Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 7925c8e0 by Salvatore Bonaccorso at 2021-05-07T11:03:52+02:00 Process some more NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -697,19 +697,19 @@ CVE-2021-32106 CVE-2021-32105 RESERVED CVE-2021-32104 (A SQL injection vulnerability exists (with user privileges) in interfa ...) - TODO: check + NOT-FOR-US: OpenEMR CVE-2021-32103 (A Stored XSS vulnerability in interface/usergroup/usergroup_admin.php ...) - TODO: check + NOT-FOR-US: OpenEMR CVE-2021-32102 (A SQL injection vulnerability exists (with user privileges) in library ...) - TODO: check + NOT-FOR-US: OpenEMR CVE-2021-32101 (The Patient Portal of OpenEMR 5.0.2.1 is affected by a incorrect acces ...) - TODO: check + NOT-FOR-US: OpenEMR CVE-2021-32100 (A remote file inclusion vulnerability exists in Artica Pandora FMS 742 ...) - TODO: check + NOT-FOR-US: Artica Pandora FMS CVE-2021-32099 (A SQL injection vulnerability in the pandora_console component of Arti ...) - TODO: check + NOT-FOR-US: Artica Pandora FMS CVE-2021-32098 (Artica Pandora FMS 742 allows unauthenticated attackers to perform Pha ...) - TODO: check + NOT-FOR-US: Artica Pandora FMS CVE-2021-32097 RESERVED CVE-2021-32096 (The ConsoleAction component of U.S. National Security Agency (NSA) Emi ...) @@ -761,13 +761,13 @@ CVE-2021-3538 NOTE: https://github.com/satori/go.uuid/issues/73 TODO: check, probably introduced after the 1.2.0 release and only in a unreleased version. CVE-2021-32077 (Primary Source Verification in VerityStream MSOW Solutions before 3.1. ...) - TODO: check + NOT-FOR-US: VerityStream MSOW Solutions CVE-2021-32076 RESERVED CVE-2021-32075 RESERVED CVE-2021-32074 (HashiCorp vault-action (aka Vault GitHub Action) before 2.2.0 allows a ...) - TODO: check + NOT-FOR-US: HashiCorp vault-action (aka Vault GitHub Action) CVE-2021-32073 RESERVED CVE-2021-32072 @@ -1741,7 +1741,7 @@ CVE-2021-31739 CVE-2021-31738 RESERVED CVE-2021-31737 (emlog v5.3.1 and emlog v6.0.0 have a Remote Code Execution vulnerabili ...) - TODO: check + NOT-FOR-US: emlog CVE-2021-31736 RESERVED CVE-2021-31735 @@ -7518,7 +7518,7 @@ CVE-2021-29205 CVE-2021-29204 RESERVED CVE-2021-29203 (A security vulnerability has been identified in the HPE Edgeline Infra ...) - TODO: check + NOT-FOR-US: HPE CVE-2021-29202 RESERVED CVE-2021-29201 @@ -8701,7 +8701,7 @@ CVE-2021-28667 (StackStorm before 3.4.1, in some situations, has an infinite loo CVE-2021-28666 RESERVED CVE-2021-28665 (Stormshield SNS with versions before 3.7.18, 3.11.6 and 4.1.6 has a me ...) - TODO: check + NOT-FOR-US: Stormshield SNS CVE-2021-28664 RESERVED NOT-FOR-US: ARM components for Android @@ -33979,9 +33979,9 @@ CVE-2020-29447 (Affected versions of Atlassian Crucible allow remote attackers t CVE-2020-29446 (Affected versions of Atlassian Fisheye & Crucible allow remote att ...) NOT-FOR-US: Atlassian CVE-2020-29445 (Affected versions of Confluence Server before 7.11.0 allow attackers t ...) - TODO: check + NOT-FOR-US: Atlassian CVE-2020-29444 (Affected versions of Team Calendar in Confluence Server before 7.11.0 ...) - TODO: check + NOT-FOR-US: Atlassian CVE-2020-29443 (ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of- ...) {DLA-2560-1} - qemu <unfixed> (bug #983575) @@ -51692,9 +51692,9 @@ CVE-2020-23266 CVE-2020-23265 RESERVED CVE-2020-23264 (Cross-site request forgery (CSRF) in Fork-CMS before 5.8.2 allow remot ...) - TODO: check + NOT-FOR-US: Fork CMS CVE-2020-23263 (Persistent Cross-site scripting vulnerability on Fork CMS version 5.8. ...) - TODO: check + NOT-FOR-US: Fork CMS CVE-2020-23262 (An issue was discovered in ming-soft MCMS v5.0, where a malicious user ...) NOT-FOR-US: ming-soft MCMS CVE-2020-23261 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7925c8e085cde026baf4455d65d3d09eceb90e95 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7925c8e085cde026baf4455d65d3d09eceb90e95 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits