[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Sep 17 21:27:02 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
043ddf97 by Salvatore Bonaccorso at 2021-09-17T22:26:02+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -107,7 +107,7 @@ CVE-2021-41328
 CVE-2021-41327
 	RESERVED
 CVE-2021-41326 (In MISP before 2.4.148, app/Lib/Export/OpendataExport.php mishandles p ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2021-41325
 	RESERVED
 CVE-2021-41324
@@ -125,11 +125,11 @@ CVE-2021-41319
 CVE-2021-41318
 	RESERVED
 CVE-2021-41317 (XSS Hunter Express before 2021-09-17 does not properly enforce authent ...)
-	TODO: check
+	NOT-FOR-US: XSS Hunter Express
 CVE-2021-41316 (The Device42 Main Appliance before 17.05.01 does not sanitize user inp ...)
-	TODO: check
+	NOT-FOR-US: Device42 Main Appliance
 CVE-2021-41315 (The Device42 Remote Collector before 17.05.01 does not sanitize user i ...)
-	TODO: check
+	NOT-FOR-US: Device42 Remote Collector
 CVE-2021-3815
 	RESERVED
 CVE-2021-3814
@@ -1188,7 +1188,7 @@ CVE-2021-40827
 CVE-2021-40826
 	RESERVED
 CVE-2021-40825 (nLight ECLYPSE (nECY) system Controllers running software prior to 1.1 ...)
-	TODO: check
+	NOT-FOR-US: nLight ECLYPSE (nECY) system Controllers
 CVE-2021-40824 (A logic error in the room key sharing functionality of Element Android ...)
 	NOT-FOR-US: matrix-android-sdk2
 CVE-2021-40823 (A logic error in the room key sharing functionality of matrix-js-sdk ( ...)
@@ -4525,7 +4525,7 @@ CVE-2021-39329
 CVE-2021-39328
 	RESERVED
 CVE-2021-39327 (The BulletProof Security WordPress plugin is vulnerable to sensitive i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-39326
 	RESERVED
 CVE-2021-39325
@@ -6686,7 +6686,7 @@ CVE-2021-38414
 CVE-2021-38413
 	RESERVED
 CVE-2021-38412 (Properly formatted POST requests to multiple resources on the HTTP and ...)
-	TODO: check
+	NOT-FOR-US: Digi PortServer TS
 CVE-2021-38411
 	RESERVED
 CVE-2021-38410
@@ -6698,15 +6698,15 @@ CVE-2021-38408 (A stack-based buffer overflow vulnerability in Advantech WebAcce
 CVE-2021-38407
 	RESERVED
 CVE-2021-38406 (Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper va ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronic
 CVE-2021-38405
 	RESERVED
 CVE-2021-38404 (Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper va ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronic
 CVE-2021-38403
 	RESERVED
 CVE-2021-38402 (Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper va ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronic
 CVE-2021-38401
 	RESERVED
 CVE-2021-38400
@@ -6937,7 +6937,7 @@ CVE-2021-38306 (Network Attached Storage on LG N1T1*** 10124 devices allows an u
 CVE-2021-38305 (23andMe Yamale before 3.0.8 allows remote attackers to execute arbitra ...)
 	NOT-FOR-US: 23andMe Yamale
 CVE-2021-38304 (Improper input validation in the National Instruments NI-PAL driver in ...)
-	TODO: check
+	NOT-FOR-US: National Instruments NI-PAL driver
 CVE-2021-38303
 	RESERVED
 CVE-2021-38302 (The Newsletter extension through 4.0.0 for TYPO3 allows SQL Injection. ...)
@@ -22275,13 +22275,13 @@ CVE-2021-31847
 CVE-2021-31846
 	RESERVED
 CVE-2021-31845 (A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) D ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2021-31844 (A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) E ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2021-31843 (Improper privileges management vulnerability in McAfee Endpoint Securi ...)
 	TODO: check
 CVE-2021-31842 (XML Entity Expansion injection vulnerability in McAfee Endpoint Securi ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2021-31841
 	RESERVED
 CVE-2021-31840 (A vulnerability in the preloading mechanism of specific dynamic link l ...)
@@ -100605,7 +100605,7 @@ CVE-2020-12082 (A stored cross-site scripting issue impacts certain areas of the
 CVE-2020-12081 (An information disclosure vulnerability has been identified in FlexNet ...)
 	NOT-FOR-US: FlexNet Publisher lmadmin.exe
 CVE-2020-12080 (A Denial of Service vulnerability has been identified in FlexNet Publi ...)
-	TODO: check
+	NOT-FOR-US: FlexNet
 CVE-2019-20788 (libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCurso ...)
 	{DLA-2146-1}
 	- libvncserver 0.9.12+dfsg-9 (bug #954163)
@@ -165510,7 +165510,7 @@ CVE-2019-9062 (PHP Scripts Mall Online Food Ordering Script 1.0 has Cross-Site R
 CVE-2019-9061 (An issue was discovered in CMS Made Simple 2.2.8. In the module Module ...)
 	NOT-FOR-US: CMS Made Simple
 CVE-2019-9060 (An issue was discovered in CMS Made Simple 2.2.8. It is possible to ac ...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simple
 CVE-2019-9059 (An issue was discovered in CMS Made Simple 2.2.8. It is possible, with ...)
 	NOT-FOR-US: CMS Made Simple
 CVE-2019-9058 (An issue was discovered in CMS Made Simple 2.2.8. In the administrator ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/043ddf97d91b827bf498e1df0265256b5239a684

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/043ddf97d91b827bf498e1df0265256b5239a684
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210917/f3dc80fb/attachment.htm>

More information about the debian-security-tracker-commits mailing list