Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8cdb6bc7 by Moritz Muehlenhoff at 2021-06-11T10:12:54+02:00
NFUs
two n/a for SuSE packaging issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2204,7 +2204,7 @@ CVE-2021-33670
CVE-2021-33669 (Under certain conditions, SAP Mobile SDK Certificate Provider
allows a ...)
NOT-FOR-US: SAP
CVE-2021-33668 (Due to improper input sanitization, specially crafted LDAP
queries can ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-33667
RESERVED
CVE-2021-33666 (When SAP Commerce Cloud version 100, hosts a JavaScript
storefront, it ...)
@@ -2896,7 +2896,7 @@ CVE-2021-33361
CVE-2021-33360
RESERVED
CVE-2021-33359 (A vulnerability exists in gowitness < 2.3.6 that allows an
unauthen ...)
- TODO: check
+ NOT-FOR-US: gowitness
CVE-2021-33358 (Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the
"interfac ...)
NOT-FOR-US: RaspAP
CVE-2021-33357 (A vulnerability exists in RaspAP 2.6 to 2.6.5 in the "iface"
GET param ...)
@@ -4420,9 +4420,9 @@ CVE-2021-32676
CVE-2021-32675
RESERVED
CVE-2021-32674 (Zope is an open-source web application server. This advisory
extends t ...)
- TODO: check
+ NOT-FOR-US: Zope
CVE-2021-32673 (reg-keygen-git-hash-plugin is a reg-suit plugin to detect the
snapshot ...)
- TODO: check
+ NOT-FOR-US: reg-keygen-git-hash-plugin
CVE-2021-32672
RESERVED
CVE-2021-32671 (Flarum is a forum software for building communities. Flarum's
translat ...)
@@ -4452,7 +4452,7 @@ CVE-2021-32660 (Backstage is an open platform for
building developer portals, an
CVE-2021-32659
RESERVED
CVE-2021-32658 (Nextcloud Android is the Android client for the Nextcloud open
source ...)
- TODO: check
+ NOT-FOR-US: Nextcloud client for Android
CVE-2021-32657 (Nextcloud Server is a Nextcloud package that handles data
storage. In ...)
- nextcloud-server <itp> (bug #941708)
CVE-2021-32656 (Nextcloud Server is a Nextcloud package that handles data
storage. A v ...)
@@ -5683,7 +5683,7 @@ CVE-2021-32108
CVE-2021-32107
RESERVED
CVE-2021-32106 (In ICEcoder 8.0 allows, a reflected XSS vulnerability was
identified i ...)
- TODO: check
+ NOT-FOR-US: ICEcoder
CVE-2021-32105
RESERVED
CVE-2021-32104 (A SQL injection vulnerability exists (with user privileges) in
interfa ...)
@@ -6054,9 +6054,9 @@ CVE-2021-32000
CVE-2021-31999
RESERVED
CVE-2021-31998 (A Incorrect Default Permissions vulnerability in the packaging
of inn ...)
- TODO: check
+ - inn2 <not-affected> (SuSE-specific packaging issue)
CVE-2021-31997 (a UNIX Symbolic Link (Symlink) Following vulnerability in
python-posto ...)
- TODO: check
+ - postorius <not-affected> (SuSE-specific packaging issue)
CVE-2021-31996 (An issue was discovered in the algorithmica crate through
2021-03-07 f ...)
NOT-FOR-US: Rust crate algorithmica
CVE-2021-3529 (A flaw was found in noobaa-core in versions before 5.7.0. This
flaw re ...)
@@ -6086,7 +6086,7 @@ CVE-2021-31985 (Microsoft Defender Remote Code Execution
Vulnerability ...)
CVE-2021-31984
RESERVED
CVE-2021-31983 (Paint 3D Remote Code Execution Vulnerability This CVE ID is
unique fro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31982
RESERVED
CVE-2021-31981
@@ -6118,7 +6118,7 @@ CVE-2021-31969 (Windows Cloud Files Mini Filter Driver
Elevation of Privilege Vu
CVE-2021-31968 (Windows Remote Desktop Services Denial of Service
Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-31967 (VP9 Video Extensions Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31966 (Microsoft SharePoint Server Remote Code Execution
Vulnerability This C ...)
NOT-FOR-US: Microsoft
CVE-2021-31965 (Microsoft SharePoint Server Information Disclosure
Vulnerability ...)
@@ -6128,7 +6128,7 @@ CVE-2021-31964 (Microsoft SharePoint Server Spoofing
Vulnerability This CVE ID i
CVE-2021-31963 (Microsoft SharePoint Server Remote Code Execution
Vulnerability This C ...)
NOT-FOR-US: Microsoft
CVE-2021-31962 (Kerberos AppContainer Security Feature Bypass Vulnerability
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-31961
RESERVED
CVE-2021-31960 (Windows Bind Filter Driver Information Disclosure
Vulnerability ...)
@@ -7222,7 +7222,7 @@ CVE-2021-31540 (Wowza Streaming Engine through 4.8.5 (in
a default installation)
CVE-2021-31539 (Wowza Streaming Engine before 4.8.8.01 (in a default
installation) has ...)
NOT-FOR-US: Wowza Streaming Engine
CVE-2021-31538 (LANCOM R&S Unified Firewall (UF) devices running LCOS FX
10.5 allo ...)
- TODO: check
+ NOT-FOR-US: LANCOM
CVE-2021-31537 (SIS SIS-REWE Go before 7.7 SP17 allows XSS:
rewe/prod/web/index.php (a ...)
NOT-FOR-US: SIS-REWE Go
CVE-2021-31536
@@ -10029,7 +10029,7 @@ CVE-2021-30359
CVE-2021-30358
RESERVED
CVE-2021-30357 (SSL Network Extender Client for Linux before build 800008302
reveals p ...)
- TODO: check
+ NOT-FOR-US: SSL Network Extender Client
CVE-2021-30356 (A denial of service vulnerability was reported in Check Point
Identity ...)
NOT-FOR-US: Check Point Identity Agent
CVE-2021-30355
@@ -15039,7 +15039,7 @@ CVE-2021-28295 (Online Ordering System 1.0 is
vulnerable to unauthenticated SQL
CVE-2021-28294 (Online Ordering System 1.0 is vulnerable to arbitrary file
upload thro ...)
NOT-FOR-US: Online Ordering System
CVE-2021-28293 (Seceon aiSIEM before 6.3.2 (build 585) is prone to an
unauthenticated ...)
- TODO: check
+ NOT-FOR-US: Seceon aiSIEM
CVE-2021-28292
RESERVED
CVE-2021-28291
@@ -17225,7 +17225,7 @@ CVE-2021-27392 (A vulnerability has been identified in
Siveillance Video Open Ne
CVE-2021-27391
RESERVED
CVE-2021-27390 (A vulnerability has been identified in JT2Go (All versions
< V13.1. ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2021-27389 (A vulnerability has been identified in Opcenter Quality (All
versions ...)
NOT-FOR-US: Opcenter Quality
CVE-2021-27388
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8cdb6bc7d6ee7715739cae03ad9c730587a8db2f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8cdb6bc7d6ee7715739cae03ad9c730587a8db2f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
