Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
95928d6f by Salvatore Bonaccorso at 2021-04-20T22:26:30+02:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2277,7 +2277,7 @@ CVE-2021-30466
CVE-2021-30465
RESERVED
CVE-2021-30464 (OMICRON StationGuard before 1.10 allows remote attackers to
cause a de ...)
- TODO: check
+ NOT-FOR-US: OMICRON StationGuard
CVE-2021-30463 (VestaCP through 0.9.8-24 allows attackers to gain privileges
by creati ...)
NOT-FOR-US: VestaCP
CVE-2021-30462 (VestaCP through 0.9.8-24 allows the admin user to escalate
privileges ...)
@@ -13602,11 +13602,11 @@ CVE-2021-25682
RESERVED
NOT-FOR-US: Apport
CVE-2021-25681 (** UNSUPPORTED WHEN ASSIGNED ** AdTran Personal Phone Manager
10.8.1 s ...)
- TODO: check
+ NOT-FOR-US: AdTran Personal Phone Manager
CVE-2021-25680 (** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone
Manager soft ...)
- TODO: check
+ NOT-FOR-US: AdTran Personal Phone Manager
CVE-2021-25679 (** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone
Manager soft ...)
- TODO: check
+ NOT-FOR-US: AdTran Personal Phone Manager
CVE-2020-36201 (An issue was discovered in certain Xerox WorkCentre products.
They do ...)
NOT-FOR-US: Xerox
CVE-2019-25015 (LuCI in OpenWrt 18.06.0 through 18.06.4 allows stored XSS via
a crafte ...)
@@ -19220,13 +19220,13 @@ CVE-2021-3040
CVE-2021-3039
RESERVED
CVE-2021-3038 (A denial-of-service (DoS) vulnerability in Palo Alto Networks
GlobalPr ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks
CVE-2021-3037 (An information exposure through log file vulnerability exists
in Palo ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks
CVE-2021-3036 (An information exposure through log file vulnerability exists
in Palo ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks
CVE-2021-3035 (An unsafe deserialization vulnerability in Bridgecrew Checkov
by Prism ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks
CVE-2021-3034 (An information exposure through log file vulnerability exists
in Corte ...)
NOT-FOR-US: Cortex XSOAR software (Palo Alto Networks)
CVE-2021-3033 (An improper verification of cryptographic signature
vulnerability exis ...)
@@ -22709,7 +22709,7 @@ CVE-2021-21528
CVE-2021-21527
RESERVED
CVE-2021-21526 (Dell PowerScale OneFS 8.1.0 - 9.1.0 contains a privilege
escalation in ...)
- TODO: check
+ NOT-FOR-US: Dell PowerScale OneFS
CVE-2021-21525
RESERVED
CVE-2021-21524 (Dell SRM versions prior to 4.5.0.1 and Dell SMR versions prior
to 4.5. ...)
@@ -28170,7 +28170,7 @@ CVE-2021-20025
CVE-2021-20024
RESERVED
CVE-2021-20023 (SonicWall Email Security version 10.0.9.x contains a
vulnerability tha ...)
- TODO: check
+ NOT-FOR-US: SonicWall
CVE-2021-20022 (SonicWall Email Security version 10.0.9.x contains a
vulnerability tha ...)
NOT-FOR-US: SonicWall
CVE-2021-20021 (A vulnerability in the SonicWall Email Security version
10.0.9.x allow ...)
@@ -28604,7 +28604,7 @@ CVE-2020-35315
CVE-2020-35314
RESERVED
CVE-2020-35313 (A server-side request forgery (SSRF) vulnerability in the
addCustomThe ...)
- TODO: check
+ NOT-FOR-US: WonderCMS
CVE-2020-35312
RESERVED
CVE-2020-35311
@@ -37091,7 +37091,7 @@ CVE-2020-28143
CVE-2020-28142
RESERVED
CVE-2020-28141 (The messaging subsystem in the Online Discussion Forum 1.0 is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: Online Discussion Forum
CVE-2020-28140 (SourceCodester Online Clothing Store 1.0 is affected by an
arbitrary f ...)
NOT-FOR-US: SourceCodester Online Clothing Store
CVE-2020-28139 (SourceCodester Online Clothing Store 1.0 is affected by a
cross-site s ...)
@@ -39983,9 +39983,9 @@ CVE-2020-27243
CVE-2020-27242
RESERVED
CVE-2020-27241 (An exploitable SQL injection vulnerability exists in
‘getAssets. ...)
- TODO: check
+ NOT-FOR-US: OpenClinic
CVE-2020-27240 (An exploitable SQL injection vulnerability exists in
‘getAssets. ...)
- TODO: check
+ NOT-FOR-US: OpenClinic
CVE-2020-27239 (An exploitable SQL injection vulnerability exists in
‘getAssets. ...)
NOT-FOR-US: OpenClinic
CVE-2020-27238 (An exploitable SQL injection vulnerability exists in
‘getAssets. ...)
@@ -42413,7 +42413,7 @@ CVE-2020-26199 (Dell EMC Unity, Unity XT, and UnityVSA
versions prior to 5.0.4.0
CVE-2020-26198 (Dell EMC iDRAC9 versions prior to 4.32.10.00 and 4.40.00.00
contain a ...)
NOT-FOR-US: EMC
CVE-2020-26197 (Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider
inabilit ...)
- TODO: check
+ NOT-FOR-US: Dell PowerScale OneFS
CVE-2020-26196 (Dell EMC PowerScale OneFS versions 8.1.0-9.1.0 contain a
Backup/Restor ...)
NOT-FOR-US: EMC
CVE-2020-26195 (Dell EMC PowerScale OneFS versions 8.1.2 – 9.1.0 contain
an issu ...)
@@ -69332,7 +69332,7 @@ CVE-2020-14107
CVE-2020-14106 (The application in the mobile phone can unauthorized access to
the lis ...)
NOT-FOR-US: Xiaomi
CVE-2020-14105 (The application in the mobile phone can read the SNO
information of th ...)
- TODO: check
+ NOT-FOR-US: Xiaomi
CVE-2020-14104 (A RACE CONDITION on XQBACKUP causes a decompression path error
on Xiao ...)
NOT-FOR-US: Xiaomi
CVE-2020-14103 (The application in the mobile phone can read the SNO
information of th ...)
@@ -87105,7 +87105,7 @@ CVE-2020-7858
CVE-2020-7857
RESERVED
CVE-2020-7856 (A vulnerability of Helpcom could allow an unauthenticated
attacker to ...)
- TODO: check
+ NOT-FOR-US: Helpcom
CVE-2020-7855
RESERVED
CVE-2020-7854
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/95928d6fed7be72eed0c7af55e1175ea5a4e8d05
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/95928d6fed7be72eed0c7af55e1175ea5a4e8d05
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
