Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
72799a73 by Salvatore Bonaccorso at 2021-03-11T21:20:04+01:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17,13 +17,13 @@ CVE-2021-3428
CVE-2021-28145
RESERVED
CVE-2021-28144 (prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows
remote a ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2021-28143
RESERVED
CVE-2021-28142
RESERVED
CVE-2021-28141 (An issue was discovered in Progress Telerik UI for ASP.NET
AJAX 2021.1 ...)
- TODO: check
+ NOT-FOR-US: Telerik
CVE-2021-28140
RESERVED
CVE-2021-28139
@@ -207,7 +207,7 @@ CVE-2021-21381 (Flatpak is a system for building,
distributing, and running sand
NOTE: https://github.com/flatpak/flatpak/issues/4146
NOTE:
https://github.com/flatpak/flatpak/security/advisories/GHSA-xgh4-387p-hqpp
CVE-2021-28088 (Cross-site scripting (XSS) in
modules/content/admin/content.php in Imp ...)
- TODO: check
+ NOT-FOR-US: ImpressCMS
CVE-2021-28087
RESERVED
CVE-2021-28086
@@ -1089,11 +1089,11 @@ CVE-2021-27681
CVE-2021-27680
RESERVED
CVE-2021-27679 (Cross-site scripting (XSS) vulnerability in Navigation in
Batflat CMS ...)
- TODO: check
+ NOT-FOR-US: Batflat CMS
CVE-2021-27678 (Cross-site scripting (XSS) vulnerability in Snippets in
Batflat CMS 1. ...)
- TODO: check
+ NOT-FOR-US: Batflat CMS
CVE-2021-27677 (Cross-site scripting (XSS) vulnerability in Galleries in
Batflat CMS 1 ...)
- TODO: check
+ NOT-FOR-US: Batflat CMS
CVE-2021-27676
RESERVED
CVE-2021-27675
@@ -2396,15 +2396,15 @@ CVE-2021-27087
CVE-2021-27086
RESERVED
CVE-2021-27085 (Internet Explorer Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-27084 (Visual Studio Code Java Extension Pack Remote Code Execution
Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-27083 (Remote Development Extension for Visual Studio Code Remote
Code Execut ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-27082 (Quantum Development Kit for Visual Studio Code Remote Code
Execution V ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-27081 (Visual Studio Code ESLint Extension Remote Code Execution
Vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-27080 (Azure Sphere Unsigned Code Execution Vulnerability This CVE ID
is uniq ...)
TODO: check
CVE-2021-27079
@@ -2412,9 +2412,9 @@ CVE-2021-27079
CVE-2021-27078 (Microsoft Exchange Server Remote Code Execution Vulnerability
This CVE ...)
NOT-FOR-US: Microsoft
CVE-2021-27077 (Windows Win32k Elevation of Privilege Vulnerability This CVE
ID is uni ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-27076 (Microsoft SharePoint Server Remote Code Execution
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-27075 (Azure Virtual Machine Information Disclosure Vulnerability ...)
TODO: check
CVE-2021-27074 (Azure Sphere Unsigned Code Execution Vulnerability This CVE ID
is uniq ...)
@@ -2426,7 +2426,7 @@ CVE-2021-27072
CVE-2021-27071
RESERVED
CVE-2021-27070 (Windows 10 Update Assistant Elevation of Privilege
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-27069
RESERVED
CVE-2021-27068
@@ -2434,35 +2434,35 @@ CVE-2021-27068
CVE-2021-27067
RESERVED
CVE-2021-27066 (Windows Admin Center Security Feature Bypass Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-27065 (Microsoft Exchange Server Remote Code Execution Vulnerability
This CVE ...)
NOT-FOR-US: Microsoft
CVE-2021-27064
RESERVED
CVE-2021-27063 (Windows DNS Server Denial of Service Vulnerability This CVE ID
is uniq ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-27062 (HEVC Video Extensions Remote Code Execution Vulnerability This
CVE ID ...)
TODO: check
CVE-2021-27061 (HEVC Video Extensions Remote Code Execution Vulnerability This
CVE ID ...)
TODO: check
CVE-2021-27060 (Visual Studio Code Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-27059 (Microsoft Office Remote Code Execution Vulnerability This CVE
ID is un ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-27058 (Microsoft Office ClickToRun Remote Code Execution
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-27057 (Microsoft Office Remote Code Execution Vulnerability This CVE
ID is un ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-27056 (Microsoft PowerPoint Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-27055 (Microsoft Visio Security Feature Bypass Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-27054 (Microsoft Excel Remote Code Execution Vulnerability This CVE
ID is uni ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-27053 (Microsoft Excel Remote Code Execution Vulnerability This CVE
ID is uni ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-27052 (Microsoft SharePoint Server Information Disclosure
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-27051 (HEVC Video Extensions Remote Code Execution Vulnerability This
CVE ID ...)
TODO: check
CVE-2021-27050 (HEVC Video Extensions Remote Code Execution Vulnerability This
CVE ID ...)
@@ -2828,91 +2828,91 @@ CVE-2021-26903 (LMA ISIDA Retriever 5.2 is vulnerable
to XSS via query['text'].
CVE-2021-26902 (HEVC Video Extensions Remote Code Execution Vulnerability This
CVE ID ...)
TODO: check
CVE-2021-26901 (Windows Event Tracing Elevation of Privilege Vulnerability
This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26900 (Windows Win32k Elevation of Privilege Vulnerability This CVE
ID is uni ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26899 (Windows UPnP Device Host Elevation of Privilege Vulnerability
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26898 (Windows Event Tracing Elevation of Privilege Vulnerability
This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26897 (Windows DNS Server Remote Code Execution Vulnerability This
CVE ID is ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26896 (Windows DNS Server Denial of Service Vulnerability This CVE ID
is uniq ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26895 (Windows DNS Server Remote Code Execution Vulnerability This
CVE ID is ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26894 (Windows DNS Server Remote Code Execution Vulnerability This
CVE ID is ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26893 (Windows DNS Server Remote Code Execution Vulnerability This
CVE ID is ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26892 (Windows Extensible Firmware Interface Security Feature Bypass
Vulnerab ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26891 (Windows Container Execution Agent Elevation of Privilege
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26890 (Application Virtualization Remote Code Execution Vulnerability
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26889 (Windows Update Stack Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26888
RESERVED
CVE-2021-26887 (Microsoft Windows Folder Redirection Elevation of Privilege
Vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26886 (User Profile Service Denial of Service Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26885 (Windows WalletService Elevation of Privilege Vulnerability
This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26884 (Windows Media Photo Codec Information Disclosure Vulnerability
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26883
RESERVED
CVE-2021-26882 (Remote Access API Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26881 (Microsoft Windows Media Foundation Remote Code Execution
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26880 (Storage Spaces Controller Elevation of Privilege Vulnerability
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26879 (Windows NAT Denial of Service Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26878 (Windows Print Spooler Elevation of Privilege Vulnerability
This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26877 (Windows DNS Server Remote Code Execution Vulnerability This
CVE ID is ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26876 (OpenType Font Parsing Remote Code Execution Vulnerability ...)
TODO: check
CVE-2021-26875 (Windows Win32k Elevation of Privilege Vulnerability This CVE
ID is uni ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26874 (Windows Overlay Filter Elevation of Privilege Vulnerability
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26873 (Windows User Profile Service Elevation of Privilege
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26872 (Windows Event Tracing Elevation of Privilege Vulnerability
This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26871 (Windows WalletService Elevation of Privilege Vulnerability
This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26870 (Windows Projected File System Elevation of Privilege
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26869 (Windows ActiveX Installer Service Information Disclosure
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26868 (Windows Graphics Component Elevation of Privilege
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26867 (Windows Hyper-V Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26866 (Windows Update Service Elevation of Privilege Vulnerability
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26865 (Windows Container Execution Agent Elevation of Privilege
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26864 (Windows Virtual Registry Provider Elevation of Privilege
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26863 (Windows Win32k Elevation of Privilege Vulnerability This CVE
ID is uni ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26862 (Windows Installer Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26861 (Windows Graphics Component Remote Code Execution Vulnerability
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26860 (Windows App-V Overlay Filter Elevation of Privilege
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26859 (Microsoft Power BI Information Disclosure Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26858 (Microsoft Exchange Server Remote Code Execution Vulnerability
This CVE ...)
NOT-FOR-US: Microsoft
CVE-2021-26857 (Microsoft Exchange Server Remote Code Execution Vulnerability
This CVE ...)
@@ -3119,7 +3119,7 @@ CVE-2021-26778
CVE-2021-26777
RESERVED
CVE-2021-26776 (CSZ CMS 1.2.9 is affected by a cross-site scripting (XSS)
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: CSZ CMS
CVE-2021-26775
RESERVED
CVE-2021-26774
@@ -4011,7 +4011,7 @@ CVE-2021-26413
CVE-2021-26412 (Microsoft Exchange Server Remote Code Execution Vulnerability
This CVE ...)
NOT-FOR-US: Microsoft
CVE-2021-26411 (Internet Explorer Memory Corruption Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26410
RESERVED
CVE-2021-26409
@@ -9350,13 +9350,13 @@ CVE-2021-24109 (Microsoft Azure Kubernetes Service
Elevation of Privilege Vulner
CVE-2021-24108 (Microsoft Office Remote Code Execution Vulnerability This CVE
ID is un ...)
TODO: check
CVE-2021-24107 (Windows Event Tracing Information Disclosure Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-24106 (Windows DirectX Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-24105 (Package Managers Configurations Remote Code Execution
Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-24104 (Microsoft SharePoint Spoofing Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-24103 (Windows Event Tracing Elevation of Privilege Vulnerability
This CVE ID ...)
NOT-FOR-US: Microsoft
CVE-2021-24102 (Windows Event Tracing Elevation of Privilege Vulnerability
This CVE ID ...)
@@ -9374,7 +9374,7 @@ CVE-2021-24097
CVE-2021-24096 (Windows Kernel Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-24095 (DirectX Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-24094 (Windows TCP/IP Remote Code Execution Vulnerability This CVE ID
is uniq ...)
NOT-FOR-US: Microsoft
CVE-2021-24093 (Windows Graphics Component Remote Code Execution Vulnerability
...)
@@ -9384,7 +9384,7 @@ CVE-2021-24092 (Microsoft Defender Elevation of Privilege
Vulnerability ...)
CVE-2021-24091 (Windows Camera Codec Pack Remote Code Execution Vulnerability
...)
NOT-FOR-US: Microsoft
CVE-2021-24090 (Windows Error Reporting Elevation of Privilege Vulnerability
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-24089 (HEVC Video Extensions Remote Code Execution Vulnerability This
CVE ID ...)
TODO: check
CVE-2021-24088 (Windows Local Spooler Remote Code Execution Vulnerability ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72799a73adf42acaa840630dc18aaac739ea75fc
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72799a73adf42acaa840630dc18aaac739ea75fc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
