[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jul 17 09:40:15 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d03f3445 by Salvatore Bonaccorso at 2021-07-17T10:38:57+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1841,9 +1841,9 @@ CVE-2021-35964
CVE-2021-35963
RESERVED
CVE-2021-35962 (Specific page parameters in Dr. ID Door Access Control and Personnel A ...)
- TODO: check
+ NOT-FOR-US: Dr. ID Door Access Control and Personnel Attendance Management system
CVE-2021-35961 (Dr. ID Door Access Control and Personnel Attendance Management system ...)
- TODO: check
+ NOT-FOR-US: Dr. ID Door Access Control and Personnel Attendance Management system
CVE-2021-35960
RESERVED
CVE-2021-35959 (In Plone 5.0 through 5.2.4, Editors are vulnerable to XSS in the folde ...)
@@ -2900,7 +2900,7 @@ CVE-2021-3616
CVE-2021-3615
RESERVED
CVE-2021-3614 (A vulnerability was reported on some Lenovo Notebook systems that coul ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2021-35474 (Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache ...)
- trafficserver 8.1.1+ds-1.1 (bug #990303)
NOTE: https://lists.apache.org/thread.html/ra1a41ff92a70d25bf576d7da2590575e8ff430393a3f4a0c34de4277%40%3Cannounce.trafficserver.apache.org%3E
@@ -5099,7 +5099,7 @@ CVE-2021-34483
CVE-2021-34482
RESERVED
CVE-2021-34481 (Windows Print Spooler Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34480
RESERVED
CVE-2021-34479 (Microsoft Visual Studio Spoofing Vulnerability ...)
@@ -5127,65 +5127,65 @@ CVE-2021-34469 (Microsoft Office Security Feature Bypass Vulnerability ...)
CVE-2021-34468 (Microsoft SharePoint Server Remote Code Execution Vulnerability This C ...)
NOT-FOR-US: Microsoft
CVE-2021-34467 (Microsoft SharePoint Server Remote Code Execution Vulnerability This C ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34466 (Windows Hello Security Feature Bypass Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34465
RESERVED
CVE-2021-34464 (Microsoft Defender Remote Code Execution Vulnerability This CVE ID is ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34463
RESERVED
CVE-2021-34462 (Windows AppX Deployment Extensions Elevation of Privilege Vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34461 (Windows Container Isolation FS Filter Driver Elevation of Privilege Vu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34460 (Storage Spaces Controller Elevation of Privilege Vulnerability This CV ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34459 (Windows AppContainer Elevation Of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34458 (Windows Kernel Remote Code Execution Vulnerability This CVE ID is uniq ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34457 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34456 (Windows Remote Access Connection Manager Elevation of Privilege Vulner ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34455 (Windows File History Service Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34454 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34453
RESERVED
CVE-2021-34452 (Microsoft Word Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34451 (Microsoft Office Online Server Spoofing Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34450 (Windows Hyper-V Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34449 (Win32k Elevation of Privilege Vulnerability This CVE ID is unique from ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34448 (Scripting Engine Memory Corruption Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34447 (Windows MSHTML Platform Remote Code Execution Vulnerability This CVE I ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34446 (Windows HTML Platforms Security Feature Bypass Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34445 (Windows Remote Access Connection Manager Elevation of Privilege Vulner ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34444 (Windows DNS Server Denial of Service Vulnerability This CVE ID is uniq ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34443
RESERVED
CVE-2021-34442 (Windows DNS Server Denial of Service Vulnerability This CVE ID is uniq ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34441 (Microsoft Windows Media Foundation Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34440 (GDI+ Information Disclosure Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34439 (Microsoft Windows Media Foundation Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-34438 (Windows Font Driver Host Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-3591
RESERVED
CVE-2021-3590
@@ -8669,7 +8669,7 @@ CVE-2021-3551
- dogtag-pki <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1959971
CVE-2021-3550 (A DLL search path vulnerability was reported in Lenovo PCManager, prio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-32925 (admin/user_import.php in Chamilo 1.11.14 reads XML data without disabl ...)
NOT-FOR-US: Chamilo
CVE-2021-32924 (Invision Community (aka IPS Community Suite) before 4.6.0 allows eval- ...)
@@ -9019,7 +9019,7 @@ CVE-2021-32771
CVE-2021-32770 (Gatsby is a framework for building websites. The gatsby-source-wordpre ...)
NOT-FOR-US: Gatsby
CVE-2021-32769 (Micronaut is a JVM-based, full stack Java framework designed for build ...)
- TODO: check
+ NOT-FOR-US: Micronaut
CVE-2021-32768
RESERVED
CVE-2021-32767
@@ -18552,9 +18552,9 @@ CVE-2021-3455
CVE-2021-3454
RESERVED
CVE-2021-3453 (Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS m ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2021-3452 (A potential vulnerability in the system shutdown SMI callback function ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2021-3451 (A denial of service vulnerability was reported in Lenovo PCManager, pr ...)
NOT-FOR-US: Lenovo
CVE-2021-3450 (The X509_V_FLAG_X509_STRICT flag enables additional security checks of ...)
@@ -35326,15 +35326,15 @@ CVE-2021-21822 (A use-after-free vulnerability exists in the JavaScript engine o
CVE-2021-21821 (A stack-based buffer overflow vulnerability exists in the PDF process_ ...)
NOT-FOR-US: Accusoft ImageGear
CVE-2021-21820 (A hard-coded password vulnerability exists in the Libcli Test Environm ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2021-21819 (A code execution vulnerability exists in the Libcli Test Environment f ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2021-21818 (A hard-coded password vulnerability exists in the Zebra IP Routing Man ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2021-21817 (An information disclosure vulnerability exists in the Zebra IP Routing ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2021-21816 (An information disclosure vulnerability exists in the Syslog functiona ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2021-21815
RESERVED
CVE-2021-21814
@@ -35362,17 +35362,17 @@ CVE-2021-21806 (An exploitable use-after-free vulnerability exists in WebKitGTK
CVE-2021-21805
RESERVED
CVE-2021-21804 (A local file inclusion (LFI) vulnerability exists in the options.php s ...)
- TODO: check
+ NOT-FOR-US: Advantech R-SeeNet
CVE-2021-21803 (This vulnerability is present in device_graph_page.php script, which i ...)
- TODO: check
+ NOT-FOR-US: Advantech R-SeeNet
CVE-2021-21802 (This vulnerability is present in device_graph_page.php script, which i ...)
- TODO: check
+ NOT-FOR-US: Advantech R-SeeNet
CVE-2021-21801 (This vulnerability is present in device_graph_page.php script, which i ...)
- TODO: check
+ NOT-FOR-US: Advantech R-SeeNet
CVE-2021-21800 (Cross-site scripting vulnerabilities exist in the ssh_form.php script ...)
- TODO: check
+ NOT-FOR-US: Advantech R-SeeNet
CVE-2021-21799 (Cross-site scripting vulnerabilities exist in the telnet_form.php scri ...)
- TODO: check
+ NOT-FOR-US: Advantech R-SeeNet
CVE-2021-21798
RESERVED
CVE-2021-21797
@@ -47049,7 +47049,7 @@ CVE-2021-1424
CVE-2021-1423 (A vulnerability in the implementation of a CLI command in Cisco Airone ...)
NOT-FOR-US: Cisco
CVE-2021-1422 (A vulnerability in the software cryptography module of Cisco Adaptive ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1421 (A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS ...)
NOT-FOR-US: Cisco
CVE-2021-1420 (A vulnerability in certain web pages of Cisco Webex Meetings could all ...)
@@ -166886,7 +166886,7 @@ CVE-2019-3754 (Dell EMC Unity Operating Environment versions prior to 5.0.0.0.5.
CVE-2019-3753 (Dell EMC PowerConnect 8024, 7000, M6348, M6220, M8024 and M8024-K runn ...)
NOT-FOR-US: EMC
CVE-2019-3752 (Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and ...)
- TODO: check
+ NOT-FOR-US: EMC Avamar Server
CVE-2019-3751 (Dell EMC Enterprise Copy Data Management (eCDM) versions 1.0, 1.1, 2.0 ...)
NOT-FOR-US: EMC
CVE-2019-3750 (Dell Command Update versions prior to 3.1 contain an Arbitrary File De ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d03f3445fccf6f8ccec92c60aa18b456f39b1b21
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d03f3445fccf6f8ccec92c60aa18b456f39b1b21
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210717/c6613f35/attachment.htm>
More information about the debian-security-tracker-commits
mailing list