Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: fd2beb94 by Salvatore Bonaccorso at 2021-05-17T22:18:46+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -9,7 +9,7 @@ CVE-2021-33043 CVE-2021-33042 RESERVED CVE-2021-33041 (vmd through 1.34.0 allows 'div class="markdown-body"' XSS, as demonstr ...) - TODO: check + NOT-FOR-US: vmd CVE-2021-33040 RESERVED CVE-2021-33039 @@ -1275,13 +1275,13 @@ CVE-2021-32458 CVE-2021-32457 RESERVED CVE-2021-32456 (SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access t ...) - TODO: check + NOT-FOR-US: SITEL CAP/PRX firmware CVE-2021-32455 (SITEL CAP/PRX firmware version 5.2.01, allows an attacker with access ...) - TODO: check + NOT-FOR-US: SITEL CAP/PRX firmware CVE-2021-32454 (SITEL CAP/PRX firmware version 5.2.01 makes use of a hardcoded passwor ...) - TODO: check + NOT-FOR-US: SITEL CAP/PRX firmware CVE-2021-32453 (SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access t ...) - TODO: check + NOT-FOR-US: SITEL CAP/PRX firmware CVE-2021-3540 RESERVED CVE-2021-32452 @@ -1383,9 +1383,9 @@ CVE-2021-32405 CVE-2021-32404 RESERVED CVE-2021-32403 (Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross Site Re ...) - TODO: check + NOT-FOR-US: Intelbras Router RF 301K Firmware CVE-2021-32402 (Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross Site Re ...) - TODO: check + NOT-FOR-US: Intelbras Router RF 301K Firmware CVE-2021-32401 RESERVED CVE-2021-32400 @@ -3110,9 +3110,9 @@ CVE-2021-31730 CVE-2021-31729 RESERVED CVE-2021-31728 (Incorrect access control in zam64.sys, zam32.sys in MalwareFox AntiMal ...) - TODO: check + NOT-FOR-US: MalwareFox AntiMalware CVE-2021-31727 (Incorrect access control in zam64.sys, zam32.sys in MalwareFox AntiMal ...) - TODO: check + NOT-FOR-US: MalwareFox AntiMalware CVE-2021-31726 (Akuvox C315 115.116.2613 allows remote command Injection via the cfgd_ ...) NOT-FOR-US: Akuvox CVE-2021-31725 @@ -9307,27 +9307,27 @@ CVE-2021-29055 CVE-2021-29054 (Certain Papoo products are affected by: Cross Site Request Forgery (CS ...) NOT-FOR-US: Papoo CVE-2021-29053 (Multiple SQL injection vulnerabilities in Liferay Portal 7.3.5 and Lif ...) - TODO: check + NOT-FOR-US: Liferay CVE-2021-29052 (The Data Engine module in Liferay Portal 7.3.0 through 7.3.5, and Life ...) - TODO: check + NOT-FOR-US: Liferay CVE-2021-29051 (Cross-site scripting (XSS) vulnerability in the Asset module's Asset P ...) - TODO: check + NOT-FOR-US: Liferay CVE-2021-29050 RESERVED CVE-2021-29049 RESERVED CVE-2021-29048 (Cross-site scripting (XSS) vulnerability in the Layout module's page a ...) - TODO: check + NOT-FOR-US: Liferay CVE-2021-29047 (The SimpleCaptcha implementation in Liferay Portal 7.3.4, 7.3.5 and Li ...) NOT-FOR-US: Liferay CVE-2021-29046 (Cross-site scripting (XSS) vulnerability in the Asset module's categor ...) - TODO: check + NOT-FOR-US: Liferay CVE-2021-29045 (Cross-site scripting (XSS) vulnerability in the Redirect module's redi ...) - TODO: check + NOT-FOR-US: Liferay CVE-2021-29044 (Cross-site scripting (XSS) vulnerability in the Site module's membersh ...) - TODO: check + NOT-FOR-US: Liferay CVE-2021-29043 (The Portal Store module in Liferay Portal 7.0.0 through 7.3.5, and Lif ...) - TODO: check + NOT-FOR-US: Liferay CVE-2021-29042 RESERVED CVE-2021-29041 (Denial-of-service (DoS) vulnerability in the Multi-Factor Authenticati ...) @@ -9365,9 +9365,9 @@ CVE-2021-29026 (A cross-site scripting (XSS) vulnerability in Bitweaver version CVE-2021-29025 (A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 ...) NOT-FOR-US: Bitweaver CVE-2021-29024 (In InvoicePlane 1.5.11 a misconfigured web server allows unauthenticat ...) - TODO: check + NOT-FOR-US: InvoicePlane CVE-2021-29023 (InvoicePlane 1.5.11 doesn't have any rate-limiting for password reset ...) - TODO: check + NOT-FOR-US: InvoicePlane CVE-2021-29022 (In InvoicePlane 1.5.11, the upload feature discloses the full path of ...) NOT-FOR-US: InvoicePlane CVE-2021-29021 @@ -12460,7 +12460,7 @@ CVE-2021-27736 (FusionAuth fusionauth-samlv2 before 0.5.4 allows XXE attacks via CVE-2021-27735 RESERVED CVE-2021-27734 (Hirschmann HiOS 07.1.01, 07.1.02, and 08.1.00 through 08.5.xx and HiSe ...) - TODO: check + NOT-FOR-US: Hirschmann HiOS CVE-2021-27733 (In JetBrains YouTrack before 2020.6.6441, stored XSS was possible via ...) NOT-FOR-US: JetBrains CVE-2021-27732 @@ -13320,7 +13320,7 @@ CVE-2021-27344 CVE-2021-27343 (SerenityOS Unspecified is affected by: Buffer Overflow. The impact is: ...) NOT-FOR-US: SerenityOS CVE-2021-27342 (An authentication brute-force protection mechanism bypass in telnetd i ...) - TODO: check + NOT-FOR-US: D-Link CVE-2021-27341 RESERVED CVE-2021-27340 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd2beb940088e581c51a57fff666c6f4e99a014b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd2beb940088e581c51a57fff666c6f4e99a014b You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits