[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Oct 7 22:25:42 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a507c9ac by Salvatore Bonaccorso at 2021-10-07T23:25:16+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -23,7 +23,7 @@ CVE-2021-42073
CVE-2021-42072
RESERVED
CVE-2021-42071 (In Visual Tools DVR VX16 4.2.28.0, an unauthenticated attacker can ach ...)
- TODO: check
+ NOT-FOR-US: Visual Tools DVR VX16
CVE-2021-42070
RESERVED
CVE-2021-42069
@@ -680,7 +680,7 @@ CVE-2021-41796
CVE-2021-41795 (The Safari app extension bundled with 1Password for Mac 7.7.0 through ...)
NOT-FOR-US: 1Password
CVE-2021-41794 (ogs_fqdn_parse in Open5GS 1.0.0 through 2.3.3 inappropriately trusts a ...)
- TODO: check
+ NOT-FOR-US: Open5GS
CVE-2021-41793
RESERVED
CVE-2021-41792
@@ -758,11 +758,11 @@ CVE-2021-3836
CVE-2021-3835
RESERVED
CVE-2021-3834 (Integria IMS in its 5.0.92 version does not filter correctly some fiel ...)
- TODO: check
+ NOT-FOR-US: Integria IMS
CVE-2021-3833 (Integria IMS login check uses a loose comparator ("==") to compare the ...)
- TODO: check
+ NOT-FOR-US: Integria IMS
CVE-2021-3832 (Integria IMS in its 5.0.92 version is vulnerable to a Remote Code Exec ...)
- TODO: check
+ NOT-FOR-US: Integria IMS
CVE-2021-3831
RESERVED
CVE-2021-41765
@@ -3074,9 +3074,9 @@ CVE-2021-40728
CVE-2021-40727
RESERVED
CVE-2021-40726 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40725 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40724
RESERVED
CVE-2021-40723
@@ -9787,33 +9787,33 @@ CVE-2021-3679 (A lack of CPU resource in the Linux kernel tracing module functio
CVE-2021-3678 (showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random N ...)
NOT-FOR-US: showdoc
CVE-2021-37931 (Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestr ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-37930 (Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestr ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-37929 (Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestr ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-37928 (Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestr ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-37927 (Zoho ManageEngine ADManager Plus version 7110 and prior allows account ...)
NOT-FOR-US: Zoho ManageEngine ADManager Plus
CVE-2021-37926 (Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestr ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-37925 (Zoho ManageEngine ADManager Plus version 7110 and prior has a Post-Aut ...)
NOT-FOR-US: Zoho ManageEngine ADManager Plus
CVE-2021-37924 (Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestr ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-37923 (Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestr ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-37922 (Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-37921 (Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestr ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-37920 (Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestr ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-37919 (Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestr ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-37918 (Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestr ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-37917
RESERVED
CVE-2021-37916 (Joplin before 2.0.9 allows XSS via button and form in the note body. ...)
@@ -10154,7 +10154,7 @@ CVE-2021-37764
CVE-2021-37763
RESERVED
CVE-2021-37762 (Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestr ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-37761 (Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable ...)
NOT-FOR-US: Zoho ManageEngine
CVE-2021-37760 (A Session ID leak in the audit log in Graylog before 4.1.2 allows atta ...)
@@ -16359,7 +16359,7 @@ CVE-2021-35069
CVE-2021-35068
RESERVED
CVE-2021-35067 (Meross MSG100 devices before 3.2.3 allow an attacker to replay the sam ...)
- TODO: check
+ NOT-FOR-US: Meross MSG100 devices
CVE-2021-3612 (An out-of-bounds memory write flaw was found in the Linux kernel's joy ...)
- linux 5.10.46-3
NOTE: Introduced by: https://lore.kernel.org/linux-input/20210219083215.GS2087@kadam/
@@ -23327,7 +23327,7 @@ CVE-2021-32174
CVE-2021-32173
RESERVED
CVE-2021-32172 (Maian Cart v3.8 contains a preauthorization remote code execution (RCE ...)
- TODO: check
+ NOT-FOR-US: Maian Cart
CVE-2021-32171
RESERVED
CVE-2021-32170
@@ -37601,9 +37601,9 @@ CVE-2021-3388
CVE-2021-3387
RESERVED
CVE-2021-26557 (When Octopus Tentacle is installed using a custom folder location, fol ...)
- TODO: check
+ NOT-FOR-US: Octopus Tentacle
CVE-2021-26556 (When Octopus Server is installed using a custom folder location, folde ...)
- TODO: check
+ NOT-FOR-US: Octopus Server
CVE-2021-26555
RESERVED
CVE-2021-26554
@@ -46108,7 +46108,7 @@ CVE-2021-22960
CVE-2021-22959
RESERVED
CVE-2021-22958 (A Server-Side Request Forgery vulnerability was found in concrete5 < ...)
- TODO: check
+ NOT-FOR-US: Concrete CMS
CVE-2021-22957
RESERVED
CVE-2021-22956
@@ -53323,13 +53323,13 @@ CVE-2021-20607
CVE-2021-20606
RESERVED
CVE-2021-20605 (Improper Input Validation vulnerability in GOT2000 series GT21 model G ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2021-20604 (Improper Input Validation vulnerability in GOT2000 series GT21 model G ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2021-20603 (Improper Input Validation vulnerability in GOT2000 series GT21 model G ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2021-20602 (Improper Handling of Exceptional Conditions vulnerability in GOT2000 s ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2021-20601
RESERVED
CVE-2021-20600
@@ -60453,7 +60453,7 @@ CVE-2021-1596 (Multiple vulnerabilities in the Link Layer Discovery Protocol (LL
CVE-2021-1595 (Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) i ...)
NOT-FOR-US: Cisco
CVE-2021-1594 (A vulnerability in the REST API of Cisco Identity Services Engine (ISE ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1593 (A vulnerability in Cisco Packet Tracer for Windows could allow an auth ...)
NOT-FOR-US: Cisco
CVE-2021-1592 (A vulnerability in the way Cisco UCS Manager software handles SSH sess ...)
@@ -85602,7 +85602,7 @@ CVE-2020-19005 (zrlog v2.1.0 has a vulnerability with the permission check. If a
CVE-2020-19004
RESERVED
CVE-2020-19003 (An issue in Gate One 1.2.0 allows attackers to bypass to the verificat ...)
- TODO: check
+ NOT-FOR-US: Gate One
CVE-2020-19002 (Cross Site Scripting (XSS) in Mezzanine v4.3.1 allows remote attackers ...)
NOT-FOR-US: Mezzanine CMS
CVE-2020-19001 (Command Injection in Simiki v1.6.2.1 and prior allows remote attackers ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a507c9acc18d4baad99622e3aef161aca9a9aba8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a507c9acc18d4baad99622e3aef161aca9a9aba8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211007/d498b919/attachment.htm>
More information about the debian-security-tracker-commits
mailing list