[Git][security-tracker-team/security-tracker][master] Process some NFUs

Sat Jul 24 10:10:03 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
81cd7aaf by Salvatore Bonaccorso at 2021-07-24T11:09:45+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -25294,7 +25294,7 @@ CVE-2021-26801
 CVE-2021-26800
 	RESERVED
 CVE-2021-26799 (Cross Site Scripting (XSS) vulnerability in admin/files/edit in Omeka  ...)
-	TODO: check
+	NOT-FOR-US: Omeka
 CVE-2021-26798
 	RESERVED
 CVE-2021-26797 (An access control vulnerability in Hame SD1 Wi-Fi firmware <=V.2014 ...)
@@ -28004,9 +28004,9 @@ CVE-2021-25811 (MERCUSYS Mercury X18G 1.0.5 devices allow Denial of service via
 CVE-2021-25810 (Cross site Scripting (XSS) vulnerability in MERCUSYS Mercury X18G 1.0. ...)
 	NOT-FOR-US: MERCUSYS Mercury X18G 1.0.5 devices
 CVE-2021-25809 (UCMS 1.5.0 was discovered to contain a physical path leakage via an er ...)
-	TODO: check
+	NOT-FOR-US: UCMS
 CVE-2021-25808 (A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 a ...)
-	TODO: check
+	NOT-FOR-US: Bludit
 CVE-2021-25807
 	RESERVED
 CVE-2021-25806
@@ -28040,9 +28040,9 @@ CVE-2021-25793
 CVE-2021-25792
 	RESERVED
 CVE-2021-25791 (Multiple stored cross site scripting (XSS) vulnerabilities in the "Upd ...)
-	TODO: check
+	NOT-FOR-US: Online Doctor Appointment System
 CVE-2021-25790 (Multiple stored cross site scripting (XSS) vulnerabilities in the "Reg ...)
-	TODO: check
+	NOT-FOR-US: House Rental and Property Listing
 CVE-2021-25789
 	RESERVED
 CVE-2021-25788
@@ -29293,7 +29293,7 @@ CVE-2021-25275 (SolarWinds Orion Platform before 2020.2.4, as used by various So
 CVE-2021-25274 (The Collector Service in SolarWinds Orion Platform before 2020.2.4 use ...)
 	NOT-FOR-US: SolarWinds
 CVE-2021-3159 (A stored cross site scripting (XSS) vulnerability in the /sys/attachme ...)
-	TODO: check
+	NOT-FOR-US: Landray EKP
 CVE-2021-25273
 	RESERVED
 CVE-2021-25272
@@ -29447,21 +29447,21 @@ CVE-2021-25210 (Arbitrary file upload vulnerability in SourceCodester Alumni Man
 CVE-2021-25209 (SQL injection vulnerability in SourceCodester Theme Park Ticketing Sys ...)
 	NOT-FOR-US: SourceCodester Theme Park Ticketing System
 CVE-2021-25208 (Arbitrary file upload vulnerability in SourceCodester Travel Managemen ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2021-25207 (Arbitrary file upload vulnerability in SourceCodester E-Commerce Websi ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2021-25206 (Arbitrary file upload vulnerability in SourceCodester Responsive Order ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2021-25205 (SQL injection vulnerability in SourceCodester E-Commerce Website V 1.0 ...)
 	NOT-FOR-US: SourceCodester
 CVE-2021-25204 (Cross-site scripting (XSS) vulnerability in SourceCodester E-Commerce  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2021-25203 (Arbitrary file upload vulnerability in Victor CMS v 1.0 allows attacke ...)
-	TODO: check
+	NOT-FOR-US: Victor CMS
 CVE-2021-25202 (SQL injection vulnerability in SourceCodester Sales and Inventory Syst ...)
 	NOT-FOR-US: SourceCodester Sales and Inventory System
 CVE-2021-25201 (SQL injection vulnerability in Learning Management System v 1.0 allows ...)
-	TODO: check
+	NOT-FOR-US: Learning Management System
 CVE-2021-25200
 	RESERVED
 CVE-2021-25199
@@ -69550,7 +69550,7 @@ CVE-2020-20743
 CVE-2020-20742
 	RESERVED
 CVE-2020-20741 (Incorrect Access Control in Beckhoff Automation GmbH & Co. KG CX90 ...)
-	TODO: check
+	NOT-FOR-US: Beckhoff
 CVE-2020-20740 (PDFResurrect before 0.20 lack of header validation checks causes heap- ...)
 	{DLA-2475-1}
 	- pdfresurrect 0.21-1
@@ -85050,7 +85050,7 @@ CVE-2020-14033 (An issue was discovered in janus-gateway (aka Janus WebRTC Serve
 	NOTE: https://github.com/meetecho/janus-gateway/pull/2229
 	NOTE: https://github.com/meetecho/janus-gateway/commit/dacb4edfad8e77f73b64d8c175cca0a7796ebf80
 CVE-2020-14032 (ASRock 4x4 BOX-R1000 before BIOS P1.40 allows privilege escalation via ...)
-	TODO: check
+	NOT-FOR-US: ASRock
 CVE-2020-14031 (An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The ou ...)
 	NOT-FOR-US: Ozeki NG SMS Gateway
 CVE-2020-14030 (An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. It sto ...)
@@ -108897,7 +108897,7 @@ CVE-2020-5318 (Dell EMC Isilon OneFS versions 8.1.2, 8.1.0.4, 8.1.0.3, and 8.0.0
 CVE-2020-5317 (Dell EMC ECS versions prior to 3.4.0.1 contain an XSS vulnerability. A ...)
 	NOT-FOR-US: EMC
 CVE-2020-5316 (Dell SupportAssist for Business PCs versions 2.0, 2.0.1, 2.0.2, 2.1, 2 ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2020-5315 (Dell EMC Repository Manager (DRM) version 3.2 contains a plain-text pa ...)
 	NOT-FOR-US: EMC
 CVE-2019-20333



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81cd7aaf44ff8cb7739cde1ab56ada89526353bb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81cd7aaf44ff8cb7739cde1ab56ada89526353bb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210724/6ff2b69a/attachment-0001.htm>
