Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: e3b599d8 by Salvatore Bonaccorso at 2021-05-25T22:19:06+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -294,7 +294,7 @@ CVE-2021-33427 CVE-2021-33426 RESERVED CVE-2021-33425 (A stored cross-site scripting (XSS) vulnerability was discovered in th ...) - TODO: check + NOT-FOR-US: OpenWRT LuCI CVE-2021-33424 RESERVED CVE-2021-33423 @@ -7742,25 +7742,25 @@ CVE-2021-30197 CVE-2021-30196 RESERVED CVE-2021-30195 (CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validatio ...) - TODO: check + NOT-FOR-US: CODESYS CVE-2021-30194 (CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Read. ...) - TODO: check + NOT-FOR-US: CODESYS CVE-2021-30193 (CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Write. ...) - TODO: check + NOT-FOR-US: CODESYS CVE-2021-30192 (CODESYS V2 Web-Server before 1.1.9.20 has an Improperly Implemented Se ...) - TODO: check + NOT-FOR-US: CODESYS CVE-2021-30191 (CODESYS V2 Web-Server before 1.1.9.20 has a a Buffer Copy without Chec ...) - TODO: check + NOT-FOR-US: CODESYS CVE-2021-30190 (CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control. ...) - TODO: check + NOT-FOR-US: CODESYS CVE-2021-30189 (CODESYS V2 Web-Server before 1.1.9.20 has a Stack-based Buffer Overflo ...) - TODO: check + NOT-FOR-US: CODESYS CVE-2021-30188 (CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer ...) - TODO: check + NOT-FOR-US: CODESYS CVE-2021-30187 (CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralizati ...) - TODO: check + NOT-FOR-US: CODESYS CVE-2021-30186 (CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer O ...) - TODO: check + NOT-FOR-US: CODESYS CVE-2021-30185 (CERN Indico before 2.3.4 can use an attacker-supplied Host header in a ...) NOT-FOR-US: CERN Indico CVE-2021-30184 (GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted ...) @@ -10214,27 +10214,27 @@ CVE-2021-29213 CVE-2021-29212 RESERVED CVE-2021-29211 (A remote xss vulnerability was discovered in HPE Integrated Lights-Out ...) - TODO: check + NOT-FOR-US: HPE CVE-2021-29210 (A remote dom xss, crlf injection vulnerability was discovered in HPE I ...) - TODO: check + NOT-FOR-US: HPE CVE-2021-29209 (A remote dom xss, crlf injection vulnerability was discovered in HPE I ...) - TODO: check + NOT-FOR-US: HPE CVE-2021-29208 (A remote dom xss, crlf injection vulnerability was discovered in HPE I ...) - TODO: check + NOT-FOR-US: HPE CVE-2021-29207 (A remote xss vulnerability was discovered in HPE Integrated Lights-Out ...) - TODO: check + NOT-FOR-US: HPE CVE-2021-29206 (A remote xss vulnerability was discovered in HPE Integrated Lights-Out ...) - TODO: check + NOT-FOR-US: HPE CVE-2021-29205 (A remote xss vulnerability was discovered in HPE Integrated Lights-Out ...) - TODO: check + NOT-FOR-US: HPE CVE-2021-29204 (A remote xss vulnerability was discovered in HPE Integrated Lights-Out ...) - TODO: check + NOT-FOR-US: HPE CVE-2021-29203 (A security vulnerability has been identified in the HPE Edgeline Infra ...) NOT-FOR-US: HPE CVE-2021-29202 (A local buffer overflow vulnerability was discovered in HPE Integrated ...) - TODO: check + NOT-FOR-US: HPE CVE-2021-29201 (A remote xss vulnerability was discovered in HPE Integrated Lights-Out ...) - TODO: check + NOT-FOR-US: HPE CVE-2021-29200 (Apache OFBiz has unsafe deserialization prior to 17.12.07 version An u ...) NOT-FOR-US: Apache OFBiz CVE-2021-29199 @@ -13545,11 +13545,11 @@ CVE-2021-27825 CVE-2021-27824 RESERVED CVE-2021-27823 (An information disclosure vulnerability was discovered in /index.class ...) - TODO: check + NOT-FOR-US: NetWave CVE-2021-27822 RESERVED CVE-2021-27821 (The Web Interface for OpenWRT LuCI version 19.07 and lower has been di ...) - TODO: check + NOT-FOR-US: OpenWRT LuCI CVE-2021-27820 RESERVED CVE-2021-27819 @@ -18004,9 +18004,9 @@ CVE-2021-25937 CVE-2021-25936 RESERVED CVE-2021-25935 (In OpenNMS Horizon, versions opennms-17.0.0-1 through opennms-27.1.0-1 ...) - TODO: check + NOT-FOR-US: OpenNMS CVE-2021-25934 (In OpenNMS Horizon, versions opennms-18.0.0-1 through opennms-27.1.0-1 ...) - TODO: check + NOT-FOR-US: OpenNMS CVE-2021-25933 (In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0 ...) NOT-FOR-US: OpenNMS CVE-2021-25932 @@ -27718,13 +27718,13 @@ CVE-2021-21662 CVE-2021-21661 RESERVED CVE-2021-21660 (Jenkins Markdown Formatter Plugin 0.1.0 and earlier does not sanitize ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2021-21659 (Jenkins URLTrigger Plugin 0.48 and earlier does not configure its XML ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2021-21658 (Jenkins Nuget Plugin 1.0 and earlier does not configure its XML parser ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2021-21657 (Jenkins Filesystem Trigger Plugin 0.40 and earlier does not configure ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2021-21656 (Jenkins Xcode integration Plugin 2.0.14 and earlier does not configure ...) NOT-FOR-US: Jenkins plugin CVE-2021-21655 (A cross-site request forgery (CSRF) vulnerability in Jenkins P4 Plugin ...) @@ -88548,11 +88548,11 @@ CVE-2020-9454 (A CSRF vulnerability in the RegistrationMagic plugin through 4.6. CVE-2020-9453 (In Epson iProjection v2.30, the driver file EMP_MPAU.sys allows local ...) NOT-FOR-US: Epson CVE-2020-9452 (An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ra ...) - TODO: check + NOT-FOR-US: Acronis CVE-2020-9451 (An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ra ...) - TODO: check + NOT-FOR-US: Acronis CVE-2020-9450 (An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ra ...) - TODO: check + NOT-FOR-US: Acronis CVE-2020-9449 (An insecure random number generation vulnerability in BlaB! AX, BlaB! ...) NOT-FOR-US: BlaB! CVE-2020-9448 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3b599d8374ab6918a76d755fab6a9519f81fafa -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3b599d8374ab6918a76d755fab6a9519f81fafa You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits