[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jun 30 21:44:30 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
acb96d1e by Salvatore Bonaccorso at 2021-06-30T22:43:23+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -217,7 +217,7 @@ CVE-2021-35973 (NETGEAR WAC104 devices before 1.0.4.15 are affected by an authen
CVE-2021-35972
RESERVED
CVE-2021-35971 (Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 be ...)
- TODO: check
+ NOT-FOR-US: Veeam
CVE-2021-35970 (Talk 4 in Coral before 4.12.1 allows remote attackers to discover e-ma ...)
TODO: check
CVE-2021-35969
@@ -247,7 +247,7 @@ CVE-2021-35958 (** DISPUTED ** TensorFlow through 2.5.0 allows attackers to over
CVE-2021-35957
RESERVED
CVE-2021-35956 (Stored cross-site scripting (XSS) in the embedded webserver of AKCP se ...)
- TODO: check
+ NOT-FOR-US: AKCP sensorProbe
CVE-2021-35955
RESERVED
CVE-2021-35954
@@ -3631,31 +3631,31 @@ CVE-2021-34387 (The ARM TrustZone Technology on which Trusty is based on contain
CVE-2021-34386 (Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an ...)
NOT-FOR-US: NVIDIA
CVE-2021-34385 (Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an ...)
- TODO: check
+ NOT-FOR-US: Trusty TLK (NVIDIA)
CVE-2021-34384 (Bootloader contains a vulnerability in NVIDIA MB2 where a potential he ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2021-34383 (Bootloader contains a vulnerability in NVIDIA MB2 where a potential he ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2021-34382 (Trusty TLK contains a vulnerability in the NVIDIA TLK kernel’s t ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2021-34381 (Trusty TLK contains a vulnerability in the NVIDIA TLK kernel function ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2021-34380 (Bootloader contains a vulnerability in NVIDIA MB2 where potential heap ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2021-34379 (Trusty contains a vulnerability in the HDCP service TA where bounds ch ...)
- TODO: check
+ NOT-FOR-US: rusty TLK (NVIDIA)
CVE-2021-34378 (Trusty contains a vulnerability in the HDCP service TA where bounds ch ...)
- TODO: check
+ NOT-FOR-US: rusty TLK (NVIDIA)
CVE-2021-34377 (Trusty contains a vulnerability in the HDCP service TA where bounds ch ...)
- TODO: check
+ NOT-FOR-US: rusty TLK (NVIDIA)
CVE-2021-34376 (Trusty contains a vulnerability in the HDCP service TA where bounds ch ...)
- TODO: check
+ NOT-FOR-US: rusty TLK (NVIDIA)
CVE-2021-34375 (Trusty contains a vulnerability in all trusted applications (TAs) wher ...)
- TODO: check
+ NOT-FOR-US: rusty TLK (NVIDIA)
CVE-2021-34374 (Trusty contains a vulnerability in command handlers where the length o ...)
- TODO: check
+ NOT-FOR-US: rusty TLK (NVIDIA)
CVE-2021-34373 (Trusty trusted Linux kernel (TLK) contains a vulnerability in the NVID ...)
- TODO: check
+ NOT-FOR-US: rusty TLK (NVIDIA)
CVE-2021-34372 (Trusty (the trusted OS produced by NVIDIA for Jetson devices) driver c ...)
NOT-FOR-US: Trusty
CVE-2021-34371
@@ -4290,7 +4290,7 @@ CVE-2021-34077
CVE-2021-34076
RESERVED
CVE-2021-34075 (In Artica Pandora FMS <=754 in the File Manager component, there is ...)
- TODO: check
+ NOT-FOR-US: Artica Pandora FMS
CVE-2021-34074 (PandoraFMS <=7.54 allows arbitrary file upload, it leading to remot ...)
NOT-FOR-US: PandoraFMS
CVE-2021-34073
@@ -12323,7 +12323,7 @@ CVE-2021-30650
CVE-2021-30649
RESERVED
CVE-2021-30648 (The Symantec Advanced Secure Gateway (ASG) and ProxySG web management ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2021-30647
RESERVED
CVE-2021-30646
@@ -16581,7 +16581,7 @@ CVE-2021-28994 (kopano-ical (formerly zarafa-ical) in Kopano Groupware Core thro
[buster] - kopanocore <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2021/03/19/6
CVE-2021-28993 (Plixer Scrutinizer 19.0.2 is affected by: SQL Injection. The impact is ...)
- TODO: check
+ NOT-FOR-US: Plixer Scrutinizer
CVE-2021-28992
RESERVED
CVE-2021-28991
@@ -19311,9 +19311,9 @@ CVE-2021-27905 (The ReplicationHandler (normally registered at "/replication" un
CVE-2021-27904 (An issue was discovered in app/Model/SharingGroupServer.php in MISP 2. ...)
NOT-FOR-US: MISP
CVE-2021-27903 (An issue was discovered in Craft CMS before 3.6.7. In some circumstanc ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2021-27902 (An issue was discovered in Craft CMS before 3.6.0. In some circumstanc ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2021-27901 (An issue was discovered on LG mobile devices with Android OS 11 softwa ...)
NOT-FOR-US: LG mobile devices
CVE-2021-27900 (The Proofpoint Insider Threat Management Server (formerly ObserveIT Se ...)
@@ -32220,7 +32220,7 @@ CVE-2021-22382 (Huawei LTE USB Dongle products have an improper permission assig
CVE-2021-22381
RESERVED
CVE-2021-22380 (There is a Cleartext Transmission of Sensitive Information Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-22379
RESERVED
CVE-2021-22378 (There is a race condition vulnerability in eCNS280_TD V100R005C00 and ...)
@@ -32228,25 +32228,25 @@ CVE-2021-22378 (There is a race condition vulnerability in eCNS280_TD V100R005C0
CVE-2021-22377 (There is a command injection vulnerability in S12700 V200R019C00SPC500 ...)
NOT-FOR-US: Huawei
CVE-2021-22376 (There is an Improper Permission Management Vulnerability in Huawei Sma ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-22375 (There is a Key Management Errors Vulnerability in Huawei Smartphone. S ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-22374 (There is an Improper Validation of Array Index Vulnerability in Huawei ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-22373 (There is a Defects Introduced in the Design Process Vulnerability in H ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-22372 (There is a Security Features Vulnerability in Huawei Smartphone. Succe ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-22371 (There is an Improper Permission Management Vulnerability in Huawei Sma ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-22370 (There is a Credentials Management Errors Vulnerability in Huawei Smart ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-22369 (There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-22368 (There is a Permission Control Vulnerability in Huawei Smartphone. Succ ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-22367 (There is a Key Management Errors Vulnerability in Huawei Smartphone. S ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-22366 (There is an out-of-bounds read vulnerability in eSE620X vESS V100R001C ...)
NOT-FOR-US: Huawei
CVE-2021-22365 (There is an out of bounds read vulnerability in eSE620X vESS V100R001C ...)
@@ -32272,9 +32272,9 @@ CVE-2021-22356
CVE-2021-22355
RESERVED
CVE-2021-22354 (There is an Information Disclosure Vulnerability in Huawei Smartphone. ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-22353 (There is a Memory Buffer Improper Operation Limit Vulnerability in Hua ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-22352
RESERVED
CVE-2021-22351
@@ -32328,13 +32328,13 @@ CVE-2021-22328
CVE-2021-22327 (There is an arbitrary memory write vulnerability in Huawei smart phone ...)
NOT-FOR-US: Huawei
CVE-2021-22326 (There is an Incorrect Privilege Assignment Vulnerability in Huawei Sma ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-22325 (There is an Information Disclosure vulnerability in Huawei Smartphone. ...)
NOT-FOR-US: Huawei
CVE-2021-22324 (There is a Credentials Management Errors vulnerability in Huawei Smart ...)
NOT-FOR-US: Huawei
CVE-2021-22323 (There is an Integer Overflow Vulnerability in Huawei Smartphone. Succe ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-22322 (There is a Missing Authentication for Critical Function vulnerability ...)
NOT-FOR-US: Huawei
CVE-2021-22321 (There is a use-after-free vulnerability in a Huawei product. A module ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acb96d1e3a19b4b2ef674375fd9254444e438bcd
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acb96d1e3a19b4b2ef674375fd9254444e438bcd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210630/f36fed8e/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list