[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Salvatore Bonaccorso (@carnil) Wed, 08 Sep 2021 01:55:26 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
609e1f46 by Salvatore Bonaccorso at 2021-09-08T10:55:04+02:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8015,7 +8015,7 @@ CVE-2021-37147
 CVE-2021-37146
        RESERVED
 CVE-2021-37145 (** UNSUPPORTED WHEN ASSIGNED ** A command-injection 
vulnerability in a ...)
-       TODO: check
+       NOT-FOR-US: Poly (formerly Polycom)
 CVE-2021-37144 (CSZ CMS 1.2.9 is vulnerable to Arbitrary File Deletion. This 
occurs in ...)
        NOT-FOR-US: CSZ CMS
 CVE-2021-37143
@@ -16220,7 +16220,7 @@ CVE-2021-33601
 CVE-2021-33600
        RESERVED
 CVE-2021-33599 (A vulnerability affecting F-Secure Antivirus engine was 
discovered whe ...)
-       TODO: check
+       NOT-FOR-US: F-Secure Antivirus
 CVE-2021-33598 (A Denial-of-Service (DoS) vulnerability was discovered in all 
versions ...)
        NOT-FOR-US: F-Secure
 CVE-2021-33597 (A Denial-of-Service (DoS) vulnerability was discovered in 
F-Secure Atl ...)
@@ -38660,7 +38660,7 @@ CVE-2021-24613
 CVE-2021-24612
        RESERVED
 CVE-2021-24611 (The Keyword Meta WordPress plugin through 3.0 does not 
sanitise of esc ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24610
        RESERVED
 CVE-2021-24609
@@ -79804,11 +79804,11 @@ CVE-2020-19857
 CVE-2020-19856
        RESERVED
 CVE-2020-19855 (phpwcms v1.9 contains a cross-site scripting (XSS) 
vulnerability in /i ...)
-       TODO: check
+       NOT-FOR-US: phpwcms
 CVE-2020-19854
        RESERVED
 CVE-2020-19853 (BlueCMS v1.6 contains a SQL injection vulnerability via 
/ad_js.php. ...)
-       TODO: check
+       NOT-FOR-US: BlueCMS
 CVE-2020-19852
        RESERVED
 CVE-2020-19851
@@ -79978,11 +79978,11 @@ CVE-2020-19770
 CVE-2020-19769 (A lack of target address verification in the BurnMe() function 
of Rob  ...)
        TODO: check
 CVE-2020-19768 (A lack of target address verification in the selfdestructs() 
function  ...)
-       TODO: check
+       NOT-FOR-US: ICOVO
 CVE-2020-19767 (A lack of target address verification in the destroycontract() 
functio ...)
-       TODO: check
+       NOT-FOR-US: 0xRACER
 CVE-2020-19766 (The time check operation of PepeAuctionSale 1.0 can be 
rendered ineffe ...)
-       TODO: check
+       NOT-FOR-US: PepeAuctionSale
 CVE-2020-19765 (An issue in the noReentrance() modifier of the Ethereum-based 
contract ...)
        TODO: check
 CVE-2020-19764
@@ -111141,7 +111141,7 @@ CVE-2020-7879
 CVE-2020-7878
        RESERVED
 CVE-2020-7877 (A buffer overflow issue was discovered in ZOOK solution(remote 
adminis ...)
-       TODO: check
+       NOT-FOR-US: ZOOK
 CVE-2020-7876
        RESERVED
 CVE-2020-7875
@@ -111165,7 +111165,7 @@ CVE-2020-7867
 CVE-2020-7866 (When using XPLATFORM 9.2.2.270 or earlier versions ActiveX 
component,  ...)
        NOT-FOR-US: XPLATFORM
 CVE-2020-7865 (A vulnerability(improper input validation) in the ExECM CoreB2B 
soluti ...)
-       TODO: check
+       NOT-FOR-US: ExECM CoreB2B
 CVE-2020-7864 (Parameter manipulation can bypass authentication to cause file 
upload  ...)
        NOT-FOR-US: Raonwiz DEXT5Editor
 CVE-2020-7863 (A vulnerability in File Transfer Solution of Raonwiz could 
allow arbit ...)
@@ -111231,7 +111231,7 @@ CVE-2020-7834
 CVE-2020-7833
        RESERVED
 CVE-2020-7832 (A vulnerability (improper input validation) in the DEXT5 Upload 
soluti ...)
-       TODO: check
+       NOT-FOR-US: DEXT5 Upload
 CVE-2020-7831 (A vulnerability in the web-based contract management service 
interface ...)
        NOT-FOR-US: Inogard Ebiz4u
 CVE-2020-7830 (RAONWIZ v2018.0.2.50 and earlier versions contains a 
vulnerability tha ...)
@@ -111257,7 +111257,7 @@ CVE-2020-7821 (Nexacro14/17 ExtCommonApiV13 Library 
under 2019.9.6 version conta
 CVE-2020-7820 (Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version 
contain a  ...)
        NOT-FOR-US: Nexacro14/17 ExtCommonApiV13 Library
 CVE-2020-7819 (A SQL-Injection vulnerability in the nTracker USB 
Enterprise(secure US ...)
-       TODO: check
+       NOT-FOR-US: nTracker USB Enterprise
 CVE-2020-7818 (DaviewIndy 8.98.9 and earlier has a Heap-based overflow 
vulnerability, ...)
        NOT-FOR-US: Daview
 CVE-2020-7817 (MyBrowserPlus downloads the files needed to run the program 
through th ...)
@@ -173542,7 +173542,7 @@ CVE-2019-5320 (Aruba Intelligent Edge Switch Series 
2540, 2530, 2930F, 2930M, 29
 CVE-2019-5319 (A remote buffer overflow vulnerability was discovered in some 
Aruba In ...)
        NOT-FOR-US: Aruba
 CVE-2019-5318 (A remote cross-site request forgery (csrf) vulnerability was 
discovere ...)
-       TODO: check
+       NOT-FOR-US: Aruba
 CVE-2019-5317 (A local authentication bypass vulnerability was discovered in 
some Aru ...)
        NOT-FOR-US: Aruba
 CVE-2019-5316



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/609e1f4602773e0ee8d80acd22a34c9f2b86bb97

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/609e1f4602773e0ee8d80acd22a34c9f2b86bb97
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Reply via email to