[Git][security-tracker-team/security-tracker][master] Process some NFUs

Sat, 24 Jul 2021 02:10:12 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
81cd7aaf by Salvatore Bonaccorso at 2021-07-24T11:09:45+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -25294,7 +25294,7 @@ CVE-2021-26801
 CVE-2021-26800
        RESERVED
 CVE-2021-26799 (Cross Site Scripting (XSS) vulnerability in admin/files/edit 
in Omeka  ...)
-       TODO: check
+       NOT-FOR-US: Omeka
 CVE-2021-26798
        RESERVED
 CVE-2021-26797 (An access control vulnerability in Hame SD1 Wi-Fi firmware 
<=V.2014 ...)
@@ -28004,9 +28004,9 @@ CVE-2021-25811 (MERCUSYS Mercury X18G 1.0.5 devices 
allow Denial of service via
 CVE-2021-25810 (Cross site Scripting (XSS) vulnerability in MERCUSYS Mercury 
X18G 1.0. ...)
        NOT-FOR-US: MERCUSYS Mercury X18G 1.0.5 devices
 CVE-2021-25809 (UCMS 1.5.0 was discovered to contain a physical path leakage 
via an er ...)
-       TODO: check
+       NOT-FOR-US: UCMS
 CVE-2021-25808 (A code injection vulnerability in backup/plugin.php of Bludit 
3.13.1 a ...)
-       TODO: check
+       NOT-FOR-US: Bludit
 CVE-2021-25807
        RESERVED
 CVE-2021-25806
@@ -28040,9 +28040,9 @@ CVE-2021-25793
 CVE-2021-25792
        RESERVED
 CVE-2021-25791 (Multiple stored cross site scripting (XSS) vulnerabilities in 
the "Upd ...)
-       TODO: check
+       NOT-FOR-US: Online Doctor Appointment System
 CVE-2021-25790 (Multiple stored cross site scripting (XSS) vulnerabilities in 
the "Reg ...)
-       TODO: check
+       NOT-FOR-US: House Rental and Property Listing
 CVE-2021-25789
        RESERVED
 CVE-2021-25788
@@ -29293,7 +29293,7 @@ CVE-2021-25275 (SolarWinds Orion Platform before 
2020.2.4, as used by various So
 CVE-2021-25274 (The Collector Service in SolarWinds Orion Platform before 
2020.2.4 use ...)
        NOT-FOR-US: SolarWinds
 CVE-2021-3159 (A stored cross site scripting (XSS) vulnerability in the 
/sys/attachme ...)
-       TODO: check
+       NOT-FOR-US: Landray EKP
 CVE-2021-25273
        RESERVED
 CVE-2021-25272
@@ -29447,21 +29447,21 @@ CVE-2021-25210 (Arbitrary file upload vulnerability 
in SourceCodester Alumni Man
 CVE-2021-25209 (SQL injection vulnerability in SourceCodester Theme Park 
Ticketing Sys ...)
        NOT-FOR-US: SourceCodester Theme Park Ticketing System
 CVE-2021-25208 (Arbitrary file upload vulnerability in SourceCodester Travel 
Managemen ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2021-25207 (Arbitrary file upload vulnerability in SourceCodester 
E-Commerce Websi ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2021-25206 (Arbitrary file upload vulnerability in SourceCodester 
Responsive Order ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2021-25205 (SQL injection vulnerability in SourceCodester E-Commerce 
Website V 1.0 ...)
        NOT-FOR-US: SourceCodester
 CVE-2021-25204 (Cross-site scripting (XSS) vulnerability in SourceCodester 
E-Commerce  ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2021-25203 (Arbitrary file upload vulnerability in Victor CMS v 1.0 allows 
attacke ...)
-       TODO: check
+       NOT-FOR-US: Victor CMS
 CVE-2021-25202 (SQL injection vulnerability in SourceCodester Sales and 
Inventory Syst ...)
        NOT-FOR-US: SourceCodester Sales and Inventory System
 CVE-2021-25201 (SQL injection vulnerability in Learning Management System v 
1.0 allows ...)
-       TODO: check
+       NOT-FOR-US: Learning Management System
 CVE-2021-25200
        RESERVED
 CVE-2021-25199
@@ -69550,7 +69550,7 @@ CVE-2020-20743
 CVE-2020-20742
        RESERVED
 CVE-2020-20741 (Incorrect Access Control in Beckhoff Automation GmbH & Co. 
KG CX90 ...)
-       TODO: check
+       NOT-FOR-US: Beckhoff
 CVE-2020-20740 (PDFResurrect before 0.20 lack of header validation checks 
causes heap- ...)
        {DLA-2475-1}
        - pdfresurrect 0.21-1
@@ -85050,7 +85050,7 @@ CVE-2020-14033 (An issue was discovered in 
janus-gateway (aka Janus WebRTC Serve
        NOTE: https://github.com/meetecho/janus-gateway/pull/2229
        NOTE: 
https://github.com/meetecho/janus-gateway/commit/dacb4edfad8e77f73b64d8c175cca0a7796ebf80
 CVE-2020-14032 (ASRock 4x4 BOX-R1000 before BIOS P1.40 allows privilege 
escalation via ...)
-       TODO: check
+       NOT-FOR-US: ASRock
 CVE-2020-14031 (An issue was discovered in Ozeki NG SMS Gateway through 
4.17.6. The ou ...)
        NOT-FOR-US: Ozeki NG SMS Gateway
 CVE-2020-14030 (An issue was discovered in Ozeki NG SMS Gateway through 
4.17.6. It sto ...)
@@ -108897,7 +108897,7 @@ CVE-2020-5318 (Dell EMC Isilon OneFS versions 8.1.2, 
8.1.0.4, 8.1.0.3, and 8.0.0
 CVE-2020-5317 (Dell EMC ECS versions prior to 3.4.0.1 contain an XSS 
vulnerability. A ...)
        NOT-FOR-US: EMC
 CVE-2020-5316 (Dell SupportAssist for Business PCs versions 2.0, 2.0.1, 2.0.2, 
2.1, 2 ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2020-5315 (Dell EMC Repository Manager (DRM) version 3.2 contains a 
plain-text pa ...)
        NOT-FOR-US: EMC
 CVE-2019-20333



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81cd7aaf44ff8cb7739cde1ab56ada89526353bb

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81cd7aaf44ff8cb7739cde1ab56ada89526353bb
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to