Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8f230f7f by Salvatore Bonaccorso at 2021-09-07T22:27:24+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -296,7 +296,7 @@ CVE-2021-40540 (ulfius_uri_logger in Ulfius HTTP Framework
before 2.7.4 omits co
[buster] - ulfius <no-dsa> (Minor issue)
NOTE:
https://github.com/babelouest/ulfius/commit/c83f564c184a27145e07c274b305cabe943bbfaa
CVE-2021-40539 (Zoho ManageEngine ADSelfService Plus version 6113 and prior is
vulnera ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-40538
RESERVED
CVE-2021-40537
@@ -3092,7 +3092,7 @@ CVE-2021-39287
CVE-2021-39286 (Webrecorder pywb before 2.6.0 allows XSS because it does not
ensure th ...)
NOT-FOR-US: Webrecorder pywb
CVE-2021-39285 (A XSS vulnerability exists in Versa Director Release: 16.1R2
Build: S8 ...)
- TODO: check
+ NOT-FOR-US: Versa
CVE-2021-39284
RESERVED
CVE-2021-39283 (liveMedia/FramedSource.cpp in Live555 through 1.08 allows an
assertion ...)
@@ -3364,9 +3364,9 @@ CVE-2021-39198
CVE-2021-39197 (better_errors is an open source replacement for the standard
Rails err ...)
TODO: check
CVE-2021-39196 (pcapture is an open source dumpcap web service interface . In
affected ...)
- TODO: check
+ NOT-FOR-US: pcapture
CVE-2021-39195 (Misskey is an open source, decentralized microblogging
platform. In af ...)
- TODO: check
+ NOT-FOR-US: Misskey
CVE-2021-39194
RESERVED
CVE-2021-39193 (Frontier is Substrate's Ethereum compatibility layer. Prior to
commit ...)
@@ -4602,11 +4602,11 @@ CVE-2021-38619 (openBaraza HCM 3.1.6 does not properly
neutralize user-controlla
CVE-2021-38618
RESERVED
CVE-2021-38617 (In Eigen NLP 3.10.1, a lack of access control on the
/auth/v1/user/ us ...)
- TODO: check
+ NOT-FOR-US: Eigen
CVE-2021-38616 (In Eigen NLP 3.10.1, a lack of access control on the
/auth/v1/user/{us ...)
- TODO: check
+ NOT-FOR-US: Eigen
CVE-2021-38615 (In Eigen NLP 3.10.1, a lack of access control on the
/auth/v1/sso/conf ...)
- TODO: check
+ NOT-FOR-US: Eigen
CVE-2021-3705
RESERVED
CVE-2021-3704
@@ -5783,7 +5783,7 @@ CVE-2021-38144 (An issue was discovered in Form Tools
through 3.0.20. A low-priv
CVE-2021-38143 (An issue was discovered in Form Tools through 3.0.20. When an
administ ...)
NOT-FOR-US: Form Tools
CVE-2021-38142 (Barco MirrorOp Windows Sender before 2.5.3.65 uses cleartext
HTTP and ...)
- TODO: check
+ NOT-FOR-US: Barco MirrorOp Windows Sender
CVE-2021-38141
RESERVED
CVE-2021-38140 (The set_user extension module before 2.0.1 for PostgreSQL
allows a pot ...)
@@ -6694,41 +6694,41 @@ CVE-2021-37735
CVE-2021-37734
RESERVED
CVE-2021-37733 (A remote path traversal vulnerability was discovered in Aruba
SD-WAN S ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-37732
RESERVED
CVE-2021-37731 (A local path traversal vulnerability was discovered in Aruba
SD-WAN So ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-37730
RESERVED
CVE-2021-37729 (A remote path traversal vulnerability was discovered in Aruba
SD-WAN S ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-37728 (A remote path traversal vulnerability was discovered in Aruba
Operatin ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-37727
RESERVED
CVE-2021-37726
RESERVED
CVE-2021-37725 (A remote cross-site request forgery (csrf) vulnerability was
discovere ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-37724 (A remote arbitrary command execution vulnerability was
discovered in A ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-37723 (A remote arbitrary command execution vulnerability was
discovered in A ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-37722 (A remote arbitrary command execution vulnerability was
discovered in A ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-37721 (A remote arbitrary command execution vulnerability was
discovered in A ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-37720 (A remote arbitrary command execution vulnerability was
discovered in A ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-37719 (A remote arbitrary command execution vulnerability was
discovered in A ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-37718 (A remote arbitrary command execution vulnerability was
discovered in A ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-37717 (A remote arbitrary command execution vulnerability was
discovered in A ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-37716 (A remote buffer overflow vulnerability was discovered in Aruba
SD-WAN ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-37715 (A remote cross-site scripting (XSS) vulnerability was
discovered in Ar ...)
NOT-FOR-US: Aruba
CVE-2021-3671
@@ -9060,7 +9060,7 @@ CVE-2021-36698
CVE-2021-36697
RESERVED
CVE-2021-36696 (Deskpro cloud and on-premise Deskpro 2021.1.6 and fixed in
Deskpro 202 ...)
- TODO: check
+ NOT-FOR-US: Deskpro
CVE-2021-36695
RESERVED
CVE-2021-36694
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f230f7ffc0f536283dccba82378193136a0eb08
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f230f7ffc0f536283dccba82378193136a0eb08
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
