Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3dd3e771 by Moritz Muehlenhoff at 2024-05-27T13:44:02+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -81,7 +81,7 @@ CVE-2024-30657
CVE-2024-27314 (Zoho ManageEngineServiceDesk Plus versions
below14730,ServiceDesk Plus ...)
NOT-FOR-US: Zoho
CVE-2024-26289 (Deserialization of Untrusted Data vulnerability in PMB
Services PMB al ...)
- TODO: check
+ NOT-FOR-US: PMB Services PMB
CVE-2024-5375 (A vulnerability has been found in Kashipara College Management
System ...)
NOT-FOR-US: Kashipara College Management System
CVE-2024-5374 (A vulnerability, which was classified as problematic, was found
in Kas ...)
@@ -163,7 +163,7 @@ CVE-2024-5337 (A vulnerability was found in Ruijie RG-UAC
up to 20240516 and cla
CVE-2024-5336 (A vulnerability has been found in Ruijie RG-UAC up to 20240516
and cla ...)
NOT-FOR-US: Ruijie RG-UAC
CVE-2024-30056 (Microsoft Edge (Chromium-based) Information Disclosure
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-5229 (The Primary Addon for Elementor plugin for WordPress is
vulnerable to ...)
NOT-FOR-US: WordPress plugin
CVE-2024-5220 (The ND Shortcodes plugin for WordPress is vulnerable to Stored
Cross-S ...)
@@ -181,7 +181,7 @@ CVE-2024-35374 (Mocodo Mocodo Online 4.2.6 and below does
not properly sanitize
CVE-2024-35373 (Mocodo Mocodo Online 4.2.6 and below is vulnerable to Remote
Code Exec ...)
NOT-FOR-US: Mocodo Mocodo Online
CVE-2024-35232 (github.com/huandu/facebook is a Go package that fully supports
the Fac ...)
- TODO: check
+ NOT-FOR-US: Huando/Facebook
CVE-2024-5318 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
- gitlab <not-affected> (Vulnerable code introduced later)
CVE-2024-5315 (Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1
and al ...)
@@ -238,7 +238,7 @@ CVE-2024-33427
CVE-2024-31510 (An issue in Open Quantum Safe liboqs v.10.0 allows a remote
attacker t ...)
TODO: check
CVE-2024-22588 (Kwik commit 745fd4e2 does not discard unused encryption keys.)
- TODO: check
+ NOT-FOR-US: Kwik
CVE-2023-49575 (A vulnerability has been discovered in VX Search Enterprise
affecting ...)
NOT-FOR-US: VX Search Enterprise
CVE-2023-49574 (A vulnerability has been discovered in VX Search Enterprise
affecting ...)
@@ -250,7 +250,7 @@ CVE-2023-49572 (A vulnerability has been discovered in VX
Search Enterprise affe
CVE-2023-47710 (IBM Security Guardium 11.4, 11.5, and 12.0 is vulnerable to
cross-site ...)
NOT-FOR-US: IBM
CVE-2023-46442 (An infinite loop in the retrieveActiveBody function of Soot
before v4. ...)
- TODO: check
+ NOT-FOR-US: Soot
CVE-2023-52880 (In the Linux kernel, the following vulnerability has been
resolved: t ...)
- linux 6.6.8-1
[bookworm] - linux 6.1.85-1
@@ -7015,9 +7015,9 @@ CVE-2024-34706 (Valtimo is an open source business
process and case management p
CVE-2024-34704 (era-compiler-solidity is the ZKsync compiler for Solidity.
The proble ...)
NOT-FOR-US: era-compiler-solidity
CVE-2024-34701 (CreateWiki is Miraheze's MediaWiki extension for requesting &
creating ...)
- TODO: check
+ NOT-FOR-US: CreateWiki MediaWiki extension
CVE-2024-34699 (GZ::CTF is a capture the flag platform. Prior to 0.20.1,
unprivileged ...)
- TODO: check
+ NOT-FOR-US: GZ::CTF
CVE-2024-34698 (FreeScout is a free, self-hosted help desk and shared mailbox.
Version ...)
NOT-FOR-US: FreeScout
CVE-2024-34697 (FreeScout is a free, self-hosted help desk and shared mailbox.
A store ...)
@@ -7037,7 +7037,7 @@ CVE-2024-34416 (Unrestricted Upload of File with
Dangerous Type vulnerability in
CVE-2024-34411 (Unrestricted Upload of File with Dangerous Type vulnerability
in Thoma ...)
NOT-FOR-US: WordPress plugin
CVE-2024-34353 (The matrix-sdk-crypto crate, part of the Matrix Rust SDK
project, is a ...)
- TODO: check
+ NOT-FOR-US: matrix-sdk-crypto Rust crate
CVE-2024-34340 (Cacti provides an operational monitoring and fault management
framewor ...)
- cacti 1.2.27+ds1-1
NOTE:
https://github.com/Cacti/cacti/security/advisories/GHSA-37x7-mfjv-mm7m
@@ -90576,7 +90576,7 @@ CVE-2023-27298 (Uncontrolled search path in the WULT
software maintained by Inte
CVE-2023-25772 (Improper input validation in the Intel(R) Retail Edge Mobile
Android a ...)
NOT-FOR-US: Intel
CVE-2023-24460 (Incorrect default permissions in some Intel(R) GPA software
installers ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2023-23572 (Cross-site scripting vulnerability in SEIKO EPSON
printers/network int ...)
NOT-FOR-US: Epson
CVE-2023-1151 (A vulnerability was found in SourceCodester Electronic Medical
Records ...)
@@ -90898,7 +90898,7 @@ CVE-2023-1113 (A vulnerability was found in
SourceCodester Simple Payroll System
CVE-2023-1112 (A vulnerability was found in Drag and Drop Multiple File Upload
Contac ...)
NOT-FOR-US: Drag and Drop Multiple File Upload Contact Form
CVE-2023-1111 (A vulnerability was found in FastCMS up to 0.1.5 and classified
as pro ...)
- TODO: check
+ NOT-FOR-US: FastCMS
CVE-2023-1110 (The Yellow Yard Searchbar WordPress plugin before 2.8.12 does
not vali ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4926 (Insufficient policy enforcement in Intents in Google Chrome on
Android ...)
@@ -92839,7 +92839,7 @@ CVE-2023-26568 (Unauthenticated SQL injection in the
GetStudentGroupStudents met
CVE-2023-26567 (Sangoma FreePBX 1805 through 2302 (when obtained as a ,.ISO
file) plac ...)
NOT-FOR-US: Sangoma
CVE-2023-26566 (Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded
credenti ...)
- TODO: check
+ NOT-FOR-US: Sangoma
CVE-2023-26565
RESERVED
CVE-2023-26564 (The Syncfusion EJ2 ASPCore File Provider 3ac357f is vulnerable
to Mode ...)
@@ -93005,7 +93005,7 @@ CVE-2023-26542 (Cross-Site Request Forgery (CSRF)
vulnerability in Exeebit phpin
CVE-2023-26541 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Alex ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26540 (Improper Privilege Management vulnerability in Favethemes
Houzez allow ...)
- TODO: check
+ NOT-FOR-US: Favethemes Houzez
CVE-2023-26539 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Max ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26538 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Kamy ...)
@@ -93033,7 +93033,7 @@ CVE-2023-26528 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2023-26527 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in WPIn ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26526 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-26525 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26524 (Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech
Quiz An ...)
@@ -93117,7 +93117,7 @@ CVE-2023-1003 (A vulnerability, which was classified as
critical, was found in T
CVE-2023-1002 (A vulnerability, which was classified as problematic, has been
found i ...)
NOT-FOR-US: MuYuCMS
CVE-2023-1001 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: xuliangzhan vxe-table
CVE-2023-1000 (A vulnerability was found in cyanomiko dcnnt-py up to 0.9.0. It
has be ...)
NOT-FOR-US: dcnnt-py
CVE-2023-0999 (A vulnerability classified as problematic was found in
SourceCodester ...)
@@ -94633,7 +94633,7 @@ CVE-2023-26011 (Cross-Site Request Forgery (CSRF)
vulnerability in Tim Eckel Rea
CVE-2023-26010 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in WPMo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26009 (Improper Privilege Management vulnerability in favethemes
Houzez Login ...)
- TODO: check
+ NOT-FOR-US: Favethemes Houzez
CVE-2023-26008 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Ajay ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26007
@@ -95601,7 +95601,7 @@ CVE-2023-25703
CVE-2023-25702 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability
in Full ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25701 (Improper Privilege Management vulnerability in WhatArmy
WatchTowerHQ a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25700 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25699 (Improper Neutralization of Special Elements used in an OS
Command ('OS ...)
@@ -96712,7 +96712,7 @@ CVE-2023-25446
CVE-2023-25445
RESERVED
CVE-2023-25444 (Unrestricted Upload of File with Dangerous Type vulnerability
in JS He ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25443 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company
Button ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25442 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability
in Marc ...)
@@ -97698,7 +97698,7 @@ CVE-2023-25052 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2023-25051 (Cross-Site Request Forgery (CSRF) vulnerability in Denishua
Comment Re ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25050 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25049 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in impl ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25048
@@ -99871,7 +99871,7 @@ CVE-2023-24381 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2023-24380 (Cross-Site Request Forgery (CSRF) vulnerability in Webbjocke
Simple Wp ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24379 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-24378 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24377 (Cross-Site Request Forgery (CSRF) vulnerability in Ecwid
Ecommerce Ecw ...)
@@ -100322,9 +100322,9 @@ CVE-2023-24206 (Davinci v0.3.0-rc was discovered to
contain a SQL injection vuln
CVE-2023-24205 (Clash for Windows v0.20.12 was discovered to contain a remote
code exe ...)
NOT-FOR-US: Clash for Windows
CVE-2023-24204 (SQL injection vulnerability in SourceCodester Simple Customer
Relation ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2023-24203 (Cross Site Scripting vulnerability in SourceCodester Simple
Customer R ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2023-24202 (Raffle Draw System v1.0 was discovered to contain a local file
inclusi ...)
NOT-FOR-US: Raffle Draw System
CVE-2023-24201 (Raffle Draw System v1.0 was discovered to contain a SQL
injection vuln ...)
@@ -100822,11 +100822,11 @@ CVE-2023-23992 (Cross-Site Request Forgery (CSRF)
vulnerability in AutomatorWP p
CVE-2023-23991 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23990 (Improper Privilege Management vulnerability in Qube One Ltd.
Redirecti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23989 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23988 (Missing Authorization vulnerability in Joseph C Dolson My
Tickets.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23987 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in WPEv ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23986
@@ -101136,7 +101136,7 @@ CVE-2023-23890 (Cross-Site Request Forgery (CSRF)
vulnerability in LJ Apps WP Ai
CVE-2023-23889 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23888 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23887
RESERVED
CVE-2023-23886
@@ -101168,7 +101168,7 @@ CVE-2023-23874 (Auth. (contributor+) Stored
Cross-Site Scripting (XSS) vulnerabi
CVE-2023-23873 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23872 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23871 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Webd ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23870 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in wpde ...)
@@ -101726,7 +101726,7 @@ CVE-2023-23702 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2023-23701 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23700 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23699 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0342 (MongoDB Ops Manager Diagnostics Archive may not redact
sensitive PEM k ...)
@@ -101883,7 +101883,7 @@ CVE-2023-23647 (Auth. (author+) Stored Cross-Site
Scripting (XSS) vulnerability
CVE-2023-23646 (Cross-Site Request Forgery (CSRF) vulnerability in A WP Life
Album Gal ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23645 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23644
RESERVED
CVE-2023-23643
@@ -103911,7 +103911,7 @@ CVE-2023-22926
CVE-2023-22925
RESERVED
CVE-2023-22656 (Out-of-bounds read in Intel(R) Media SDK and some Intel(R)
oneVPL soft ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2023-22433
RESERVED
CVE-2023-22426
@@ -116862,7 +116862,7 @@ CVE-2022-45376 (Cross-Site Request Forgery (CSRF)
vulnerability in XootiX Side C
CVE-2022-45375 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45374 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45373 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45372 (Cross-Site Request Forgery (CSRF) vulnerability in Codeixer
Product Ga ...)
@@ -116874,7 +116874,7 @@ CVE-2022-45370 (Improper Neutralization of Formula
Elements in a CSV File vulner
CVE-2022-45369 (Auth. (subscriber+) Broken Access Control vulnerability in
Plugin for ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45368 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45367 (Cross-Site Request Forgery (CSRF) vulnerability in Tyche
Softwares Cus ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45366 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Jason Cr ...)
@@ -117677,7 +117677,7 @@ CVE-2022-45072 (Cross-Site Request Forgery (CSRF)
vulnerability in WPML Multilin
CVE-2022-45071 (Cross-Site Request Forgery (CSRF) vulnerability in WPML
Multilingual C ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45070 (Missing Authorization vulnerability in FmeAddons Conditional
Checkout ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45069 (Auth. (contributor+) Privilege Escalation vulnerability in
Crowdsignal ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45068 (Cross-Site Request Forgery (CSRF) vulnerability in Mercado
Pago Mercad ...)
@@ -120201,7 +120201,7 @@ CVE-2022-44583 (Unauth. Arbitrary File Download
vulnerability in WatchTowerHQ pl
CVE-2022-44582 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Appt ...)
NOT-FOR-US: WordPress plugin
CVE-2022-44581 (Insecure Storage of Sensitive Information vulnerability in
WPMU DEV De ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-44580 (SQL Injection (SQLi) vulnerability in RichPlugins Plugin for
Google Re ...)
NOT-FOR-US: WordPress plugin
CVE-2022-44579
@@ -122965,7 +122965,6 @@ CVE-2023-20240 (Multiple vulnerabilities in Cisco
Secure Client Software, former
NOT-FOR-US: Cisco
CVE-2023-20239
REJECTED
- TODO: check
CVE-2023-20238 (A vulnerability in the single sign-on (SSO) implementation of
Cisco Br ...)
NOT-FOR-US: Cisco
CVE-2023-20237 (A vulnerability in Cisco Intersight Virtual Appliance could
allow an u ...)
@@ -129842,7 +129841,7 @@ CVE-2022-40207 (Improper access control in the
Intel(R) SUR software before vers
CVE-2022-38101 (Uncontrolled search path in some Intel(R) NUC Chaco Canyon
BIOS update ...)
NOT-FOR-US: Intel
CVE-2022-37410 (Improper access control for some Intel(R) Thunderbolt driver
software ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2022-37409 (Insufficient control flow management for the Intel(R) IPP
Cryptography ...)
NOT-FOR-US: Intel
CVE-2022-41743 (NGINX Plus before versions R27 P1 and R26 P1 have a
vulnerability in t ...)
@@ -141843,7 +141842,7 @@ CVE-2022-37348 (Trend Micro Security 2021 and 2022
(Consumer) is vulnerable to a
CVE-2022-37347 (Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to
an Out- ...)
NOT-FOR-US: Trend Micro
CVE-2022-37341 (Improper access control in some Intel(R) Ethernet Adapters and
Intel(R ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2022-37340 (Uncontrolled search path in some Intel(R) QAT drivers for
Windows befo ...)
NOT-FOR-US: Intel
CVE-2022-37326 (Docker Desktop for Windows before 4.6.0 allows attackers to
delete (or ...)
@@ -168089,7 +168088,7 @@ CVE-2022-28134 (Jenkins Bitbucket Server Integration
Plugin 3.1.0 and earlier do
CVE-2022-28133 (Jenkins Bitbucket Server Integration Plugin 3.1.0 and earlier
does not ...)
NOT-FOR-US: Jenkins plugin
CVE-2022-28132 (The T-Soft E-Commerce 4 web application is susceptible to SQL
injectio ...)
- TODO: check
+ NOT-FOR-US: T-Soft E-Commerce 4 web application
CVE-2022-28131 (Uncontrolled recursion in Decoder.Skip in encoding/xml before
Go 1.17. ...)
- golang-1.18 1.18.4-1
- golang-1.15 <removed>
@@ -225973,17 +225972,17 @@ CVE-2021-33164 (Improper access control in BIOS
firmware for some Intel(R) NUCs
CVE-2021-33163
REJECTED
CVE-2021-33162 (Improper access control in some Intel(R) Ethernet Adapters and
Intel(R ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-33161 (Improper input validation in some Intel(R) Ethernet Adapters
and Intel ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-33160
REJECTED
CVE-2021-33159 (Improper authentication in subsystem for Intel(R) AMT before
versions ...)
NOT-FOR-US: Intel
CVE-2021-33158 (Improper neutralization in some Intel(R) Ethernet Adapters and
Intel(R ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-33157 (Insufficient control flow management in some Intel(R) Ethernet
Adapter ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-33156
REJECTED
CVE-2021-33155 (Improper input validation in firmware for some Intel(R)
Wireless Bluet ...)
@@ -226005,17 +226004,17 @@ CVE-2021-33148
CVE-2021-33147 (Improper conditions check in the Intel(R) IPP Crypto library
before ve ...)
NOT-FOR-US: Intel
CVE-2021-33146 (Improper input validation in some Intel(R) Ethernet Adapters
and Intel ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-33145 (Uncaught exception in some Intel(R) Ethernet Adapters and
Intel(R) Eth ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-33144
REJECTED
CVE-2021-33143
REJECTED
CVE-2021-33142 (Improper input validation in some Intel(R) Ethernet Adapters
and Intel ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-33141 (Improper input validation in some Intel(R) Ethernet Adapters
and Intel ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-33140
REJECTED
CVE-2021-33139 (Improper conditions check in firmware for some Intel(R)
Wireless Bluet ...)
@@ -253122,7 +253121,7 @@ CVE-2021-22510 (Reflected XSS vulnerability in Micro
Focus Application Automatio
CVE-2021-22509
RESERVED
CVE-2021-22508 (A potential vulnerability has been identified for OpenText
Operations ...)
- TODO: check
+ NOT-FOR-US: OpenText Operations Bridge Reporter
CVE-2021-22507 (Authentication bypass vulnerability in Micro Focus Operations
Bridge M ...)
NOT-FOR-US: Micro Focus
CVE-2021-22506 (Advance configuration exposing Information Leakage
vulnerability in Mi ...)
@@ -253578,7 +253577,7 @@ CVE-2021-22282 (Improper Control of Generation of
Code ('Code Injection') vulner
CVE-2021-22281 (: Relative Path Traversal vulnerability in B&R Industrial
Automation A ...)
NOT-FOR-US: B&R Industrial Automation Automation Studio
CVE-2021-22280 (Improper DLL loading algorithms in B&R Automation Studio
versions >=4. ...)
- TODO: check
+ NOT-FOR-US: B&R Industrial Automation Automation Studio
CVE-2021-22279 (A Missing Authentication vulnerability in RobotWare for the
OmniCore r ...)
NOT-FOR-US: ABB / OmniCore robot controller
CVE-2021-22278 (A certificate validation vulnerability in PCM600 Update
Manager allows ...)
@@ -261965,7 +261964,7 @@ CVE-2020-35167 (Dell BSAFE Crypto-C Micro Edition,
versions before 4.1.5, and De
CVE-2020-35166 (Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and
Dell BSA ...)
NOT-FOR-US: Dell
CVE-2020-35165 (Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and
Dell BSA ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2020-35164 (Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and
Dell BSA ...)
NOT-FOR-US: Dell
CVE-2020-35163 (Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and
Dell BSA ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3dd3e7712e90de8203011bb1ec2e7b4d1e53e925
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3dd3e7712e90de8203011bb1ec2e7b4d1e53e925
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
