v3.12 an ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics (Delta)
 CVE-2020-27279 (A NULL pointer deference vulnerability has been identified in the prot ...)
 	NOT-FOR-US: Crimson
 CVE-2020-27278
@@ -26680,7 +26680,7 @@ CVE-2020-27276 (SOOIL Developments Co Ltd DiabecareRS,AnyDana-i & AnyDana-A,
 CVE-2020-27275 (Delta Electronics DOPSoft Version 4.0.8.21 and prior is vulnerable to  ...)
 	NOT-FOR-US: Delta Electronics DOPSoft
 CVE-2020-27274 (Some parsing functions in the affected product do not check the return ...)
-	TODO: check
+	NOT-FOR-US: OPC UA Tunneller
 CVE-2020-27273
 	RESERVED
 CVE-2020-27272 (SOOIL Developments CoLtd DiabecareRS, AnyDana-i, AnyDana-A, The commun ...)
@@ -30098,13 +30098,13 @@ CVE-2020-25787 (An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 202
 CVE-2020-25786 (** UNSUPPORTED WHEN ASSIGNED ** webinc/js/info.php on D-Link DIR-816L  ...)
 	NOT-FOR-US: D-Link
 CVE-2020-25785 (An issue was discovered on Accfly Wireless Security IR Camera System 7 ...)
-	TODO: check
+	NOT-FOR-US: Accfly Wireless Security IR Camera System 720P
 CVE-2020-25784 (An issue was discovered on Accfly Wireless Security IR Camera System 7 ...)
-	TODO: check
+	NOT-FOR-US: Accfly Wireless Security IR Camera System 720P
 CVE-2020-25783 (An issue was discovered on Accfly Wireless Security IR Camera System 7 ...)
-	TODO: check
+	NOT-FOR-US: Accfly Wireless Security IR Camera System 720P
 CVE-2020-25782 (An issue was discovered on Accfly Wireless Security IR Camera 720P Sys ...)
-	TODO: check
+	NOT-FOR-US: Accfly Wireless Security IR Camera System 720P
 CVE-2020-25781 (An issue was discovered in file_download.php in MantisBT before 2.24.3 ...)
 	- mantis <removed>
 CVE-2020-25796 (An issue was discovered in the sized-chunks crate through 0.6.2 for Ru ...)
@@ -35549,23 +35549,23 @@ CVE-2020-23362
 CVE-2020-23361 (phpList 3.5.3 allows type juggling for login bypass because == is used ...)
 	TODO: check
 CVE-2020-23360 (oscommerce v2.3.4.1 has a functional problem in user registration and  ...)
-	TODO: check
+	NOT-FOR-US: oscommerce
 CVE-2020-23359 (WeBid 1.2.2 admin/newuser.php has an issue with password rechecking du ...)
-	TODO: check
+	NOT-FOR-US: WeBid
 CVE-2020-23358
 	RESERVED
 CVE-2020-23357
 	RESERVED
 CVE-2020-23356 (dmin/kernel/api/login.class.phpin in nibbleblog v3.7.1c allows type ju ...)
-	TODO: check
+	NOT-FOR-US: nibbleblog
 CVE-2020-23355 (** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Codiad 2.8.4 /componetns/use ...)
-	TODO: check
+	NOT-FOR-US: Codiad
 CVE-2020-23354
 	RESERVED
 CVE-2020-23353
 	RESERVED
 CVE-2020-23352 (Z-BlogPHP 1.6.0 Valyria is affected by incorrect access control. PHP l ...)
-	TODO: check
+	NOT-FOR-US: Z-BlogPHP
 CVE-2020-23351
 	RESERVED
 CVE-2020-23350



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f80344d7b329d708a5f03594a5e37d049aead219

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f80344d7b329d708a5f03594a5e37d049aead219
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210128/26e103fa/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list