[Git][security-tracker-team/security-tracker][master] Process some new NFUs
Salvatore Bonaccorso
carnil at debian.org
Mon Mar 29 21:15:22 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
90f8ce4a by Salvatore Bonaccorso at 2021-03-29T22:14:56+02:00
Process some new NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1064,9 +1064,9 @@ CVE-2021-28939
CVE-2021-28938
RESERVED
CVE-2021-28937 (The /password.html page of the Web management interface of the Acexy W ...)
- TODO: check
+ NOT-FOR-US: Acexy Wireless-N WiFi Repeater
CVE-2021-28936 (The Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) Web management ...)
- TODO: check
+ NOT-FOR-US: Acexy Wireless-N WiFi Repeater
CVE-2021-28935
RESERVED
CVE-2021-28934
@@ -1600,13 +1600,13 @@ CVE-2021-28675
CVE-2021-28674
RESERVED
CVE-2021-28673 (Xerox Phaser 6510 before 64.61.23 and 64.59.11 (Bridge), WorkCentre 65 ...)
- TODO: check
+ NOT-FOR-US: Xerox
CVE-2021-28672
RESERVED
CVE-2021-28671
RESERVED
CVE-2021-28670 (Xerox AltaLink B8045/B8090 before 103.008.030.32000, C8030/C8035 befor ...)
- TODO: check
+ NOT-FOR-US: Xerox
CVE-2021-28669
RESERVED
CVE-2021-28668
@@ -4673,7 +4673,7 @@ CVE-2021-27354
CVE-2021-27353
RESERVED
CVE-2021-27352 (An open redirect vulnerability in Ilch CMS version 2.1.42 allows attac ...)
- TODO: check
+ NOT-FOR-US: Ilch CMS
CVE-2021-27351 (The Terminate Session feature in the Telegram application through 7.2. ...)
- telegram-desktop 2.6.1-1
[buster] - telegram-desktop <not-affected> (Vulnerable code not present)
@@ -10134,9 +10134,9 @@ CVE-2021-25146
CVE-2021-25145
RESERVED
CVE-2021-25144 (A remote buffer overflow vulnerability was discovered in some Aruba In ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-25143 (A remote denial of service (dos) vulnerability was discovered in some ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-25142 (The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 Sy ...)
NOT-FOR-US: HPE
CVE-2021-25141 (A security vulnerability has been identified in in certain HPE and Aru ...)
@@ -17447,7 +17447,7 @@ CVE-2021-21729
CVE-2021-21728
RESERVED
CVE-2021-21727 (A ZTE product has a DoS vulnerability. A remote attacker can amplify t ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2021-21726 (Some ZTE products have an input verification vulnerability in the diag ...)
NOT-FOR-US: ZTE
CVE-2021-21725 (A ZTE product has an information leak vulnerability. An attacker with ...)
@@ -39733,9 +39733,9 @@ CVE-2020-25219 (url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows
NOTE: https://github.com/libproxy/libproxy/issues/134
NOTE: https://github.com/libproxy/libproxy/commit/a83dae404feac517695c23ff43ce1e116e2bfbe0
CVE-2020-25218 (Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) ...)
- TODO: check
+ NOT-FOR-US: Grandstream GRP261x VoIP phone
CVE-2020-25217 (Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) ...)
- TODO: check
+ NOT-FOR-US: Grandstream GRP261x VoIP phone
CVE-2020-25216 (yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Tran ...)
NOT-FOR-US: yWorks yEd Desktop
CVE-2020-25215 (yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or Grap ...)
@@ -41048,7 +41048,7 @@ CVE-2020-24637 (Two vulnerabilities in ArubaOS GRUB2 implementation allows for a
CVE-2020-24636
RESERVED
CVE-2020-24635 (A remote execution of arbitrary commands vulnerability was discovered ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2020-24634 (An attacker is able to remotely inject arbitrary commands by sending e ...)
NOT-FOR-US: Aruba
CVE-2020-24633 (There are multiple buffer overflow vulnerabilities that could lead to ...)
@@ -81941,7 +81941,7 @@ CVE-2020-7852 (DaviewIndy has a Heap-based overflow vulnerability, triggered whe
CVE-2020-7851
RESERVED
CVE-2020-7850 (NBBDownloader.ocx ActiveX Control in Groupware contains a vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: NBBDownloader.ocx ActiveX Control in Groupware
CVE-2020-7849 (A vulnerability of uPrism.io CURIX(Video conferecing solution) could a ...)
NOT-FOR-US: uPrism.io CURIX
CVE-2020-7848 (The EFM ipTIME C200 IP Camera is affected by a Command Injection vulne ...)
@@ -144157,7 +144157,7 @@ CVE-2019-5319
CVE-2019-5318
RESERVED
CVE-2019-5317 (A local authentication bypass vulnerability was discovered in some Aru ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2019-5316
RESERVED
CVE-2019-5315 (A command injection vulnerability is present in the web management int ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90f8ce4af37faeb6b4f672c798ee4a4525e6f5af
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90f8ce4af37faeb6b4f672c798ee4a4525e6f5af
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210329/420a2c10/attachment.htm>
More information about the debian-security-tracker-commits
mailing list