Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: c90855d4 by Salvatore Bonaccorso at 2021-12-21T09:24:04+01:00 Process some more NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -4867,7 +4867,7 @@ CVE-2021-43844 (MSEdgeRedirect is a tool to redirect news, search, widgets, weat CVE-2021-43843 (jsx-slack is a package for building JSON objects for Slack block kit s ...) TODO: check CVE-2021-43842 (Wiki.js is a wiki app built on Node.js. Wiki.js versions 2.5.257 and e ...) - TODO: check + NOT-FOR-US: Wiki.js CVE-2021-43841 RESERVED CVE-2021-43840 (message_bus is a messaging bus for Ruby processes and web clients. In ...) @@ -5857,7 +5857,7 @@ CVE-2021-43765 CVE-2021-43764 RESERVED CVE-2021-43763 (Adobe Dimension versions 3.4.3 (and earlier) are affected by an out-of ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-43762 RESERVED CVE-2021-43761 @@ -5883,15 +5883,15 @@ CVE-2021-43752 CVE-2021-43751 RESERVED CVE-2021-43750 (Adobe Premiere Rush versions 1.5.16 (and earlier) are affected by a Nu ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-43749 (Adobe Premiere Rush versions 1.5.16 (and earlier) are affected by a Nu ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-43748 (Adobe Premiere Rush versions 1.5.16 (and earlier) are affected by a Nu ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-43747 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memo ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-43746 (Adobe Premiere Rush versions 1.5.16 (and earlier) allows access to an ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-3961 (snipe-it is vulnerable to Improper Neutralization of Input During Web ...) NOT-FOR-US: snipe-it CVE-2022-21216 @@ -6763,13 +6763,13 @@ CVE-2021-43443 CVE-2021-43442 RESERVED CVE-2021-43441 (An HTML Injection Vulnerability in iOrder 1.0 allows the remote attack ...) - TODO: check + NOT-FOR-US: iOrder CVE-2021-43440 (Multiple Stored XSS Vulnerabilities in the Source Code of iOrder 1.0 a ...) NOT-FOR-US: iOrder CVE-2021-43439 (RCE in Add Review Function in iResturant 1.0 Allows remote attacker to ...) - TODO: check + NOT-FOR-US: iResturant CVE-2021-43438 (Stored XSS in Signup Form in iResturant 1.0 Allows Remote Attacker to ...) - TODO: check + NOT-FOR-US: iResturant CVE-2021-43437 (In sourcecodetester Engineers Online Portal as of 10-21-21, an attacke ...) TODO: check CVE-2021-43436 @@ -8775,25 +8775,25 @@ CVE-2021-43032 (In XenForo through 2.2.7, a threat actor with access to the admi CVE-2021-43031 RESERVED CVE-2021-43030 (Adobe Premiere Rush versions 1.5.16 (and earlier) allows access to an ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-43029 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memo ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-43028 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memo ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-43027 RESERVED CVE-2021-43026 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memo ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-43025 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memo ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-43024 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memo ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-43023 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memo ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-43022 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memo ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-43021 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memo ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-43020 RESERVED CVE-2021-43019 (Adobe Creative Cloud version 5.5 (and earlier) are affected by a privi ...) @@ -9260,7 +9260,7 @@ CVE-2021-42810 CVE-2021-42809 (Improper Access Control of Dynamically-Managed Code Resources (DLL) in ...) TODO: check CVE-2021-42808 (Improper Access Control in Thales Sentinel Protection Installer could ...) - TODO: check + NOT-FOR-US: Thales Sentinel Protection Installer CVE-2021-42807 RESERVED CVE-2021-42806 @@ -12403,7 +12403,7 @@ CVE-2021-3862 CVE-2021-3861 RESERVED CVE-2021-3860 (JFrog Artifactory before 7.25.4 (Enterprise+ deployments only), is vul ...) - TODO: check + NOT-FOR-US: JFrog Artifactory CVE-2021-3859 RESERVED CVE-2021-42008 (The decode_data function in drivers/net/hamradio/6pack.c in the Linux ...) @@ -15376,9 +15376,9 @@ CVE-2021-40786 CVE-2021-40785 RESERVED CVE-2021-40784 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memo ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-40783 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memo ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-40782 RESERVED CVE-2021-40781 @@ -21083,11 +21083,11 @@ CVE-2021-38423 CVE-2021-38422 (Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive ...) NOT-FOR-US: Delta Electronics DIALink CVE-2021-38421 (Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0. ...) - TODO: check + NOT-FOR-US: Fuji Electric CVE-2021-38420 (Delta Electronics DIALink versions 1.2.4.0 and prior default permissio ...) NOT-FOR-US: Delta Electronics DIALink CVE-2021-38419 (Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0. ...) - TODO: check + NOT-FOR-US: Fuji Electric CVE-2021-38418 (Delta Electronics DIALink versions 1.2.4.0 and prior runs by default o ...) NOT-FOR-US: Delta Electronics DIALink CVE-2021-38417 @@ -21095,11 +21095,11 @@ CVE-2021-38417 CVE-2021-38416 (Delta Electronics DIALink versions 1.2.4.0 and prior insecurely loads ...) NOT-FOR-US: Delta Electronics DIALink CVE-2021-38415 (Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0. ...) - TODO: check + NOT-FOR-US: Fuji Electric CVE-2021-38414 RESERVED CVE-2021-38413 (Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0. ...) - TODO: check + NOT-FOR-US: Fuji Electric CVE-2021-38412 (Properly formatted POST requests to multiple resources on the HTTP and ...) NOT-FOR-US: Digi PortServer TS CVE-2021-38411 (Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to ...) @@ -21107,7 +21107,7 @@ CVE-2021-38411 (Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerab CVE-2021-38410 RESERVED CVE-2021-38409 (Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0. ...) - TODO: check + NOT-FOR-US: Fuji Electric CVE-2021-38408 (A stack-based buffer overflow vulnerability in Advantech WebAccess Ver ...) NOT-FOR-US: Advantech WebAccess CVE-2021-38407 (Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to ...) @@ -21123,7 +21123,7 @@ CVE-2021-38403 (Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerab CVE-2021-38402 (Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper va ...) NOT-FOR-US: Delta Electronic CVE-2021-38401 (Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0. ...) - TODO: check + NOT-FOR-US: Fuji Electric CVE-2021-38400 (An attacker with physical access to Boston Scientific Zoom Latitude Mo ...) NOT-FOR-US: Boston Scientific Zoom Latitude Model 3120 CVE-2021-38399 @@ -24817,7 +24817,7 @@ CVE-2021-36889 (Multiple Stored Authenticated Cross-Site Scripting (XSS) vulnera CVE-2021-36888 (Unauthenticated Arbitrary Options Update vulnerability leading to full ...) NOT-FOR-US: WordPress plugin CVE-2021-36887 (Cross-Site Request Forgery (CSRF) vulnerability leading to Cross-Site ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-36886 RESERVED CVE-2021-36885 @@ -61287,9 +61287,9 @@ CVE-2021-22059 CVE-2021-22058 RESERVED CVE-2021-22057 (VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 contain an aut ...) - TODO: check + NOT-FOR-US: VMware CVE-2021-22056 (VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 and Identity M ...) - TODO: check + NOT-FOR-US: VMware CVE-2021-22055 RESERVED CVE-2021-22054 (VMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 20.11.0 pr ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c90855d4f7caaba318ac892b0a7ff812748933eb -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c90855d4f7caaba318ac892b0a7ff812748933eb You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits