[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Thu, 15 Apr 2021 08:34:43 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
6fde8ca1 by Salvatore Bonaccorso at 2021-04-15T17:33:51+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4104,7 +4104,7 @@ CVE-2021-29451
 CVE-2021-29450
        RESERVED
 CVE-2021-29449 (Pi-hole is a Linux network-level advertisement and Internet 
tracker bl ...)
-       TODO: check
+       NOT-FOR-US: Pi-hole
 CVE-2021-29448
        RESERVED
 CVE-2021-29447
@@ -7479,9 +7479,9 @@ CVE-2021-27992
 CVE-2021-27991
        RESERVED
 CVE-2021-27990 (Appspace 6.2.4 is vulnerable to a broken authentication 
mechanism wher ...)
-       TODO: check
+       NOT-FOR-US: Appspace
 CVE-2021-27989 (Appspace 6.2.4 is vulnerable to stored cross-site scripting 
(XSS) in m ...)
-       TODO: check
+       NOT-FOR-US: Appspace
 CVE-2021-27988
        RESERVED
 CVE-2021-27987
@@ -9139,9 +9139,9 @@ CVE-2021-27262 (This vulnerability allows remote 
attackers to disclose sensitive
 CVE-2021-27261 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
        NOT-FOR-US: Foxit PhantomPDF
 CVE-2021-27260 (This vulnerability allows local attackers to disclose 
sensitive inform ...)
-       TODO: check
+       NOT-FOR-US: Parallels Desktop
 CVE-2021-27259 (This vulnerability allows local attackers to escalate 
privileges on af ...)
-       TODO: check
+       NOT-FOR-US: Parallels Desktop
 CVE-2021-27258 (This vulnerability allows remote attackers to execute escalate 
privile ...)
        NOT-FOR-US: SolarWinds
 CVE-2021-27257 (This vulnerability allows network-adjacent attackers to 
compromise the ...)
@@ -20869,7 +20869,7 @@ CVE-2021-3019 (ffay lanproxy 0.1 allows Directory 
Traversal to read /../conf/con
 CVE-2021-3018 (ipeak Infosystems ibexwebCMS (aka IPeakCMS) 3.5 is vulnerable 
to an un ...)
        NOT-FOR-US: ipeak Infosystems ibexwebCMS (aka IPeakCMS)
 CVE-2021-3017 (The web interface on Intelbras WIN 300 and WRN 342 devices 
through 202 ...)
-       TODO: check
+       NOT-FOR-US: Intelbras
 CVE-2021-3016
        RESERVED
 CVE-2021-3015
@@ -23523,7 +23523,7 @@ CVE-2020-35662 (In SaltStack Salt before 3002.5, when 
authenticating to services
 CVE-2020-35661
        RESERVED
 CVE-2020-35660 (Cross Site Scripting (XSS) in Monica before 2.19.1 via the 
journal pag ...)
-       TODO: check
+       NOT-FOR-US: Monica
 CVE-2020-35659 (The DNS query log in Pi-hole before 5.2.2 is vulnerable to 
stored XSS. ...)
        NOT-FOR-US: Pi-hole
 CVE-2020-35658 (SpamTitan before 7.09 allows attackers to tamper with backups, 
because ...)
@@ -30288,9 +30288,9 @@ CVE-2020-29595 (PlugIns\IDE_ACDStd.apl in ACDSee Photo 
Studio Studio Professiona
 CVE-2020-29594 (Rocket.Chat before 0.74.4, 1.x before 1.3.4, 2.x before 
2.4.13, 3.x be ...)
        NOT-FOR-US: Rocket.Chat
 CVE-2020-29593 (An issue was discovered in Orchard before 1.10. The Media 
Settings All ...)
-       TODO: check
+       NOT-FOR-US: Orchard CMS
 CVE-2020-29592 (An issue was discovered in Orchard before 1.10. A broken 
access contro ...)
-       TODO: check
+       NOT-FOR-US: Orchard CMS
 CVE-2020-29591 (Versions of the Official registry Docker images through 2.7.0 
contain  ...)
        NOT-FOR-US: registry Docker image
 CVE-2020-29590
@@ -36563,7 +36563,7 @@ CVE-2020-28126
 CVE-2020-28125
        RESERVED
 CVE-2020-28124 (Cross Site Scripting (XSS) in LavaLite 5.8.0 via the Address 
field. ...)
-       TODO: check
+       NOT-FOR-US: LavaLite
 CVE-2020-28123
        RESERVED
 CVE-2020-28122
@@ -52875,9 +52875,9 @@ CVE-2020-21090
 CVE-2020-21089
        RESERVED
 CVE-2020-21088 (Cross Site Scripting (XSS) in X2engine X2CRM v7.1 and older 
allows rem ...)
-       TODO: check
+       NOT-FOR-US: X2engine X2CRM
 CVE-2020-21087 (Cross Site Scripting (XSS) in X2Engine X2CRM v6.9 and older 
allows rem ...)
-       TODO: check
+       NOT-FOR-US: X2engine X2CRM
 CVE-2020-21086
        RESERVED
 CVE-2020-21085
@@ -55503,7 +55503,7 @@ CVE-2020-19780
 CVE-2020-19779
        RESERVED
 CVE-2020-19778 (Incorrect Access Control in Shopxo v1.4.0 and v1.5.0 allows 
remote att ...)
-       TODO: check
+       NOT-FOR-US: Shopxo
 CVE-2020-19777
        RESERVED
 CVE-2020-19776
@@ -132816,7 +132816,7 @@ CVE-2019-10883 (Citrix SD-WAN Center 10.2.x before 
10.2.1 and NetScaler SD-WAN C
 CVE-2019-10882 (The Netskope client service, v57 before 57.2.0.219 and v60 
before 60.2 ...)
        NOT-FOR-US: Netskope
 CVE-2019-10881 (Xerox AltaLink B8045/B8055/B8065/B8075/B8090, AltaLink 
C8030/C8035/C80 ...)
-       TODO: check
+       NOT-FOR-US: Xerox
 CVE-2019-10880 (Within multiple XEROX products a vulnerability allows remote 
command e ...)
        NOT-FOR-US: XEROX
 CVE-2018-20816 (An XSS combined with CSRF vulnerability discovered in 
SalesAgility Sui ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6fde8ca1cd3a759298d4db4cc27b9d7dbe504fba

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6fde8ca1cd3a759298d4db4cc27b9d7dbe504fba
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to