Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
595d6b7a by Salvatore Bonaccorso at 2021-09-09T22:29:18+02:00
Process more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7434,7 +7434,7 @@ CVE-2021-37581
CVE-2021-37580
RESERVED
CVE-2021-37579 (The Dubbo Provider will check the incoming request and the
correspondi ...)
- TODO: check
+ NOT-FOR-US: Apache Dubbo
CVE-2021-3667
RESERVED
- libvirt <unfixed> (bug #991594)
@@ -10592,7 +10592,7 @@ CVE-2021-36163 (In Apache Dubbo, users may choose to
use the Hessian protocol. T
CVE-2021-36162 (Apache Dubbo supports various rules to support configuration
override ...)
NOT-FOR-US: Apache Dubbo
CVE-2021-36161 (Some component in Dubbo will try to print the formated string
of the i ...)
- TODO: check
+ NOT-FOR-US: Apache Dubbo
CVE-2021-36160
RESERVED
CVE-2021-36159 (libfetch before 2021-07-26, as used in apk-tools, xbps, and
other prod ...)
@@ -28526,17 +28526,17 @@ CVE-2021-28916
CVE-2021-28915
RESERVED
CVE-2021-28914 (BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow the
user to ...)
- TODO: check
+ NOT-FOR-US: BAB TECHNOLOGIE GmbH eibPort
CVE-2021-28913 (BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow
unauthentica ...)
- TODO: check
+ NOT-FOR-US: BAB TECHNOLOGIE GmbH eibPort
CVE-2021-28912 (BAB TECHNOLOGIE GmbH eibPort V3. Each device has its own
unique hard c ...)
- TODO: check
+ NOT-FOR-US: BAB TECHNOLOGIE GmbH eibPort
CVE-2021-28911 (BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow
unauthentica ...)
- TODO: check
+ NOT-FOR-US: BAB TECHNOLOGIE GmbH eibPort
CVE-2021-28910 (BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 contains
basic SSR ...)
- TODO: check
+ NOT-FOR-US: BAB TECHNOLOGIE GmbH eibPort
CVE-2021-28909 (BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow
unauthentica ...)
- TODO: check
+ NOT-FOR-US: BAB TECHNOLOGIE GmbH eibPort
CVE-2021-28908
RESERVED
CVE-2021-28907
@@ -29546,19 +29546,19 @@ CVE-2021-28501
CVE-2021-28500
RESERVED
CVE-2021-28499 (In Arista's MOS (Metamako Operating System) software which is
supporte ...)
- TODO: check
+ NOT-FOR-US: Arista
CVE-2021-28498 (In Arista's MOS (Metamako Operating System) software which is
supporte ...)
- TODO: check
+ NOT-FOR-US: Arista
CVE-2021-28497 (In Arista's MOS (Metamako Operating System) software which is
supporte ...)
- TODO: check
+ NOT-FOR-US: Arista
CVE-2021-28496
RESERVED
CVE-2021-28495 (In Arista's MOS (Metamako Operating System) software which is
supporte ...)
- TODO: check
+ NOT-FOR-US: Arista
CVE-2021-28494 (In Arista's MOS (Metamako Operating System) software which is
supporte ...)
- TODO: check
+ NOT-FOR-US: Arista
CVE-2021-28493 (In Arista's MOS (Metamako Operating System) software which is
supporte ...)
- TODO: check
+ NOT-FOR-US: Arista
CVE-2021-3444 (The bpf verifier in the Linux kernel did not properly handle
mod32 des ...)
- linux 5.10.19-1
[stretch] - linux <not-affected> (Vulnerable code introduced later)
@@ -37072,41 +37072,41 @@ CVE-2021-25468
CVE-2021-25467
RESERVED
CVE-2021-25466 (Improper scheme check vulnerability in Samsung Internet prior
to versi ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25465 (An improper scheme check vulnerability in Samsung Themes prior
to vers ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25464 (An improper file management vulnerability in SamsungCapture
prior to v ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25463 (Improper access control vulnerability in PENUP prior to
version 3.8.00 ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25462 (NULL pointer dereference vulnerability in NPU driver prior to
SMR Sep- ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25461 (An improper length check in APAService prior to SMR Sep-2021
Release 1 ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25460 (An improper access control vulnerability in sspExit() in
BlockchainTZS ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25459 (An improper access control vulnerability in sspInit() in
BlockchainTZS ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25458 (NULL pointer dereference vulnerability in ION driver prior to
SMR Sep- ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25457 (An improper input validation vulnerability in DSP driver prior
to SMR ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25456 (OOB read vulnerability in libswmfextractor.so library prior to
SMR Sep ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25455 (OOB read vulnerability in libsaviextractor.so library prior to
SMR Sep ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25454 (OOB read vulnerability in libsaacextractor.so library prior to
SMR Sep ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25453 (Some improper access control in Bluetooth APIs prior to SMR
Sep-2021 R ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25452 (An improper input validation vulnerability in loading graph
file in DS ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25451 (A PendingIntent hijacking in NetworkPolicyManagerService prior
to SMR ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25450 (Path traversal vulnerability in FactoryAirCommnadManger prior
to SMR S ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25449 (An improper input validation vulnerability in libsapeextractor
library ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25448 (Improper access control vulnerability in Smart Touch Call
prior to ver ...)
NOT-FOR-US: Samsung
CVE-2021-25447 (Improper access control vulnerability in SmartThings prior to
version ...)
@@ -51288,9 +51288,9 @@ CVE-2021-20120
CVE-2021-20119
RESERVED
CVE-2021-20118 (Nessus Agent 8.3.0 and earlier was found to contain a local
privilege ...)
- TODO: check
+ NOT-FOR-US: Nessus Agent
CVE-2021-20117 (Nessus Agent 8.3.0 and earlier was found to contain a local
privilege ...)
- TODO: check
+ NOT-FOR-US: Nessus Agent
CVE-2021-20116 (A reflected cross-site scripting vulnerability exists in
TCExam <= ...)
NOT-FOR-US: TCExam
CVE-2021-20115 (A reflected cross-site scripting vulnerability exists in
TCExam <= ...)
@@ -80849,7 +80849,7 @@ CVE-2020-19517
CVE-2020-19516
RESERVED
CVE-2020-19515 (qdPM V9.1 is vulnerable to Cross Site Scripting (XSS) via
qdPM\install ...)
- TODO: check
+ NOT-FOR-US: qdPM
CVE-2020-19514
RESERVED
CVE-2020-19513 (Buffer overflow in FinalWire Ltd AIDA64 Engineer 6.00.5100
allows atta ...)
@@ -81393,17 +81393,17 @@ CVE-2020-19270
CVE-2020-19269
RESERVED
CVE-2020-19268 (A cross-site request forgery (CSRF) in
index.php/Dswjcms/User/tfAdd of ...)
- TODO: check
+ NOT-FOR-US: Dswjcms
CVE-2020-19267 (An issue in index.php/Dswjcms/Basis/resources of Dswjcms 1.6.4
allows ...)
- TODO: check
+ NOT-FOR-US: Dswjcms
CVE-2020-19266 (A stored cross-site scripting (XSS) vulnerability in the
index.php/Dsw ...)
- TODO: check
+ NOT-FOR-US: Dswjcms
CVE-2020-19265 (A stored cross-site scripting (XSS) vulnerability in the
index.php/Dsw ...)
- TODO: check
+ NOT-FOR-US: Dswjcms
CVE-2020-19264 (A cross-site request forgery (CSRF) in MipCMS v5.0.1 allows
attackers ...)
- TODO: check
+ NOT-FOR-US: MipCMS
CVE-2020-19263 (A cross-site request forgery (CSRF) in MipCMS v5.0.1 allows
attackers ...)
- TODO: check
+ NOT-FOR-US: MipCMS
CVE-2020-19262
RESERVED
CVE-2020-19261
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/595d6b7a8e5ffba8e13cea73141154d1c9b7867f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/595d6b7a8e5ffba8e13cea73141154d1c9b7867f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
