Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
47f3a73a by Salvatore Bonaccorso at 2021-01-21T21:27:04+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1104,7 +1104,7 @@ CVE-2021-3154
CVE-2021-3153
RESERVED
CVE-2021-3152 (Home Assistant before 2021.1.3 allows attackers to obtain
sensitive in ...)
- TODO: check
+ NOT-FOR-US: Home Assistant
CVE-2021-3151
RESERVED
CVE-2021-3150
@@ -8323,7 +8323,7 @@ CVE-2021-21725
CVE-2021-21724
RESERVED
CVE-2021-21723 (Some ZTE products have a DoS vulnerability. Due to the
improper handli ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2021-21722 (A ZTE Smart STB is impacted by an information leak
vulnerability. The ...)
NOT-FOR-US: ZTE
CVE-2021-21721
@@ -10479,7 +10479,7 @@ CVE-2021-21255
CVE-2021-21254
RESERVED
CVE-2021-21253 (OnlineVotingSystem is an open source project hosted on GitHub.
OnlineV ...)
- TODO: check
+ NOT-FOR-US: OnlineVotingSystem
CVE-2021-21252 (The jQuery Validation Plugin provides drop-in validation for
your exis ...)
- phpmyadmin <unfixed>
NOTE:
https://github.com/jquery-validation/jquery-validation/security/advisories/GHSA-jxwx-85vp-gvwm
@@ -13854,9 +13854,9 @@ CVE-2020-35312
CVE-2020-35311
RESERVED
CVE-2020-35310 (Composr CMS 10.0.34 is affected by cross-site scripting (XSS)
which al ...)
- TODO: check
+ NOT-FOR-US: Composr CMS
CVE-2020-35309 (Bakeshop Online Ordering System in PHP/MySQLi 1.0 is affected
by cross ...)
- TODO: check
+ NOT-FOR-US: Bakeshop Online Ordering System in PHP/MySQLi
CVE-2020-35308
RESERVED
CVE-2020-35307
@@ -17106,7 +17106,7 @@ CVE-2020-29243 (dhowden tag before 2020-11-19 allows
"panic: runtime error: inde
CVE-2020-29242 (dhowden tag before 2020-11-19 allows "panic: runtime error:
index out ...)
NOT-FOR-US: dhowden tag
CVE-2020-29241 (Online News Portal using PHP/MySQLi 1.0 is affected by
cross-site scri ...)
- TODO: check
+ NOT-FOR-US: Online News Portal using PHP/MySQLi
CVE-2020-29240 (Lepton-CMS 4.7.0 is affected by cross-site scripting (XSS). An
attacke ...)
NOT-FOR-US: Lepton-CMS
CVE-2020-29239 (Online Birth Certificate System Project V 1.0 is affected by
cross-sit ...)
@@ -32317,7 +32317,7 @@ CVE-2020-24087
CVE-2020-24086
RESERVED
CVE-2020-24085 (A cross-site scripting (XSS) vulnerability exists in MISP
v2.4.128 in ...)
- TODO: check
+ NOT-FOR-US: MISP
CVE-2020-24084
RESERVED
CVE-2020-24083
@@ -35204,7 +35204,7 @@ CVE-2020-22645
CVE-2020-22644
RESERVED
CVE-2020-22643 (Feehi CMS 2.1.0 is affected by an arbitrary file upload
vulnerability, ...)
- TODO: check
+ NOT-FOR-US: Feehi CMS
CVE-2020-22642
RESERVED
CVE-2020-22641
@@ -52153,7 +52153,7 @@ CVE-2020-14758 (Vulnerability in the Oracle Solaris
product of Oracle Systems (c
CVE-2020-14757 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
NOT-FOR-US: Oracle
CVE-2020-14756 (Vulnerability in the Oracle Coherence product of Oracle Fusion
Middlew ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-14755
RESERVED
CVE-2020-14754 (Vulnerability in the Oracle Solaris product of Oracle Systems
(compone ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/47f3a73a35eff9c04a0c0c28514a8397f7e0481e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/47f3a73a35eff9c04a0c0c28514a8397f7e0481e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
