Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
17772994 by Salvatore Bonaccorso at 2021-04-23T11:04:36+02:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -30029,27 +30029,27 @@ CVE-2021-2159 (Vulnerability in the PeopleSoft
Enterprise CS Campus Community pr
CVE-2021-2158 (Vulnerability in the Hyperion Financial Management product of
Oracle H ...)
NOT-FOR-US: Oracle
CVE-2021-2157 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2156 (Vulnerability in the Oracle Customers Online product of Oracle
E-Busin ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2155 (Vulnerability in the Oracle One-to-One Fulfillment product of
Oracle E ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2154 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-5.7 <removed>
CVE-2021-2153 (Vulnerability in the Oracle Internet Expenses product of Oracle
E-Busi ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2152 (Vulnerability in the Oracle Business Intelligence Enterprise
Edition p ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2151 (Vulnerability in the PeopleSoft Enterprise PeopleTools product
of Orac ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2150 (Vulnerability in the Oracle iStore product of Oracle E-Business
Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2149 (Vulnerability in the Oracle ZFS Storage Appliance Kit product
of Oracl ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2148
RESERVED
CVE-2021-2147 (Vulnerability in the Oracle ZFS Storage Appliance Kit product
of Oracl ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2146 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-8.0 <unfixed> (bug #987325)
- mysql-5.7 <removed>
@@ -30061,11 +30061,11 @@ CVE-2021-2144 (Vulnerability in the MySQL Server
product of Oracle MySQL (compon
CVE-2021-2143
RESERVED
CVE-2021-2142 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2141 (Vulnerability in the Oracle FLEXCUBE Direct Banking product of
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2140 (Vulnerability in the Oracle Financial Services Analytical
Applications ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2139
RESERVED
CVE-2021-2138 (Vulnerability in the Oracle Cloud Infrastructure Data Science
Notebook ...)
@@ -30073,11 +30073,11 @@ CVE-2021-2138 (Vulnerability in the Oracle Cloud
Infrastructure Data Science Not
CVE-2021-2137
RESERVED
CVE-2021-2136 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2135 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2134 (Vulnerability in the Enterprise Manager for Fusion Middleware
product ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2133
RESERVED
CVE-2021-2132
@@ -30240,7 +30240,7 @@ CVE-2021-2055 (Vulnerability in the MySQL Server
product of Oracle MySQL (compon
CVE-2021-2054 (Vulnerability in the RDBMS Sharding component of Oracle
Database Serve ...)
NOT-FOR-US: Oracle
CVE-2021-2053 (Vulnerability in the Enterprise Manager Base Platform product
of Oracl ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2052 (Vulnerability in the JD Edwards EnterpriseOne Orchestrator
product of ...)
NOT-FOR-US: Oracle
CVE-2021-2051 (Vulnerability in the Oracle BI Publisher product of Oracle
Fusion Midd ...)
@@ -30334,7 +30334,7 @@ CVE-2021-2010 (Vulnerability in the MySQL Client
product of Oracle MySQL (compon
CVE-2021-2009 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-8.0 <not-affected> (Fixed before initial upload)
CVE-2021-2008 (Vulnerability in the Enterprise Manager for Fusion Middleware
product ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2021-2007 (Vulnerability in the MySQL Client product of Oracle MySQL
(component: ...)
- mysql-8.0 <not-affected> (Fixed before initial upload)
- mysql-5.7 <removed> (bug #981194)
@@ -38035,7 +38035,7 @@ CVE-2021-0268 (An Improper Neutralization of CRLF
Sequences in HTTP Headers ('HT
CVE-2021-0267 (An Improper Input Validation vulnerability in the active-lease
query p ...)
NOT-FOR-US: Juniper
CVE-2021-0266 (The use of multiple hard-coded cryptographic keys in cSRX
Series softw ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2021-0265 (An unvalidated REST API in the AppFormix Agent of Juniper
Networks App ...)
NOT-FOR-US: Juniper
CVE-2021-0264 (A vulnerability in the processing of traffic matching a
firewall filte ...)
@@ -38065,7 +38065,7 @@ CVE-2021-0253 (NFX Series devices using Juniper
Networks Junos OS are susceptibl
CVE-2021-0252 (NFX Series devices using Juniper Networks Junos OS are
susceptible to ...)
NOT-FOR-US: Juniper
CVE-2021-0251 (A NULL Pointer Dereference vulnerability in the Captive Portal
Content ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2021-0250 (In segment routing traffic engineering (SRTE) environments
where the B ...)
NOT-FOR-US: Juniper
CVE-2021-0249 (On SRX Series devices configured with UTM services a buffer
overflow v ...)
@@ -38765,11 +38765,11 @@ CVE-2020-27739 (A Weak Session Management
vulnerability in Citadel WebCit throug
[buster] - webcit <ignored> (Minor issue)
[stretch] - webcit <ignored> (Minor issue)
CVE-2020-27738 (A vulnerability has been identified in Nucleus 4 (All versions
< V4 ...)
- TODO: check
+ NOT-FOR-US: Nucleus (Siemens)
CVE-2020-27737 (A vulnerability has been identified in Nucleus 4 (All versions
< V4 ...)
- TODO: check
+ NOT-FOR-US: Nucleus (Siemens)
CVE-2020-27736 (A vulnerability has been identified in Nucleus 4 (All versions
< V4 ...)
- TODO: check
+ NOT-FOR-US: Nucleus (Siemens)
CVE-2020-27735 (An XSS issue was discovered in Wing FTP 6.4.4. An arbitrary
IFRAME ele ...)
NOT-FOR-US: Wing FTP
CVE-2018-21269 (checkpath in OpenRC through 0.42.1 might allow local users to
take own ...)
@@ -40745,7 +40745,7 @@ CVE-2020-27011
CVE-2020-27010 (A cross-site scripting (XSS) vulnerability in Trend Micro
InterScan We ...)
NOT-FOR-US: Trend Micro
CVE-2020-27009 (A vulnerability has been identified in Nucleus NET (All
versions < ...)
- TODO: check
+ NOT-FOR-US: Nucleus (Siemens)
CVE-2020-27008 (A vulnerability has been identified in JT2Go (All versions
< V13.1. ...)
NOT-FOR-US: JT2Go
CVE-2020-27007 (A vulnerability has been identified in JT2Go (All versions
< V13.1. ...)
@@ -40769,7 +40769,7 @@ CVE-2020-26999 (A vulnerability has been identified in
JT2Go (All versions <
CVE-2020-26998 (A vulnerability has been identified in JT2Go (All versions
< V13.1. ...)
NOT-FOR-US: JT2Go
CVE-2020-26997 (A vulnerability has been identified in Solid Edge SE2020 (All
versions ...)
- TODO: check
+ NOT-FOR-US: Solid Edge (Siemens)
CVE-2020-26996 (A vulnerability has been identified in JT2Go (All versions
< V13.1. ...)
NOT-FOR-US: JT2Go
CVE-2020-26995 (A vulnerability has been identified in JT2Go (All versions
< V13.1. ...)
@@ -60782,9 +60782,9 @@ CVE-2020-17566
CVE-2020-17565
RESERVED
CVE-2020-17564 (Path Traversal in FeiFeiCMS v4.0 allows remote attackers to
delete arb ...)
- TODO: check
+ NOT-FOR-US: FeiFeiCMS
CVE-2020-17563 (Path Traversal in FeiFeiCMS v4.0 allows remote attackers to
delete arb ...)
- TODO: check
+ NOT-FOR-US: FeiFeiCMS
CVE-2020-17562
RESERVED
CVE-2020-17561
@@ -64888,7 +64888,7 @@ CVE-2020-15797 (A vulnerability has been identified in
DCA Vantage Analyzer (All
CVE-2020-15796 (A vulnerability has been identified in SIMATIC ET 200SP Open
Controlle ...)
NOT-FOR-US: Siemens
CVE-2020-15795 (A vulnerability has been identified in Nucleus NET (All
versions < ...)
- TODO: check
+ NOT-FOR-US: Nucleus (Siemens)
CVE-2020-15794 (A vulnerability has been identified in Desigo Insight (All
versions). ...)
NOT-FOR-US: Desigo Insight
CVE-2020-15793 (A vulnerability has been identified in Desigo Insight (All
versions). ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17772994202e123b0a59f6cb42bd603107783ec6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17772994202e123b0a59f6cb42bd603107783ec6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
