Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 37690bb6 by Salvatore Bonaccorso at 2021-03-02T09:55:50+01:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,5 +1,5 @@ CVE-2021-27904 (An issue was discovered in app/Model/SharingGroupServer.php in MISP 2. ...) - TODO: check + NOT-FOR-US: MISP CVE-2021-27903 RESERVED CVE-2021-27902 @@ -31,11 +31,11 @@ CVE-2021-27890 CVE-2021-27889 RESERVED CVE-2021-27888 (ZendTo before 6.06-4 Beta allows XSS during the display of a drop-off ...) - TODO: check + NOT-FOR-US: ZendTo CVE-2021-27887 RESERVED CVE-2021-27886 (rakibtg Docker Dashboard before 2021-02-28 allows command injection in ...) - TODO: check + NOT-FOR-US: rakibtg Docker Dashboard CVE-2021-27885 RESERVED CVE-2021-27884 (Weak JSON Web Token (JWT) signing secret generation in YMFE YApi throu ...) @@ -51,11 +51,11 @@ CVE-2021-27880 CVE-2021-27879 RESERVED CVE-2021-27878 (An issue was discovered in Veritas Backup Exec before 21.2. The commun ...) - TODO: check + NOT-FOR-US: Veritas CVE-2021-27877 (An issue was discovered in Veritas Backup Exec before 21.2. It support ...) - TODO: check + NOT-FOR-US: Veritas CVE-2021-27876 (An issue was discovered in Veritas Backup Exec before 21.2. The commun ...) - TODO: check + NOT-FOR-US: Veritas CVE-2021-3419 [net: rtl8139: stack-based buffer overflow induced by infinite recursion issue] RESERVED - qemu <unfixed> @@ -368,9 +368,9 @@ CVE-2021-27733 CVE-2021-27732 RESERVED CVE-2021-27731 (Accellion FTA 9_12_432 and earlier is affected by stored XSS via a cra ...) - TODO: check + NOT-FOR-US: Accellion FTA CVE-2021-27730 (Accellion FTA 9_12_432 and earlier is affected by argument injection v ...) - TODO: check + NOT-FOR-US: Accellion FTA CVE-2021-27729 RESERVED CVE-2021-27728 @@ -1251,9 +1251,9 @@ CVE-2021-27320 CVE-2021-27319 RESERVED CVE-2021-27318 (Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Ap ...) - TODO: check + NOT-FOR-US: Doctor Appointment System CVE-2021-27317 (Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Ap ...) - TODO: check + NOT-FOR-US: Doctor Appointment System CVE-2021-27316 RESERVED CVE-2021-27315 @@ -2632,11 +2632,11 @@ CVE-2021-26706 CVE-2021-26705 RESERVED CVE-2021-26704 (EPrints 3.4.2 allows remote attackers to execute arbitrary commands vi ...) - TODO: check + NOT-FOR-US: EPrints CVE-2021-26703 (EPrints 3.4.2 allows remote attackers to read arbitrary files and poss ...) - TODO: check + NOT-FOR-US: EPrints CVE-2021-26702 (EPrints 3.4.2 exposes a reflected XSS opportunity in the dataset param ...) - TODO: check + NOT-FOR-US: EPrints CVE-2021-26701 (.NET Core Remote Code Execution Vulnerability This CVE ID is unique fr ...) NOT-FOR-US: Microsoft CVE-2021-26700 (Visual Studio Code npm-script Extension Remote Code Execution Vulnerab ...) @@ -3233,9 +3233,9 @@ CVE-2021-26478 CVE-2021-26477 RESERVED CVE-2021-26476 (EPrints 3.4.2 allows remote attackers to execute OS commands via craft ...) - TODO: check + NOT-FOR-US: EPrints CVE-2021-26475 (EPrints 3.4.2 exposes a reflected XSS opportunity in the via a cgi/cal ...) - TODO: check + NOT-FOR-US: EPrints CVE-2021-26474 RESERVED CVE-2021-26473 @@ -3598,7 +3598,7 @@ CVE-2021-3347 (An issue was discovered in the Linux kernel through 5.10.11. PI f CVE-2021-3343 RESERVED CVE-2021-3342 (EPrints 3.4.2 allows remote attackers to read arbitrary files and poss ...) - TODO: check + NOT-FOR-US: EPrints CVE-2021-3341 (A path traversal vulnerability in the DxWebEngine component of DH2i Dx ...) NOT-FOR-US: DH2i DxEnterprise and DxOdyssey for Windows CVE-2021-3340 (A cross-site scripting (XSS) vulnerability in many forms of Wikindx be ...) @@ -3652,7 +3652,7 @@ CVE-2021-26295 CVE-2021-3333 (Opmantek Open-AudIT 4.0.1 is affected by cross-site scripting (XSS). W ...) NOT-FOR-US: Open-AudIT CVE-2021-3332 (WPS Hide Login 1.6.1 allows remote attackers to bypass a protection me ...) - TODO: check + NOT-FOR-US: WPS Hide Logi CVE-2021-3331 (WinSCP before 5.17.10 allows remote attackers to execute arbitrary pro ...) NOT-FOR-US: WinSCP CVE-2021-3330 @@ -6148,13 +6148,13 @@ CVE-2021-25311 (condor_credd in HTCondor before 8.9.11 allows Directory Traversa CVE-2021-25310 (** UNSUPPORTED WHEN ASSIGNED ** The administration web interface on Be ...) NOT-FOR-US: Belkin Linksys WRT160NL devices CVE-2021-25309 (The telnet administrator service running on port 650 on Gigaset DX600A ...) - TODO: check + NOT-FOR-US: Gigaset devices CVE-2021-25308 RESERVED CVE-2021-25307 RESERVED CVE-2021-25306 (A buffer overflow vulnerability in the AT command interface of Gigaset ...) - TODO: check + NOT-FOR-US: Gigaset devices CVE-2021-3174 RESERVED CVE-2021-25305 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37690bb61b9855484c5f95dcd173368592935a13 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37690bb61b9855484c5f95dcd173368592935a13 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits