Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
39e44ad5 by Salvatore Bonaccorso at 2021-05-08T06:58:08+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15,7 +15,7 @@ CVE-2021-32472
CVE-2021-32471
RESERVED
CVE-2021-32470 (Craft CMS before 3.6.13 has an XSS vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2021-32469
RESERVED
CVE-2021-32468
@@ -5224,9 +5224,9 @@ CVE-2021-30175 (ZEROF Web Server 1.0 (April 2021) allows
SQL Injection via the /
CVE-2021-30174
RESERVED
CVE-2021-30173 (Local File Inclusion vulnerability of the omni-directional
communicati ...)
- TODO: check
+ NOT-FOR-US: omni-directional communication system
CVE-2021-30172 (Special characters of picture preview page in the
Quan-Fang-Wei-Tong-X ...)
- TODO: check
+ NOT-FOR-US: Quan-Fang-Wei-Tong-Xun system
CVE-2021-30171 (Special characters of ERP POS news page are not filtered in
users̵ ...)
TODO: check
CVE-2021-30170 (Special characters of ERP POS customer profile page are not
filtered i ...)
@@ -10538,7 +10538,7 @@ CVE-2021-27943
CVE-2021-27942
RESERVED
CVE-2021-27941 (Unconstrained Web access to the device's private encryption
key in the ...)
- TODO: check
+ NOT-FOR-US: eWeLink mobile application
CVE-2021-27940 (resources/public/js/orchestrator.js in openark orchestrator
before 3.2 ...)
NOT-FOR-US: openark
CVE-2021-27939
@@ -11371,17 +11371,17 @@ CVE-2021-27576 (If was found that the NetTest web
service can be used to overloa
CVE-2021-27575
RESERVED
CVE-2021-27574 (An issue was discovered in Emote Remote Mouse through 4.0.0.0.
It uses ...)
- TODO: check
+ NOT-FOR-US: Emote Remote Mouse
CVE-2021-27573 (An issue was discovered in Emote Remote Mouse through 4.0.0.0.
Remote ...)
- TODO: check
+ NOT-FOR-US: Emote Remote Mouse
CVE-2021-27572 (An issue was discovered in Emote Remote Mouse through 4.0.0.0.
Authent ...)
- TODO: check
+ NOT-FOR-US: Emote Remote Mouse
CVE-2021-27571 (An issue was discovered in Emote Remote Mouse through 4.0.0.0.
Attacke ...)
- TODO: check
+ NOT-FOR-US: Emote Remote Mouse
CVE-2021-27570 (An issue was discovered in Emote Remote Mouse through 3.015.
Attackers ...)
- TODO: check
+ NOT-FOR-US: Emote Remote Mouse
CVE-2021-27569 (An issue was discovered in Emote Remote Mouse through 4.0.0.0.
Attacke ...)
- TODO: check
+ NOT-FOR-US: Emote Remote Mouse
CVE-2021-27568 (An issue was discovered in netplex json-smart-v1 through
2015-10-23 an ...)
NOT-FOR-US: netplex
CVE-2021-27567
@@ -14875,9 +14875,9 @@ CVE-2021-23140
CVE-2021-23136
RESERVED
CVE-2021-26123 (LivingLogic XIST4C before 0.107.8 allows XSS via login.htm,
login.wiht ...)
- TODO: check
+ NOT-FOR-US: LivingLogic XIST4C
CVE-2021-26122 (LivingLogic XIST4C before 0.107.8 allows XSS via feedback.htm
or feedb ...)
- TODO: check
+ NOT-FOR-US: LivingLogic XIST4C
CVE-2021-26121
RESERVED
CVE-2021-26120 (Smarty before 3.1.39 allows code injection via an unexpected
function ...)
@@ -22854,23 +22854,23 @@ CVE-2021-22681 (Rockwell Automation Studio 5000 Logix
Designer Versions 21 and l
CVE-2021-22680
RESERVED
CVE-2021-22679 (The affected product is vulnerable to an integer overflow
while proces ...)
- TODO: check
+ NOT-FOR-US: SimpleLink
CVE-2021-22678 (Cscape (All versions prior to 9.90 SP4) lacks proper
validation of use ...)
NOT-FOR-US: Cscape
CVE-2021-22677 (An integer overflow exists in the APIs of the host MCU while
trying to ...)
- TODO: check
+ NOT-FOR-US: SimpleLink
CVE-2021-22676
RESERVED
CVE-2021-22675 (The affected product is vulnerable to integer overflow while
parsing m ...)
- TODO: check
+ NOT-FOR-US: SimpleLink
CVE-2021-22674
RESERVED
CVE-2021-22673 (The affected product is vulnerable to stack-based buffer
overflow whil ...)
- TODO: check
+ NOT-FOR-US: SimpleLink
CVE-2021-22672
RESERVED
CVE-2021-22671 (Multiple integer overflow issues exist while processing long
domain na ...)
- TODO: check
+ NOT-FOR-US: SimpleLink
CVE-2021-22670 (An uninitialized pointer may be exploited in Fatek FvDesigner
Version ...)
NOT-FOR-US: Fatek FvDesigner
CVE-2021-22669 (Incorrect permissions are set to default on the ‘Project
Managem ...)
@@ -24297,7 +24297,7 @@ CVE-2021-21986
CVE-2021-21985
RESERVED
CVE-2021-21984 (VMware vRealize Business for Cloud 7.x prior to 7.6.0 contains
a remot ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2021-21983 (Arbitrary file write vulnerability in vRealize Operations
Manager API ...)
NOT-FOR-US: vRealize Operations Manager API (Vmware)
CVE-2021-21982 (VMware Carbon Black Cloud Workload appliance 1.0.0 and 1.01
has an aut ...)
@@ -25378,15 +25378,15 @@ CVE-2020-36130
CVE-2020-36129
RESERVED
CVE-2020-36128 (Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is
affected by ...)
- TODO: check
+ NOT-FOR-US: Pax Technology PAXSTORE
CVE-2020-36127 (Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is
affected by ...)
- TODO: check
+ NOT-FOR-US: Pax Technology PAXSTORE
CVE-2020-36126 (Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is
affected by ...)
- TODO: check
+ NOT-FOR-US: Pax Technology PAXSTORE
CVE-2020-36125 (Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is
affected by ...)
- TODO: check
+ NOT-FOR-US: Pax Technology PAXSTORE
CVE-2020-36124 (Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is
affected by ...)
- TODO: check
+ NOT-FOR-US: Pax Technology PAXSTORE
CVE-2020-36123
RESERVED
CVE-2020-36122
@@ -72311,7 +72311,7 @@ CVE-2020-14011 (Lansweeper 6.0.x through 7.2.x has a
default installation in whi
CVE-2020-14010 (The Laborator Xenon theme 1.3 for WordPress allows Reflected
XSS via t ...)
NOT-FOR-US: Laborator Xenon theme for WordPress
CVE-2020-14009 (Proofpoint Enterprise Protection (PPS/PoD) before 8.17.0
contains a vu ...)
- TODO: check
+ NOT-FOR-US: Proofpoint Enterprise Protection (PPS/PoD)
CVE-2020-14008 (Zoho ManageEngine Applications Manager 14710 and before allows
an auth ...)
NOT-FOR-US: Zoho ManageEngine Applications Manager
CVE-2020-14007 (Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion
Platform HF ...)
@@ -97525,7 +97525,7 @@ CVE-2020-4903 (IBM API Connect V10 and V2018 could
allow an attacker who has int
CVE-2020-4902
RESERVED
CVE-2020-4901 (IBM Robotic Process Automation with Automation Anywhere 11.0
could all ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4900 (IBM Business Automation Workflow 19.0.0.3 stores potentially
sensitive ...)
NOT-FOR-US: IBM
CVE-2020-4899 (IBM API Connect 5.0.0.0 through 5.0.8.10 could potentially leak
sensit ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39e44ad5207690550540bd36e444d5fad3c837af
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39e44ad5207690550540bd36e444d5fad3c837af
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
