Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
237fe9d7 by Salvatore Bonaccorso at 2021-02-05T21:44:27+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21,7 +21,7 @@ CVE-2021-26724
CVE-2021-26723
RESERVED
CVE-2021-26722 (LinkedIn Oncall through 1.4.0 allows reflected XSS via /query
because ...)
- TODO: check
+ NOT-FOR-US: LinkedIn Oncall
CVE-2021-26721
RESERVED
CVE-2021-26720
@@ -43,9 +43,9 @@ CVE-2021-26713
CVE-2021-26712
RESERVED
CVE-2021-26711 (A frame-injection issue in the online help in Redwood
Report2Web 4.3.4 ...)
- TODO: check
+ NOT-FOR-US: Redwood Report2Web
CVE-2021-26710 (A cross-site scripting (XSS) issue in the login panel in
Redwood Repor ...)
- TODO: check
+ NOT-FOR-US: Redwood Report2Web
CVE-2021-26709
RESERVED
CVE-2021-26707
@@ -1059,7 +1059,7 @@ CVE-2021-26296
CVE-2021-26295
RESERVED
CVE-2021-3333 (Opmantek Open-AudIT 4.0.1 is affected by cross-site scripting
(XSS). W ...)
- TODO: check
+ NOT-FOR-US: Open-AudIT
CVE-2021-3332
RESERVED
CVE-2021-3331 (WinSCP before 5.17.10 allows remote attackers to execute
arbitrary pro ...)
@@ -1172,7 +1172,7 @@ CVE-2021-3313
CVE-2021-3312
RESERVED
CVE-2021-3311 (An issue was discovered in October through build 471. It
reactivates a ...)
- TODO: check
+ NOT-FOR-US: October CMS
CVE-2021-3310
RESERVED
CVE-2021-3309 (packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can
process co ...)
@@ -2143,7 +2143,7 @@ CVE-2021-3260
CVE-2021-3259
RESERVED
CVE-2021-3258 (Question2Answer Q2A Ultimate SEO Version 1.3 is affected by
cross-site ...)
- TODO: check
+ NOT-FOR-US: Question2Answer Q2A Ultimate SEO
CVE-2021-3257
RESERVED
CVE-2021-3256
@@ -3725,9 +3725,9 @@ CVE-2021-25247 (A DLL hijacking vulnerability Trend Micro
HouseCall for Home Net
CVE-2021-25246 (An improper access control information disclosure
vulnerability in Tre ...)
NOT-FOR-US: Trend Micro
CVE-2021-25245 (An improper access control vulnerability in Worry-Free
Business Securi ...)
- TODO: check
+ NOT-FOR-US: Worry-Free Business Security
CVE-2021-25244 (An improper access control vulnerability in Worry-Free
Business Securi ...)
- TODO: check
+ NOT-FOR-US: Worry-Free Business Security
CVE-2021-25243 (An improper access control vulnerability in Trend Micro Apex
One (on-p ...)
NOT-FOR-US: Trend Micro
CVE-2021-25242 (An improper access control vulnerability in Trend Micro Apex
One (on-p ...)
@@ -12603,7 +12603,7 @@ CVE-2020-35766 (The test suite in libopendkim in
OpenDKIM through 2.10.3 allows
- opendkim <unfixed> (unimportant)
NOTE: https://github.com/trusteddomainproject/OpenDKIM/issues/113
CVE-2020-35765 (doFilter in com.adventnet.appmanager.filter.UriCollector in
Zoho Manag ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine Applications Manager
CVE-2020-35764
RESERVED
CVE-2020-35763
@@ -14854,7 +14854,7 @@ CVE-2021-20625
CVE-2021-20624
RESERVED
CVE-2021-20623 (Video Insight VMS versions prior to 7.8 allows a remote
attacker to ex ...)
- TODO: check
+ NOT-FOR-US: Video Insight VMS
CVE-2021-20622 (Cross-site scripting vulnerability in Aterm WG2600HP firmware
Ver1.0.2 ...)
NOT-FOR-US: Aterm WG2600HP firmware
CVE-2021-20621 (Cross-site request forgery (CSRF) vulnerability in Aterm
WG2600HP firm ...)
@@ -25989,9 +25989,9 @@ CVE-2020-27875
CVE-2020-27874
RESERVED
CVE-2020-27873 (This vulnerability allows network-adjacent attackers to
disclose sensi ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2020-27872 (This vulnerability allows network-adjacent attackers to bypass
authent ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2020-27871
RESERVED
CVE-2020-27870
@@ -46110,7 +46110,7 @@ CVE-2020-18719
CVE-2020-18718
RESERVED
CVE-2020-18717 (SQL Injection in ZZZCMS zzzphp 1.7.1 allows remote attackers
to execut ...)
- TODO: check
+ NOT-FOR-US: ZZZCMS
CVE-2020-18716 (SQL Injection in Rockoa v1.8.7 allows remote attackers to gain
privile ...)
TODO: check
CVE-2020-18715
@@ -82797,7 +82797,7 @@ CVE-2020-4834
CVE-2020-4833
RESERVED
CVE-2020-4832 (IBM PowerHA 7.2 could allow a local attacker to obtain
sensitive infor ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4831
RESERVED
CVE-2020-4830
@@ -84302,7 +84302,7 @@ CVE-2020-4083 (HCL Connections 6.5 is vulnerable to
possible information leakage
CVE-2020-4082 (The HCL Connections 5.5 help system is vulnerable to cross-site
script ...)
NOT-FOR-US: HCL Connections
CVE-2020-4081 (In Digital Experience 8.5, 9.0, and 9.5, WSRP consumer is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: Digital Experience
CVE-2020-4080 (HCL Verse v10 and v11 is susceptible to a Stored Cross-Site
Scripting ...)
NOT-FOR-US: HCL
CVE-2020-4079 (Combodo iTop is a web based IT Service Management tool. In iTop
before ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/237fe9d76d673bb17f46dbc4e1defef045a14cd9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/237fe9d76d673bb17f46dbc4e1defef045a14cd9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
