[Git][security-tracker-team/security-tracker][master] Process more NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Mar 9 20:50:08 GMT 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ea8b02b2 by Salvatore Bonaccorso at 2021-03-09T21:49:46+01:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -259,7 +259,7 @@ CVE-2021-28008
 CVE-2021-28007
 	RESERVED
 CVE-2021-28006 (Web Based Quiz System 1.0 is affected by cross-site scripting (XSS) in ...)
-	TODO: check
+	NOT-FOR-US: Web Based Quiz System
 CVE-2021-28005
 	RESERVED
 CVE-2021-28004
@@ -851,7 +851,7 @@ CVE-2021-27803 (A vulnerability was discovered in how p2p/p2p_pd.c in wpa_suppli
 	NOTE: https://w1.fi/security/2021-1/wpa_supplicant-p2p-provision-discovery-processing-vulnerability.txt
 	NOTE: https://w1.fi/security/2021-1/0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch
 CVE-2021-3417 (An internal product security audit of LXCO, prior to version 1.2.2, di ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2021-3416 [net: infinite loop in loopback mode may lead to stack overflow]
 	RESERVED
 	- qemu <unfixed> (bug #984448)
@@ -14804,7 +14804,7 @@ CVE-2021-21512 (Dell EMC PowerProtect Cyber Recovery, version 19.7.0.1, contains
 CVE-2021-21511 (Dell EMC Avamar Server, versions 19.3 and 19.4 contain an Improper Aut ...)
 	NOT-FOR-US: EMC Avamar Server
 CVE-2021-21510 (Dell iDRAC8 versions prior to 2.75.100.75 contain a host header inject ...)
-	TODO: check
+	NOT-FOR-US: Dell iDRAC8
 CVE-2021-21509
 	RESERVED
 CVE-2021-21508
@@ -14812,13 +14812,13 @@ CVE-2021-21508
 CVE-2021-21507
 	RESERVED
 CVE-2021-21506 (PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sani ...)
-	TODO: check
+	NOT-FOR-US: PowerScale OneFS
 CVE-2021-21505
 	RESERVED
 CVE-2021-21504
 	RESERVED
 CVE-2021-21503 (PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sani ...)
-	TODO: check
+	NOT-FOR-US: PowerScale OneFS
 CVE-2021-21502 (Dell PowerScale OneFS versions 8.1.0 – 9.1.0 contain a "use of S ...)
 	NOT-FOR-US: Dell
 CVE-2021-21501
@@ -15557,7 +15557,7 @@ CVE-2021-21490
 CVE-2021-21489
 	RESERVED
 CVE-2021-21488 (Knowledge Management versions 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 allow ...)
-	TODO: check
+	NOT-FOR-US: Knowledge Management
 CVE-2021-21487 (SAP Payment Engine version 500, does not perform necessary authorizati ...)
 	NOT-FOR-US: SAP
 CVE-2021-21486 (SAP Enterprise Financial Services versions, 101, 102, 103, 104, 105, 6 ...)
@@ -28787,7 +28787,7 @@ CVE-2020-28152
 CVE-2020-28151
 	RESERVED
 CVE-2020-28150 (I-Net Software Clear Reports 20.10.136 web application accepts a user- ...)
-	TODO: check
+	NOT-FOR-US: I-Net Software Clear Reports
 CVE-2020-28149
 	RESERVED
 CVE-2020-28148
@@ -30941,11 +30941,11 @@ CVE-2020-27578
 CVE-2020-27577
 	RESERVED
 CVE-2020-27576 (Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting (XS ...)
-	TODO: check
+	NOT-FOR-US: Maxum Rumpus
 CVE-2020-27575 (Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vuln ...)
-	TODO: check
+	NOT-FOR-US: Maxum Rumpus
 CVE-2020-27574 (Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site request forge ...)
-	TODO: check
+	NOT-FOR-US: Maxum Rumpus
 CVE-2020-27573
 	RESERVED
 CVE-2020-27572
@@ -39255,7 +39255,7 @@ CVE-2020-23969
 CVE-2020-23968 (Ilex International Sign&go Workstation Security Suite 7.1 allows e ...)
 	NOT-FOR-US: Ilex International Sign&go Workstation Security Suite
 CVE-2020-23967 (Dr.Web Security Space versions 11 and 12 allow elevation of privilege  ...)
-	TODO: check
+	NOT-FOR-US: Dr.Web Security Space
 CVE-2020-23966
 	RESERVED
 CVE-2020-23965
@@ -77235,9 +77235,9 @@ CVE-2020-8359
 CVE-2020-8358
 	RESERVED
 CVE-2020-8357 (A denial of service vulnerability was reported in Lenovo PCManager, pr ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2020-8356 (An internal product security audit of LXCO, prior to version 1.2.2, di ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2020-8355 (An internal product security audit of Lenovo XClarity Administrator (L ...)
 	NOT-FOR-US: Lenovo
 CVE-2020-8354 (A potential vulnerability in the SMI callback function used in the Var ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea8b02b235106cc5074a63d734249a67b68237eb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea8b02b235106cc5074a63d734249a67b68237eb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210309/0961b8f6/attachment.htm>


More information about the debian-security-tracker-commits mailing list