[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jul 15 20:12:27 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4f34bb4d by Salvatore Bonaccorso at 2021-07-15T21:12:05+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3388,7 +3388,7 @@ CVE-2021-35213
CVE-2021-35212
RESERVED
CVE-2021-35211 (Microsoft discovered a remote code execution (RCE) vulnerability in th ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2020-36394 (pam_setquota.c in the pam_setquota module before 2020-05-29 for Linux- ...)
- pam <not-affected> (Vulnerable code introduced and fixed in v1.4.0)
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1171721
@@ -33072,15 +33072,15 @@ CVE-2021-22784
CVE-2021-22783
RESERVED
CVE-2021-22782 (Missing Encryption of Sensitive Data vulnerability exists in EcoStruxu ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2021-22781 (Insufficiently Protected Credentials vulnerability exists in EcoStruxu ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2021-22780 (Insufficiently Protected Credentials vulnerability exists in EcoStruxu ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2021-22779 (Authentication Bypass by Spoofing vulnerability exists in EcoStruxure ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2021-22778 (Insufficiently Protected Credentials vulnerability exists in EcoStruxu ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2021-22777
RESERVED
CVE-2021-22776
@@ -34161,7 +34161,7 @@ CVE-2021-22320 (There is a denial of service vulnerability in Huawei products. A
CVE-2021-22319
RESERVED
CVE-2021-22318 (A component of the HarmonyOS 2.0 has a Null Pointer Dereference Vulner ...)
- TODO: check
+ NOT-FOR-US: HarmonyOS
CVE-2021-22317 (There is an Information Disclosure vulnerability in Huawei Smartphone. ...)
NOT-FOR-US: Huawei
CVE-2021-22316 (There is a Missing Authentication for Critical Function vulnerability ...)
@@ -43460,7 +43460,7 @@ CVE-2021-1972
CVE-2021-1971
RESERVED
CVE-2021-1970 (Possible out of bound read due to lack of length check of FT sub-eleme ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-1969
RESERVED
CVE-2021-1968
@@ -43470,9 +43470,9 @@ CVE-2021-1967
CVE-2021-1966
RESERVED
CVE-2021-1965 (Possible buffer overflow due to lack of parameter length check during ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-1964 (Possible buffer over read due to improper validation of IE size while ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-1963
RESERVED
CVE-2021-1962
@@ -43492,9 +43492,9 @@ CVE-2021-1956
CVE-2021-1955 (Denial of service in SAP case due to improper handling of connections ...)
NOT-FOR-US: SAP
CVE-2021-1954 (Possible buffer over read due to improper validation of data pointer w ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-1953 (Improper handling of received malformed FTMR request frame can lead to ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-1952
RESERVED
CVE-2021-1951
@@ -43510,21 +43510,21 @@ CVE-2021-1947
CVE-2021-1946
RESERVED
CVE-2021-1945 (Possible out of bound read due to lack of length check of Bandwidth-NS ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-1944
RESERVED
CVE-2021-1943 (Possible buffer out of bound read can occur due to improper validation ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-1942
RESERVED
CVE-2021-1941
RESERVED
CVE-2021-1940 (Use after free can occur due to improper handling of response from fir ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-1939
RESERVED
CVE-2021-1938 (Possible assertion due to improper verification while creating and del ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-1937 (Reachable assertion is possible while processing peer association WLAN ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-1936
@@ -43538,7 +43538,7 @@ CVE-2021-1933
CVE-2021-1932
RESERVED
CVE-2021-1931 (Possible buffer overflow due to improper validation of buffer length w ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-1930
RESERVED
CVE-2021-1929
@@ -43586,7 +43586,7 @@ CVE-2021-1909
CVE-2021-1908
RESERVED
CVE-2021-1907 (Possible buffer overflow due to lack of length check in BA request in ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-1906 (Improper handling of address deregistration on failure can lead to new ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-1905 (Possible use after free due to improper handling of memory mapping of ...)
@@ -43598,17 +43598,17 @@ CVE-2021-1903
CVE-2021-1902
RESERVED
CVE-2021-1901 (Possible buffer over-read due to lack of length check while flashing m ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-1900 (Possible use after free in Display due to race condition while creatin ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-1899 (Possible buffer over read due to lack of length check while flashing m ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-1898 (Possible buffer over-read due to incorrect overflow check when loading ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-1897 (Possible Buffer Over-read due to lack of validation of boundary checks ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-1896 (Weak configuration in WLAN could cause forwarding of unencrypted packe ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-1895 (Possible integer overflow due to improper length check while flashing ...)
NOT-FOR-US: Snapdragon
CVE-2021-1894
@@ -43620,15 +43620,15 @@ CVE-2021-1892 (Memory corruption due to improper input validation while processi
CVE-2021-1891 (A possible use-after-free occurrence in audio driver can happen when p ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-1890 (Improper length check of public exponent in RSA import key function co ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-1889 (Possible buffer overflow due to lack of length check in Trusted Applic ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-1888 (Memory corruption in key parsing and import function due to double fre ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-1887 (An assertion can be reached in the WLAN subsystem while using the Wi-F ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-1886 (Incorrect handling of pointers in trusted application key import mecha ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2021-1885
RESERVED
CVE-2021-1884
@@ -45400,9 +45400,9 @@ CVE-2020-29149
CVE-2020-29148
RESERVED
CVE-2020-29147 (A SQL injection vulnerability in wy_controlls/wy_side_visitor.php of W ...)
- TODO: check
+ NOT-FOR-US: Wayang-CMS
CVE-2020-29146 (A cross site scripting (XSS) vulnerability in index.php of Wayang-CMS ...)
- TODO: check
+ NOT-FOR-US: Wayang-CMS
CVE-2020-29145 (In Ericsson BSCS iX R18 Billing & Rating iX R18, ADMX is a web bas ...)
NOT-FOR-US: Ericsson
CVE-2020-29144 (In Ericsson BSCS iX R18 Billing & Rating iX R18, MX is a web base ...)
@@ -53052,7 +53052,7 @@ CVE-2020-27381
CVE-2020-27380
RESERVED
CVE-2020-27379 (Cross Site Request Forgery (CSRF) vulnerability in Booking Core - Ulti ...)
- TODO: check
+ NOT-FOR-US: Booking Core - Ultimate Booking System Booking Core
CVE-2020-27378
RESERVED
CVE-2020-27377 (A cross-site scripting (XSS) vulnerability was discovered in the Admin ...)
@@ -57799,9 +57799,9 @@ CVE-2020-25447
CVE-2020-25446
RESERVED
CVE-2020-25445 (The “Subscribe” feature in Ultimate Booking System Booking ...)
- TODO: check
+ NOT-FOR-US: Ultimate Booking System Booking Core
CVE-2020-25444 (Cross Site Scripting (XSS) vulnerability in Booking Core - Ultimate Bo ...)
- TODO: check
+ NOT-FOR-US: Booking Core - Ultimate Booking System Booking Core
CVE-2020-25443
RESERVED
CVE-2020-25442
@@ -68852,7 +68852,7 @@ CVE-2020-20233
CVE-2020-20232
RESERVED
CVE-2020-20231 (Mikrotik RouterOs through stable version 6.48.3 suffers from a memory ...)
- TODO: check
+ NOT-FOR-US: Mikrotik
CVE-2020-20230
RESERVED
CVE-2020-20229
@@ -73040,7 +73040,7 @@ CVE-2020-18157
CVE-2020-18156
RESERVED
CVE-2020-18155 (SQL Injection vulnerability in Subrion CMS v4.2.1 in the search page i ...)
- TODO: check
+ NOT-FOR-US: Subrion CMS
CVE-2020-18154
RESERVED
CVE-2020-18153
@@ -73048,7 +73048,7 @@ CVE-2020-18153
CVE-2020-18152
RESERVED
CVE-2020-18151 (Cross Site Request Forgerly (CSRF) vulnerability in ThinkCMF v5.1.0, w ...)
- TODO: check
+ NOT-FOR-US: ThinkCMF
CVE-2020-18150
RESERVED
CVE-2020-18149
@@ -91656,7 +91656,7 @@ CVE-2020-11309 (Use after free in GPU driver while mapping the user memory to GP
CVE-2020-11308 (Buffer overflow occurs when trying to convert ASCII string to Unicode ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11307 (Buffer overflow in modem due to improper array index check before copy ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2020-11306 (Possible integer overflow in RPMB counter due to lack of length check ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11305 (Integer overflow in boot due to improper length check on arguments rec ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f34bb4d094571fad28b384f0c0a0b46caf85b77
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f34bb4d094571fad28b384f0c0a0b46caf85b77
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210715/589b2a39/attachment.htm>
More information about the debian-security-tracker-commits
mailing list