[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jan 7 09:50:50 GMT 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0798b5f8 by Salvatore Bonaccorso at 2022-01-07T10:50:23+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6263,7 +6263,7 @@ CVE-2021-44566
 CVE-2021-44565
 	RESERVED
 CVE-2021-44564 (A security vulnerability originally reported in the SYNC2101 product,  ...)
-	TODO: check
+	NOT-FOR-US: SYNC2101
 CVE-2021-44563
 	RESERVED
 CVE-2021-44562
@@ -12849,7 +12849,7 @@ CVE-2021-42843
 CVE-2021-42842
 	RESERVED
 CVE-2021-42841 (Insta HMS before 12.4.10 is vulnerable to XSS because of improper vali ...)
-	TODO: check
+	NOT-FOR-US: Insta HMS
 CVE-2021-42840 (SuiteCRM before 7.11.19 allows remote code execution via the system se ...)
 	NOT-FOR-US: SuiteCRM
 CVE-2021-42839 (Grand Vice info Co. webopac7 file upload function fails to filter spec ...)
@@ -20981,51 +20981,51 @@ CVE-2021-39990 (The screen lock module has a Stack-based Buffer Overflow vulnera
 CVE-2021-39989 (The HwNearbyMain module has a Exposure of Sensitive Information to an  ...)
 	TODO: check
 CVE-2021-39988 (The HwNearbyMain module has a NULL Pointer Dereference vulnerability.S ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-39987 (The HwNearbyMain module has a Data Processing Errors vulnerability.Suc ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-39986
 	RESERVED
 CVE-2021-39985 (The HwNearbyMain module has a Improper Validation of Array Index vulne ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-39984 (Huawei idap module has a Out-of-bounds Read vulnerability.Successful e ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-39983 (The HwNearbyMain module has a Data Processing Errors vulnerability.Suc ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-39982 (Phone Manager application has a Improper Privilege Management vulnerab ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-39981 (Chang Lian application has a vulnerability which can be maliciously ex ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-39980 (Telephony application has a Exposure of Sensitive Information to an Un ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-39979 (HHEE system has a Code Injection vulnerability.Successful exploitation ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-39978 (Telephony application has a SQL Injection vulnerability.Successful exp ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-39977 (The HwNearbyMain module has a NULL Pointer Dereference vulnerability.S ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-39976 (There is a privilege escalation vulnerability in CloudEngine 5800 V200 ...)
 	NOT-FOR-US: Huawei
 CVE-2021-39975 (Hilinksvc has a Data Processing Errors vulnerability.Successful exploi ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-39974 (There is an Out-of-bounds read in Smartphones.Successful exploitation  ...)
 	NOT-FOR-US: Huawei
 CVE-2021-39973 (There is a Null pointer dereference in Smartphones.Successful exploita ...)
 	NOT-FOR-US: Huawei
 CVE-2021-39972 (MyHuawei-App has a Exposure of Sensitive Information to an Unauthorize ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-39971 (Password vault has a External Control of System or Configuration Setti ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-39970 (HwPCAssistant has a Improper Input Validation vulnerability.Successful ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-39969 (There is an Unauthorized file access vulnerability in Smartphones.Succ ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-39968 (Changlian Blocklist has a Business Logic Errors vulnerability .Success ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-39967 (There is a Vulnerability of obtaining broadcast information improperly ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-39966 (There is an Uninitialized AOD driver structure in Smartphones.Successf ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-39965
 	RESERVED
 CVE-2021-39964
@@ -24117,7 +24117,7 @@ CVE-2021-38676
 CVE-2021-38675 (A cross-site scripting (XSS) vulnerability has been reported to affect ...)
 	NOT-FOR-US: QNAP
 CVE-2021-38674 (A cross-site scripting (XSS) vulnerability has been reported to affect ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2021-3706 (adminlte is vulnerable to Sensitive Cookie Without 'HttpOnly' Flag ...)
 	NOT-FOR-US: adminlte
 CVE-2021-38673
@@ -28013,7 +28013,7 @@ CVE-2021-37136 (The Bzip2 decompression decoder function doesn't allow setting s
 CVE-2021-37135
 	RESERVED
 CVE-2021-37134 (Location-related APIs exists a Race Condition vulnerability.Successful ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-37133 (There is an Unauthorized file access vulnerability in Smartphones.Succ ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37132 (PackageManagerService has a Permissions, Privileges, and Access Contro ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0798b5f8a830f87447e106682437e9cfcb944606

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0798b5f8a830f87447e106682437e9cfcb944606
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220107/91cea00d/attachment.htm>


More information about the debian-security-tracker-commits mailing list