[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 28 Jul 2021 21:53:15 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
1380cbaf by Salvatore Bonaccorso at 2021-07-29T06:52:39+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7689,9 +7689,9 @@ CVE-2021-34168
 CVE-2021-34167
        RESERVED
 CVE-2021-34166 (A SQL INJECTION vulnerability in Sourcecodester Simple Food 
Website 1. ...)
-       TODO: check
+       NOT-FOR-US: Sourcecodester
 CVE-2021-34165 (A SQL Injection vulnerability in Sourcecodester Basic Shopping 
Cart 1. ...)
-       TODO: check
+       NOT-FOR-US: Sourcecodester
 CVE-2021-34164
        RESERVED
 CVE-2021-34163
@@ -30016,7 +30016,7 @@ CVE-2021-25202 (SQL injection vulnerability in 
SourceCodester Sales and Inventor
 CVE-2021-25201 (SQL injection vulnerability in Learning Management System v 
1.0 allows ...)
        NOT-FOR-US: Learning Management System
 CVE-2021-25200 (Arbitrary file upload vulnerability in SourceCodester Learning 
Managem ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2021-25199
        RESERVED
 CVE-2021-25198
@@ -33917,7 +33917,7 @@ CVE-2021-23417 (All versions of package deepmergefn are 
vulnerable to Prototype
 CVE-2021-23416 (This affects all versions of package curly-bracket-parser. 
When used a ...)
        TODO: check
 CVE-2021-23415 (This affects the package elFinder.AspNet before 1.1.1. The 
user-contro ...)
-       TODO: check
+       NOT-FOR-US: elFinder.AspNet
 CVE-2021-23414 (This affects the package video.js before 7.14.3. The src 
attribute of  ...)
        TODO: check
 CVE-2021-23413 (This affects the package jszip before 3.7.0. Crafting a new 
zip file w ...)
@@ -67915,7 +67915,7 @@ CVE-2020-21856
 CVE-2020-21855
        RESERVED
 CVE-2020-21854 (Cross Site Scripting vulnerabiity exists in WDScanner 1.1 in 
the syste ...)
-       TODO: check
+       NOT-FOR-US: WDScanner
 CVE-2020-21853
        RESERVED
 CVE-2020-21852
@@ -68011,7 +68011,7 @@ CVE-2020-21808
 CVE-2020-21807
        RESERVED
 CVE-2020-21806 (SQL Injection Vulnerability in ECTouch v2 via the shop page in 
index.p ...)
-       TODO: check
+       NOT-FOR-US: ECTouch
 CVE-2020-21805
        RESERVED
 CVE-2020-21804
@@ -70237,13 +70237,13 @@ CVE-2020-20703
 CVE-2020-20702
        RESERVED
 CVE-2020-20701 (A stored cross site scripting (XSS) vulnerability in 
/app/config/of S- ...)
-       TODO: check
+       NOT-FOR-US: S-CMS PHP
 CVE-2020-20700 (A stored cross site scripting (XSS) vulnerability in 
/app/form_add/of  ...)
-       TODO: check
+       NOT-FOR-US: S-CMS PHP
 CVE-2020-20699 (A cross site scripting (XSS) vulnerability in S-CMS PHP v3.0 
allows at ...)
-       TODO: check
+       NOT-FOR-US: S-CMS PHP
 CVE-2020-20698 (A remote code execution (RCE) vulnerability in /1.com.php of 
S-CMS PHP ...)
-       TODO: check
+       NOT-FOR-US: S-CMS PHP
 CVE-2020-20697
        RESERVED
 CVE-2020-20696
@@ -73449,7 +73449,7 @@ CVE-2020-19120
 CVE-2020-19119
        RESERVED
 CVE-2020-19118 (Cross Site Scripting (XSS) vulnerabiity in YzmCMS 5.2 via the 
site_cod ...)
-       TODO: check
+       NOT-FOR-US: YzmCMS
 CVE-2020-19117
        RESERVED
 CVE-2020-19116
@@ -75364,13 +75364,13 @@ CVE-2020-18175
 CVE-2020-18174 (A process injection vulnerability in setup.exe of AutoHotkey 
1.1.32.00 ...)
        TODO: check
 CVE-2020-18173 (A DLL injection vulnerability in 1password.dll of 1Password 
7.3.712 al ...)
-       TODO: check
+       NOT-FOR-US: 1Password
 CVE-2020-18172 (A code injection vulnerability in the SeDebugPrivilege 
component of Tr ...)
        TODO: check
 CVE-2020-18171 (TechSmith Snagit 19.1.0.2653 uses Object Linking and Embedding 
(OLE) w ...)
        TODO: check
 CVE-2020-18170 (An issue in the SeChangeNotifyPrivilege component of Abloy Key 
Manager ...)
-       TODO: check
+       NOT-FOR-US: Abloy Key Manager
 CVE-2020-18169 (A vulnerability in the Windows installer XML (WiX) toolset of 
TechSmit ...)
        TODO: check
 CVE-2020-18168
@@ -75809,7 +75809,7 @@ CVE-2020-17954
 CVE-2020-17953
        RESERVED
 CVE-2020-17952 (A remote code execution (RCE) vulnerability in 
/library/think/App.php  ...)
-       TODO: check
+       NOT-FOR-US: Twothink
 CVE-2020-17951
        RESERVED
 CVE-2020-17950
@@ -89200,7 +89200,7 @@ CVE-2020-12683 (Katyshop2 before 2.12 has multiple 
stored XSS issues. ...)
 CVE-2020-12682
        RESERVED
 CVE-2020-12681 (Missing TLS certificate validation on 3xLogic Infinias eIDC32 
devices  ...)
-       TODO: check
+       NOT-FOR-US: 3xLogic Infinias eIDC32 devices
 CVE-2020-12680 (** DISPUTED ** Avira Free Antivirus through 15.0.2005.1866 
allows loca ...)
        NOT-FOR-US: Avira Free Antivirus
 CVE-2020-12679 (A reflected cross-site scripting (XSS) vulnerability in the 
Mitel Shor ...)
@@ -100165,7 +100165,7 @@ CVE-2019-20469
 CVE-2019-20468 (An issue was discovered in SeTracker2 for TK-Star Q90 Junior 
GPS horlo ...)
        NOT-FOR-US: TK-Star Q90 Junior GPS horloge
 CVE-2019-20467 (An issue was discovered on Sannce Smart HD Wifi Security 
Camera EAN 2  ...)
-       TODO: check
+       NOT-FOR-US: Sannce
 CVE-2019-20466 (An issue was discovered on Sannce Smart HD Wifi Security 
Camera EAN 2  ...)
        NOT-FOR-US: Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 
devices
 CVE-2019-20465 (An issue was discovered on Sannce Smart HD Wifi Security 
Camera EAN 2  ...)
@@ -335944,11 +335944,11 @@ CVE-2015-2157 (The (1) ssh2_load_userkey and (2) 
ssh2_save_userkey functions in
        - putty 0.63-10 (bug #779488)
        NOTE: 
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html
 CVE-2015-2100 (Multiple stack-based buffer overflows in WebGate eDVR Manager 
and Cont ...)
-       TODO: check
+       NOT-FOR-US: eDVR Manager and Control Center
 CVE-2015-2099 (Multiple buffer overflows in WebGate Control Center allow 
remote attac ...)
        TODO: check
 CVE-2015-2098 (Multiple stack-based buffer overflows in WebGate eDVR Manager 
allow re ...)
-       TODO: check
+       NOT-FOR-US: WebGate eDVR Manager
 CVE-2015-2097 (Multiple buffer overflows in WebGate Embedded Standard Protocol 
(WESP) ...)
        NOT-FOR-US: WESP SDK
 CVE-2015-2096 (Use-after-free vulnerability in the Connect function in the 
WESPMonito ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1380cbaf82388ca9e1e86a9167aa426c5c8e237e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1380cbaf82388ca9e1e86a9167aa426c5c8e237e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to