[Git][security-tracker-team/security-tracker][master] Process some NFUs

Thu Sep 16 21:18:32 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
75e587a4 by Salvatore Bonaccorso at 2021-09-16T22:18:07+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1385,9 +1385,9 @@ CVE-2021-40672
 CVE-2021-40671
 	RESERVED
 CVE-2021-40670 (SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords ...)
-	TODO: check
+	NOT-FOR-US: Wuzhi CMS
 CVE-2021-40669 (SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords ...)
-	TODO: check
+	NOT-FOR-US: Wuzhi CMS
 CVE-2021-40668
 	RESERVED
 CVE-2021-40667
@@ -2806,9 +2806,9 @@ CVE-2021-40069
 CVE-2021-40068
 	RESERVED
 CVE-2021-40067 (The access controls on the Mobility read-write API improperly validate ...)
-	TODO: check
+	NOT-FOR-US: Mobility
 CVE-2021-40066 (The access controls on the Mobility read-only API improperly validate  ...)
-	TODO: check
+	NOT-FOR-US: Mobility
 CVE-2021-40065
 	RESERVED
 CVE-2021-40064
@@ -15348,17 +15348,17 @@ CVE-2021-34578 (This vulnerability allows an attacker who has access to the WBM
 CVE-2021-34577
 	RESERVED
 CVE-2021-34576 (In Kaden PICOFLUX Air in all known versions an information exposure th ...)
-	TODO: check
+	NOT-FOR-US: Kaden PICOFLUX Air
 CVE-2021-34575 (In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0  ...)
 	NOT-FOR-US: MB connect line
 CVE-2021-34574 (In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0  ...)
 	NOT-FOR-US: MB connect line
 CVE-2021-34573 (In Enbra EWM in Version 1.7.29 together with several tested wireless M ...)
-	TODO: check
+	NOT-FOR-US: Enbra EWM
 CVE-2021-34572 (Enbra EWM 1.7.29 does not check for or detect replay attacks sent by w ...)
-	TODO: check
+	NOT-FOR-US: Enbra EWM
 CVE-2021-34571 (Multiple Wireless M-Bus devices by Enbra use Hard-coded Credentials in ...)
-	TODO: check
+	NOT-FOR-US: Enbra
 CVE-2021-34570
 	RESERVED
 CVE-2021-34569
@@ -94875,7 +94875,7 @@ CVE-2020-14132
 CVE-2020-14131
 	RESERVED
 CVE-2020-14130 (Some js interfaces in the Xiaomi community were exposed, causing sensi ...)
-	TODO: check
+	NOT-FOR-US: Xiaomi
 CVE-2020-14129
 	RESERVED
 CVE-2020-14128
@@ -94897,7 +94897,7 @@ CVE-2020-14121
 CVE-2020-14120
 	RESERVED
 CVE-2020-14119 (There is command injection in the addMeshNode interface of xqnetwork.l ...)
-	TODO: check
+	NOT-FOR-US: Xiaomi
 CVE-2020-14118
 	RESERVED
 CVE-2020-14117
@@ -94917,7 +94917,7 @@ CVE-2020-14111
 CVE-2020-14110
 	RESERVED
 CVE-2020-14109 (There is command injection in the meshd program in the routing system, ...)
-	TODO: check
+	NOT-FOR-US: Xiaomi
 CVE-2020-14108
 	RESERVED
 CVE-2020-14107



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75e587a4babc41d49357b38807b9012f89e8779e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75e587a4babc41d49357b38807b9012f89e8779e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210916/fa952fcf/attachment.htm>
