[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jul 8 22:30:20 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
592a12c7 by Salvatore Bonaccorso at 2021-07-08T23:29:54+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -25939,39 +25939,39 @@ CVE-2021-25444
CVE-2021-25443
RESERVED
CVE-2021-25442 (Improper MDM policy management vulnerability in KME module prior to KC ...)
- TODO: check
+ NOT-FOR-US: Samsung (KME module)
CVE-2021-25441 (Improper input validation vulnerability in AR Emoji Editor prior to ve ...)
- TODO: check
+ NOT-FOR-US: AR Emoji Editor
CVE-2021-25440 (Improper access control vulnerability in FactoryCameraFB prior to vers ...)
- TODO: check
+ NOT-FOR-US: FactoryCameraFB
CVE-2021-25439 (Improper access control vulnerability in Samsung Members prior to vers ...)
- TODO: check
+ NOT-FOR-US: Samsung Members
CVE-2021-25438 (Improper access control vulnerability in Samsung Members prior to vers ...)
- TODO: check
+ NOT-FOR-US: Samsung Members
CVE-2021-25437 (Improper access control vulnerability in Tizen FOTA service prior to F ...)
- TODO: check
+ NOT-FOR-US: Tizen FOTA service
CVE-2021-25436 (Improper input validation vulnerability in Tizen FOTA service prior to ...)
- TODO: check
+ NOT-FOR-US: Tizen FOTA service
CVE-2021-25435 (Improper input validation vulnerability in Tizen bootloader prior to F ...)
- TODO: check
+ NOT-FOR-US: Tizen bootloader
CVE-2021-25434 (Improper input validation vulnerability in Tizen bootloader prior to F ...)
- TODO: check
+ NOT-FOR-US: Tizen bootloader
CVE-2021-25433 (Improper authorization vulnerability in Tizen factory reset policy pri ...)
- TODO: check
+ NOT-FOR-US: Tizen factory reset policy
CVE-2021-25432 (Information exposure vulnerability in Samsung Members prior to version ...)
- TODO: check
+ NOT-FOR-US: Samsung Members
CVE-2021-25431 (Improper access control vulnerability in Cameralyzer prior to versions ...)
- TODO: check
+ NOT-FOR-US: Cameralyzer
CVE-2021-25430 (Improper access control vulnerability in Bluetooth application prior t ...)
- TODO: check
+ NOT-FOR-US: Bluetooth application (Samsung)
CVE-2021-25429 (Improper privilege management vulnerability in Bluetooth application p ...)
- TODO: check
+ NOT-FOR-US: Bluetooth application (Samsung)
CVE-2021-25428 (Improper validation check vulnerability in PackageManager prior to SMR ...)
- TODO: check
+ NOT-FOR-US: PackageManager (Samsung)
CVE-2021-25427 (SQL injection vulnerability in Bluetooth prior to SMR July-2021 Releas ...)
- TODO: check
+ NOT-FOR-US: Bluetooth (Samsung)
CVE-2021-25426 (Improper component protection vulnerability in SmsViewerActivity of Sa ...)
- TODO: check
+ NOT-FOR-US: Samsung Message
CVE-2021-25425 (Improper check vulnerability in Samsung Health prior to version 6.17 a ...)
NOT-FOR-US: Samsung
CVE-2021-25424 (Improper authentication vulnerability in Tizen bluetooth-frwk prior to ...)
@@ -34043,7 +34043,7 @@ CVE-2021-21823
CVE-2021-21822 (A use-after-free vulnerability exists in the JavaScript engine of Foxi ...)
NOT-FOR-US: Foxit
CVE-2021-21821 (A stack-based buffer overflow vulnerability exists in the PDF process_ ...)
- TODO: check
+ NOT-FOR-US: Accusoft ImageGear
CVE-2021-21820
RESERVED
CVE-2021-21819
@@ -34071,7 +34071,7 @@ CVE-2021-21809 (A command execution vulnerability exists in the default legacy s
CVE-2021-21808 (A memory corruption vulnerability exists in the PNG png_palette_proces ...)
NOT-FOR-US: Accusoft ImageGear
CVE-2021-21807 (An integer overflow vulnerability exists in the DICOM parse_dicom_meta ...)
- TODO: check
+ NOT-FOR-US: Accusoft ImageGear
CVE-2021-21806 (An exploitable use-after-free vulnerability exists in WebKitGTK browse ...)
TODO: check
CVE-2021-21805
@@ -34097,9 +34097,9 @@ CVE-2021-21796
CVE-2021-21795 (A heap-based buffer overflow vulnerability exists in the PSD read_icc_ ...)
NOT-FOR-US: Accusoft ImageGear
CVE-2021-21794 (An out-of-bounds write vulnerability exists in the TIF bits_per_sample ...)
- TODO: check
+ NOT-FOR-US: Accusoft ImageGear
CVE-2021-21793 (An out-of-bounds write vulnerability exists in the JPG sof_nb_comp hea ...)
- TODO: check
+ NOT-FOR-US: Accusoft ImageGear
CVE-2021-21792
RESERVED
CVE-2021-21791
@@ -45363,15 +45363,15 @@ CVE-2021-1609
CVE-2021-1608
RESERVED
CVE-2021-1607 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1606 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1605 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1604 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1603 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1602
RESERVED
CVE-2021-1601
@@ -45381,13 +45381,13 @@ CVE-2021-1600
CVE-2021-1599
RESERVED
CVE-2021-1598 (Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) i ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1597 (Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) i ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1596 (Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) i ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1595 (Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) i ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1594
RESERVED
CVE-2021-1593
@@ -45407,7 +45407,7 @@ CVE-2021-1587
CVE-2021-1586
RESERVED
CVE-2021-1585 (A vulnerability in the Cisco Adaptive Security Device Manager (ASDM) L ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1584
RESERVED
CVE-2021-1583
@@ -45425,11 +45425,11 @@ CVE-2021-1578
CVE-2021-1577
RESERVED
CVE-2021-1576 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1575 (A vulnerability in the web-based management interface of Cisco Virtual ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1574 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1573
RESERVED
CVE-2021-1572
@@ -45453,7 +45453,7 @@ CVE-2021-1564 (Multiple vulnerabilities in the implementation of the Cisco Disco
CVE-2021-1563 (Multiple vulnerabilities in the implementation of the Cisco Discovery ...)
NOT-FOR-US: Cisco
CVE-2021-1562 (A vulnerability in the XSI-Actions interface of Cisco BroadWorks Appli ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1561
RESERVED
CVE-2021-1560 (Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an ...)
@@ -45865,7 +45865,7 @@ CVE-2021-1361 (A vulnerability in the implementation of an internal file managem
CVE-2021-1360 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
NOT-FOR-US: Cisco
CVE-2021-1359 (A vulnerability in the configuration management of Cisco AsyncOS for C ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1358 (A vulnerability in the web-based management interface of Cisco Finesse ...)
NOT-FOR-US: Cisco
CVE-2021-1357 (Multiple vulnerabilities in Cisco Unified Communications Manager IM &a ...)
@@ -60714,7 +60714,7 @@ CVE-2020-23582
CVE-2020-23581
RESERVED
CVE-2020-23580 (Remote Code Execution vulnerability in PbootCMS 2.0.8 in the message b ...)
- TODO: check
+ NOT-FOR-US: PbootCMS
CVE-2020-23579
RESERVED
CVE-2020-23578
@@ -66868,15 +66868,15 @@ CVE-2020-20588
CVE-2020-20587
RESERVED
CVE-2020-20586 (A cross site request forgery (CSRF) vulnerability in the /xyhai.php?s= ...)
- TODO: check
+ NOT-FOR-US: XYHCMS
CVE-2020-20585 (A blind SQL injection in /admin/?n=logs&c=index&a=dode of Meti ...)
- TODO: check
+ NOT-FOR-US: Metinfo
CVE-2020-20584 (A cross site scripting vulnerability in baigo CMS v4.0-beta-1 allows a ...)
- TODO: check
+ NOT-FOR-US: baigo CMS
CVE-2020-20583 (A SQL injection vulnerability in /question.php of LJCMS Version v4.3.R ...)
- TODO: check
+ NOT-FOR-US: LJCMS
CVE-2020-20582 (A server side request forgery (SSRF) vulnerability in /ApiAdminDomainS ...)
- TODO: check
+ NOT-FOR-US: MipCMS
CVE-2020-20581
RESERVED
CVE-2020-20580
@@ -67330,7 +67330,7 @@ CVE-2020-20365
CVE-2020-20364
RESERVED
CVE-2020-20363 (Crossi Site Scripting (XSS) vulnerability in PbootCMS 2.0.3 in admin.p ...)
- TODO: check
+ NOT-FOR-US: PbootCMS
CVE-2020-20362
RESERVED
CVE-2020-20361
@@ -67622,7 +67622,7 @@ CVE-2020-20219
CVE-2020-20218 (Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corrup ...)
NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20217 (Mikrotik RouterOs before 6.47 (stable tree) suffers from an uncontroll ...)
- TODO: check
+ NOT-FOR-US: Mikrotik
CVE-2020-20216 (Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corrup ...)
NOT-FOR-US: Mikrotik
CVE-2020-20215 (Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corrup ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/592a12c709e3b4f2a25e6d288d8ab0384c639c93
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/592a12c709e3b4f2a25e6d288d8ab0384c639c93
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210708/64c5e448/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list