[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Sep 22 21:20:40 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e53c9d4e by Salvatore Bonaccorso at 2021-09-22T22:20:15+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1191,7 +1191,7 @@ CVE-2021-41013
CVE-2021-41012
RESERVED
CVE-2021-41011 (LINE client for iOS before 11.15.0 might expose authentication informa ...)
- TODO: check
+ NOT-FOR-US: LINE client for iOS
CVE-2021-41010
RESERVED
CVE-2021-41009
@@ -1465,7 +1465,7 @@ CVE-2021-40877
CVE-2021-40876
RESERVED
CVE-2021-40875 (Improper Access Control in Gurock TestRail versions < 7.2.0.3014 re ...)
- TODO: check
+ NOT-FOR-US: Gurock TestRail
CVE-2021-40874
RESERVED
CVE-2021-40873
@@ -1922,7 +1922,7 @@ CVE-2021-40686
CVE-2021-40685
RESERVED
CVE-2021-40684 (Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R ...)
- TODO: check
+ NOT-FOR-US: Talend ESB Runtime
CVE-2021-XXXX [jwe cbc tag computation error]
- rhonabwy 0.9.13-4 (bug #993866)
[bullseye] - rhonabwy <no-dsa> (Minor issue; can be fixed via point release)
@@ -4825,7 +4825,7 @@ CVE-2021-39406
CVE-2021-39405
RESERVED
CVE-2021-39404 (MaianAffiliate v1.0 allows an authenticated administrative user to sav ...)
- TODO: check
+ NOT-FOR-US: MaianAffiliate
CVE-2021-39403
RESERVED
CVE-2021-39402 (MaianAffiliate v.1.0 is suffers from code injection by adding a new pr ...)
@@ -4995,7 +4995,7 @@ CVE-2021-39341
CVE-2021-39340
RESERVED
CVE-2021-39339 (The Telefication WordPress plugin is vulnerable to Open Proxy and Serv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-39338
RESERVED
CVE-2021-39337
@@ -8442,11 +8442,11 @@ CVE-2021-37929
CVE-2021-37928
RESERVED
CVE-2021-37927 (Zoho ManageEngine ADManager Plus version 7110 and prior allows account ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine ADManager Plus
CVE-2021-37926
RESERVED
CVE-2021-37925 (Zoho ManageEngine ADManager Plus version 7110 and prior has a Post-Aut ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine ADManager Plus
CVE-2021-37924
RESERVED
CVE-2021-37923
@@ -12164,7 +12164,7 @@ CVE-2021-36262
CVE-2021-36261
RESERVED
CVE-2021-36260 (A command injection vulnerability in the web server of some Hikvision ...)
- TODO: check
+ NOT-FOR-US: Hikvision
CVE-2021-36259
RESERVED
CVE-2021-36258
@@ -15944,9 +15944,9 @@ CVE-2021-34650 (The eID Easy WordPress plugin is vulnerable to Reflected Cross-S
CVE-2021-34649 (The Simple Behance Portfolio WordPress plugin is vulnerable to Reflect ...)
NOT-FOR-US: WordPress plugin
CVE-2021-34648 (The Ninja Forms WordPress plugin is vulnerable to arbitrary email send ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-34647 (The Ninja Forms WordPress plugin is vulnerable to sensitive informatio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-34646 (Versions up to, and including, 5.4.3, of the Booster for WooCommerce W ...)
NOT-FOR-US: WordPress plugin
CVE-2021-34645 (The Shopping Cart & eCommerce Store WordPress plugin is vulnerable ...)
@@ -22885,7 +22885,7 @@ CVE-2021-31849
CVE-2021-31848
RESERVED
CVE-2021-31847 (Improper access control vulnerability in the repair process for McAfee ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2021-31846
RESERVED
CVE-2021-31845 (A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) D ...)
@@ -22897,7 +22897,7 @@ CVE-2021-31843 (Improper privileges management vulnerability in McAfee Endpoint
CVE-2021-31842 (XML Entity Expansion injection vulnerability in McAfee Endpoint Securi ...)
NOT-FOR-US: McAfee
CVE-2021-31841 (A DLL sideloading vulnerability in McAfee Agent for Windows prior to 5 ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2021-31840 (A vulnerability in the preloading mechanism of specific dynamic link l ...)
NOT-FOR-US: McAfee
CVE-2021-31839 (Improper privilege management vulnerability in McAfee Agent for Window ...)
@@ -22907,7 +22907,7 @@ CVE-2021-31838 (A command injection vulnerability in MVISION EDR (MVEDR) prior t
CVE-2021-31837 (Memory corruption vulnerability in the driver file component in McAfee ...)
NOT-FOR-US: McAfee
CVE-2021-31836 (Improper privilege management vulnerability in maconfig for McAfee Age ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2021-31835
RESERVED
CVE-2021-31834
@@ -46952,9 +46952,9 @@ CVE-2021-21994 (SFCB (Small Footprint CIM Broker) as used in ESXi has an authent
CVE-2021-21993
RESERVED
CVE-2021-21992 (The vCenter Server contains a denial-of-service vulnerability due to i ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2021-21991 (The vCenter Server contains a local privilege escalation vulnerability ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2021-21990 (VMware Workspace one UEM console (2102 prior to 21.2.0.8, 2101 prior t ...)
NOT-FOR-US: VMware
CVE-2021-21989 (VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windo ...)
@@ -173503,7 +173503,7 @@ CVE-2019-6290 (An infinite recursion issue was discovered in eval.c in Netwide A
CVE-2019-6289 (uploads/include/dialog/select_soft.php in DedeCMS V57_UTF8_SP2 allows ...)
NOT-FOR-US: DedeCMS
CVE-2019-6288 (Edgecore ECS2020 Firmware 1.0.0.0 devices allow Unauthenticated Comman ...)
- TODO: check
+ NOT-FOR-US: Edgecore ECS2020 Firmware
CVE-2019-6287 (In Rancher 2.0.0 through 2.1.5, project members have continued access ...)
NOT-FOR-US: Rancher
CVE-2019-6286 (In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelex ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e53c9d4e83c692185110036c587aba8f1ba0901e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e53c9d4e83c692185110036c587aba8f1ba0901e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210922/81d7ae92/attachment.htm>
More information about the debian-security-tracker-commits
mailing list