[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Feb 13 19:24:04 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
abe392fa by Salvatore Bonaccorso at 2022-02-13T20:23:41+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -23,7 +23,7 @@ CVE-2022-0570 (Heap-based Buffer Overflow in Homebrew mruby prior to 3.2. ...)
NOTE: https://huntr.dev/bounties/65a7632e-f95b-4836-b1a7-9cb95e5124f1
NOTE: https://github.com/mruby/mruby/commit/38b164ace7d6ae1c367883a3d67d7f559783faad
CVE-2022-0569 (Exposure of Sensitive Information to an Unauthorized Actor in Packagis ...)
- TODO: check
+ NOT-FOR-US: snipe-it
CVE-2022-24975 (The --mirror documentation for Git through 2.35.1 does not mention the ...)
- git <unfixed> (unimportant)
NOTE: https://wwws.nightwatchcybersecurity.com/2022/02/11/gitbleed/
@@ -62,7 +62,7 @@ CVE-2022-0567
CVE-2022-0566
RESERVED
CVE-2022-0565 (Exposure of Sensitive Information to an Unauthorized Actor in Packagis ...)
- TODO: check
+ NOT-FOR-US: pimcore
CVE-2021-22590
RESERVED
CVE-2020-22592
@@ -165,7 +165,7 @@ CVE-2022-24911
CVE-2022-0564
RESERVED
CVE-2022-24916 (Optimism before @eth-optimism/l2geth at 0.5.11 allows economic griefing b ...)
- TODO: check
+ NOT-FOR-US: Optimism
CVE-2022-24908
RESERVED
CVE-2022-24907
@@ -5215,7 +5215,7 @@ CVE-2021-46357
CVE-2021-46356
RESERVED
CVE-2021-46355 (OCS Inventory 2.9.1 is affected by Cross Site Scripting (XSS). To expl ...)
- TODO: check
+ NOT-FOR-US: OCS Inventory (not the same as ocsinventory-server)
CVE-2021-46354 (Thinfinity VirtualUI 2.1.28.0, 2.1.32.1 and 2.5.26.2, fixed in version ...)
NOT-FOR-US: Thinfinity VirtualUI
CVE-2021-46353
@@ -23393,51 +23393,51 @@ CVE-2022-20048
CVE-2022-20047
RESERVED
CVE-2022-20046 (In Bluetooth, there is a possible memory corruption due to a logic err ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20045 (In Bluetooth, there is a possible service crash due to a use after fre ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20044 (In Bluetooth, there is a possible service crash due to a use after fre ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20043 (In Bluetooth, there is a possible escalation of privilege due to a mis ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20042 (In Bluetooth, there is a possible information disclosure due to incorr ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20041 (In Bluetooth, there is a possible escalation of privilege due to a mis ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20040 (In power_hal_manager_service, there is a possible permission bypass du ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20039 (In ccu driver, there is a possible memory corruption due to an integer ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20038 (In ccu driver, there is a possible memory corruption due to an incorre ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20037 (In ion driver, there is a possible information disclosure due to an in ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20036 (In ion driver, there is a possible information disclosure due to an in ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20035 (In vcu driver, there is a possible information disclosure due to a use ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20034 (In Preloader XFLASH, there is a possible escalation of privilege due t ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20033 (In camera driver, there is a possible out of bounds read due to an inc ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20032 (In vow driver, there is a possible memory corruption due to a race con ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20031 (In fb driver, there is a possible memory corruption due to a use after ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20030 (In vow driver, there is a possible out of bounds write due to a stack- ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20029 (In cmdq driver, there is a possible out of bounds read due to an incor ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20028 (In Bluetooth, there is a possible out of bounds write due to a missing ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20027 (In Bluetooth, there is a possible out of bounds write due to a missing ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20026 (In Bluetooth, there is a possible out of bounds write due to a missing ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20025 (In Bluetooth, there is a possible out of bounds write due to a missing ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20024 (In system service, there is a possible permission bypass due to a miss ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20023 (In Bluetooth, there is a possible application crash due to bluetooth f ...)
NOT-FOR-US: MediaTek
CVE-2022-20022 (In Bluetooth, there is a possible link disconnection due to bluetooth ...)
@@ -23451,7 +23451,7 @@ CVE-2022-20019 (In libMtkOmxGsmDec, there is a possible information disclosure d
CVE-2022-20018 (In seninf driver, there is a possible information disclosure due to un ...)
NOT-FOR-US: MediaTek
CVE-2022-20017 (In ion driver, there is a possible information disclosure due to an in ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-20016 (In vow driver, there is a possible memory corruption due to improper l ...)
NOT-FOR-US: MediaTek
CVE-2022-20015 (In kd_camera_hw driver, there is a possible information disclosure due ...)
@@ -24272,7 +24272,7 @@ CVE-2021-42002 (Zoho ManageEngine ADManager Plus before 7115 is vulnerable to a
CVE-2021-42001
RESERVED
CVE-2021-42000 (When a password reset or password change flow with an authentication p ...)
- TODO: check
+ NOT-FOR-US: pingidentity
CVE-2021-41999
RESERVED
CVE-2021-41998
@@ -26645,7 +26645,7 @@ CVE-2021-41042
CVE-2021-41041
RESERVED
CVE-2021-41040 (In Eclipse Wakaama, ever since its inception until 2021-01-14, the CoA ...)
- TODO: check
+ NOT-FOR-US: Eclipse Wakaama
CVE-2021-41039 (In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client conn ...)
- mosquitto <unfixed> (bug #1001028)
[buster] - mosquitto <not-affected> (Vulnerable code introduced later)
@@ -28305,13 +28305,13 @@ CVE-2021-40365
CVE-2021-40364 (A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier ...)
NOT-FOR-US: Siemens
CVE-2021-40363 (A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2021-40362
RESERVED
CVE-2021-40361
RESERVED
CVE-2021-40360 (A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2021-40359 (A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier ...)
NOT-FOR-US: Siemens
CVE-2021-40358 (A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier ...)
@@ -29125,9 +29125,9 @@ CVE-2021-40047
CVE-2021-40046
RESERVED
CVE-2021-40045 (There is a vulnerability of signature verification mechanism failure i ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-40044 (There is a permission verification vulnerability in the Bluetooth modu ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-40043
RESERVED
CVE-2021-40042 (There is a release of invalid pointer vulnerability in some Huawei pro ...)
@@ -29185,7 +29185,7 @@ CVE-2021-40017
CVE-2021-40016
RESERVED
CVE-2021-40015 (There is a race condition vulnerability in the binder driver subsystem ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-40014 (The bone voice ID trusted application (TA) has a heap overflow vulnera ...)
NOT-FOR-US: Huawei
CVE-2021-40013
@@ -29221,19 +29221,19 @@ CVE-2021-39999
CVE-2021-39998 (There is Vulnerability of APIs being concurrently called for multiple ...)
NOT-FOR-US: Huawei
CVE-2021-39997 (There is a vulnerability of unstrict input parameter verification in t ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-39996 (There is a Heap-based buffer overflow vulnerability with the NFC modul ...)
NOT-FOR-US: Huawei
CVE-2021-39995 (Some Huawei products use the OpenHpi software for hardware management. ...)
NOT-FOR-US: Huawei
CVE-2021-39994 (There is an arbitrary address access vulnerability with the product li ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-39993 (There is an Integer overflow vulnerability with ACPU in smartphones. S ...)
NOT-FOR-US: Huawei
CVE-2021-39992 (There is an improper security permission configuration vulnerability o ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-39991 (There is an unauthorized rewriting vulnerability with the memory acces ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-39990 (The screen lock module has a Stack-based Buffer Overflow vulnerability ...)
NOT-FOR-US: Huawei
CVE-2021-39989 (The HwNearbyMain module has a Exposure of Sensitive Information to an ...)
@@ -29243,7 +29243,7 @@ CVE-2021-39988 (The HwNearbyMain module has a NULL Pointer Dereference vulnerabi
CVE-2021-39987 (The HwNearbyMain module has a Data Processing Errors vulnerability.Suc ...)
NOT-FOR-US: Huawei
CVE-2021-39986 (There is an unauthorized rewriting vulnerability with the memory acces ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-39985 (The HwNearbyMain module has a Improper Validation of Array Index vulne ...)
NOT-FOR-US: Huawei
CVE-2021-39984 (Huawei idap module has a Out-of-bounds Read vulnerability.Successful e ...)
@@ -29881,7 +29881,7 @@ CVE-2021-39689
CVE-2021-39688 (In TBD of TBD, there is a possible out of bounds read due to TBD. This ...)
TODO: check
CVE-2021-39687 (In HandleTransactionIoEvent of actuator_driver.cc, there is a possible ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39686
RESERVED
CVE-2021-39685
@@ -29904,37 +29904,37 @@ CVE-2021-39679 (In init of vendor_graphicbuffer_meta.cpp, there is a possible us
CVE-2021-39678 (In <TBD> of <TBD>, there is a possible bypass of Factory R ...)
NOT-FOR-US: Pixel
CVE-2021-39677 (In startVideoStream() there is a possibility of an OOB Read in the hea ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39676 (In writeThrowable of AndroidFuture.java, there is a possible parcel se ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39675 (In GKI_getbuf of gki_buffer.cc, there is a possible out of bounds writ ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39674 (In btm_sec_connected and btm_sec_disconnected of btm_sec.cc file , the ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39673
RESERVED
CVE-2021-39672 (In fastboot, there is a possible secure boot bypass due to a configura ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39671 (In code generated by aidl_const_expressions.cpp, there is a possible o ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39670
RESERVED
CVE-2021-39669 (In onCreate of InstallCaCertificateWarning.java, there is a possible w ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39668 (In onActivityViewReady of DetailDialog.kt, there is a possible Intent ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39667
RESERVED
CVE-2021-39666 (In extract of MediaMetricsItem.h, there is a possible out of bounds re ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39665 (In checkSpsUpdated of AAVCAssembler.cpp, there is a possible out of bo ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39664 (In LoadedPackage::Load of LoadedArsc.cpp, there is a possible out of b ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39663 (In openFileAndEnforcePathPermissionsHelper of MediaProvider.java, ther ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39662 (In checkUriPermission of MediaProvider.java , there is a possible way ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39661
RESERVED
CVE-2021-39660
@@ -29942,7 +29942,7 @@ CVE-2021-39660
CVE-2021-39659 (In sortSimPhoneAccountsForEmergency of CreateConnectionProcessor.java, ...)
NOT-FOR-US: Android
CVE-2021-39658 (ismsEx service is a vendor service in unisoc equipment。ismsEx s ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39657 (In ufshcd_eh_device_reset_handler of ufshcd.c, there is a possible out ...)
- linux 5.10.12-1
[buster] - linux 4.19.171-1
@@ -30001,7 +30001,7 @@ CVE-2021-39636 (In do_ipt_get_ctl and do_ipt_set_ctl of ip_tables.c, there is a
- linux 4.16.5-1
NOTE: https://source.android.com/security/bulletin/pixel/2021-12-01
CVE-2021-39635 (ims_ex is a vendor system service used to manage VoLTE in unisoc devic ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39634 (In fs/eventpoll.c, there is a possible use after free. This could lead ...)
- linux 5.8.14-1
[buster] - linux 4.19.152-1
@@ -30018,7 +30018,7 @@ CVE-2021-39633 (In gre_handle_offloads of ip_gre.c, there is a possible page fau
CVE-2021-39632 (In inotify_cb of events.cpp, there is a possible out of bounds write d ...)
NOT-FOR-US: Android
CVE-2021-39631 (In clear_data_dlg_text of strings.xml, there is a possible situation w ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39630 (In executeRequest of OverlayManagerService.java, there is a possible w ...)
NOT-FOR-US: Android
CVE-2021-39629 (In phTmlNfc_Init and phTmlNfc_CleanUp of phTmlNfc.cc, there is a possi ...)
@@ -30042,13 +30042,13 @@ CVE-2021-39621 (In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java,
CVE-2021-39620 (In ipcSetDataReference of Parcel.cpp, there is a possible way to corru ...)
NOT-FOR-US: Android
CVE-2021-39619 (In updatePackageMappingsData of UsageStatsService.java, there is a pos ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39618 (In multiple methods of EuiccNotificationManager.java, there is a possi ...)
NOT-FOR-US: Android
CVE-2021-39617
RESERVED
CVE-2021-39616 (Summary:Product: AndroidVersions: Android SoCAndroid ID: A-204686438 ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-3733 [Denial of service when identifying crafted invalid RFCs]
RESERVED
{DLA-2808-1}
@@ -32369,7 +32369,7 @@ CVE-2021-38681 (A reflected cross-site scripting (XSS) vulnerability has been re
CVE-2021-38680 (A cross-site scripting (XSS) vulnerability has been reported to affect ...)
NOT-FOR-US: QNAP
CVE-2021-38679 (An improper authentication vulnerability has been reported to affect Q ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2021-38678 (An open redirect vulnerability has been reported to affect QNAP device ...)
NOT-FOR-US: QNAP
CVE-2021-38677 (A cross-site scripting (XSS) vulnerability has been reported to affect ...)
@@ -35309,7 +35309,7 @@ CVE-2021-37615 (Exiv2 is a command-line utility and C++ library for reading, wri
CVE-2021-37614 (In certain Progress MOVEit Transfer versions before 2021.0.3 (aka 13.0 ...)
NOT-FOR-US: MOVEit Transfer
CVE-2021-37613 (Stormshield Network Security (SNS) 1.0.0 through 4.2.3 allows a Denial ...)
- TODO: check
+ NOT-FOR-US: Stormshield Network Security (SNS)
CVE-2021-37612
RESERVED
CVE-2021-37611
@@ -36232,9 +36232,9 @@ CVE-2021-37207 (A vulnerability has been identified in SENTRON powermanager V3 (
CVE-2021-37206 (A vulnerability has been identified in SIPROTEC 5 relays with CPU vari ...)
NOT-FOR-US: Siemens
CVE-2021-37205 (A vulnerability has been identified in SIMATIC Drive Controller family ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2021-37204 (A vulnerability has been identified in SIMATIC Drive Controller family ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2021-37203 (A vulnerability has been identified in NX 1980 Series (All versions &l ...)
NOT-FOR-US: Siemens
CVE-2021-37202 (A vulnerability has been identified in NX 1980 Series (All versions &l ...)
@@ -36254,7 +36254,7 @@ CVE-2021-37196 (A vulnerability has been identified in COMOS V10.2 (All versions
CVE-2021-37195 (A vulnerability has been identified in COMOS V10.2 (All versions only ...)
NOT-FOR-US: Siemens
CVE-2021-37194 (A vulnerability has been identified in COMOS V10.2 (All versions only ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2021-37193 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
NOT-FOR-US: Siemens
CVE-2021-37192 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
@@ -36272,7 +36272,7 @@ CVE-2021-37187 (An issue was discovered on Digi TransPort devices through 2021-0
CVE-2021-37186 (A vulnerability has been identified in LOGO! CMR2020 (All versions < ...)
NOT-FOR-US: Siemens
CVE-2021-37185 (A vulnerability has been identified in SIMATIC Drive Controller family ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2021-37184 (A vulnerability has been identified in Industrial Edge Management (All ...)
NOT-FOR-US: Siemens
CVE-2021-37183 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
@@ -36467,7 +36467,7 @@ CVE-2021-37117 (There is a Service logic vulnerability in Smartphone.Successful
CVE-2021-37116 (PCManager has a Weaknesses Introduced During Design vulnerability .Suc ...)
NOT-FOR-US: Huawei
CVE-2021-37115 (There is an unauthorized rewriting vulnerability with the memory acces ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37114 (There is an Out-of-bounds read vulnerability in Smartphone.Successful ...)
NOT-FOR-US: Huawei
CVE-2021-37113 (There is a Privilege escalation vulnerability with the file system com ...)
@@ -36479,11 +36479,11 @@ CVE-2021-37111 (There is a Memory leakage vulnerability in Smartphone.Successful
CVE-2021-37110 (There is a Timing design defects in Smartphone.Successful exploitation ...)
NOT-FOR-US: Huawei
CVE-2021-37109 (There is a security protection bypass vulnerability with the modem.Suc ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37108
RESERVED
CVE-2021-37107 (There is an improper memory access permission configuration on ACPU.Su ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37106 (There is a command injection vulnerability in CMA service module of Fu ...)
NOT-FOR-US: FusionCompute (Huawei)
CVE-2021-37105 (There is an improper file upload control vulnerability in FusionComput ...)
@@ -43266,7 +43266,7 @@ CVE-2021-34237
CVE-2021-34236
RESERVED
CVE-2021-34235 (Tokheim Profleet DiaLOG 11.005.02 is affected by SQL Injection. The co ...)
- TODO: check
+ NOT-FOR-US: Tokheim Profleet DiaLOG
CVE-2021-34234
RESERVED
CVE-2021-34233
@@ -45900,7 +45900,7 @@ CVE-2021-33168
CVE-2021-33167
RESERVED
CVE-2021-33166 (Incorrect default permissions for the Intel(R) RXT for Chromebook appl ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-33165
RESERVED
CVE-2021-33164
@@ -45958,7 +45958,7 @@ CVE-2021-33139 (Improper conditions check in firmware for some Intel(R) Wireless
CVE-2021-33138
RESERVED
CVE-2021-33137 (Out-of-bounds write in the Intel(R) Kernelflinger project may allow an ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-33136
RESERVED
CVE-2021-33135
@@ -45974,7 +45974,7 @@ CVE-2021-33131
CVE-2021-33130
RESERVED
CVE-2021-33129 (Incorrect default permissions in the software installer for the Intel( ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-33128
RESERVED
CVE-2021-33127
@@ -45995,7 +45995,7 @@ CVE-2021-33120 (Out of bounds read under complex microarchitectural condition in
- intel-microcode <unfixed>
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00589.html
CVE-2021-33119 (Improper access control in the Intel(R) RealSense(TM) DCM before versi ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-33118 (Improper access control in the software installer for the Intel(R) Ser ...)
NOT-FOR-US: Intel
CVE-2021-33117
@@ -46003,11 +46003,11 @@ CVE-2021-33117
CVE-2021-33116
RESERVED
CVE-2021-33115 (Improper input validation for some Intel(R) PROSet/Wireless WiFi in UE ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-33114 (Improper input validation for some Intel(R) PROSet/Wireless WiFi in mu ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-33113 (Improper input validation for some Intel(R) PROSet/Wireless WiFi in mu ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-33112
RESERVED
CVE-2021-33111
@@ -46019,7 +46019,7 @@ CVE-2021-33109
CVE-2021-33108
RESERVED
CVE-2021-33107 (Insufficiently protected credentials in USB provisioning for Intel(R) ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-33106 (Integer overflow in the Safestring library maintained by Intel(R) may ...)
NOT-FOR-US: Intel
CVE-2021-33105 (Out-of-bounds read in some Intel(R) Core(TM) processors with Radeon(TM ...)
@@ -46031,7 +46031,7 @@ CVE-2021-33103
CVE-2021-33102
RESERVED
CVE-2021-33101 (Uncontrolled search path in the Intel(R) GPA software before version 2 ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-33100
RESERVED
CVE-2021-33099
@@ -46100,7 +46100,7 @@ CVE-2021-33070
CVE-2021-33069
RESERVED
CVE-2021-33068 (Null pointer dereference in subsystem for Intel(R) AMT before versions ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-33067
RESERVED
CVE-2021-33066
@@ -49060,7 +49060,7 @@ CVE-2021-31934 (OX App Suite 7.10.4 and earlier allows XSS via a crafted contact
CVE-2021-31933 (A remote code execution vulnerability exists in Chamilo through 1.11.1 ...)
NOT-FOR-US: Chamilo
CVE-2021-31932 (Nokia BTS TRS web console FTM_W20_FP2_2019.08.16_0010 allows Authentic ...)
- TODO: check
+ NOT-FOR-US: Nokia
CVE-2021-31931
RESERVED
CVE-2021-31930 (Persistent cross-site scripting (XSS) in the web interface of Concerto ...)
@@ -49528,7 +49528,7 @@ CVE-2021-3513
CVE-2021-31815 (GAEN (aka Google/Apple Exposure Notifications) through 2021-04-27 on A ...)
NOT-FOR-US: GAEN (aka Google/Apple Exposure Notifications)
CVE-2021-31814 (In Stormshield 1.1.0, and 2.1.0 through 2.9.0, an attacker can block a ...)
- TODO: check
+ NOT-FOR-US: Stormshield
CVE-2021-31813 (Zoho ManageEngine Applications Manager before 15130 is vulnerable to S ...)
NOT-FOR-US: Zoho
CVE-2021-31812 (In Apache PDFBox, a carefully crafted PDF file can trigger an infinite ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/abe392fa04da48bb1041a7974b32505d49c2564c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/abe392fa04da48bb1041a7974b32505d49c2564c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220213/726a97eb/attachment.htm>
More information about the debian-security-tracker-commits
mailing list