[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Nov 13 08:28:56 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2761e697 by Salvatore Bonaccorso at 2021-11-13T09:28:18+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,9 +7,9 @@ CVE-2021-43613
CVE-2021-43612
RESERVED
CVE-2021-43611 (Belledonne Belle-sip before 5.0.20 can crash applications such as Linp ...)
- TODO: check
+ NOT-FOR-US: Belledonne Belle-sip
CVE-2021-43610 (Belledonne Belle-sip before 5.0.20 can crash applications such as Linp ...)
- TODO: check
+ NOT-FOR-US: Belledonne Belle-sip
CVE-2021-43609
RESERVED
CVE-2021-43608
@@ -3451,7 +3451,7 @@ CVE-2021-42565 (myfactory.FMS before 7.1-912 allows XSS via the UID parameter. .
CVE-2021-42564
RESERVED
CVE-2021-42563 (There is an Unquoted Service Path in NI Service Locator (nisvcloc.exe) ...)
- TODO: check
+ NOT-FOR-US: NI Service Locator
CVE-2021-3893
RESERVED
CVE-2021-42562
@@ -6433,7 +6433,7 @@ CVE-2021-41830 (It is possible for an attacker to manipulate signed documents an
CVE-2021-3844
RESERVED
CVE-2021-3843 (A potential vulnerability in the SMI function to access EEPROM in some ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2021-3842
RESERVED
CVE-2021-3841
@@ -6538,7 +6538,7 @@ CVE-2021-41789
CVE-2021-41788
RESERVED
CVE-2021-3840 (A dependency confusion vulnerability was reported in the Antilles open ...)
- TODO: check
+ NOT-FOR-US: Antilles
CVE-2021-41787
RESERVED
CVE-2021-41786
@@ -8792,21 +8792,21 @@ CVE-2021-40820
CVE-2021-40819
RESERVED
CVE-2021-3793 (An improper access control vulnerability was reported in some Motorola ...)
- TODO: check
+ NOT-FOR-US: Binatone
CVE-2021-3792 (Some device communications in some Motorola-branded Binatone Hubble Ca ...)
- TODO: check
+ NOT-FOR-US: Binatone
CVE-2021-3791 (An information disclosure vulnerability was reported in some Motorola- ...)
- TODO: check
+ NOT-FOR-US: Binatone
CVE-2021-3790 (A buffer overflow was reported in the local web server of some Motorol ...)
- TODO: check
+ NOT-FOR-US: Binatone
CVE-2021-3789 (An information disclosure vulnerability was reported in some Motorola- ...)
- TODO: check
+ NOT-FOR-US: Binatone
CVE-2021-3788 (An exposed debug interface was reported in some Motorola-branded Binat ...)
- TODO: check
+ NOT-FOR-US: Binatone
CVE-2021-3787 (A vulnerability was reported in some Motorola-branded Binatone Hubble ...)
- TODO: check
+ NOT-FOR-US: Binatone
CVE-2021-3786 (A potential vulnerability in the SMI callback function used in CSME co ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2021-3785 (yourls is vulnerable to Improper Neutralization of Input During Web Pa ...)
NOT-FOR-US: yourls
CVE-2021-3784
@@ -12384,11 +12384,11 @@ CVE-2021-3722
CVE-2021-3721
RESERVED
CVE-2021-3720 (An information disclosure vulnerability was reported in the Time Weath ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2021-3719 (A potential vulnerability in the SMI callback function that saves and ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2021-3718 (A denial of service vulnerability was reported in some ThinkPad models ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2021-39291 (Certain NetModule devices allow credentials via GET parameters to CLI- ...)
NOT-FOR-US: NetModule devices
CVE-2021-39290 (Certain NetModule devices allow Limited Session Fixation via PHPSESSID ...)
@@ -13849,7 +13849,7 @@ CVE-2021-38686
CVE-2021-38685
RESERVED
CVE-2021-38684 (A stack buffer overflow vulnerability has been reported to affect QNAP ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2021-38683
RESERVED
CVE-2021-38682
@@ -19575,11 +19575,11 @@ CVE-2021-36327
CVE-2021-36326
RESERVED
CVE-2021-36325 (Dell BIOS contains an improper input validation vulnerability. A local ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2021-36324 (Dell BIOS contains an improper input validation vulnerability. A local ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2021-36323 (Dell BIOS contains an improper input validation vulnerability. A local ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2021-36322
RESERVED
CVE-2021-36321
@@ -19615,7 +19615,7 @@ CVE-2021-36307
CVE-2021-36306
RESERVED
CVE-2021-36305 (Dell PowerScale OneFS contains an Unsynchronized Access to Shared Data ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2021-36304
RESERVED
CVE-2021-36303
@@ -23470,7 +23470,7 @@ CVE-2021-3600
NOTE: https://git.kernel.org/linus/e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90
NOTE: https://www.openwall.com/lists/oss-security/2021/06/23/1
CVE-2021-3599 (A potential vulnerability in the SMI callback function used to access ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2021-34681
RESERVED
CVE-2021-34680
@@ -24240,7 +24240,7 @@ CVE-2021-34359
CVE-2021-34358
RESERVED
CVE-2021-34357 (A cross-site scripting (XSS) vulnerability has been reported to affect ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2021-34356 (A cross-site scripting (XSS) vulnerability has been reported to affect ...)
NOT-FOR-US: QNAP
CVE-2021-34355 (A cross-site scripting (XSS) vulnerability has been reported to affect ...)
@@ -25494,7 +25494,7 @@ CVE-2021-33806 (The BDew BdLib library before 1.16.1.7 for Minecraft allows remo
CVE-2021-33805
REJECTED
CVE-2021-3577 (An unauthenticated remote code execution vulnerability was reported in ...)
- TODO: check
+ NOT-FOR-US: Binatone
CVE-2021-3576 (Execution with Unnecessary Privileges vulnerability in Bitdefender End ...)
NOT-FOR-US: Bitdefender
CVE-2021-3575 [heap-buffer-overflow in color.c may lead to DoS]
@@ -30519,7 +30519,7 @@ CVE-2021-31868 (Rapid7 Nexpose version 6.6.95 and earlier allows authenticated u
CVE-2021-31867 (Pimcore Customer Data Framework version 3.0.0 and earlier suffers from ...)
NOT-FOR-US: Pimcore
CVE-2021-3519 (A vulnerability was reported in some Lenovo Desktop models that could ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2021-31866 (Redmine before 4.0.9 and 4.1.x before 4.1.3 allows an attacker to lear ...)
{DLA-2658-1}
- redmine <unfixed> (bug #990792)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2761e697dd6ddc2f296e49eaf0e92722ae5c29db
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2761e697dd6ddc2f296e49eaf0e92722ae5c29db
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211113/c4fc8faf/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list