[Git][security-tracker-team/security-tracker][master] Process some NFUs

Thu, 26 Aug 2021 01:35:39 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c6e42d8e by Salvatore Bonaccorso at 2021-08-26T10:35:08+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6189,7 +6189,7 @@ CVE-2021-37336
 CVE-2021-37335
        RESERVED
 CVE-2021-37334 (A security issue in Umbraco Forms 4.0.0 to and including 8.7.5 
could l ...)
-       TODO: check
+       NOT-FOR-US: Umbraco Forms
 CVE-2021-37333
        RESERVED
 CVE-2021-37332
@@ -6576,9 +6576,9 @@ CVE-2021-37155 (wolfSSL 4.6.x through 4.7.x before 4.8.0 
does not produce a fail
        NOTE: https://github.com/wolfSSL/wolfssl/pull/3990
        NOTE: https://github.com/wolfSSL/wolfssl/releases/tag/v4.8.0-stable
 CVE-2021-37154 (In ForgeRock Access Management (AM) before 7.0.2, the SAML2 
implementa ...)
-       TODO: check
+       NOT-FOR-US: ForgeRock Access Management (AM)
 CVE-2021-37153 (ForgeRock Access Management (AM) before 7.0.2, when configured 
with Ac ...)
-       TODO: check
+       NOT-FOR-US: ForgeRock Access Management (AM)
 CVE-2021-37152 (Multiple XSS issues exist in Sonatype Nexus Repository Manager 
3 befor ...)
        NOT-FOR-US: Sonatype
 CVE-2021-37151
@@ -28793,7 +28793,7 @@ CVE-2021-28072
 CVE-2021-28071
        RESERVED
 CVE-2021-28070 (Cross Site Request Forgery (CSRF) vulnerability exist in 
PopojiCMS 2.0 ...)
-       TODO: check
+       NOT-FOR-US: PopojiCMS
 CVE-2021-28069
        RESERVED
 CVE-2021-28068
@@ -43346,7 +43346,7 @@ CVE-2021-21871 (A memory corruption vulnerability 
exists in the DMG File Format
 CVE-2021-21870 (A use-after-free vulnerability exists in the JavaScript engine 
of Foxi ...)
        NOT-FOR-US: Foxit
 CVE-2021-21869 (An unsafe deserialization vulnerability exists in the 
Engine.plugin Pr ...)
-       TODO: check
+       NOT-FOR-US: CODESYS
 CVE-2021-21868 (An unsafe deserialization vulnerability exists in the 
ObjectManager.pl ...)
        NOT-FOR-US: CODESYS
 CVE-2021-21867 (An unsafe deserialization vulnerability exists in the 
ObjectManager.pl ...)
@@ -47554,7 +47554,7 @@ CVE-2021-20795
 CVE-2021-20794
        RESERVED
 CVE-2021-20793 (Untrusted search path vulnerability in the installer of Sony 
Audio USB ...)
-       TODO: check
+       NOT-FOR-US: installer of Sony Audio USB Driver and installer of HAP 
Music Transfer
 CVE-2021-20792 (Cross-site scripting vulnerability in Quiz And Survey Master 
versions  ...)
        NOT-FOR-US: Quiz And Survey Master
 CVE-2021-20791
@@ -55054,37 +55054,37 @@ CVE-2021-1594
 CVE-2021-1593 (A vulnerability in Cisco Packet Tracer for Windows could allow 
an auth ...)
        NOT-FOR-US: Cisco
 CVE-2021-1592 (A vulnerability in the way Cisco UCS Manager software handles 
SSH sess ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1591 (A vulnerability in the EtherChannel port subscription logic of 
Cisco N ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1590 (A vulnerability in the implementation of the system login 
block-for co ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1589
        RESERVED
 CVE-2021-1588 (A vulnerability in the MPLS Operation, Administration, and 
Maintenance ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1587 (A vulnerability in the VXLAN Operation, Administration, and 
Maintenanc ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1586 (A vulnerability in the Multi-Pod or Multi-Site network 
configurations  ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1585 (A vulnerability in the Cisco Adaptive Security Device Manager 
(ASDM) L ...)
        NOT-FOR-US: Cisco
 CVE-2021-1584 (A vulnerability in Cisco Nexus 9000 Series Fabric Switches in 
Applicat ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1583 (A vulnerability in the fabric infrastructure file system access 
contro ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1582 (A vulnerability in the web UI of Cisco Application Policy 
Infrastructu ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1581 (Multiple vulnerabilities in the web UI and API endpoints of 
Cisco Appl ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1580 (Multiple vulnerabilities in the web UI and API endpoints of 
Cisco Appl ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1579 (A vulnerability in an API endpoint of Cisco Application Policy 
Infrast ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1578 (A vulnerability in an API endpoint of Cisco Application Policy 
Infrast ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1577 (A vulnerability in an API endpoint of Cisco Application Policy 
Infrast ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1576 (Multiple vulnerabilities in the web-based management interface 
of Cisc ...)
        NOT-FOR-US: Cisco
 CVE-2021-1575 (A vulnerability in the web-based management interface of Cisco 
Virtual ...)
@@ -55192,7 +55192,7 @@ CVE-2021-1525 (A vulnerability in Cisco Webex Meetings 
and Cisco Webex Meetings
 CVE-2021-1524 (A vulnerability in the API of Cisco Meeting Server could allow 
an auth ...)
        NOT-FOR-US: Cisco
 CVE-2021-1523 (A vulnerability in Cisco Nexus 9000 Series Fabric Switches in 
Applicat ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1522 (A vulnerability in the change password API of Cisco Connected 
Mobile E ...)
        NOT-FOR-US: Cisco
 CVE-2021-1521 (A vulnerability in the Cisco Discovery Protocol implementation 
for Cis ...)
@@ -78233,9 +78233,9 @@ CVE-2020-19824
 CVE-2020-19823
        RESERVED
 CVE-2020-19822 (A remote code execution (RCE) vulnerability in 
template_user.php of ZZ ...)
-       TODO: check
+       NOT-FOR-US: ZZCMS
 CVE-2020-19821 (A SQL injection vulnerability in admin.php of DOYOCMS 2.3 
allows attac ...)
-       TODO: check
+       NOT-FOR-US: DOYOCMS
 CVE-2020-19820
        RESERVED
 CVE-2020-19819
@@ -78461,7 +78461,7 @@ CVE-2020-19711
 CVE-2020-19710
        RESERVED
 CVE-2020-19709 (Insufficient filtering of the tag parameters in feehicms 0.1.3 
allows  ...)
-       TODO: check
+       NOT-FOR-US: feehicms
 CVE-2020-19708
        RESERVED
 CVE-2020-19707
@@ -78469,11 +78469,11 @@ CVE-2020-19707
 CVE-2020-19706
        RESERVED
 CVE-2020-19705 (thinkphp-zcms as of 20190715 allows SQL injection via 
index.php?m=home ...)
-       TODO: check
+       NOT-FOR-US: thinkphp-zcms
 CVE-2020-19704 (A stored cross-site scripting (XSS) vulnerability via 
ResourceControll ...)
        TODO: check
 CVE-2020-19703 (A cross-site scripting (XSS) vulnerability in the referer 
parameter of ...)
-       TODO: check
+       NOT-FOR-US: Dzzoffice
 CVE-2020-19702
        RESERVED
 CVE-2020-19701
@@ -78799,7 +78799,7 @@ CVE-2020-19549
 CVE-2020-19548
        RESERVED
 CVE-2020-19547 (Directory Traversal vulnerability exists in PopojiCMS 2.0.1 
via the id ...)
-       TODO: check
+       NOT-FOR-US: PopojiCMS
 CVE-2020-19546
        RESERVED
 CVE-2020-19545
@@ -81850,7 +81850,7 @@ CVE-2020-18067
 CVE-2020-18066 (Cross Site Scripting vulnerability in ZrLog 2.1.0 via the (1) 
userName ...)
        NOT-FOR-US: Zrlog
 CVE-2020-18065 (Cross Site Scripting (XSS) vulnerability exists in PopojiCMS 
2.0.1 in  ...)
-       TODO: check
+       NOT-FOR-US: PopojiCMS
 CVE-2020-18064
        RESERVED
 CVE-2020-18063



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c6e42d8ea48d8e488ed4fd1650478955dae524ac

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c6e42d8ea48d8e488ed4fd1650478955dae524ac
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to