[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed Jan 5 20:35:04 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6c0578eb by Salvatore Bonaccorso at 2022-01-05T21:34:41+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -65180,17 +65180,17 @@ CVE-2021-21879 (A directory traversal vulnerability exists in the Web Manager Fi
 CVE-2021-21878 (A local file inclusion vulnerability exists in the Web Manager Applica ...)
 	NOT-FOR-US: antronix PremierWave
 CVE-2021-21877 (Specially-crafted HTTP requests can lead to arbitrary command executio ...)
-	TODO: check
+	NOT-FOR-US: Lantronix
 CVE-2021-21876 (Specially-crafted HTTP requests can lead to arbitrary command executio ...)
-	TODO: check
+	NOT-FOR-US: Lantronix
 CVE-2021-21875 (A specially-crafted HTTP request can lead to arbitrary command executi ...)
-	TODO: check
+	NOT-FOR-US: Lantronix
 CVE-2021-21874 (A specially-crafted HTTP request can lead to arbitrary command executi ...)
-	TODO: check
+	NOT-FOR-US: Lantronix
 CVE-2021-21873 (A specially-crafted HTTP request can lead to arbitrary command executi ...)
-	TODO: check
+	NOT-FOR-US: Lantronix
 CVE-2021-21872 (An OS command injection vulnerability exists in the Web Manager Diagno ...)
-	TODO: check
+	NOT-FOR-US: Lantronix
 CVE-2021-21871 (A memory corruption vulnerability exists in the DMG File Format Handle ...)
 	NOT-FOR-US: PowerISO
 CVE-2021-21870 (A use-after-free vulnerability exists in the JavaScript engine of Foxi ...)
@@ -71295,9 +71295,9 @@ CVE-2021-20150 (Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses
 CVE-2021-20149 (Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient ac ...)
 	NOT-FOR-US: Trendnet
 CVE-2021-20148 (ManageEngine ADSelfService Plus below build 6116 stores the password p ...)
-	TODO: check
+	NOT-FOR-US: ManageEngine
 CVE-2021-20147 (ManageEngine ADSelfService Plus below build 6116 contains an observabl ...)
-	TODO: check
+	NOT-FOR-US: ManageEngine
 CVE-2021-20146 (An unprotected ssh private key exists on the Gryphon devices which cou ...)
 	NOT-FOR-US: Gryphon Tower routers
 CVE-2021-20145 (Gryphon Tower routers contain an unprotected openvpn configuration fil ...)
@@ -71323,11 +71323,11 @@ CVE-2021-20136 (ManageEngine Log360 Builds < 5235 are affected by an improper
 CVE-2021-20135 (Nessus versions 8.15.2 and earlier were found to contain a local privi ...)
 	NOT-FOR-US: Nessus
 CVE-2021-20134 (Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2021-20133 (Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2021-20132 (Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2021-20131 (ManageEngine ADManager Plus Build 7111 contains a post-authentication  ...)
 	NOT-FOR-US: ManageEngine ADManager Plus
 CVE-2021-20130 (ManageEngine ADManager Plus Build 7111 contains a post-authentication  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c0578eba8232fee4f238869043d68e796135ace

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c0578eba8232fee4f238869043d68e796135ace
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220105/427f54d1/attachment.htm>
