Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b345a297 by Salvatore Bonaccorso at 2021-05-29T07:50:47+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -302,7 +302,7 @@ CVE-2021-33593
CVE-2021-33592
RESERVED
CVE-2021-33591 (An exposed remote debugging port in Naver Comic Viewer prior
to 1.0.15 ...)
- TODO: check
+ NOT-FOR-US: Naver Comic Viewer
CVE-2021-33590 (GattLib 0.3-rc1 has a stack-based buffer over-read in
get_device_path_ ...)
TODO: check
CVE-2021-33589
@@ -2369,7 +2369,7 @@ CVE-2021-32639
CVE-2021-32638 (Github's CodeQL action is provided to run CodeQL-based code
scanning o ...)
NOT-FOR-US: Github
CVE-2021-32637 (Authelia is a a single sign-on multi-factor portal for web
apps. This ...)
- TODO: check
+ NOT-FOR-US: Authelia
CVE-2021-32636
RESERVED
CVE-2021-32635 [Action Commands (run/shell/exec) Against Library URIs Ignore
Configured Remote Endpoint]
@@ -2620,15 +2620,15 @@ CVE-2021-32545
CVE-2021-32544 (Special characters of IGT search function in igt+ are not
filtered in ...)
NOT-FOR-US: igt+
CVE-2021-32543 (The CTS Web transaction system related to authentication
management is ...)
- TODO: check
+ NOT-FOR-US: CTS Web transaction system
CVE-2021-32542 (The parameters of the specific functions in the CTS Web
trading system ...)
- TODO: check
+ NOT-FOR-US: CTS Web trading system
CVE-2021-32541 (The CTS Web transaction system related to authentication and
session m ...)
- TODO: check
+ NOT-FOR-US: CTS Web transaction system
CVE-2021-32540 (Add announcement function in the 101EIP system does not filter
special ...)
- TODO: check
+ NOT-FOR-US: 101EIP system
CVE-2021-32539 (Add event in calendar function in the 101EIP system does not
filter sp ...)
- TODO: check
+ NOT-FOR-US: 101EIP system
CVE-2021-32538
RESERVED
CVE-2021-32537
@@ -15754,7 +15754,7 @@ CVE-2021-27034
CVE-2021-27033
RESERVED
CVE-2021-27032 (Autodesk Licensing Services was found to be vulnerable to
privilege es ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2021-27031 (A user may be tricked into opening a malicious FBX file which
may expl ...)
NOT-FOR-US: Autodesk
CVE-2021-27030 (A user may be tricked into opening a malicious FBX file which
may expl ...)
@@ -28027,7 +28027,7 @@ CVE-2021-21736
CVE-2021-21735
RESERVED
CVE-2021-21734 (Some PON MDU devices of ZTE stored sensitive information in
plaintext, ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2021-21733 (The management system of ZXCDN is impacted by the information
leak vul ...)
NOT-FOR-US: ZXCDN
CVE-2021-21732 (A mobile phone of ZTE is impacted by improper access control
vulnerabi ...)
@@ -70656,7 +70656,7 @@ CVE-2020-15784 (A vulnerability has been identified in
Spectrum Power 4 (All ver
CVE-2020-15783 (A vulnerability has been identified in SIMATIC S7-300 CPU
family (incl ...)
NOT-FOR-US: Siemens
CVE-2020-15782 (A vulnerability has been identified in SIMATIC Drive
Controller family ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-15781 (A vulnerability has been identified in SICAM WEB firmware for
SICAM A8 ...)
NOT-FOR-US: SICAM
CVE-2020-15779 (A Path Traversal issue was discovered in the socket.io-file
package th ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b345a2977fd433c19b5720f1a48582517cb3c33a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b345a2977fd433c19b5720f1a48582517cb3c33a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
