[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Oct 12 12:50:15 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8a5386f1 by Salvatore Bonaccorso at 2021-10-12T13:49:44+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3726,7 +3726,7 @@ CVE-2021-40619
 CVE-2021-40618
 	RESERVED
 CVE-2021-40617 (An SQL Injection vulnerability exists in openSIS Community Edition ver ...)
-	TODO: check
+	NOT-FOR-US: openSIS
 CVE-2021-40616
 	RESERVED
 CVE-2021-40615
@@ -3874,9 +3874,9 @@ CVE-2021-40545
 CVE-2021-40544
 	RESERVED
 CVE-2021-40543 (Opensis-Classic Version 8.0 is affected by a SQL injection vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: openSIS
 CVE-2021-40542 (Opensis-Classic Version 8.0 is affected by cross-site scripting (XSS). ...)
-	TODO: check
+	NOT-FOR-US: openSIS
 CVE-2021-40541 (PHPFusion 9.03.110 is affected by cross-site scripting (XSS) in the pr ...)
 	NOT-FOR-US: PHP-Fusion
 CVE-2021-40540 (ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info ...)
@@ -4646,7 +4646,7 @@ CVE-2021-40241
 CVE-2021-40240
 	RESERVED
 CVE-2021-40239 (A Buffer Overflow vulnerability exists in the latest version of Minift ...)
-	TODO: check
+	NOT-FOR-US: Miniftpd
 CVE-2021-40238 (A Cross Site Scriptiong (XSS) vulnerability exists in the admin panel  ...)
 	NOT-FOR-US: Webuzo
 CVE-2021-40237
@@ -12016,7 +12016,7 @@ CVE-2021-37125
 CVE-2021-37124
 	RESERVED
 CVE-2021-37123 (There is an improper authentication vulnerability in Hero-CT060 before ...)
-	TODO: check
+	NOT-FOR-US: Hero-CT060
 CVE-2021-37122
 	RESERVED
 CVE-2021-37121
@@ -35452,7 +35452,7 @@ CVE-2021-27666
 CVE-2021-27665 (An unauthenticated remote user could exploit a potential integer overf ...)
 	TODO: check
 CVE-2021-27664 (Under certain configurations an unauthenticated remote user could be g ...)
-	TODO: check
+	NOT-FOR-US: exacqVision
 CVE-2021-27663 (A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM  ...)
 	NOT-FOR-US: Johnson Controls
 CVE-2021-27662 (The KT-1 door controller is susceptible to replay or man-in-the-middle ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a5386f1c29a00cda6c32e05163f593a7ce2c2c3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a5386f1c29a00cda6c32e05163f593a7ce2c2c3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211012/4011db58/attachment.htm>

More information about the debian-security-tracker-commits mailing list