Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: fa6c5470 by Salvatore Bonaccorso at 2021-03-19T09:53:41+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -375,7 +375,7 @@ CVE-2021-28655 CVE-2021-28654 RESERVED CVE-2021-28653 (The iOS and macOS apps before 1.4.1 for the Western Digital G-Technolo ...) - TODO: check + NOT-FOR-US: iOS and macOS apps for the Western Digital G-Technology ArmorLock NVMe SSD CVE-2021-28652 RESERVED CVE-2021-28651 @@ -1430,7 +1430,7 @@ CVE-2021-28162 (In Eclipse Theia versions up to and including 0.16.0, in the not CVE-2021-28161 (In Eclipse Theia versions up to and including 1.8.0, in the debug cons ...) NOT-FOR-US: Eclipse Theia CVE-2021-28160 (Reflected XSS on Acexy (BoyaMicro) Wireless-N WiFi Repeater 28.08.06.1 ...) - TODO: check + NOT-FOR-US: Acexy (BoyaMicro) Wireless-N WiFi Repeater CVE-2021-28159 RESERVED CVE-2021-28158 @@ -1549,7 +1549,7 @@ CVE-2021-28128 CVE-2021-28127 RESERVED CVE-2021-28126 (index.jsp in TranzWare e-Commerce Payment Gateway (TWEC PG) before 3.1 ...) - TODO: check + NOT-FOR-US: TranzWare e-Commerce Payment Gateway (TWEC PG) CVE-2021-28125 RESERVED CVE-2021-28124 @@ -1590,9 +1590,9 @@ CVE-2021-28112 CVE-2021-28111 RESERVED CVE-2021-28110 (/exec in TranzWare e-Commerce Payment Gateway (TWEC PG) before 3.1.27. ...) - TODO: check + NOT-FOR-US: TranzWare e-Commerce Payment Gateway (TWEC PG) CVE-2021-28109 (TranzWare (POI) FIMI before 4.2.20.4.2 allows login_tw.php reflected C ...) - TODO: check + NOT-FOR-US: TranzWare (POI) FIMI CVE-2021-28374 (The Debian courier-authlib package before 0.71.1-2 for Courier Authent ...) - courier-authlib 0.71.1-2 (bug #984810) NOTE: Re-introduction of #378571 while migrating from debian/permissions to @@ -3137,7 +3137,7 @@ CVE-2021-27438 CVE-2021-27437 RESERVED CVE-2021-27436 (WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-site scr ...) - TODO: check + NOT-FOR-US: WebAccess/SCADA CVE-2021-27435 RESERVED CVE-2021-27434 @@ -3624,7 +3624,7 @@ CVE-2021-27223 CVE-2021-27222 (In the "Time in Status" app before 4.13.0 for Jira, remote authenticat ...) NOT-FOR-US: "Time in Status" app CVE-2021-27221 (** DISPUTED ** MikroTik RouterOS 6.47.9 allows remote authenticated ft ...) - TODO: check + NOT-FOR-US: MikroTik RouterOS CVE-2021-27220 RESERVED CVE-2021-27217 (An issue was discovered in the _send_secure_msg() function of Yubico y ...) @@ -21842,11 +21842,11 @@ CVE-2020-35457 (** DISPUTED ** GNOME GLib before 2.65.3 has an integer overflow, NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2197 NOTE: Upstream position is that it is not realistically a security issue. CVE-2020-35456 (The Taidii Diibear Android application 2.4.0 and all its derivatives a ...) - TODO: check + NOT-FOR-US: Taidii Diibear Android application CVE-2020-35455 (The Taidii Diibear Android application 2.4.0 and all its derivatives a ...) - TODO: check + NOT-FOR-US: Taidii Diibear Android application CVE-2020-35454 (The Taidii Diibear Android application 2.4.0 and all its derivatives a ...) - TODO: check + NOT-FOR-US: Taidii Diibear Android application CVE-2020-35453 (HashiCorp Vault Enterprise’s Sentinel EGP policy feature incorre ...) NOT-FOR-US: HashiCorp Vault CVE-2020-35452 @@ -27425,7 +27425,7 @@ CVE-2021-1289 (Multiple vulnerabilities in the web-based management interface of CVE-2021-1288 (Multiple vulnerabilities in the ingress packet processing function of ...) NOT-FOR-US: Cisco CVE-2021-1287 (A vulnerability in the web-based management interface of Cisco RV132W ...) - TODO: check + NOT-FOR-US: Cisco CVE-2021-1286 (Multiple vulnerabilities in the web-based management interface of Cisc ...) NOT-FOR-US: Cisco CVE-2021-1285 @@ -76536,7 +76536,7 @@ CVE-2020-9369 (Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a de CVE-2020-9368 (The Module Olea Gift On Order module through 5.0.8 for PrestaShop enab ...) NOT-FOR-US: Module Olea Gift On Order module for PrestaShop CVE-2020-9367 (The MPS Agent in Zoho ManageEngine Desktop Central MSP build MSP build ...) - TODO: check + NOT-FOR-US: Zoho ManageEngine CVE-2020-9365 (An issue was discovered in Pure-FTPd 1.0.49. An out-of-bounds (OOB) re ...) - pure-ftpd 1.0.49-3 (bug #952471) [buster] - pure-ftpd <no-dsa> (Minor issue) @@ -83546,9 +83546,9 @@ CVE-2020-6580 CVE-2020-6579 (Cross-site scripting (XSS) vulnerability in mailhive/cloudbeez/cloudlo ...) NOT-FOR-US: MailBeez plugin for ZenCart CVE-2020-6578 (Zen Cart 1.5.6d allows reflected XSS via the main_page parameter to in ...) - TODO: check + NOT-FOR-US: Zen Cart CVE-2020-6577 (The IT-Recht Kanzlei plugin in Zen Cart 1.5.6c (German edition) allows ...) - TODO: check + NOT-FOR-US: IT-Recht Kanzlei plugin in Zen Cart CVE-2020-6576 (Use after free in offscreen canvas in Google Chrome prior to 85.0.4183 ...) {DSA-4824-1} - chromium 87.0.4280.88-0.1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa6c54705ffb5c4a683e41f568df607ebe6739d2 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa6c54705ffb5c4a683e41f568df607ebe6739d2 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits