[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 10 Sep 2021 01:53:02 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
08881576 by Salvatore Bonaccorso at 2021-09-10T10:52:21+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -14871,13 +14871,13 @@ CVE-2021-34348
 CVE-2021-34347
        RESERVED
 CVE-2021-34346 (A stack buffer overflow vulnerability has been reported to 
affect QNAP ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2021-34345 (A stack buffer overflow vulnerability has been reported to 
affect QNAP ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2021-34344 (A stack buffer overflow vulnerability has been reported to 
affect QNAP ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2021-34343 (A stack buffer overflow vulnerability has been reported to 
affect QNAP ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2022-20001
        RESERVED
 CVE-2021-3588 (The cli_feat_read_cb() function in src/gatt-database.c does not 
perfor ...)
@@ -28809,13 +28809,13 @@ CVE-2021-28818 (The Rendezvous Routing Daemon (rvrd), 
Rendezvous Secure Routing
 CVE-2021-28817 (The Windows Installation component of TIBCO Software Inc.'s 
TIBCO Rend ...)
        NOT-FOR-US: TIBCO
 CVE-2021-28816 (A stack buffer overflow vulnerability has been reported to 
affect QNAP ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2021-28815 (Insecure storage of sensitive information has been reported to 
affect  ...)
        NOT-FOR-US: QNAP
 CVE-2021-28814 (An improper access control vulnerability has been reported to 
affect Q ...)
        NOT-FOR-US: QNAP
 CVE-2021-28813 (A vulnerability involving insecure storage of sensitive 
information ha ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2021-28812 (A command injection vulnerability has been reported to affect 
certain  ...)
        NOT-FOR-US: QNAP
 CVE-2021-28811 (If exploited, this command injection vulnerability could allow 
remote  ...)
@@ -81370,37 +81370,37 @@ CVE-2020-19297
 CVE-2020-19296
        RESERVED
 CVE-2020-19295 (A reflected cross-site scripting (XSS) vulnerability in the 
/weibo/top ...)
-       TODO: check
+       NOT-FOR-US: Jeesns
 CVE-2020-19294 (A stored cross-site scripting (XSS) vulnerability in the 
/article/comm ...)
-       TODO: check
+       NOT-FOR-US: Jeesns
 CVE-2020-19293 (A stored cross-site scripting (XSS) vulnerability in the 
/article/add  ...)
-       TODO: check
+       NOT-FOR-US: Jeesns
 CVE-2020-19292 (A stored cross-site scripting (XSS) vulnerability in the 
/question/ask ...)
-       TODO: check
+       NOT-FOR-US: Jeesns
 CVE-2020-19291 (A stored cross-site scripting (XSS) vulnerability in the 
/weibo/publis ...)
-       TODO: check
+       NOT-FOR-US: Jeesns
 CVE-2020-19290 (A stored cross-site scripting (XSS) vulnerability in the 
/weibo/commen ...)
-       TODO: check
+       NOT-FOR-US: Jeesns
 CVE-2020-19289 (A stored cross-site scripting (XSS) vulnerability in the 
/member/pictu ...)
-       TODO: check
+       NOT-FOR-US: Jeesns
 CVE-2020-19288 (A stored cross-site scripting (XSS) vulnerability in the 
/localhost/u  ...)
-       TODO: check
+       NOT-FOR-US: Jeesns
 CVE-2020-19287 (A stored cross-site scripting (XSS) vulnerability in the 
/group/post c ...)
-       TODO: check
+       NOT-FOR-US: Jeesns
 CVE-2020-19286 (A stored cross-site scripting (XSS) vulnerability in the 
/question/det ...)
-       TODO: check
+       NOT-FOR-US: Jeesns
 CVE-2020-19285 (A stored cross-site scripting (XSS) vulnerability in the 
/group/apply  ...)
-       TODO: check
+       NOT-FOR-US: Jeesns
 CVE-2020-19284 (A stored cross-site scripting (XSS) vulnerability in the 
/group/commen ...)
-       TODO: check
+       NOT-FOR-US: Jeesns
 CVE-2020-19283 (A reflected cross-site scripting (XSS) vulnerability in the 
/newVersio ...)
-       TODO: check
+       NOT-FOR-US: Jeesns
 CVE-2020-19282 (A reflected cross-site scripting (XSS) vulnerability in Jeesns 
1.4.2 a ...)
-       TODO: check
+       NOT-FOR-US: Jeesns
 CVE-2020-19281 (A stored cross-site scripting (XSS) vulnerability in the 
/manage/login ...)
-       TODO: check
+       NOT-FOR-US: Jeesns
 CVE-2020-19280 (Jeesns 1.4.2 contains a cross-site request forgery (CSRF) 
which allows ...)
-       TODO: check
+       NOT-FOR-US: Jeesns
 CVE-2020-19279
        RESERVED
 CVE-2020-19278
@@ -183770,7 +183770,7 @@ CVE-2018-19959
 CVE-2018-19958
        RESERVED
 CVE-2018-19957 (A vulnerability involving insufficient HTTP security headers 
has been  ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2018-19956 (The cross-site scripting vulnerability has been reported to 
affect ear ...)
        NOT-FOR-US: QNAP
 CVE-2018-19955 (The cross-site scripting vulnerability has been reported to 
affect ear ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0888157698cf1d439035567ae53c7ae1668e5874

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0888157698cf1d439035567ae53c7ae1668e5874
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to