[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Oct 7 09:26:17 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5d69d98a by Salvatore Bonaccorso at 2021-10-07T10:25:57+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,7 +11,7 @@ CVE-2021-42056
CVE-2021-42055
RESERVED
CVE-2021-42054 (ACCEL-PPP 1.12.0 has an out-of-bounds read in triton_context_schedule ...)
- TODO: check
+ NOT-FOR-US: ACCEL-PPP
CVE-2021-42053 (The Unicorn framework through 0.35.3 for Django allows XSS via compone ...)
TODO: check
CVE-2021-42052
@@ -683,7 +683,7 @@ CVE-2021-41772
CVE-2021-41771
RESERVED
CVE-2021-41770 (Ping Identity PingFederate before 10.3.1 mishandles pre-parsing valida ...)
- TODO: check
+ NOT-FOR-US: Ping Identity PingFederate
CVE-2021-3838
RESERVED
CVE-2021-41769
@@ -16933,7 +16933,7 @@ CVE-2021-34790
CVE-2021-34789
RESERVED
CVE-2021-34788 (A vulnerability in the shared library loading mechanism of Cisco AnyCo ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34787
RESERVED
CVE-2021-34786 (Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Sof ...)
@@ -16945,27 +16945,27 @@ CVE-2021-34784
CVE-2021-34783
RESERVED
CVE-2021-34782 (A vulnerability in the API endpoints for Cisco DNA Center could allow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34781
RESERVED
CVE-2021-34780 (Multiple vulnerabilities exist in the Link Layer Discovery Protocol (L ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34779 (Multiple vulnerabilities exist in the Link Layer Discovery Protocol (L ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34778 (Multiple vulnerabilities exist in the Link Layer Discovery Protocol (L ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34777 (Multiple vulnerabilities exist in the Link Layer Discovery Protocol (L ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34776 (Multiple vulnerabilities exist in the Link Layer Discovery Protocol (L ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34775 (Multiple vulnerabilities exist in the Link Layer Discovery Protocol (L ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34774
RESERVED
CVE-2021-34773
RESERVED
CVE-2021-34772 (A vulnerability in the web-based management interface of Cisco Orbital ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34771 (A vulnerability in the Cisco IOS XR Software CLI could allow an authen ...)
NOT-FOR-US: Cisco
CVE-2021-34770 (A vulnerability in the Control and Provisioning of Wireless Access Poi ...)
@@ -16977,7 +16977,7 @@ CVE-2021-34768 (Multiple vulnerabilities in the Control and Provisioning of Wire
CVE-2021-34767 (A vulnerability in IPv6 traffic processing of Cisco IOS XE Wireless Co ...)
NOT-FOR-US: Cisco
CVE-2021-34766 (A vulnerability in the web UI of Cisco Smart Software Manager On-Prem ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34765 (A vulnerability in the web UI for Cisco Nexus Insights could allow an ...)
NOT-FOR-US: Cisco
CVE-2021-34764
@@ -16993,9 +16993,9 @@ CVE-2021-34760
CVE-2021-34759 (A vulnerability in the web-based management interface of Cisco Identit ...)
NOT-FOR-US: Cisco
CVE-2021-34758 (A vulnerability in the memory management of Cisco TelePresence Collabo ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34757 (Multiple vulnerabilities in Cisco Business 220 Series Smart Switches f ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34756
RESERVED
CVE-2021-34755
@@ -17013,7 +17013,7 @@ CVE-2021-34750
CVE-2021-34749 (A vulnerability in Server Name Identification (SNI) request filtering ...)
NOT-FOR-US: Cisco
CVE-2021-34748 (A vulnerability in the web-based management interface of Cisco Intersi ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34747
RESERVED
CVE-2021-34746 (A vulnerability in the TACACS+ authentication, authorization and accou ...)
@@ -17021,11 +17021,11 @@ CVE-2021-34746 (A vulnerability in the TACACS+ authentication, authorization and
CVE-2021-34745 (A vulnerability in the AppDynamics .NET Agent for Windows could allow ...)
NOT-FOR-US: .NET Agent for Windows
CVE-2021-34744 (Multiple vulnerabilities in Cisco Business 220 Series Smart Switches f ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34743
RESERVED
CVE-2021-34742 (A vulnerability in the web-based management interface of Cisco Vision ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34741
RESERVED
CVE-2021-34740 (A vulnerability in the WLAN Control Protocol (WCP) implementation for ...)
@@ -17039,7 +17039,7 @@ CVE-2021-34737 (A vulnerability in the DHCP version 4 (DHCPv4) server feature of
CVE-2021-34736
RESERVED
CVE-2021-34735 (Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34734 (A vulnerability in the Link Layer Discovery Protocol (LLDP) implementa ...)
NOT-FOR-US: Cisco
CVE-2021-34733 (A vulnerability in the CLI of Cisco Prime Infrastructure and Cisco Evo ...)
@@ -17087,9 +17087,9 @@ CVE-2021-34713 (A vulnerability in the Layer 2 punt code of Cisco IOS XR Softwar
CVE-2021-34712 (A vulnerability in the web-based management interface of Cisco SD-WAN ...)
NOT-FOR-US: Cisco
CVE-2021-34711 (A vulnerability in the debug shell of Cisco IP Phone software could al ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34710 (Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34709 (Multiple vulnerabilities in image verification checks of Cisco Network ...)
NOT-FOR-US: Cisco
CVE-2021-34708 (Multiple vulnerabilities in image verification checks of Cisco Network ...)
@@ -17097,7 +17097,7 @@ CVE-2021-34708 (Multiple vulnerabilities in image verification checks of Cisco N
CVE-2021-34707 (A vulnerability in the REST API of Cisco Evolved Programmable Network ...)
NOT-FOR-US: Cisco
CVE-2021-34706 (A vulnerability in the web-based management interface of Cisco Identit ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34705 (A vulnerability in the Voice Telephony Service Provider (VTSP) service ...)
NOT-FOR-US: Cisco
CVE-2021-34704
@@ -17105,7 +17105,7 @@ CVE-2021-34704
CVE-2021-34703 (A vulnerability in the Link Layer Discovery Protocol (LLDP) message pa ...)
NOT-FOR-US: Cisco
CVE-2021-34702 (A vulnerability in the web-based management interface of Cisco Identit ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34701
RESERVED
CVE-2021-34700 (A vulnerability in the CLI interface of Cisco SD-WAN vManage Software ...)
@@ -17113,7 +17113,7 @@ CVE-2021-34700 (A vulnerability in the CLI interface of Cisco SD-WAN vManage Sof
CVE-2021-34699 (A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS ...)
NOT-FOR-US: Cisco
CVE-2021-34698 (A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Se ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34697 (A vulnerability in the Protection Against Distributed Denial of Servic ...)
NOT-FOR-US: Cisco
CVE-2021-34696 (A vulnerability in the access control list (ACL) programming of Cisco ...)
@@ -40356,21 +40356,21 @@ CVE-2021-25501
CVE-2021-25500
RESERVED
CVE-2021-25499 (Intent redirection vulnerability in SamsungAccountSDKSigninActivity of ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25498 (A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSP ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25497 (A possible buffer overflow vulnerability in maetd_cpy_slice of libSPen ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25496 (A possible buffer overflow vulnerability in maetd_dec_slice of libSPen ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25495 (A possible heap buffer overflow vulnerability in libSPenBase library o ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25494 (A possible buffer overflow vulnerability in libSPenBase library of Sam ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25493 (Lack of boundary checking of a buffer in libSPenBase library of Samsun ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25492 (Lack of boundary checking of a buffer in libSPenBase library of Samsun ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25491 (A vulnerability in mfc driver prior to SMR Oct-2021 Release 1 allows m ...)
TODO: check
CVE-2021-25490 (A keyblob downgrade attack in keymaster prior to SMR Oct-2021 Release ...)
@@ -40400,7 +40400,7 @@ CVE-2021-25479 (A possible heap-based buffer overflow vulnerability in Exynos CP
CVE-2021-25478 (A possible stack-based buffer overflow vulnerability in Exynos CP Chip ...)
TODO: check
CVE-2021-25477 (An improper error handling in Mediatek RRC Protocol stack prior to SMR ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2021-25476 (An information disclosure vulnerability in Widevine TA log prior to SM ...)
TODO: check
CVE-2021-25475 (A possible heap-based buffer overflow vulnerability in DSP kernel driv ...)
@@ -43578,11 +43578,11 @@ CVE-2021-24023 (An improper input validation in FortiAI v1.4.0 and earlier may a
CVE-2021-24022 (A buffer overflow vulnerability in FortiAnalyzer CLI 6.4.5 and below, ...)
NOT-FOR-US: Fortiguard
CVE-2021-24021 (An improper neutralization of input vulnerability [CWE-79] in FortiAna ...)
- TODO: check
+ NOT-FOR-US: Fortiguard
CVE-2021-24020 (A missing cryptographic step in the implementation of the hash digest ...)
NOT-FOR-US: Fortiguard
CVE-2021-24019 (An insufficient session expiration vulnerability [CWE- 613] in FortiCl ...)
- TODO: check
+ NOT-FOR-US: Fortiguard
CVE-2021-24018 (A buffer underwrite vulnerability in the firmware verification routine ...)
NOT-FOR-US: FortiOS
CVE-2021-24017 (An improper authentication in Fortinet FortiManager version 6.4.3 and ...)
@@ -60482,7 +60482,7 @@ CVE-2021-1536 (A vulnerability in Cisco Webex Meetings Desktop App for Windows,
CVE-2021-1535 (A vulnerability in the cluster management interface of Cisco SD-WAN vM ...)
NOT-FOR-US: Cisco
CVE-2021-1534 (A vulnerability in the antispam protection mechanisms of Cisco AsyncOS ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1533
RESERVED
CVE-2021-1532 (A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence ...)
@@ -79929,27 +79929,27 @@ CVE-2020-21660
CVE-2020-21659
RESERVED
CVE-2020-21658 (A Cross-Site Request Forgery (CSRF) in WDJA CMS v1.5.2 allows attacker ...)
- TODO: check
+ NOT-FOR-US: WDJA CMS
CVE-2020-21657
RESERVED
CVE-2020-21656 (XYHCMS v3.6 contains a stored cross-site scripting (XSS) vulnerability ...)
- TODO: check
+ NOT-FOR-US: XYHCMS
CVE-2020-21655
RESERVED
CVE-2020-21654 (emlog v6.0 contains a vulnerability in the component admin\template.ph ...)
- TODO: check
+ NOT-FOR-US: emlog
CVE-2020-21653 (Myucms v2.2.1 contains a server-side request forgery (SSRF) in the com ...)
- TODO: check
+ NOT-FOR-US: Myucms
CVE-2020-21652 (Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Myucms
CVE-2020-21651 (Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Myucms
CVE-2020-21650 (Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Myucms
CVE-2020-21649 (Myucms v2.2.1 contains a server-side request forgery (SSRF) in the com ...)
- TODO: check
+ NOT-FOR-US: Myucms
CVE-2020-21648 (WDJA CMS v1.5.2 contains an arbitrary file deletion vulnerability in t ...)
- TODO: check
+ NOT-FOR-US: WDJA CMS
CVE-2020-21647
RESERVED
CVE-2020-21646
@@ -92186,7 +92186,7 @@ CVE-2020-15943 (An issue was discovered in the Gantt-Chart module before 5.5.4 f
CVE-2020-15942 (An information disclosure vulnerability in Web Vulnerability Scan prof ...)
NOT-FOR-US: Fortinet
CVE-2020-15941 (A path traversal vulnerability [CWE-22] in FortiClientEMS versions 6.4 ...)
- TODO: check
+ NOT-FOR-US: Fortiguard
CVE-2020-15940
RESERVED
CVE-2020-15939 (An improper access control vulnerability (CWE-284) in FortiSandbox ver ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d69d98ae2e289a79dc0fbe926e3dce389c42477
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d69d98ae2e289a79dc0fbe926e3dce389c42477
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211007/7d18be32/attachment.htm>
More information about the debian-security-tracker-commits
mailing list