Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1abbdce5 by Salvatore Bonaccorso at 2021-04-16T10:25:48+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,7 +5,7 @@ CVE-2021-31416
CVE-2021-31415
RESERVED
CVE-2021-31414 (The unofficial vscode-rpm-spec extension before 0.3.2 for
Visual Studi ...)
- TODO: check
+ NOT-FOR-US: vscode-rpm-spec extension for Visual Studio Code
CVE-2021-31413
RESERVED
CVE-2021-31412
@@ -8372,9 +8372,9 @@ CVE-2021-27694
CVE-2021-27693
RESERVED
CVE-2021-27692 (Command Injection in Tenda G1 and G3 routers with firmware
versions v1 ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2021-27691 (Command Injection in Tenda G0 routers with firmware versions
v15.11.0. ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2021-27690
RESERVED
CVE-2021-27689
@@ -9652,7 +9652,7 @@ CVE-2021-27114 (An issue was discovered in D-Link DIR-816
A2 1.10 B05 devices. W
CVE-2021-27113 (An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices.
An HTTP ...)
NOT-FOR-US: D-Link
CVE-2021-27112 (LightCMS v1.3.5 contains a remote code execution vulnerability
in /app ...)
- TODO: check
+ NOT-FOR-US: LightCMS
CVE-2021-27111
RESERVED
CVE-2021-27110
@@ -12215,9 +12215,9 @@ CVE-2021-26076 (The jira.editor.user.mode cookie set by
the Jira Editor Plugin i
CVE-2021-26075 (The Jira importers plugin AttachTemporaryFile rest resource in
Jira Se ...)
NOT-FOR-US: Atlassian
CVE-2021-26074 (Broken Authentication in Atlassian Connect Spring Boot (ACSB)
from ver ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2021-26073 (Broken Authentication in Atlassian Connect Express (ACE) from
version ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2021-26072 (The WidgetConnector plugin in Confluence Server and Confluence
Data Ce ...)
NOT-FOR-US: Atlassian
CVE-2021-26071 (The SetFeatureEnabled.jspa resource in Jira Server and Data
Center bef ...)
@@ -24958,7 +24958,7 @@ CVE-2021-21102
CVE-2021-21101
RESERVED
CVE-2021-21100 (Adobe Digital Editions version 4.5.11.187245 (and earlier) is
affected ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-21099
RESERVED
CVE-2021-21098
@@ -34003,9 +34003,9 @@ CVE-2020-28595 (An out-of-bounds write vulnerability
exists in the Obj.cpp load_
CVE-2020-28594
RESERVED
CVE-2020-28593 (A unauthenticated backdoor exists in the configuration server
function ...)
- TODO: check
+ NOT-FOR-US: Cosori Smart 5.8-Quart Air Fryer CS158-AF
CVE-2020-28592 (A heap-based buffer overflow vulnerability exists in the
configuration ...)
- TODO: check
+ NOT-FOR-US: Cosori Smart 5.8-Quart Air Fryer CS158-AF
CVE-2020-28591 (An out-of-bounds read vulnerability exists in the AMF File
AMFParserCo ...)
- slic3r 1.3.0+dfsg1-4 (bug #985620)
[stretch] - slic3r <not-affected> (Vulnerable code not present)
@@ -39612,11 +39612,11 @@ CVE-2020-27241
CVE-2020-27240
RESERVED
CVE-2020-27239 (An exploitable SQL injection vulnerability exists in
‘getAssets. ...)
- TODO: check
+ NOT-FOR-US: OpenClinic
CVE-2020-27238 (An exploitable SQL injection vulnerability exists in
‘getAssets. ...)
- TODO: check
+ NOT-FOR-US: OpenClinic
CVE-2020-27237 (An exploitable SQL injection vulnerability exists in
‘getAssets. ...)
- TODO: check
+ NOT-FOR-US: OpenClinic
CVE-2020-27236 (An exploitable SQL injection vulnerability exists in
‘getAssets. ...)
NOT-FOR-US: OpenClinic
CVE-2020-27235 (An exploitable SQL injection vulnerability exists in
‘getAssets. ...)
@@ -87921,7 +87921,7 @@ CVE-2020-7310 (Privilege Escalation vulnerability in
the installer in McAfee McA
CVE-2020-7309 (Cross Site Scripting vulnerability in ePO extension in McAfee
Applicat ...)
NOT-FOR-US: McAfee
CVE-2020-7308 (Cleartext Transmission of Sensitive Information between McAfee
Endpoin ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2020-7307 (Unprotected Storage of Credentials vulnerability in McAfee Data
Loss P ...)
NOT-FOR-US: McAfee
CVE-2020-7306 (Unprotected Storage of Credentials vulnerability in McAfee Data
Loss P ...)
@@ -87997,9 +87997,9 @@ CVE-2020-7272
CVE-2020-7271
RESERVED
CVE-2020-7270 (Exposure of Sensitive Information in the web interface in
McAfee Advan ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2020-7269 (Exposure of Sensitive Information in the web interface in
McAfee Advan ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2020-7268 (Path Traversal vulnerability in McAfee McAfee Email Gateway
(MEG) prio ...)
NOT-FOR-US: McAfee
CVE-2020-7267 (Privilege Escalation vulnerability in McAfee VirusScan
Enterprise (VSE ...)
@@ -158812,7 +158812,7 @@ CVE-2018-19944 (A cleartext transmission of sensitive
information vulnerability
CVE-2018-19943 (If exploited, this cross-site scripting vulnerability could
allow remo ...)
NOT-FOR-US: QNAP
CVE-2018-19942 (A cross-site scripting (XSS) vulnerability has been reported
to affect ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2018-19941 (A vulnerability has been reported to affect QNAP NAS. If
exploited, th ...)
NOT-FOR-US: QNAP
CVE-2018-19940
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1abbdce572196a32f00755d3d2c5849a1a9c6c64
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1abbdce572196a32f00755d3d2c5849a1a9c6c64
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
