[Git][security-tracker-team/security-tracker][master] Process several NFUs

Salvatore Bonaccorso Tue, 13 Apr 2021 13:20:12 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
74816398 by Salvatore Bonaccorso at 2021-04-13T22:19:38+02:00
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4503,11 +4503,11 @@ CVE-2021-28649
 CVE-2021-28648
        RESERVED
 CVE-2021-28647 (Trend Micro Password Manager version 5 (Consumer) is 
vulnerable to a D ...)
-       TODO: check
+       NOT-FOR-US: Trend Micro
 CVE-2021-28646 (An insecure file permissions vulnerability in Trend Micro Apex 
One, Ap ...)
-       TODO: check
+       NOT-FOR-US: Trend Micro
 CVE-2021-28645 (An incorrect permission assignment vulnerability in Trend 
Micro Apex O ...)
-       TODO: check
+       NOT-FOR-US: Trend Micro
 CVE-2017-20002 (The Debian shadow package before 1:4.5-1 for Shadow 
incorrectly lists  ...)
        {DLA-2596-1}
        - shadow 1:4.5-1 (bug #914957)
@@ -6915,7 +6915,7 @@ CVE-2021-27611
 CVE-2021-27610
        RESERVED
 CVE-2021-27609 (SAP Focused RUN versions 200, 300, does not perform necessary 
authoriz ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-27608
        RESERVED
 CVE-2021-27607
@@ -6923,21 +6923,21 @@ CVE-2021-27607
 CVE-2021-27606
        RESERVED
 CVE-2021-27605 (SAP's HCM Travel Management Fiori Apps V2, version - 608, does 
not per ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-27604
        RESERVED
 CVE-2021-27603 (An RFC enabled function module SPI_WAIT_MILLIS in SAP 
NetWeaver AS ABA ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-27602 (SAP Commerce, versions - 1808, 1811, 1905, 2005, 2011, 
Backoffice appl ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-27601 (SAP NetWeaver AS Java (Applications based on HTMLB for Java) 
allows a  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-27600 (SAP Manufacturing Execution (System Rules), versions - 15.1, 
15.2, 15. ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-27599
        RESERVED
 CVE-2021-27598 (SAP NetWeaver AS JAVA (Customer Usage Provisioning Servlet), 
versions  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-27597
        RESERVED
 CVE-2021-27596 (When a user opens manipulated Autodesk 3D Studio for MS-DOS 
(.3DS) fil ...)
@@ -12709,13 +12709,13 @@ CVE-2021-25255
 CVE-2021-25254
        RESERVED
 CVE-2021-25253 (An improper access control vulnerability in Trend Micro Apex 
One, Tren ...)
-       TODO: check
+       NOT-FOR-US: Trend Micro
 CVE-2021-25252 (Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan 
Engine ( ...)
        NOT-FOR-US: Trend Micro
 CVE-2021-25251 (The Trend Micro Security 2020 and 2021 families of consumer 
products a ...)
        NOT-FOR-US: Trend Micro
 CVE-2021-25250 (An improper access control vulnerability in Trend Micro Apex 
One, Tren ...)
-       TODO: check
+       NOT-FOR-US: Trend Micro
 CVE-2021-25249 (An out-of-bounds write information disclosure vulnerability in 
Trend M ...)
        NOT-FOR-US: Trend Micro
 CVE-2021-25248 (An out-of-bounds read information disclosure vulnerability in 
Trend Mi ...)
@@ -18687,7 +18687,7 @@ CVE-2021-22507 (Authentication bypass vulnerability in 
Micro Focus Operations Br
 CVE-2021-22506 (Advance configuration exposing Information Leakage 
vulnerability in Mi ...)
        NOT-FOR-US: Micro Focus
 CVE-2021-22505 (Escalation of privileges vulnerability in Micro Focus 
Operations Agent ...)
-       TODO: check
+       NOT-FOR-US: Micro Focus
 CVE-2021-22504 (Arbitrary code execution vulnerability on Micro Focus 
Operations Bridg ...)
        NOT-FOR-US: Micro Focus
 CVE-2021-22503
@@ -21493,7 +21493,7 @@ CVE-2018-25001 (An issue was discovered in the 
libpulse-binding crate before 2.5
 CVE-2021-21493 (When a user opens manipulated Graphics Interchange Format 
(.GIF) forma ...)
        NOT-FOR-US: SAP
 CVE-2021-21492 (SAP NetWeaver Application Server Java(HTTP Service), versions 
- 7.10,  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-21491 (SAP Netweaver Application Server Java (Applications based on 
WebDynpro ...)
        NOT-FOR-US: SAP
 CVE-2021-21490
@@ -21511,9 +21511,9 @@ CVE-2021-21485 (An unauthorized attacker may be able to 
entice an administrator
 CVE-2021-21484 (LDAP authentication in SAP HANA Database version 2.0 can be 
bypassed i ...)
        NOT-FOR-US: SAP
 CVE-2021-21483 (Under certain conditions SAP Solution Manager, version - 720, 
allows a ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-21482 (SAP NetWeaver Master Data Management, versions - 710, 710.750, 
allows  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-21481 (The MigrationService, which is part of SAP NetWeaver versions 
7.10, 7. ...)
        NOT-FOR-US: SAP
 CVE-2021-21480 (SAP MII allows users to create dashboards and save them as JSP 
through ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74816398b071dd99453ec9278ca9d1b77727601c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74816398b071dd99453ec9278ca9d1b77727601c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process several NFUs

Reply via email to