Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
91130e28 by Salvatore Bonaccorso at 2021-08-24T22:49:27+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1416,9 +1416,9 @@ CVE-2021-39378
CVE-2021-39377
RESERVED
CVE-2021-39376 (Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06
allows SQ ...)
- TODO: check
+ NOT-FOR-US: Philips Healthcare Tasy Electronic Medical Record (EMR)
CVE-2021-39375 (Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06
allows SQ ...)
- TODO: check
+ NOT-FOR-US: Philips Healthcare Tasy Electronic Medical Record (EMR)
CVE-2021-39374
RESERVED
CVE-2021-39373
@@ -3120,11 +3120,11 @@ CVE-2021-38614 (** UNSUPPORTED WHEN ASSIGNED ** Polipo
through 1.1.1, when NDEBU
[buster] - polipo <ignored> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2021/07/28/2
CVE-2021-38613 (The assets/index.php Image Upload feature of the NASCENT
RemKon Device ...)
- TODO: check
+ NOT-FOR-US: NASCENT RemKon Device Manager
CVE-2021-38612 (In NASCENT RemKon Device Manager 4.0.0.0, a Directory
Traversal vulner ...)
- TODO: check
+ NOT-FOR-US: NASCENT RemKon Device Manager
CVE-2021-38611 (A command-injection vulnerability in the Image Upload function
of the ...)
- TODO: check
+ NOT-FOR-US: NASCENT RemKon Device Manager
CVE-2021-38610
RESERVED
CVE-2021-38609
@@ -3804,7 +3804,7 @@ CVE-2021-38308
CVE-2021-38307
RESERVED
CVE-2021-38306 (Network Attached Storage on LG N1T1*** 10124 devices allows an
unauthe ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2021-38305 (23andMe Yamale before 3.0.8 allows remote attackers to execute
arbitra ...)
NOT-FOR-US: 23andMe Yamale
CVE-2021-38304
@@ -5623,7 +5623,7 @@ CVE-2021-37576 (arch/powerpc/kvm/book3s_rtas.c in the
Linux kernel through 5.13.
- linux <unfixed>
NOTE:
https://git.kernel.org/linus/f62f3c20647ebd5fb6ecb8f0b477b9281c44c10a (5.14-rc3)
CVE-2021-37538 (Multiple SQL injection vulnerabilities in SmartDataSoft
SmartBlog for ...)
- TODO: check
+ NOT-FOR-US: PrestaShop
CVE-2021-37537
RESERVED
CVE-2021-37536
@@ -8177,7 +8177,7 @@ CVE-2021-36386 (report_vbuild in report.c in Fetchmail
before 6.4.20 sometimes o
NOTE: Regression fix:
https://gitlab.com/fetchmail/fetchmail/-/commit/d3db2da1d13bd2419370ad96defb92eecb17064c
(RELEASE_6-4-21)
NOTE: Negligible security impact
CVE-2021-36385 (A SQL Injection vulnerability in Cerner Mobile Care 5.0.0
allows remot ...)
- TODO: check
+ NOT-FOR-US: Cerner Mobile Care
CVE-2021-36384
RESERVED
CVE-2021-36383 (Xen Orchestra (with xo-web through 5.80.0 and xo-server
through 5.84.0 ...)
@@ -15588,7 +15588,7 @@ CVE-2021-33193 (A crafted method sent through HTTP/2
will bypass validation and
CVE-2021-33192 (A vulnerability in the HTML pages of Apache Jena Fuseki allows
an atta ...)
NOT-FOR-US: Apache Jena Fuseki
CVE-2021-33191 (From Apache NiFi MiNiFi C++ version 0.5.0 the c2 protocol
implements a ...)
- TODO: check
+ NOT-FOR-US: Apache NiFi
CVE-2021-33190 (In Apache APISIX Dashboard version 2.6, we changed the default
value o ...)
NOT-FOR-US: Apache APISIX Dashboard
CVE-2020-36365 (Smartstore (aka SmartStoreNET) before 4.1.0 allows
CommonController.Cl ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/91130e28431b6b9f8c40dcf21ee61c23bc29e2c0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/91130e28431b6b9f8c40dcf21ee61c23bc29e2c0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
