Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a6bccdc3 by Salvatore Bonaccorso at 2021-02-15T21:40:49+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -53,7 +53,7 @@ CVE-2021-XXXX [several security fixes: PHP injections, XSS
and secrets stored in
- spip 3.2.9-1
TODO: needs possibly CVE requests for individual issues
CVE-2021-27201 (Endian Firewall Community (aka EFW) 3.3.2 allows remote
authenticated ...)
- TODO: check
+ NOT-FOR-US: Endian Firewall Community (aka EFW)
CVE-2021-27200
RESERVED
CVE-2021-27199
@@ -4683,13 +4683,13 @@ CVE-2021-25301
CVE-2021-25300
RESERVED
CVE-2021-25299 (Nagios XI version xi-5.7.5 is affected by cross-site scripting
(XSS). ...)
- TODO: check
+ NOT-FOR-US: Nagios XI
CVE-2021-25298 (Nagios XI version xi-5.7.5 is affected by OS command
injection. The vu ...)
- TODO: check
+ NOT-FOR-US: Nagios XI
CVE-2021-25297 (Nagios XI version xi-5.7.5 is affected by OS command
injection. The vu ...)
- TODO: check
+ NOT-FOR-US: Nagios XI
CVE-2021-25296 (Nagios XI version xi-5.7.5 is affected by OS command
injection. The vu ...)
- TODO: check
+ NOT-FOR-US: Nagios XI
CVE-2021-25295 (OpenCATS through 0.9.5-3 has multiple Cross-site Scripting
(XSS) issue ...)
NOT-FOR-US: OpenCATS
CVE-2021-25294 (OpenCATS through 0.9.5-3 unsafely deserializes
index.php?m=activity re ...)
@@ -13699,7 +13699,7 @@ CVE-2020-35777 (NETGEAR DGN2200v1 devices before
v1.0.0.58 are affected by comma
CVE-2020-35776
RESERVED
CVE-2020-35775 (CITSmart before 9.1.2.23 allows LDAP Injection. ...)
- TODO: check
+ NOT-FOR-US: CITSmart
CVE-2020-35774 (server/handler/HistogramQueryHandler.scala in Twitter
TwitterServer (a ...)
NOT-FOR-US: Twitter TwitterServer
CVE-2020-35773 (The site-offline plugin before 1.4.4 for WordPress lacks
certain wp_cr ...)
@@ -34785,7 +34785,7 @@ CVE-2020-24901 (The default installation of Krpano
Panorama Viewer version <=
CVE-2020-24900 (The default installation of Krpano Panorama Viewer version
<=1.20.8 ...)
NOT-FOR-US: Krpano Panorama Viewer
CVE-2020-24899 (Nagios XI 5.7.2 is affected by a remote code execution (RCE)
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Nagios XI
CVE-2020-24898 (The Table Filter and Charts for Confluence Server app before
5.3.26 (f ...)
NOT-FOR-US: Confluence Server app for Atlassian Confluence
CVE-2020-24897 (The Table Filter and Charts for Confluence Server app before
5.3.25 (f ...)
@@ -34910,7 +34910,7 @@ CVE-2020-24844
CVE-2020-24843
RESERVED
CVE-2020-24842 (PNPSCADA 2.200816204020 allows cross-site scripting (XSS),
which can e ...)
- TODO: check
+ NOT-FOR-US: PNPSCADA
CVE-2020-24841
RESERVED
CVE-2020-24840
@@ -39912,7 +39912,7 @@ CVE-2020-22429
CVE-2020-22428
RESERVED
CVE-2020-22427 (NagiosXI 5.6.11 is affected by a remote code execution (RCE)
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Nagios XI
CVE-2020-22426
RESERVED
CVE-2020-22425 (Centreon 19.10-3.el7 is affected by a SQL injection
vulnerability, whe ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a6bccdc3e5df79e5099ffb47833b1d74e06d9133
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a6bccdc3e5df79e5099ffb47833b1d74e06d9133
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
