[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jul 29 05:53:06 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1380cbaf by Salvatore Bonaccorso at 2021-07-29T06:52:39+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7689,9 +7689,9 @@ CVE-2021-34168
CVE-2021-34167
RESERVED
CVE-2021-34166 (A SQL INJECTION vulnerability in Sourcecodester Simple Food Website 1. ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester
CVE-2021-34165 (A SQL Injection vulnerability in Sourcecodester Basic Shopping Cart 1. ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester
CVE-2021-34164
RESERVED
CVE-2021-34163
@@ -30016,7 +30016,7 @@ CVE-2021-25202 (SQL injection vulnerability in SourceCodester Sales and Inventor
CVE-2021-25201 (SQL injection vulnerability in Learning Management System v 1.0 allows ...)
NOT-FOR-US: Learning Management System
CVE-2021-25200 (Arbitrary file upload vulnerability in SourceCodester Learning Managem ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2021-25199
RESERVED
CVE-2021-25198
@@ -33917,7 +33917,7 @@ CVE-2021-23417 (All versions of package deepmergefn are vulnerable to Prototype
CVE-2021-23416 (This affects all versions of package curly-bracket-parser. When used a ...)
TODO: check
CVE-2021-23415 (This affects the package elFinder.AspNet before 1.1.1. The user-contro ...)
- TODO: check
+ NOT-FOR-US: elFinder.AspNet
CVE-2021-23414 (This affects the package video.js before 7.14.3. The src attribute of ...)
TODO: check
CVE-2021-23413 (This affects the package jszip before 3.7.0. Crafting a new zip file w ...)
@@ -67915,7 +67915,7 @@ CVE-2020-21856
CVE-2020-21855
RESERVED
CVE-2020-21854 (Cross Site Scripting vulnerabiity exists in WDScanner 1.1 in the syste ...)
- TODO: check
+ NOT-FOR-US: WDScanner
CVE-2020-21853
RESERVED
CVE-2020-21852
@@ -68011,7 +68011,7 @@ CVE-2020-21808
CVE-2020-21807
RESERVED
CVE-2020-21806 (SQL Injection Vulnerability in ECTouch v2 via the shop page in index.p ...)
- TODO: check
+ NOT-FOR-US: ECTouch
CVE-2020-21805
RESERVED
CVE-2020-21804
@@ -70237,13 +70237,13 @@ CVE-2020-20703
CVE-2020-20702
RESERVED
CVE-2020-20701 (A stored cross site scripting (XSS) vulnerability in /app/config/of S- ...)
- TODO: check
+ NOT-FOR-US: S-CMS PHP
CVE-2020-20700 (A stored cross site scripting (XSS) vulnerability in /app/form_add/of ...)
- TODO: check
+ NOT-FOR-US: S-CMS PHP
CVE-2020-20699 (A cross site scripting (XSS) vulnerability in S-CMS PHP v3.0 allows at ...)
- TODO: check
+ NOT-FOR-US: S-CMS PHP
CVE-2020-20698 (A remote code execution (RCE) vulnerability in /1.com.php of S-CMS PHP ...)
- TODO: check
+ NOT-FOR-US: S-CMS PHP
CVE-2020-20697
RESERVED
CVE-2020-20696
@@ -73449,7 +73449,7 @@ CVE-2020-19120
CVE-2020-19119
RESERVED
CVE-2020-19118 (Cross Site Scripting (XSS) vulnerabiity in YzmCMS 5.2 via the site_cod ...)
- TODO: check
+ NOT-FOR-US: YzmCMS
CVE-2020-19117
RESERVED
CVE-2020-19116
@@ -75364,13 +75364,13 @@ CVE-2020-18175
CVE-2020-18174 (A process injection vulnerability in setup.exe of AutoHotkey 1.1.32.00 ...)
TODO: check
CVE-2020-18173 (A DLL injection vulnerability in 1password.dll of 1Password 7.3.712 al ...)
- TODO: check
+ NOT-FOR-US: 1Password
CVE-2020-18172 (A code injection vulnerability in the SeDebugPrivilege component of Tr ...)
TODO: check
CVE-2020-18171 (TechSmith Snagit 19.1.0.2653 uses Object Linking and Embedding (OLE) w ...)
TODO: check
CVE-2020-18170 (An issue in the SeChangeNotifyPrivilege component of Abloy Key Manager ...)
- TODO: check
+ NOT-FOR-US: Abloy Key Manager
CVE-2020-18169 (A vulnerability in the Windows installer XML (WiX) toolset of TechSmit ...)
TODO: check
CVE-2020-18168
@@ -75809,7 +75809,7 @@ CVE-2020-17954
CVE-2020-17953
RESERVED
CVE-2020-17952 (A remote code execution (RCE) vulnerability in /library/think/App.php ...)
- TODO: check
+ NOT-FOR-US: Twothink
CVE-2020-17951
RESERVED
CVE-2020-17950
@@ -89200,7 +89200,7 @@ CVE-2020-12683 (Katyshop2 before 2.12 has multiple stored XSS issues. ...)
CVE-2020-12682
RESERVED
CVE-2020-12681 (Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices ...)
- TODO: check
+ NOT-FOR-US: 3xLogic Infinias eIDC32 devices
CVE-2020-12680 (** DISPUTED ** Avira Free Antivirus through 15.0.2005.1866 allows loca ...)
NOT-FOR-US: Avira Free Antivirus
CVE-2020-12679 (A reflected cross-site scripting (XSS) vulnerability in the Mitel Shor ...)
@@ -100165,7 +100165,7 @@ CVE-2019-20469
CVE-2019-20468 (An issue was discovered in SeTracker2 for TK-Star Q90 Junior GPS horlo ...)
NOT-FOR-US: TK-Star Q90 Junior GPS horloge
CVE-2019-20467 (An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 ...)
- TODO: check
+ NOT-FOR-US: Sannce
CVE-2019-20466 (An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 ...)
NOT-FOR-US: Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices
CVE-2019-20465 (An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 ...)
@@ -335944,11 +335944,11 @@ CVE-2015-2157 (The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in
- putty 0.63-10 (bug #779488)
NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html
CVE-2015-2100 (Multiple stack-based buffer overflows in WebGate eDVR Manager and Cont ...)
- TODO: check
+ NOT-FOR-US: eDVR Manager and Control Center
CVE-2015-2099 (Multiple buffer overflows in WebGate Control Center allow remote attac ...)
TODO: check
CVE-2015-2098 (Multiple stack-based buffer overflows in WebGate eDVR Manager allow re ...)
- TODO: check
+ NOT-FOR-US: WebGate eDVR Manager
CVE-2015-2097 (Multiple buffer overflows in WebGate Embedded Standard Protocol (WESP) ...)
NOT-FOR-US: WESP SDK
CVE-2015-2096 (Use-after-free vulnerability in the Connect function in the WESPMonito ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1380cbaf82388ca9e1e86a9167aa426c5c8e237e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1380cbaf82388ca9e1e86a9167aa426c5c8e237e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210729/6d5f55ac/attachment.htm>
More information about the debian-security-tracker-commits
mailing list