Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: a6bccdc3 by Salvatore Bonaccorso at 2021-02-15T21:40:49+01:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -53,7 +53,7 @@ CVE-2021-XXXX [several security fixes: PHP injections, XSS and secrets stored in - spip 3.2.9-1 TODO: needs possibly CVE requests for individual issues CVE-2021-27201 (Endian Firewall Community (aka EFW) 3.3.2 allows remote authenticated ...) - TODO: check + NOT-FOR-US: Endian Firewall Community (aka EFW) CVE-2021-27200 RESERVED CVE-2021-27199 @@ -4683,13 +4683,13 @@ CVE-2021-25301 CVE-2021-25300 RESERVED CVE-2021-25299 (Nagios XI version xi-5.7.5 is affected by cross-site scripting (XSS). ...) - TODO: check + NOT-FOR-US: Nagios XI CVE-2021-25298 (Nagios XI version xi-5.7.5 is affected by OS command injection. The vu ...) - TODO: check + NOT-FOR-US: Nagios XI CVE-2021-25297 (Nagios XI version xi-5.7.5 is affected by OS command injection. The vu ...) - TODO: check + NOT-FOR-US: Nagios XI CVE-2021-25296 (Nagios XI version xi-5.7.5 is affected by OS command injection. The vu ...) - TODO: check + NOT-FOR-US: Nagios XI CVE-2021-25295 (OpenCATS through 0.9.5-3 has multiple Cross-site Scripting (XSS) issue ...) NOT-FOR-US: OpenCATS CVE-2021-25294 (OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity re ...) @@ -13699,7 +13699,7 @@ CVE-2020-35777 (NETGEAR DGN2200v1 devices before v1.0.0.58 are affected by comma CVE-2020-35776 RESERVED CVE-2020-35775 (CITSmart before 9.1.2.23 allows LDAP Injection. ...) - TODO: check + NOT-FOR-US: CITSmart CVE-2020-35774 (server/handler/HistogramQueryHandler.scala in Twitter TwitterServer (a ...) NOT-FOR-US: Twitter TwitterServer CVE-2020-35773 (The site-offline plugin before 1.4.4 for WordPress lacks certain wp_cr ...) @@ -34785,7 +34785,7 @@ CVE-2020-24901 (The default installation of Krpano Panorama Viewer version <= CVE-2020-24900 (The default installation of Krpano Panorama Viewer version <=1.20.8 ...) NOT-FOR-US: Krpano Panorama Viewer CVE-2020-24899 (Nagios XI 5.7.2 is affected by a remote code execution (RCE) vulnerabi ...) - TODO: check + NOT-FOR-US: Nagios XI CVE-2020-24898 (The Table Filter and Charts for Confluence Server app before 5.3.26 (f ...) NOT-FOR-US: Confluence Server app for Atlassian Confluence CVE-2020-24897 (The Table Filter and Charts for Confluence Server app before 5.3.25 (f ...) @@ -34910,7 +34910,7 @@ CVE-2020-24844 CVE-2020-24843 RESERVED CVE-2020-24842 (PNPSCADA 2.200816204020 allows cross-site scripting (XSS), which can e ...) - TODO: check + NOT-FOR-US: PNPSCADA CVE-2020-24841 RESERVED CVE-2020-24840 @@ -39912,7 +39912,7 @@ CVE-2020-22429 CVE-2020-22428 RESERVED CVE-2020-22427 (NagiosXI 5.6.11 is affected by a remote code execution (RCE) vulnerabi ...) - TODO: check + NOT-FOR-US: Nagios XI CVE-2020-22426 RESERVED CVE-2020-22425 (Centreon 19.10-3.el7 is affected by a SQL injection vulnerability, whe ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a6bccdc3e5df79e5099ffb47833b1d74e06d9133 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a6bccdc3e5df79e5099ffb47833b1d74e06d9133 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits