Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
37690bb6 by Salvatore Bonaccorso at 2021-03-02T09:55:50+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2021-27904 (An issue was discovered in app/Model/SharingGroupServer.php in
MISP 2. ...)
- TODO: check
+ NOT-FOR-US: MISP
CVE-2021-27903
RESERVED
CVE-2021-27902
@@ -31,11 +31,11 @@ CVE-2021-27890
CVE-2021-27889
RESERVED
CVE-2021-27888 (ZendTo before 6.06-4 Beta allows XSS during the display of a
drop-off ...)
- TODO: check
+ NOT-FOR-US: ZendTo
CVE-2021-27887
RESERVED
CVE-2021-27886 (rakibtg Docker Dashboard before 2021-02-28 allows command
injection in ...)
- TODO: check
+ NOT-FOR-US: rakibtg Docker Dashboard
CVE-2021-27885
RESERVED
CVE-2021-27884 (Weak JSON Web Token (JWT) signing secret generation in YMFE
YApi throu ...)
@@ -51,11 +51,11 @@ CVE-2021-27880
CVE-2021-27879
RESERVED
CVE-2021-27878 (An issue was discovered in Veritas Backup Exec before 21.2.
The commun ...)
- TODO: check
+ NOT-FOR-US: Veritas
CVE-2021-27877 (An issue was discovered in Veritas Backup Exec before 21.2. It
support ...)
- TODO: check
+ NOT-FOR-US: Veritas
CVE-2021-27876 (An issue was discovered in Veritas Backup Exec before 21.2.
The commun ...)
- TODO: check
+ NOT-FOR-US: Veritas
CVE-2021-3419 [net: rtl8139: stack-based buffer overflow induced by infinite
recursion issue]
RESERVED
- qemu <unfixed>
@@ -368,9 +368,9 @@ CVE-2021-27733
CVE-2021-27732
RESERVED
CVE-2021-27731 (Accellion FTA 9_12_432 and earlier is affected by stored XSS
via a cra ...)
- TODO: check
+ NOT-FOR-US: Accellion FTA
CVE-2021-27730 (Accellion FTA 9_12_432 and earlier is affected by argument
injection v ...)
- TODO: check
+ NOT-FOR-US: Accellion FTA
CVE-2021-27729
RESERVED
CVE-2021-27728
@@ -1251,9 +1251,9 @@ CVE-2021-27320
CVE-2021-27319
RESERVED
CVE-2021-27318 (Cross Site Scripting (XSS) vulnerability in contactus.php in
Doctor Ap ...)
- TODO: check
+ NOT-FOR-US: Doctor Appointment System
CVE-2021-27317 (Cross Site Scripting (XSS) vulnerability in contactus.php in
Doctor Ap ...)
- TODO: check
+ NOT-FOR-US: Doctor Appointment System
CVE-2021-27316
RESERVED
CVE-2021-27315
@@ -2632,11 +2632,11 @@ CVE-2021-26706
CVE-2021-26705
RESERVED
CVE-2021-26704 (EPrints 3.4.2 allows remote attackers to execute arbitrary
commands vi ...)
- TODO: check
+ NOT-FOR-US: EPrints
CVE-2021-26703 (EPrints 3.4.2 allows remote attackers to read arbitrary files
and poss ...)
- TODO: check
+ NOT-FOR-US: EPrints
CVE-2021-26702 (EPrints 3.4.2 exposes a reflected XSS opportunity in the
dataset param ...)
- TODO: check
+ NOT-FOR-US: EPrints
CVE-2021-26701 (.NET Core Remote Code Execution Vulnerability This CVE ID is
unique fr ...)
NOT-FOR-US: Microsoft
CVE-2021-26700 (Visual Studio Code npm-script Extension Remote Code Execution
Vulnerab ...)
@@ -3233,9 +3233,9 @@ CVE-2021-26478
CVE-2021-26477
RESERVED
CVE-2021-26476 (EPrints 3.4.2 allows remote attackers to execute OS commands
via craft ...)
- TODO: check
+ NOT-FOR-US: EPrints
CVE-2021-26475 (EPrints 3.4.2 exposes a reflected XSS opportunity in the via a
cgi/cal ...)
- TODO: check
+ NOT-FOR-US: EPrints
CVE-2021-26474
RESERVED
CVE-2021-26473
@@ -3598,7 +3598,7 @@ CVE-2021-3347 (An issue was discovered in the Linux
kernel through 5.10.11. PI f
CVE-2021-3343
RESERVED
CVE-2021-3342 (EPrints 3.4.2 allows remote attackers to read arbitrary files
and poss ...)
- TODO: check
+ NOT-FOR-US: EPrints
CVE-2021-3341 (A path traversal vulnerability in the DxWebEngine component of
DH2i Dx ...)
NOT-FOR-US: DH2i DxEnterprise and DxOdyssey for Windows
CVE-2021-3340 (A cross-site scripting (XSS) vulnerability in many forms of
Wikindx be ...)
@@ -3652,7 +3652,7 @@ CVE-2021-26295
CVE-2021-3333 (Opmantek Open-AudIT 4.0.1 is affected by cross-site scripting
(XSS). W ...)
NOT-FOR-US: Open-AudIT
CVE-2021-3332 (WPS Hide Login 1.6.1 allows remote attackers to bypass a
protection me ...)
- TODO: check
+ NOT-FOR-US: WPS Hide Logi
CVE-2021-3331 (WinSCP before 5.17.10 allows remote attackers to execute
arbitrary pro ...)
NOT-FOR-US: WinSCP
CVE-2021-3330
@@ -6148,13 +6148,13 @@ CVE-2021-25311 (condor_credd in HTCondor before 8.9.11
allows Directory Traversa
CVE-2021-25310 (** UNSUPPORTED WHEN ASSIGNED ** The administration web
interface on Be ...)
NOT-FOR-US: Belkin Linksys WRT160NL devices
CVE-2021-25309 (The telnet administrator service running on port 650 on
Gigaset DX600A ...)
- TODO: check
+ NOT-FOR-US: Gigaset devices
CVE-2021-25308
RESERVED
CVE-2021-25307
RESERVED
CVE-2021-25306 (A buffer overflow vulnerability in the AT command interface of
Gigaset ...)
- TODO: check
+ NOT-FOR-US: Gigaset devices
CVE-2021-3174
RESERVED
CVE-2021-25305
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37690bb61b9855484c5f95dcd173368592935a13
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37690bb61b9855484c5f95dcd173368592935a13
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
