[Git][security-tracker-team/security-tracker][master] Process several NFUs

Salvatore Bonaccorso Thu, 01 Apr 2021 14:01:25 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f05fb0c6 by Salvatore Bonaccorso at 2021-04-01T23:00:24+02:00
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1878,7 +1878,7 @@ CVE-2021-29085
 CVE-2021-29084
        RESERVED
 CVE-2021-29083 (Improper neutralization of special elements used in an OS 
command in S ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2021-3460
        RESERVED
 CVE-2021-3459
@@ -3062,9 +3062,9 @@ CVE-2021-28548
 CVE-2021-28547
        RESERVED
 CVE-2021-28546 (Acrobat Reader DC versions versions 2020.013.20074 (and 
earlier), 2020 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2021-28545 (Acrobat Reader DC versions versions 2020.013.20074 (and 
earlier), 2020 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2021-28544
        RESERVED
 CVE-2021-28543 (Varnish varnish-modules before 0.17.1 allows remote attackers 
to cause ...)
@@ -5157,7 +5157,7 @@ CVE-2021-27655
 CVE-2021-27654
        RESERVED
 CVE-2021-27653 (Misconfiguration of the Pega Chat Access Group portal in Pega 
platform ...)
-       TODO: check
+       NOT-FOR-US: Pega
 CVE-2021-27652
        RESERVED
 CVE-2021-27651
@@ -7284,7 +7284,7 @@ CVE-2021-26720 (avahi-daemon-check-dns.sh in the Debian 
avahi package through 0.
 CVE-2021-26719 (A directory traversal issue was discovered in Gradle 
gradle-enterprise ...)
        NOT-FOR-US: gradle-enterprise-test-distribution-agent
 CVE-2021-26718 (KIS for macOS in some use cases was vulnerable to AV bypass 
that poten ...)
-       TODO: check
+       NOT-FOR-US: KIS for macOS
 CVE-2021-26717 (An issue was discovered in Sangoma Asterisk 16.x before 
16.16.1, 17.x  ...)
        - asterisk 1:16.16.1~dfsg-1 (bug #983157)
        [buster] - asterisk <not-affected> (Introduced in 16.15.0)
@@ -7615,9 +7615,9 @@ CVE-2021-26583
 CVE-2021-26582
        RESERVED
 CVE-2021-26581 (A potential security vulnerability has been identified in HPE 
Superdom ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2021-26580 (A potential security vulnerability has been identified in HPE 
iLO Ampl ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2021-26579 (A security vulnerability in HPE Unified Data Management (UDM) 
could al ...)
        NOT-FOR-US: HPE
 CVE-2021-26578 (A potential security vulnerability has been identified in HPE 
Network  ...)
@@ -8914,7 +8914,7 @@ CVE-2021-26074
 CVE-2021-26073
        RESERVED
 CVE-2021-26072 (The WidgetConnector plugin in Confluence Server and Confluence 
Data Ce ...)
-       TODO: check
+       NOT-FOR-US: Atlassian
 CVE-2021-26071 (The SetFeatureEnabled.jspa resource in Jira Server and Data 
Center bef ...)
        NOT-FOR-US: Atlassian
 CVE-2021-26070 (Affected versions of Atlassian Jira Server and Data Center 
allow remot ...)
@@ -18080,7 +18080,7 @@ CVE-2021-21984
 CVE-2021-21983 (Arbitrary file write vulnerability in vRealize Operations 
Manager API  ...)
        NOT-FOR-US: vRealize Operations Manager API (Vmware)
 CVE-2021-21982 (VMware Carbon Black Cloud Workload appliance 1.0.0 and 1.01 
has an aut ...)
-       TODO: check
+       NOT-FOR-US: VMware Carbon Black Cloud Workload appliance
 CVE-2021-21981
        RESERVED
 CVE-2021-21980
@@ -20488,7 +20488,7 @@ CVE-2021-21420
 CVE-2021-21419
        RESERVED
 CVE-2021-21418 (ps_emailsubscription is a newsletter subscription module for 
the Prest ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop
 CVE-2021-21417
        RESERVED
 CVE-2021-21416
@@ -23958,7 +23958,7 @@ CVE-2021-20080
 CVE-2021-20079
        RESERVED
 CVE-2021-20078 (Manage Engine OpManager builds below 125346 are vulnerable to 
a remote ...)
-       TODO: check
+       NOT-FOR-US: Manage Engine OpManager
 CVE-2021-20077 (Nessus Agent versions 7.2.0 through 8.2.2 were found to 
inadvertently  ...)
        NOT-FOR-US: Nessus Agent
 CVE-2021-20076 (Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 
were fou ...)
@@ -24759,7 +24759,7 @@ CVE-2020-35310
 CVE-2020-35309 (Bakeshop Online Ordering System in PHP/MySQLi 1.0 is affected 
by cross ...)
        NOT-FOR-US: Bakeshop Online Ordering System in PHP/MySQLi
 CVE-2020-35308 (CONQUEST DICOM SERVER before 1.5.0 has a code execution 
vulnerability  ...)
-       TODO: check
+       NOT-FOR-US: CONQUEST DICOM SERVER
 CVE-2020-35307
        RESERVED
 CVE-2020-35306
@@ -52401,15 +52401,15 @@ CVE-2020-19645
 CVE-2020-19644
        RESERVED
 CVE-2020-19643 (Cross Site Scripting (XSS) vulnerability in INSMA Wifi Mini 
Spy 1080P  ...)
-       TODO: check
+       NOT-FOR-US: INSMA Wifi Mini Spy 1080P HD Security IP Camera
 CVE-2020-19642 (An issue was discovered in INSMA Wifi Mini Spy 1080P HD 
Security IP Ca ...)
-       TODO: check
+       NOT-FOR-US: INSMA Wifi Mini Spy 1080P HD Security IP Camera
 CVE-2020-19641 (An issue was discovered in INSMA Wifi Mini Spy 1080P HD 
Security IP Ca ...)
-       TODO: check
+       NOT-FOR-US: INSMA Wifi Mini Spy 1080P HD Security IP Camera
 CVE-2020-19640 (An issue was discovered in INSMA Wifi Mini Spy 1080P HD 
Security IP Ca ...)
-       TODO: check
+       NOT-FOR-US: INSMA Wifi Mini Spy 1080P HD Security IP Camera
 CVE-2020-19639 (Cross Site Request Forgery (CSRF) vulnerability in INSMA Wifi 
Mini Spy ...)
-       TODO: check
+       NOT-FOR-US: INSMA Wifi Mini Spy 1080P HD Security IP Camera
 CVE-2020-19638
        RESERVED
 CVE-2020-19637
@@ -79775,13 +79775,13 @@ CVE-2020-9151
 CVE-2020-9150
        RESERVED
 CVE-2020-9149 (An application error verification vulnerability exists in a 
component  ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2020-9148 (An application bypass mechanism vulnerability exists in a 
component in ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2020-9147 (A memory buffer error vulnerability exists in a component 
interface of ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2020-9146 (A memory buffer error vulnerability exists in a component 
interface of ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2020-9145 (There is an Out-of-bounds Write vulnerability in some Huawei 
smartphon ...)
        NOT-FOR-US: Huawei
 CVE-2020-9144 (There is a heap overflow vulnerability in some Huawei 
smartphone, atta ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f05fb0c6849ea891941c3d7c501598aa919f0bec

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f05fb0c6849ea891941c3d7c501598aa919f0bec
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process several NFUs

Reply via email to