[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jun 9 21:30:28 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f82e1dd1 by Salvatore Bonaccorso at 2021-06-09T22:29:57+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -139,9 +139,9 @@ CVE-2021-34372
CVE-2021-34371
RESERVED
CVE-2021-34370 (Accela Civic Platform through 20.1 allows ssoAdapter/logoutAction.do s ...)
- TODO: check
+ NOT-FOR-US: Accela Civic Platform
CVE-2021-34369 (portlets/contact/ref/refContactDetail.do in Accela Civic Platform thro ...)
- TODO: check
+ NOT-FOR-US: Accela Civic Platform
CVE-2021-34368
RESERVED
CVE-2021-34367
@@ -345,7 +345,7 @@ CVE-2021-34282
CVE-2021-34281
RESERVED
CVE-2021-34280 (Polaris Office v9.103.83.44230 is affected by a Uninitialized Pointer ...)
- TODO: check
+ NOT-FOR-US: Polaris Office
CVE-2021-34279
RESERVED
CVE-2021-34278
@@ -1149,7 +1149,7 @@ CVE-2021-33896 (Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traver
CVE-2021-33895
RESERVED
CVE-2021-33894 (In Progress MOVEit Transfer before 2019.0.6 (11.0.6), 2019.1.x before ...)
- TODO: check
+ NOT-FOR-US: Progress MOVEit
CVE-2021-33893
RESERVED
CVE-2021-33892
@@ -1261,9 +1261,9 @@ CVE-2021-3580 [Remote crash in RSA decryption via manipulated ciphertext]
CVE-2021-33844
RESERVED
CVE-2021-33842 (Improper Authentication vulnerability in the cookie parameter of Circu ...)
- TODO: check
+ NOT-FOR-US: Circutor SGE-PLC1000 firmware
CVE-2021-33841 (SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle so ...)
- TODO: check
+ NOT-FOR-US: SGE-PLC1000 device
CVE-2021-23210
RESERVED
CVE-2021-23172
@@ -1509,13 +1509,13 @@ CVE-2021-33744
CVE-2021-33743
RESERVED
CVE-2021-33742 (Windows MSHTML Platform Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-33741 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-33740
RESERVED
CVE-2021-33739 (Microsoft DWM Core Library Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-36381
RESERVED
CVE-2020-36380
@@ -1615,7 +1615,7 @@ CVE-2021-33714
CVE-2021-33713
RESERVED
CVE-2021-33712 (A vulnerability has been identified in Mendix SAML Module (All version ...)
- TODO: check
+ NOT-FOR-US: Mendix SAML Module
CVE-2021-33711
RESERVED
CVE-2021-33710
@@ -2397,11 +2397,11 @@ CVE-2021-33360
CVE-2021-33359 (A vulnerability exists in gowitness < 2.3.6 that allows an unauthen ...)
TODO: check
CVE-2021-33358 (Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the "interfac ...)
- TODO: check
+ NOT-FOR-US: RaspAP
CVE-2021-33357 (A vulnerability exists in RaspAP 2.6 to 2.6.5 in the "iface" GET param ...)
- TODO: check
+ NOT-FOR-US: RaspAP
CVE-2021-33356 (Multiple privilege escalation vulnerabilities in RaspAP 1.5 to 2.6.5 c ...)
- TODO: check
+ NOT-FOR-US: RaspAP
CVE-2021-33355
RESERVED
CVE-2021-33354
@@ -2791,7 +2791,7 @@ CVE-2021-33192
CVE-2021-33191
RESERVED
CVE-2021-33190 (In Apache APISIX Dashboard version 2.6, we changed the default value o ...)
- TODO: check
+ NOT-FOR-US: Apache APISIX Dashboard
CVE-2020-36365 (Smartstore (aka SmartStoreNET) before 4.1.0 allows CommonController.Cl ...)
NOT-FOR-US: Smartstore (aka SmartStoreNET)
CVE-2020-36364 (An issue was discovered in Smartstore (aka SmartStoreNET) before 4.1.0 ...)
@@ -2853,9 +2853,9 @@ CVE-2021-33178
CVE-2021-33177
RESERVED
CVE-2021-33176 (VerneMQ MQTT Broker versions prior to 1.12.0 are vulnerable to a denia ...)
- TODO: check
+ NOT-FOR-US: VerneMQ MQTT Broker
CVE-2021-33175 (EMQ X Broker versions prior to 4.2.8 are vulnerable to a denial of ser ...)
- TODO: check
+ NOT-FOR-US: EMQ X Broker
CVE-2021-33174
RESERVED
CVE-2021-33173
@@ -3344,7 +3344,7 @@ CVE-2021-32944
CVE-2021-32943
RESERVED
CVE-2021-32942 (The vulnerability could expose cleartext credentials from AVEVA InTouc ...)
- TODO: check
+ NOT-FOR-US: AVEVA InTouch Runtime
CVE-2021-32941
RESERVED
CVE-2021-32940
@@ -5579,7 +5579,7 @@ CVE-2021-31987
CVE-2021-31986
RESERVED
CVE-2021-31985 (Microsoft Defender Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31984
RESERVED
CVE-2021-31983 (Paint 3D Remote Code Execution Vulnerability This CVE ID is unique fro ...)
@@ -5589,41 +5589,41 @@ CVE-2021-31982
CVE-2021-31981
RESERVED
CVE-2021-31980 (Microsoft Intune Management Extension Remote Code Execution Vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31979
RESERVED
CVE-2021-31978 (Microsoft Defender Denial of Service Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31977 (Windows Hyper-V Denial of Service Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31976 (Server for NFS Information Disclosure Vulnerability This CVE ID is uni ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31975 (Server for NFS Information Disclosure Vulnerability This CVE ID is uni ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31974 (Server for NFS Denial of Service Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31973 (Windows GPSVC Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31972 (Event Tracing for Windows Information Disclosure Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31971 (Windows HTML Platform Security Feature Bypass Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31970 (Windows TCP/IP Driver Security Feature Bypass Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31969 (Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerab ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31968 (Windows Remote Desktop Services Denial of Service Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31967 (VP9 Video Extensions Remote Code Execution Vulnerability ...)
TODO: check
CVE-2021-31966 (Microsoft SharePoint Server Remote Code Execution Vulnerability This C ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31965 (Microsoft SharePoint Server Information Disclosure Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31964 (Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is uniq ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31963 (Microsoft SharePoint Server Remote Code Execution Vulnerability This C ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31962 (Kerberos AppContainer Security Feature Bypass Vulnerability ...)
TODO: check
CVE-2021-31961
@@ -5633,47 +5633,47 @@ CVE-2021-31960 (Windows Bind Filter Driver Information Disclosure Vulnerability
CVE-2021-31959 (Scripting Engine Memory Corruption Vulnerability ...)
TODO: check
CVE-2021-31958 (Windows NTLM Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31957 (ASP.NET Denial of Service Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31956 (Windows NTFS Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31955 (Windows Kernel Information Disclosure Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31954 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31953 (Windows Filter Manager Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31952 (Windows Kernel-Mode Driver Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31951 (Windows Kernel Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31950 (Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is uniq ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31949 (Microsoft Outlook Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31948 (Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is uniq ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31947
RESERVED
CVE-2021-31946 (Paint 3D Remote Code Execution Vulnerability This CVE ID is unique fro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31945 (Paint 3D Remote Code Execution Vulnerability This CVE ID is unique fro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31944 (3D Viewer Information Disclosure Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31943 (3D Viewer Remote Code Execution Vulnerability This CVE ID is unique fr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31942 (3D Viewer Remote Code Execution Vulnerability This CVE ID is unique fr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31941 (Microsoft Office Graphics Remote Code Execution Vulnerability This CVE ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31940 (Microsoft Office Graphics Remote Code Execution Vulnerability This CVE ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31939 (Microsoft Excel Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31938 (Microsoft VsCode Kubernetes Tools Extension Elevation of Privilege Vul ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31937
RESERVED
CVE-2021-31936 (Microsoft Accessibility Insights for Web Information Disclosure Vulner ...)
@@ -5984,7 +5984,7 @@ CVE-2021-31839
CVE-2021-31838
RESERVED
CVE-2021-31837 (Memory corruption vulnerability in the driver file component in McAfee ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2021-31836
RESERVED
CVE-2021-31835
@@ -5994,7 +5994,7 @@ CVE-2021-31834
CVE-2021-31833
RESERVED
CVE-2021-31832 (Improper Neutralization of Input in the ePO administrator extension fo ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2021-31831 (Incorrect access to deleted scripts vulnerability in McAfee Database S ...)
NOT-FOR-US: McAfee
CVE-2021-31830 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -6317,7 +6317,7 @@ CVE-2021-31740
CVE-2021-31739
RESERVED
CVE-2021-31738 (Adiscon LogAnalyzer 4.1.10 and 4.1.11 allow login.php XSS. ...)
- TODO: check
+ NOT-FOR-US: Adiscon LogAnalyzer
CVE-2021-31737 (emlog v5.3.1 and emlog v6.0.0 have a Remote Code Execution vulnerabili ...)
NOT-FOR-US: emlog
CVE-2021-31736
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f82e1dd1455ac641481653066f5a1cf5e969a976
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f82e1dd1455ac641481653066f5a1cf5e969a976
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210609/d7ab5148/attachment.htm>
More information about the debian-security-tracker-commits
mailing list