[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Sep 15 21:38:08 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e7ec1611 by Salvatore Bonaccorso at 2021-09-15T22:37:45+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -876,7 +876,7 @@ CVE-2021-40864 (The Translate plugin 6.1.x through 6.3.x before 6.3.0.72 for ONL
CVE-2021-40863
RESERVED
CVE-2021-40862 (HashiCorp Terraform Enterprise up to v202108-1 contained an API endpoi ...)
- TODO: check
+ NOT-FOR-US: HashiCorp Terraform Enterprise
CVE-2021-40861
RESERVED
CVE-2021-40860
@@ -5843,15 +5843,15 @@ CVE-2021-38673
CVE-2021-38672
RESERVED
CVE-2021-38671 (Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38670
RESERVED
CVE-2021-38669 (Microsoft Edge (Chromium-based) Tampering Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38668
RESERVED
CVE-2021-38667 (Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38666
RESERVED
CVE-2021-38665
@@ -5865,39 +5865,39 @@ CVE-2021-38662
CVE-2021-38661 (HEVC Video Extensions Remote Code Execution Vulnerability ...)
TODO: check
CVE-2021-38660 (Microsoft Office Graphics Remote Code Execution Vulnerability This CVE ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38659 (Microsoft Office Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38658 (Microsoft Office Graphics Remote Code Execution Vulnerability This CVE ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38657 (Microsoft Office Graphics Component Information Disclosure Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38656 (Microsoft Word Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38655 (Microsoft Excel Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38654 (Microsoft Office Visio Remote Code Execution Vulnerability This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38653 (Microsoft Office Visio Remote Code Execution Vulnerability This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38652 (Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is uniq ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38651 (Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is uniq ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38650 (Microsoft Office Spoofing Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38649 (Open Management Infrastructure Elevation of Privilege Vulnerability Th ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38648 (Open Management Infrastructure Elevation of Privilege Vulnerability Th ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38647 (Open Management Infrastructure Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38646 (Microsoft Office Access Connectivity Engine Remote Code Execution Vuln ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38645 (Open Management Infrastructure Elevation of Privilege Vulnerability Th ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38644 (Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38643
RESERVED
CVE-2021-38642 (Microsoft Edge for iOS Spoofing Vulnerability ...)
@@ -5907,37 +5907,37 @@ CVE-2021-38641 (Microsoft Edge for Android Spoofing Vulnerability ...)
CVE-2021-38640
RESERVED
CVE-2021-38639 (Win32k Elevation of Privilege Vulnerability This CVE ID is unique from ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38638 (Windows Ancillary Function Driver for WinSock Elevation of Privilege V ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38637 (Windows Storage Information Disclosure Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38636 (Windows Redirected Drive Buffering SubSystem Driver Information Disclo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38635 (Windows Redirected Drive Buffering SubSystem Driver Information Disclo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38634 (Microsoft Windows Update Client Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38633 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38632 (BitLocker Security Feature Bypass Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38631
RESERVED
CVE-2021-38630 (Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38629 (Windows Ancillary Function Driver for WinSock Information Disclosure V ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38628 (Windows Ancillary Function Driver for WinSock Elevation of Privilege V ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38627
RESERVED
CVE-2021-38626 (Windows Kernel Elevation of Privilege Vulnerability This CVE ID is uni ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38625 (Windows Kernel Elevation of Privilege Vulnerability This CVE ID is uni ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38624 (Windows Key Storage Provider Security Feature Bypass Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38623 (The deferred_image_processing (aka Deferred image processing) extensio ...)
NOT-FOR-US: deferred_image_processing (aka Deferred image processing) extension for TYPO3
CVE-2021-38622
@@ -7119,7 +7119,7 @@ CVE-2021-38158
CVE-2021-38157 (** UNSUPPORTED WHEN ASSIGNED ** LeoStream Connection Broker 9.x before ...)
NOT-FOR-US: LeoStream Connection Broker
CVE-2021-38156 (In Nagios XI before 5.8.6, XSS exists in the dashboard page (/dashboar ...)
- TODO: check
+ NOT-FOR-US: Nagios XI
CVE-2021-38155 (OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1 ...)
- keystone 2:19.0.0-3 (bug #992070)
[bullseye] - keystone <no-dsa> (Minor issue)
@@ -8771,7 +8771,7 @@ CVE-2021-37414 (Zoho ManageEngine DesktopCentral version 10.1.2119.7 and prior a
CVE-2021-37413
RESERVED
CVE-2021-37412 (The TechRadar app 1.1 for Confluence Server allows XSS via the Title f ...)
- TODO: check
+ NOT-FOR-US: TechRadar app for Confluence Server
CVE-2021-37411
RESERVED
CVE-2021-3665
@@ -9747,53 +9747,53 @@ CVE-2021-36976 (libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_stri
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32375
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libarchive/OSV-2021-557.yaml
CVE-2021-36975 (Win32k Elevation of Privilege Vulnerability This CVE ID is unique from ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36974 (Windows SMB Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36973 (Windows Redirected Drive Buffering System Elevation of Privilege Vulne ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36972 (Windows SMB Information Disclosure Vulnerability This CVE ID is unique ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36971
RESERVED
CVE-2021-36970
RESERVED
CVE-2021-36969 (Windows Redirected Drive Buffering SubSystem Driver Information Disclo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36968 (Windows DNS Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36967 (Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36966 (Windows Subsystem for Linux Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36965 (Windows WLAN AutoConfig Service Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36964 (Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36963 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36962 (Windows Installer Information Disclosure Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36961 (Windows Installer Denial of Service Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36960 (Windows SMB Information Disclosure Vulnerability This CVE ID is unique ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36959 (Windows Authenticode Spoofing Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36958 (Windows Print Spooler Remote Code Execution Vulnerability This CVE ID ...)
NOT-FOR-US: Microsoft
CVE-2021-36957
RESERVED
CVE-2021-36956 (Azure Sphere Information Disclosure Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36955 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36954 (Windows Bind Filter Driver Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36953
RESERVED
CVE-2021-36952 (Visual Studio Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36951
RESERVED
CVE-2021-36950 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerabilit ...)
@@ -34057,11 +34057,11 @@ CVE-2021-27048 (HEVC Video Extensions Remote Code Execution Vulnerability This C
CVE-2021-27047 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
NOT-FOR-US: Microsoft
CVE-2021-27046 (A Memory Corruption vulnerability for PDF files in Autodesk Navisworks ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2021-27045 (A maliciously crafted PDF file in Autodesk Navisworks 2019, 2020, 2021 ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2021-27044 (A Out-Of-Bounds Read/Write Vulnerability in Autodesk FBX Review versio ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2021-27043 (An Arbitrary Address Write issue in the Autodesk DWG application can a ...)
NOT-FOR-US: Autodesk
CVE-2021-27042 (A maliciously crafted DWG file can be used to write beyond the allocat ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7ec1611fe20816c4761c6c6a4644c71566966d3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7ec1611fe20816c4761c6c6a4644c71566966d3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210915/e02ca99c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list