[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri May 21 09:43:53 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7b4c174d by Salvatore Bonaccorso at 2021-05-21T10:43:05+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1805,7 +1805,7 @@ CVE-2021-32632 (Pajbot is a Twitch chat bot. Pajbot versions prior to 1.52 are v
CVE-2021-32631
RESERVED
CVE-2021-32630 (Admidio is a free, open source user management system for websites of ...)
- TODO: check
+ NOT-FOR-US: Admidio
CVE-2021-32629
RESERVED
CVE-2021-32628
@@ -10946,7 +10946,7 @@ CVE-2021-28800
CVE-2021-28799 (An improper authorization vulnerability has been reported to affect QN ...)
NOT-FOR-US: QNAP
CVE-2021-28798 (A relative path traversal vulnerability has been reported to affect QN ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2021-28797 (A stack-based buffer overflow vulnerability has been reported to affec ...)
NOT-FOR-US: QNAP NAS devices
CVE-2021-28796 (Increments Qiita::Markdown before 0.33.0 allows XSS in transformers. ...)
@@ -12247,7 +12247,7 @@ CVE-2021-3440
CVE-2021-3439
RESERVED
CVE-2021-3438 (A potential buffer overflow in the software drivers for certain HP Las ...)
- TODO: check
+ NOT-FOR-US: HP LaserJet products and Samsung product printers
CVE-2021-3437
RESERVED
CVE-2021-3436
@@ -12564,9 +12564,9 @@ CVE-2021-28114
CVE-2021-28113 (A command injection vulnerability in the cookieDomain and relayDomain ...)
NOT-FOR-US: Okta Access Gateway
CVE-2021-28112 (Draeger X-Dock Firmware before 03.00.13 has Active Debug Code on a deb ...)
- TODO: check
+ NOT-FOR-US: Draeger X-Dock Firmware
CVE-2021-28111 (Draeger X-Dock Firmware before 03.00.13 has Hard-Coded Credentials, le ...)
- TODO: check
+ NOT-FOR-US: Draeger X-Dock Firmware
CVE-2021-28110 (/exec in TranzWare e-Commerce Payment Gateway (TWEC PG) before 3.1.27. ...)
NOT-FOR-US: TranzWare e-Commerce Payment Gateway (TWEC PG)
CVE-2021-28109 (TranzWare (POI) FIMI before 4.2.20.4.2 allows login_tw.php reflected C ...)
@@ -12964,7 +12964,7 @@ CVE-2021-27958
CVE-2021-27957
RESERVED
CVE-2021-27956 (Zoho ManageEngine ADSelfService Plus before 6104 allows stored XSS on ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2020-36255 (An issue was discovered in IdentityModel (aka ScottBrady.IdentityModel ...)
NOT-FOR-US: ScottBrady.IdentityModel
CVE-2019-25025 (The activerecord-session_store (aka Active Record Session Store) compo ...)
@@ -17005,7 +17005,7 @@ CVE-2021-3315 (In JetBrains TeamCity before 2020.2.2, stored XSS on a tests page
CVE-2021-3314
RESERVED
CVE-2021-3313 (Plone CMS until version 5.2.4 has a stored Cross-Site Scripting (XSS) ...)
- TODO: check
+ NOT-FOR-US: Plone
CVE-2021-3312
RESERVED
CVE-2021-3311 (An issue was discovered in October through build 471. It reactivates a ...)
@@ -17771,15 +17771,15 @@ CVE-2021-25935
CVE-2021-25934
RESERVED
CVE-2021-25933 (In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0 ...)
- TODO: check
+ NOT-FOR-US: OpenNMS
CVE-2021-25932
RESERVED
CVE-2021-25931 (In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0 ...)
- TODO: check
+ NOT-FOR-US: OpenNMS
CVE-2021-25930 (In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0 ...)
- TODO: check
+ NOT-FOR-US: OpenNMS
CVE-2021-25929 (In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0 ...)
- TODO: check
+ NOT-FOR-US: OpenNMS
CVE-2021-25928 (Prototype pollution vulnerability in 'safe-obj' versions 1.0.0 through ...)
NOT-FOR-US: Node safe-obj
CVE-2021-25927 (Prototype pollution vulnerability in 'safe-flat' versions 2.0.0 throug ...)
@@ -64443,7 +64443,7 @@ CVE-2020-18222
CVE-2020-18221
RESERVED
CVE-2020-18220 (Weak Encoding for Password in DoraCMS v2.1.1 and earlier allows attack ...)
- TODO: check
+ NOT-FOR-US: DoraCMS
CVE-2020-18219
RESERVED
CVE-2020-18218
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b4c174d064ef242e1569fafe57a1861515125cf
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b4c174d064ef242e1569fafe57a1861515125cf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210521/104f3a84/attachment.htm>
More information about the debian-security-tracker-commits
mailing list