[Git][security-tracker-team/security-tracker][master] Proces some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jun 29 21:30:04 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
846eec16 by Salvatore Bonaccorso at 2021-06-29T22:29:38+02:00
Proces some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2350,7 +2350,7 @@ CVE-2021-34825 (Quassel through 0.13.1, when --require-ssl is enabled, launches
 	NOTE: https://bugs.quassel-irc.org/issues/1728
 	NOTE: '--require-ssl' flag added in https://github.com/quassel/quassel/pull/43
 CVE-2021-34824 (Istio before 1.9.6 and 1.10.x before 1.10.2 has Incorrect Access Contr ...)
-	TODO: check
+	NOT-FOR-US: Istio
 CVE-2021-34823
 	RESERVED
 CVE-2021-34822
@@ -6538,15 +6538,15 @@ CVE-2021-32994
 CVE-2021-32993
 	RESERVED
 CVE-2021-32992 (FATEK Automation WinProladder Versions 3.30 and prior do not properly  ...)
-	TODO: check
+	NOT-FOR-US: FATEK Automation WinProladder
 CVE-2021-32991
 	RESERVED
 CVE-2021-32990 (FATEK Automation WinProladder Versions 3.30 and prior are vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: FATEK Automation WinProladder
 CVE-2021-32989
 	RESERVED
 CVE-2021-32988 (FATEK Automation WinProladder Versions 3.30 and prior are vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: FATEK Automation WinProladder
 CVE-2021-32987
 	RESERVED
 CVE-2021-32986
@@ -9293,7 +9293,7 @@ CVE-2021-31840 (A vulnerability in the preloading mechanism of specific dynamic
 CVE-2021-31839 (Improper privilege management vulnerability in McAfee Agent for Window ...)
 	NOT-FOR-US: McAfee
 CVE-2021-31838 (A command injection vulnerability in MVISION EDR (MVEDR) prior to 3.4. ...)
-	TODO: check
+	NOT-FOR-US: MVISION EDR (MVEDR)
 CVE-2021-31837 (Memory corruption vulnerability in the driver file component in McAfee ...)
 	NOT-FOR-US: McAfee
 CVE-2021-31836
@@ -10069,9 +10069,9 @@ CVE-2021-31533
 CVE-2021-31532 (NXP LPC55S6x microcontrollers (0A and 1B), i.MX RT500 (silicon rev B1  ...)
 	NOT-FOR-US: NXP
 CVE-2021-31531 (Zoho ManageEngine ServiceDesk Plus MSP before 10521 is vulnerable to S ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine
 CVE-2021-31530 (Zoho ManageEngine ServiceDesk Plus MSP before 10522 is vulnerable to I ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine
 CVE-2021-31529
 	RESERVED
 CVE-2021-31528
@@ -10195,29 +10195,29 @@ CVE-2021-3503
 	RESERVED
 	- wildfly <itp> (bug #752018)
 CVE-2021-31516 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Vector 35 Binary Ninja
 CVE-2021-31515 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Vector 35 Binary Ninja
 CVE-2021-31514 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: OpenText Brava! Desktop
 CVE-2021-31513 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: OpenText Brava! Desktop
 CVE-2021-31512 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: OpenText Brava! Desktop
 CVE-2021-31511 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: OpenText Brava! Desktop
 CVE-2021-31510 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: OpenText Brava! Desktop
 CVE-2021-31509 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: OpenText Brava! Desktop
 CVE-2021-31508 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: OpenText Brava! Desktop
 CVE-2021-31507 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: OpenText Brava! Desktop
 CVE-2021-31506 (This vulnerability allows remote attackers to disclose sensitive infor ...)
-	TODO: check
+	NOT-FOR-US: OpenText Brava! Desktop
 CVE-2021-31505 (This vulnerability allows attackers with physical access to escalate p ...)
-	TODO: check
+	NOT-FOR-US: Arlo Q Plus
 CVE-2021-31504
 	RESERVED
 CVE-2021-31503
@@ -11011,7 +11011,7 @@ CVE-2021-31162 (In the standard library in Rust before 1.52.0, a double free can
 CVE-2021-31161
 	RESERVED
 CVE-2021-31160 (Zoho ManageEngine ServiceDesk Plus MSP before 10521 allows an attacker ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine
 CVE-2021-31159 (Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a ...)
 	NOT-FOR-US: Zoho ManageEngine
 CVE-2021-31158 (In the Query Engine in Couchbase Server 6.5.x and 6.6.x through 6.6.1, ...)
@@ -98586,7 +98586,7 @@ CVE-2020-7870 (A memory corruption vulnerability exists when ezPDF improperly ha
 CVE-2020-7869 (An improper input validation vulnerability of ZOOK software (remote ad ...)
 	TODO: check
 CVE-2020-7868 (A remote code execution vulnerability exists in helpUS(remote administ ...)
-	TODO: check
+	NOT-FOR-US: helpUS(remote administration tool)
 CVE-2020-7867
 	RESERVED
 CVE-2020-7866



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/846eec166873fba94adcfa87bee3b241f749e2b8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/846eec166873fba94adcfa87bee3b241f749e2b8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210629/30c48e88/attachment.htm>

More information about the debian-security-tracker-commits mailing list