[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jul 22 09:37:25 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4febdeec by Salvatore Bonaccorso at 2021-07-22T10:37:00+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -973,7 +973,7 @@ CVE-2021-36936
 CVE-2021-36935
 	RESERVED
 CVE-2021-36934 (Windows Elevation of Privilege Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-36933
 	RESERVED
 CVE-2021-36932
@@ -10398,9 +10398,9 @@ CVE-2021-32778
 CVE-2021-32777
 	RESERVED
 CVE-2021-32776 (Combodo iTop is a web based IT Service Management tool. In versions pr ...)
-	TODO: check
+	NOT-FOR-US: Combodo iTop
 CVE-2021-32775 (Combodo iTop is a web based IT Service Management tool. In versions pr ...)
-	TODO: check
+	NOT-FOR-US: Combodo iTop
 CVE-2021-32774 (DataDump is a MediaWiki extension that provides dumps of wikis. Prior  ...)
 	NOT-FOR-US: DataDump MediaWiki extension
 CVE-2021-32773 (Racket is a general-purpose programming language and an ecosystem for  ...)
@@ -42578,7 +42578,7 @@ CVE-2021-20108 (Manage Engine Asset Explorer Agent 1.0.34 listens on port 9000 f
 CVE-2021-20107 (There exists an unauthenticated BLE Interface in Sloan SmartFaucets in ...)
 	NOT-FOR-US: Sloan
 CVE-2021-20106 (Nessus Agent versions 8.2.5 and earlier were found to contain a privil ...)
-	TODO: check
+	NOT-FOR-US: Nessus Agent
 CVE-2021-20105 (Machform prior to version 16 is vulnerable to an open redirect in Safa ...)
 	NOT-FOR-US: Machform
 CVE-2021-20104 (Machform prior to version 16 is vulnerable to unauthenticated remote c ...)
@@ -49369,7 +49369,7 @@ CVE-2021-1098 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU
 CVE-2021-1097 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manag ...)
 	NOT-FOR-US: NVIDIA vGPU software
 CVE-2021-1096 (NVIDIA Windows GPU Display Driver for Windows contains a vulnerability ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA Windows GPU Display Driver for Windows
 CVE-2021-1095 (NVIDIA GPU Display Driver for Windows and Linux contains a vulnerabili ...)
 	- nvidia-graphics-drivers <unfixed> (bug #991351)
 	[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -49407,13 +49407,13 @@ CVE-2021-1093 (NVIDIA GPU Display Driver for Windows and Linux contains a vulner
 	- nvidia-graphics-drivers-tesla-418 <unfixed> (bug #991354)
 	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5211
 CVE-2021-1092 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the  ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA GPU Display Driver for Windows
 CVE-2021-1091 (NVIDIA GPU Display driver for Windows contains a vulnerability where a ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA GPU Display driver for Windows
 CVE-2021-1090 (NVIDIA GPU Display Driver for Windows and Linux contains a vulnerabili ...)
 	TODO: check
 CVE-2021-1089 (NVIDIA GPU Display Driver for Windows contains a vulnerability in nvid ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA GPU Display Driver for Windows
 CVE-2021-1088
 	RESERVED
 CVE-2021-1087 (NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager ...)
@@ -65471,7 +65471,7 @@ CVE-2020-22652
 CVE-2020-22651
 	RESERVED
 CVE-2020-22650 (A memory leak vulnerability in sim-organizer.c of AlienVault Ossim v5  ...)
-	TODO: check
+	NOT-FOR-US: AlienVault Ossim
 CVE-2020-22649
 	RESERVED
 CVE-2020-22648
@@ -67005,17 +67005,17 @@ CVE-2020-21939
 CVE-2020-21938
 	RESERVED
 CVE-2020-21937 (An command injection vulnerability in HNAP1/SetWLanApcliSettings of Mo ...)
-	TODO: check
+	NOT-FOR-US: Motorola
 CVE-2020-21936 (An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Bui ...)
-	TODO: check
+	NOT-FOR-US: Motorola
 CVE-2020-21935 (A command injection vulnerability in HNAP1/GetNetworkTomographySetting ...)
-	TODO: check
+	NOT-FOR-US: Motorola
 CVE-2020-21934 (An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 ...)
-	TODO: check
+	NOT-FOR-US: Motorola
 CVE-2020-21933 (An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 ...)
-	TODO: check
+	NOT-FOR-US: Motorola
 CVE-2020-21932 (A vulnerability in /Login.html of Motorola CX2 router CX 1.0.2 Build 2 ...)
-	TODO: check
+	NOT-FOR-US: Motorola
 CVE-2020-21931
 	RESERVED
 CVE-2020-21930
@@ -70387,7 +70387,7 @@ CVE-2020-20264 (Mikrotik RouterOs before 6.47 (stable tree) in the /ram/pckg/adv
 CVE-2020-20263
 	RESERVED
 CVE-2020-20262 (Mikrotik RouterOs before 6.47 (stable tree) suffers from an assertion  ...)
-	TODO: check
+	NOT-FOR-US: Mikrotik RouterOs
 CVE-2020-20261
 	RESERVED
 CVE-2020-20260
@@ -70469,11 +70469,11 @@ CVE-2020-20223
 CVE-2020-20222 (Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corrup ...)
 	NOT-FOR-US: Mikrotik RouterOs
 CVE-2020-20221 (Mikrotik RouterOs before 6.44.6 (long-term tree) suffers from an uncon ...)
-	TODO: check
+	NOT-FOR-US: Mikrotik RouterOs
 CVE-2020-20220 (Mikrotik RouterOs prior to stable 6.47 suffers from a memory corruptio ...)
 	NOT-FOR-US: Mikrotik RouterOs
 CVE-2020-20219 (Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corrup ...)
-	TODO: check
+	NOT-FOR-US: Mikrotik RouterOs
 CVE-2020-20218 (Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corrup ...)
 	NOT-FOR-US: Mikrotik RouterOs
 CVE-2020-20217 (Mikrotik RouterOs before 6.47 (stable tree) suffers from an uncontroll ...)
@@ -102441,7 +102441,7 @@ CVE-2020-7868 (A remote code execution vulnerability exists in helpUS(remote adm
 CVE-2020-7867
 	RESERVED
 CVE-2020-7866 (When using XPLATFORM 9.2.2.270 or earlier versions ActiveX component,  ...)
-	TODO: check
+	NOT-FOR-US: XPLATFORM
 CVE-2020-7865
 	RESERVED
 CVE-2020-7864 (Parameter manipulation can bypass authentication to cause file upload  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4febdeec31dcdb090f8648ce9163b1bef887323b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4febdeec31dcdb090f8648ce9163b1bef887323b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210722/d826a2c2/attachment.htm>

More information about the debian-security-tracker-commits mailing list