[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 09 Jun 2021 13:30:38 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f82e1dd1 by Salvatore Bonaccorso at 2021-06-09T22:29:57+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -139,9 +139,9 @@ CVE-2021-34372
 CVE-2021-34371
        RESERVED
 CVE-2021-34370 (Accela Civic Platform through 20.1 allows 
ssoAdapter/logoutAction.do s ...)
-       TODO: check
+       NOT-FOR-US: Accela Civic Platform
 CVE-2021-34369 (portlets/contact/ref/refContactDetail.do in Accela Civic 
Platform thro ...)
-       TODO: check
+       NOT-FOR-US: Accela Civic Platform
 CVE-2021-34368
        RESERVED
 CVE-2021-34367
@@ -345,7 +345,7 @@ CVE-2021-34282
 CVE-2021-34281
        RESERVED
 CVE-2021-34280 (Polaris Office v9.103.83.44230 is affected by a Uninitialized 
Pointer  ...)
-       TODO: check
+       NOT-FOR-US: Polaris Office
 CVE-2021-34279
        RESERVED
 CVE-2021-34278
@@ -1149,7 +1149,7 @@ CVE-2021-33896 (Dino before 0.1.2 and 0.2.x before 0.2.1 
allows Directory Traver
 CVE-2021-33895
        RESERVED
 CVE-2021-33894 (In Progress MOVEit Transfer before 2019.0.6 (11.0.6), 2019.1.x 
before  ...)
-       TODO: check
+       NOT-FOR-US: Progress MOVEit
 CVE-2021-33893
        RESERVED
 CVE-2021-33892
@@ -1261,9 +1261,9 @@ CVE-2021-3580 [Remote crash in RSA decryption via 
manipulated ciphertext]
 CVE-2021-33844
        RESERVED
 CVE-2021-33842 (Improper Authentication vulnerability in the cookie parameter 
of Circu ...)
-       TODO: check
+       NOT-FOR-US: Circutor SGE-PLC1000 firmware
 CVE-2021-33841 (SGE-PLC1000 device, in its 0.9.2b firmware version, does not 
handle so ...)
-       TODO: check
+       NOT-FOR-US: SGE-PLC1000 device
 CVE-2021-23210
        RESERVED
 CVE-2021-23172
@@ -1509,13 +1509,13 @@ CVE-2021-33744
 CVE-2021-33743
        RESERVED
 CVE-2021-33742 (Windows MSHTML Platform Remote Code Execution Vulnerability 
...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-33741 (Microsoft Edge (Chromium-based) Elevation of Privilege 
Vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-33740
        RESERVED
 CVE-2021-33739 (Microsoft DWM Core Library Elevation of Privilege 
Vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2020-36381
        RESERVED
 CVE-2020-36380
@@ -1615,7 +1615,7 @@ CVE-2021-33714
 CVE-2021-33713
        RESERVED
 CVE-2021-33712 (A vulnerability has been identified in Mendix SAML Module (All 
version ...)
-       TODO: check
+       NOT-FOR-US: Mendix SAML Module
 CVE-2021-33711
        RESERVED
 CVE-2021-33710
@@ -2397,11 +2397,11 @@ CVE-2021-33360
 CVE-2021-33359 (A vulnerability exists in gowitness &lt; 2.3.6 that allows an 
unauthen ...)
        TODO: check
 CVE-2021-33358 (Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the 
"interfac ...)
-       TODO: check
+       NOT-FOR-US: RaspAP
 CVE-2021-33357 (A vulnerability exists in RaspAP 2.6 to 2.6.5 in the "iface" 
GET param ...)
-       TODO: check
+       NOT-FOR-US: RaspAP
 CVE-2021-33356 (Multiple privilege escalation vulnerabilities in RaspAP 1.5 to 
2.6.5 c ...)
-       TODO: check
+       NOT-FOR-US: RaspAP
 CVE-2021-33355
        RESERVED
 CVE-2021-33354
@@ -2791,7 +2791,7 @@ CVE-2021-33192
 CVE-2021-33191
        RESERVED
 CVE-2021-33190 (In Apache APISIX Dashboard version 2.6, we changed the default 
value o ...)
-       TODO: check
+       NOT-FOR-US: Apache APISIX Dashboard
 CVE-2020-36365 (Smartstore (aka SmartStoreNET) before 4.1.0 allows 
CommonController.Cl ...)
        NOT-FOR-US: Smartstore (aka SmartStoreNET)
 CVE-2020-36364 (An issue was discovered in Smartstore (aka SmartStoreNET) 
before 4.1.0 ...)
@@ -2853,9 +2853,9 @@ CVE-2021-33178
 CVE-2021-33177
        RESERVED
 CVE-2021-33176 (VerneMQ MQTT Broker versions prior to 1.12.0 are vulnerable to 
a denia ...)
-       TODO: check
+       NOT-FOR-US: VerneMQ MQTT Broker
 CVE-2021-33175 (EMQ X Broker versions prior to 4.2.8 are vulnerable to a 
denial of ser ...)
-       TODO: check
+       NOT-FOR-US: EMQ X Broker
 CVE-2021-33174
        RESERVED
 CVE-2021-33173
@@ -3344,7 +3344,7 @@ CVE-2021-32944
 CVE-2021-32943
        RESERVED
 CVE-2021-32942 (The vulnerability could expose cleartext credentials from 
AVEVA InTouc ...)
-       TODO: check
+       NOT-FOR-US: AVEVA InTouch Runtime
 CVE-2021-32941
        RESERVED
 CVE-2021-32940
@@ -5579,7 +5579,7 @@ CVE-2021-31987
 CVE-2021-31986
        RESERVED
 CVE-2021-31985 (Microsoft Defender Remote Code Execution Vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31984
        RESERVED
 CVE-2021-31983 (Paint 3D Remote Code Execution Vulnerability This CVE ID is 
unique fro ...)
@@ -5589,41 +5589,41 @@ CVE-2021-31982
 CVE-2021-31981
        RESERVED
 CVE-2021-31980 (Microsoft Intune Management Extension Remote Code Execution 
Vulnerabil ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31979
        RESERVED
 CVE-2021-31978 (Microsoft Defender Denial of Service Vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31977 (Windows Hyper-V Denial of Service Vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31976 (Server for NFS Information Disclosure Vulnerability This CVE 
ID is uni ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31975 (Server for NFS Information Disclosure Vulnerability This CVE 
ID is uni ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31974 (Server for NFS Denial of Service Vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31973 (Windows GPSVC Elevation of Privilege Vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31972 (Event Tracing for Windows Information Disclosure Vulnerability 
...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31971 (Windows HTML Platform Security Feature Bypass Vulnerability 
...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31970 (Windows TCP/IP Driver Security Feature Bypass Vulnerability 
...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31969 (Windows Cloud Files Mini Filter Driver Elevation of Privilege 
Vulnerab ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31968 (Windows Remote Desktop Services&#194; Denial of Service 
Vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31967 (VP9 Video Extensions Remote Code Execution Vulnerability ...)
        TODO: check
 CVE-2021-31966 (Microsoft SharePoint Server Remote Code Execution 
Vulnerability This C ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31965 (Microsoft SharePoint Server Information Disclosure 
Vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31964 (Microsoft SharePoint Server Spoofing Vulnerability This CVE ID 
is uniq ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31963 (Microsoft SharePoint Server Remote Code Execution 
Vulnerability This C ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31962 (Kerberos AppContainer Security Feature Bypass Vulnerability 
...)
        TODO: check
 CVE-2021-31961
@@ -5633,47 +5633,47 @@ CVE-2021-31960 (Windows Bind Filter Driver Information 
Disclosure Vulnerability
 CVE-2021-31959 (Scripting Engine Memory Corruption Vulnerability ...)
        TODO: check
 CVE-2021-31958 (Windows NTLM Elevation of Privilege Vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31957 (ASP.NET Denial of Service Vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31956 (Windows NTFS Elevation of Privilege Vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31955 (Windows Kernel Information Disclosure Vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31954 (Windows Common Log File System Driver Elevation of Privilege 
Vulnerabi ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31953 (Windows Filter Manager Elevation of Privilege Vulnerability 
...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31952 (Windows Kernel-Mode Driver Elevation of Privilege 
Vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31951 (Windows Kernel Elevation of Privilege Vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31950 (Microsoft SharePoint Server Spoofing Vulnerability This CVE ID 
is uniq ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31949 (Microsoft Outlook Remote Code Execution Vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31948 (Microsoft SharePoint Server Spoofing Vulnerability This CVE ID 
is uniq ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31947
        RESERVED
 CVE-2021-31946 (Paint 3D Remote Code Execution Vulnerability This CVE ID is 
unique fro ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31945 (Paint 3D Remote Code Execution Vulnerability This CVE ID is 
unique fro ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31944 (3D Viewer Information Disclosure Vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31943 (3D Viewer Remote Code Execution Vulnerability This CVE ID is 
unique fr ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31942 (3D Viewer Remote Code Execution Vulnerability This CVE ID is 
unique fr ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31941 (Microsoft Office Graphics Remote Code Execution Vulnerability 
This CVE ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31940 (Microsoft Office Graphics Remote Code Execution Vulnerability 
This CVE ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31939 (Microsoft Excel Remote Code Execution Vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31938 (Microsoft VsCode Kubernetes Tools Extension Elevation of 
Privilege Vul ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2021-31937
        RESERVED
 CVE-2021-31936 (Microsoft Accessibility Insights for Web Information 
Disclosure Vulner ...)
@@ -5984,7 +5984,7 @@ CVE-2021-31839
 CVE-2021-31838
        RESERVED
 CVE-2021-31837 (Memory corruption vulnerability in the driver file component 
in McAfee ...)
-       TODO: check
+       NOT-FOR-US: McAfee
 CVE-2021-31836
        RESERVED
 CVE-2021-31835
@@ -5994,7 +5994,7 @@ CVE-2021-31834
 CVE-2021-31833
        RESERVED
 CVE-2021-31832 (Improper Neutralization of Input in the ePO administrator 
extension fo ...)
-       TODO: check
+       NOT-FOR-US: McAfee
 CVE-2021-31831 (Incorrect access to deleted scripts vulnerability in McAfee 
Database S ...)
        NOT-FOR-US: McAfee
 CVE-2021-31830 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
@@ -6317,7 +6317,7 @@ CVE-2021-31740
 CVE-2021-31739
        RESERVED
 CVE-2021-31738 (Adiscon LogAnalyzer 4.1.10 and 4.1.11 allow login.php XSS. ...)
-       TODO: check
+       NOT-FOR-US: Adiscon LogAnalyzer
 CVE-2021-31737 (emlog v5.3.1 and emlog v6.0.0 have a Remote Code Execution 
vulnerabili ...)
        NOT-FOR-US: emlog
 CVE-2021-31736



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f82e1dd1455ac641481653066f5a1cf5e969a976

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f82e1dd1455ac641481653066f5a1cf5e969a976
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to