[Git][security-tracker-team/security-tracker][master] Process some new NFUs

Salvatore Bonaccorso Mon, 29 Mar 2021 13:15:46 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
90f8ce4a by Salvatore Bonaccorso at 2021-03-29T22:14:56+02:00
Process some new NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1064,9 +1064,9 @@ CVE-2021-28939
 CVE-2021-28938
        RESERVED
 CVE-2021-28937 (The /password.html page of the Web management interface of the 
Acexy W ...)
-       TODO: check
+       NOT-FOR-US: Acexy Wireless-N WiFi Repeater
 CVE-2021-28936 (The Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) Web 
management ...)
-       TODO: check
+       NOT-FOR-US: Acexy Wireless-N WiFi Repeater
 CVE-2021-28935
        RESERVED
 CVE-2021-28934
@@ -1600,13 +1600,13 @@ CVE-2021-28675
 CVE-2021-28674
        RESERVED
 CVE-2021-28673 (Xerox Phaser 6510 before 64.61.23 and 64.59.11 (Bridge), 
WorkCentre 65 ...)
-       TODO: check
+       NOT-FOR-US: Xerox
 CVE-2021-28672
        RESERVED
 CVE-2021-28671
        RESERVED
 CVE-2021-28670 (Xerox AltaLink B8045/B8090 before 103.008.030.32000, 
C8030/C8035 befor ...)
-       TODO: check
+       NOT-FOR-US: Xerox
 CVE-2021-28669
        RESERVED
 CVE-2021-28668
@@ -4673,7 +4673,7 @@ CVE-2021-27354
 CVE-2021-27353
        RESERVED
 CVE-2021-27352 (An open redirect vulnerability in Ilch CMS version 2.1.42 
allows attac ...)
-       TODO: check
+       NOT-FOR-US: Ilch CMS
 CVE-2021-27351 (The Terminate Session feature in the Telegram application 
through 7.2. ...)
        - telegram-desktop 2.6.1-1
        [buster] - telegram-desktop <not-affected> (Vulnerable code not present)
@@ -10134,9 +10134,9 @@ CVE-2021-25146
 CVE-2021-25145
        RESERVED
 CVE-2021-25144 (A remote buffer overflow vulnerability was discovered in some 
Aruba In ...)
-       TODO: check
+       NOT-FOR-US: Aruba
 CVE-2021-25143 (A remote denial of service (dos) vulnerability was discovered 
in some  ...)
-       TODO: check
+       NOT-FOR-US: Aruba
 CVE-2021-25142 (The Baseboard Management Controller (BMC) firmware in HPE 
Apollo 70 Sy ...)
        NOT-FOR-US: HPE
 CVE-2021-25141 (A security vulnerability has been identified in in certain HPE 
and Aru ...)
@@ -17447,7 +17447,7 @@ CVE-2021-21729
 CVE-2021-21728
        RESERVED
 CVE-2021-21727 (A ZTE product has a DoS vulnerability. A remote attacker can 
amplify t ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2021-21726 (Some ZTE products have an input verification vulnerability in 
the diag ...)
        NOT-FOR-US: ZTE
 CVE-2021-21725 (A ZTE product has an information leak vulnerability. An 
attacker with  ...)
@@ -39733,9 +39733,9 @@ CVE-2020-25219 (url::recvline in url.cpp in libproxy 
0.4.x through 0.4.15 allows
        NOTE: https://github.com/libproxy/libproxy/issues/134
        NOTE: 
https://github.com/libproxy/libproxy/commit/a83dae404feac517695c23ff43ce1e116e2bfbe0
 CVE-2020-25218 (Grandstream GRP261x VoIP phone running firmware version 
1.0.3.6 (Base) ...)
-       TODO: check
+       NOT-FOR-US: Grandstream GRP261x VoIP phone
 CVE-2020-25217 (Grandstream GRP261x VoIP phone running firmware version 
1.0.3.6 (Base) ...)
-       TODO: check
+       NOT-FOR-US: Grandstream GRP261x VoIP phone
 CVE-2020-25216 (yWorks yEd Desktop before 3.20.1 allows code execution via an 
XSL Tran ...)
        NOT-FOR-US: yWorks yEd Desktop
 CVE-2020-25215 (yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML 
or Grap ...)
@@ -41048,7 +41048,7 @@ CVE-2020-24637 (Two vulnerabilities in ArubaOS GRUB2 
implementation allows for a
 CVE-2020-24636
        RESERVED
 CVE-2020-24635 (A remote execution of arbitrary commands vulnerability was 
discovered  ...)
-       TODO: check
+       NOT-FOR-US: Aruba
 CVE-2020-24634 (An attacker is able to remotely inject arbitrary commands by 
sending e ...)
        NOT-FOR-US: Aruba
 CVE-2020-24633 (There are multiple buffer overflow vulnerabilities that could 
lead to  ...)
@@ -81941,7 +81941,7 @@ CVE-2020-7852 (DaviewIndy has a Heap-based overflow 
vulnerability, triggered whe
 CVE-2020-7851
        RESERVED
 CVE-2020-7850 (NBBDownloader.ocx ActiveX Control in Groupware contains a 
vulnerabilit ...)
-       TODO: check
+       NOT-FOR-US: NBBDownloader.ocx ActiveX Control in Groupware
 CVE-2020-7849 (A vulnerability of uPrism.io CURIX(Video conferecing solution) 
could a ...)
        NOT-FOR-US: uPrism.io CURIX
 CVE-2020-7848 (The EFM ipTIME C200 IP Camera is affected by a Command 
Injection vulne ...)
@@ -144157,7 +144157,7 @@ CVE-2019-5319
 CVE-2019-5318
        RESERVED
 CVE-2019-5317 (A local authentication bypass vulnerability was discovered in 
some Aru ...)
-       TODO: check
+       NOT-FOR-US: Aruba
 CVE-2019-5316
        RESERVED
 CVE-2019-5315 (A command injection vulnerability is present in the web 
management int ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90f8ce4af37faeb6b4f672c798ee4a4525e6f5af

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90f8ce4af37faeb6b4f672c798ee4a4525e6f5af
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some new NFUs

Reply via email to