[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso Sat, 27 Feb 2021 02:09:21 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d668e20c by Salvatore Bonaccorso at 2021-02-27T11:08:51+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -135,7 +135,7 @@ CVE-2021-27740
 CVE-2021-27739
        RESERVED
 CVE-2019-10102 (JetBrains Ktor framework (created using the Kotlin IDE 
template) versi ...)
-       TODO: check
+       NOT-FOR-US: JetBrains Ktor
 CVE-2021-27738
        RESERVED
 CVE-2021-27737
@@ -863,13 +863,13 @@ CVE-2020-36246 (Amaze File Manager before 3.5.1 allows 
attackers to obtain root
 CVE-2019-25024 (OpenRepeater (ORP) before 2.2 allows unauthenticated command 
injection ...)
        NOT-FOR-US: OpenRepeater (ORP)
 CVE-2019-25023 (An issue was discovered in Scytl sVote 2.1. Because the IP 
address fro ...)
-       TODO: check
+       NOT-FOR-US: Scytl sVote
 CVE-2019-25022 (An issue was discovered in Scytl sVote 2.1. An attacker can 
inject cod ...)
-       TODO: check
+       NOT-FOR-US: Scytl sVote
 CVE-2019-25021 (An issue was discovered in Scytl sVote 2.1. Due to the 
implementation  ...)
-       TODO: check
+       NOT-FOR-US: Scytl sVote
 CVE-2019-25020 (An issue was discovered in Scytl sVote 2.1. Because the 
sdm-ws-rest AP ...)
-       TODO: check
+       NOT-FOR-US: Scytl sVote
 CVE-2021-3413
        RESERVED
        NOT-FOR-US: Red Hat Satellite
@@ -1311,7 +1311,7 @@ CVE-2021-27200
 CVE-2021-27199
        RESERVED
 CVE-2021-27198 (An issue was discovered in Visualware MyConnection Server 
through 11.0 ...)
-       TODO: check
+       NOT-FOR-US: Visualware MyConnection Server
 CVE-2021-27197 (DSUtility.dll in Pelco Digital Sentry Server before 7.19.67 
has an arb ...)
        NOT-FOR-US: Pelco Digital Sentry Server
 CVE-2021-27196
@@ -1448,7 +1448,7 @@ CVE-2021-27134
 CVE-2021-27133
        RESERVED
 CVE-2021-27132 (SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF 
injection (for H ...)
-       TODO: check
+       NOT-FOR-US: SerComm AG Combo VD625 AGSOT_2.1.0 devices
 CVE-2021-27131
        RESERVED
 CVE-2021-27130
@@ -1974,9 +1974,9 @@ CVE-2021-3402
 CVE-2021-26905 (1Password SCIM Bridge before 1.6.2 mishandles validation of 
authentica ...)
        NOT-FOR-US: 1Password SCIM Bridge
 CVE-2021-26904 (LMA ISIDA Retriever 5.2 allows SQL Injection. ...)
-       TODO: check
+       NOT-FOR-US: LMA ISIDA Retriever
 CVE-2021-26903 (LMA ISIDA Retriever 5.2 is vulnerable to XSS via 
query['text']. ...)
-       TODO: check
+       NOT-FOR-US: LMA ISIDA Retriever
 CVE-2021-26902
        RESERVED
 CVE-2021-26901
@@ -2745,21 +2745,21 @@ CVE-2021-26569
 CVE-2021-26568
        RESERVED
 CVE-2021-26567 (Use of unmaintained third party components vulnerability in 
faad in Sy ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2021-26566 (Insertion of sensitive information into sent data 
vulnerability in syn ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2021-26565 (Cleartext transmission of sensitive information vulnerability 
in synor ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2021-26564 (Cleartext transmission of sensitive information vulnerability 
in synor ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2021-26563 (Improper access control vulnerability in synoagentregisterd in 
Synolog ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2021-26562 (Out-of-bounds write vulnerability in synoagentregisterd in 
Synology Di ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2021-26561 (Stack-based buffer overflow vulnerability in 
synoagentregisterd in Syn ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2021-26560 (Cleartext transmission of sensitive information vulnerability 
in synoa ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2021-26559 (Improper Access Control on Configurations Endpoint for the 
Stable API  ...)
        - airflow <itp> (bug #819700)
 CVE-2021-26558
@@ -6225,7 +6225,7 @@ CVE-2021-3153
 CVE-2021-3152 (** DISPUTED ** Home Assistant before 2021.1.3 does not have a 
protecti ...)
        NOT-FOR-US: Home Assistant
 CVE-2021-3151 (i-doit before 1.16.0 is affected by Stored Cross-Site Scripting 
(XSS)  ...)
-       TODO: check
+       NOT-FOR-US: i-doit
 CVE-2021-3150
        RESERVED
 CVE-2021-3149 (On Netshield NANO 25 10.2.18 devices, 
/usr/local/webmin/System/manual_ ...)
@@ -11673,7 +11673,7 @@ CVE-2021-22663 (Cscape (All versions prior to 9.90 
SP3.5) lacks proper validatio
 CVE-2021-22662
        RESERVED
 CVE-2021-22661 (Changing the password on the module webpage does not require 
the user  ...)
-       TODO: check
+       NOT-FOR-US: ProSoft Technology
 CVE-2021-22660
        RESERVED
 CVE-2021-22659



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d668e20c0dd29b30885d41f9e1914077cbbd8553

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d668e20c0dd29b30885d41f9e1914077cbbd8553
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to