[Git][security-tracker-team/security-tracker][master] Process some NFUs

Mon, 17 May 2021 13:19:59 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
fd2beb94 by Salvatore Bonaccorso at 2021-05-17T22:18:46+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2021-33043
 CVE-2021-33042
        RESERVED
 CVE-2021-33041 (vmd through 1.34.0 allows 'div class="markdown-body"' XSS, as 
demonstr ...)
-       TODO: check
+       NOT-FOR-US: vmd
 CVE-2021-33040
        RESERVED
 CVE-2021-33039
@@ -1275,13 +1275,13 @@ CVE-2021-32458
 CVE-2021-32457
        RESERVED
 CVE-2021-32456 (SITEL CAP/PRX firmware version 5.2.01 allows an attacker with 
access t ...)
-       TODO: check
+       NOT-FOR-US: SITEL CAP/PRX firmware
 CVE-2021-32455 (SITEL CAP/PRX firmware version 5.2.01, allows an attacker with 
access  ...)
-       TODO: check
+       NOT-FOR-US: SITEL CAP/PRX firmware
 CVE-2021-32454 (SITEL CAP/PRX firmware version 5.2.01 makes use of a hardcoded 
passwor ...)
-       TODO: check
+       NOT-FOR-US: SITEL CAP/PRX firmware
 CVE-2021-32453 (SITEL CAP/PRX firmware version 5.2.01 allows an attacker with 
access t ...)
-       TODO: check
+       NOT-FOR-US: SITEL CAP/PRX firmware
 CVE-2021-3540
        RESERVED
 CVE-2021-32452
@@ -1383,9 +1383,9 @@ CVE-2021-32405
 CVE-2021-32404
        RESERVED
 CVE-2021-32403 (Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross 
Site Re ...)
-       TODO: check
+       NOT-FOR-US: Intelbras Router RF 301K Firmware
 CVE-2021-32402 (Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross 
Site Re ...)
-       TODO: check
+       NOT-FOR-US: Intelbras Router RF 301K Firmware
 CVE-2021-32401
        RESERVED
 CVE-2021-32400
@@ -3110,9 +3110,9 @@ CVE-2021-31730
 CVE-2021-31729
        RESERVED
 CVE-2021-31728 (Incorrect access control in zam64.sys, zam32.sys in MalwareFox 
AntiMal ...)
-       TODO: check
+       NOT-FOR-US: MalwareFox AntiMalware
 CVE-2021-31727 (Incorrect access control in zam64.sys, zam32.sys in MalwareFox 
AntiMal ...)
-       TODO: check
+       NOT-FOR-US: MalwareFox AntiMalware
 CVE-2021-31726 (Akuvox C315 115.116.2613 allows remote command Injection via 
the cfgd_ ...)
        NOT-FOR-US: Akuvox
 CVE-2021-31725
@@ -9307,27 +9307,27 @@ CVE-2021-29055
 CVE-2021-29054 (Certain Papoo products are affected by: Cross Site Request 
Forgery (CS ...)
        NOT-FOR-US: Papoo
 CVE-2021-29053 (Multiple SQL injection vulnerabilities in Liferay Portal 7.3.5 
and Lif ...)
-       TODO: check
+       NOT-FOR-US: Liferay
 CVE-2021-29052 (The Data Engine module in Liferay Portal 7.3.0 through 7.3.5, 
and Life ...)
-       TODO: check
+       NOT-FOR-US: Liferay
 CVE-2021-29051 (Cross-site scripting (XSS) vulnerability in the Asset module's 
Asset P ...)
-       TODO: check
+       NOT-FOR-US: Liferay
 CVE-2021-29050
        RESERVED
 CVE-2021-29049
        RESERVED
 CVE-2021-29048 (Cross-site scripting (XSS) vulnerability in the Layout 
module's page a ...)
-       TODO: check
+       NOT-FOR-US: Liferay
 CVE-2021-29047 (The SimpleCaptcha implementation in Liferay Portal 7.3.4, 
7.3.5 and Li ...)
        NOT-FOR-US: Liferay
 CVE-2021-29046 (Cross-site scripting (XSS) vulnerability in the Asset module's 
categor ...)
-       TODO: check
+       NOT-FOR-US: Liferay
 CVE-2021-29045 (Cross-site scripting (XSS) vulnerability in the Redirect 
module's redi ...)
-       TODO: check
+       NOT-FOR-US: Liferay
 CVE-2021-29044 (Cross-site scripting (XSS) vulnerability in the Site module's 
membersh ...)
-       TODO: check
+       NOT-FOR-US: Liferay
 CVE-2021-29043 (The Portal Store module in Liferay Portal 7.0.0 through 7.3.5, 
and Lif ...)
-       TODO: check
+       NOT-FOR-US: Liferay
 CVE-2021-29042
        RESERVED
 CVE-2021-29041 (Denial-of-service (DoS) vulnerability in the Multi-Factor 
Authenticati ...)
@@ -9365,9 +9365,9 @@ CVE-2021-29026 (A cross-site scripting (XSS) 
vulnerability in Bitweaver version
 CVE-2021-29025 (A cross-site scripting (XSS) vulnerability in Bitweaver 
version 3.1.0  ...)
        NOT-FOR-US: Bitweaver
 CVE-2021-29024 (In InvoicePlane 1.5.11 a misconfigured web server allows 
unauthenticat ...)
-       TODO: check
+       NOT-FOR-US: InvoicePlane
 CVE-2021-29023 (InvoicePlane 1.5.11 doesn't have any rate-limiting for 
password reset  ...)
-       TODO: check
+       NOT-FOR-US: InvoicePlane
 CVE-2021-29022 (In InvoicePlane 1.5.11, the upload feature discloses the full 
path of  ...)
        NOT-FOR-US: InvoicePlane
 CVE-2021-29021
@@ -12460,7 +12460,7 @@ CVE-2021-27736 (FusionAuth fusionauth-samlv2 before 
0.5.4 allows XXE attacks via
 CVE-2021-27735
        RESERVED
 CVE-2021-27734 (Hirschmann HiOS 07.1.01, 07.1.02, and 08.1.00 through 08.5.xx 
and HiSe ...)
-       TODO: check
+       NOT-FOR-US: Hirschmann HiOS
 CVE-2021-27733 (In JetBrains YouTrack before 2020.6.6441, stored XSS was 
possible via  ...)
        NOT-FOR-US: JetBrains
 CVE-2021-27732
@@ -13320,7 +13320,7 @@ CVE-2021-27344
 CVE-2021-27343 (SerenityOS Unspecified is affected by: Buffer Overflow. The 
impact is: ...)
        NOT-FOR-US: SerenityOS
 CVE-2021-27342 (An authentication brute-force protection mechanism bypass in 
telnetd i ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2021-27341
        RESERVED
 CVE-2021-27340



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd2beb940088e581c51a57fff666c6f4e99a014b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd2beb940088e581c51a57fff666c6f4e99a014b
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to