Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e7ec1611 by Salvatore Bonaccorso at 2021-09-15T22:37:45+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -876,7 +876,7 @@ CVE-2021-40864 (The Translate plugin 6.1.x through 6.3.x
before 6.3.0.72 for ONL
CVE-2021-40863
RESERVED
CVE-2021-40862 (HashiCorp Terraform Enterprise up to v202108-1 contained an
API endpoi ...)
- TODO: check
+ NOT-FOR-US: HashiCorp Terraform Enterprise
CVE-2021-40861
RESERVED
CVE-2021-40860
@@ -5843,15 +5843,15 @@ CVE-2021-38673
CVE-2021-38672
RESERVED
CVE-2021-38671 (Windows Print Spooler Elevation of Privilege Vulnerability
This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38670
RESERVED
CVE-2021-38669 (Microsoft Edge (Chromium-based) Tampering Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38668
RESERVED
CVE-2021-38667 (Windows Print Spooler Elevation of Privilege Vulnerability
This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38666
RESERVED
CVE-2021-38665
@@ -5865,39 +5865,39 @@ CVE-2021-38662
CVE-2021-38661 (HEVC Video Extensions Remote Code Execution Vulnerability ...)
TODO: check
CVE-2021-38660 (Microsoft Office Graphics Remote Code Execution Vulnerability
This CVE ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38659 (Microsoft Office Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38658 (Microsoft Office Graphics Remote Code Execution Vulnerability
This CVE ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38657 (Microsoft Office Graphics Component Information Disclosure
Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38656 (Microsoft Word Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38655 (Microsoft Excel Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38654 (Microsoft Office Visio Remote Code Execution Vulnerability
This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38653 (Microsoft Office Visio Remote Code Execution Vulnerability
This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38652 (Microsoft SharePoint Server Spoofing Vulnerability This CVE ID
is uniq ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38651 (Microsoft SharePoint Server Spoofing Vulnerability This CVE ID
is uniq ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38650 (Microsoft Office Spoofing Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38649 (Open Management Infrastructure Elevation of Privilege
Vulnerability Th ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38648 (Open Management Infrastructure Elevation of Privilege
Vulnerability Th ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38647 (Open Management Infrastructure Remote Code Execution
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38646 (Microsoft Office Access Connectivity Engine Remote Code
Execution Vuln ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38645 (Open Management Infrastructure Elevation of Privilege
Vulnerability Th ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38644 (Microsoft MPEG-2 Video Extension Remote Code Execution
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38643
RESERVED
CVE-2021-38642 (Microsoft Edge for iOS Spoofing Vulnerability ...)
@@ -5907,37 +5907,37 @@ CVE-2021-38641 (Microsoft Edge for Android Spoofing
Vulnerability ...)
CVE-2021-38640
RESERVED
CVE-2021-38639 (Win32k Elevation of Privilege Vulnerability This CVE ID is
unique from ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38638 (Windows Ancillary Function Driver for WinSock Elevation of
Privilege V ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38637 (Windows Storage Information Disclosure Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38636 (Windows Redirected Drive Buffering SubSystem Driver
Information Disclo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38635 (Windows Redirected Drive Buffering SubSystem Driver
Information Disclo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38634 (Microsoft Windows Update Client Elevation of Privilege
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38633 (Windows Common Log File System Driver Elevation of Privilege
Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38632 (BitLocker Security Feature Bypass Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38631
RESERVED
CVE-2021-38630 (Windows Event Tracing Elevation of Privilege Vulnerability
This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38629 (Windows Ancillary Function Driver for WinSock Information
Disclosure V ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38628 (Windows Ancillary Function Driver for WinSock Elevation of
Privilege V ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38627
RESERVED
CVE-2021-38626 (Windows Kernel Elevation of Privilege Vulnerability This CVE
ID is uni ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38625 (Windows Kernel Elevation of Privilege Vulnerability This CVE
ID is uni ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38624 (Windows Key Storage Provider Security Feature Bypass
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-38623 (The deferred_image_processing (aka Deferred image processing)
extensio ...)
NOT-FOR-US: deferred_image_processing (aka Deferred image processing)
extension for TYPO3
CVE-2021-38622
@@ -7119,7 +7119,7 @@ CVE-2021-38158
CVE-2021-38157 (** UNSUPPORTED WHEN ASSIGNED ** LeoStream Connection Broker
9.x before ...)
NOT-FOR-US: LeoStream Connection Broker
CVE-2021-38156 (In Nagios XI before 5.8.6, XSS exists in the dashboard page
(/dashboar ...)
- TODO: check
+ NOT-FOR-US: Nagios XI
CVE-2021-38155 (OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x
before 17.0.1 ...)
- keystone 2:19.0.0-3 (bug #992070)
[bullseye] - keystone <no-dsa> (Minor issue)
@@ -8771,7 +8771,7 @@ CVE-2021-37414 (Zoho ManageEngine DesktopCentral version
10.1.2119.7 and prior a
CVE-2021-37413
RESERVED
CVE-2021-37412 (The TechRadar app 1.1 for Confluence Server allows XSS via the
Title f ...)
- TODO: check
+ NOT-FOR-US: TechRadar app for Confluence Server
CVE-2021-37411
RESERVED
CVE-2021-3665
@@ -9747,53 +9747,53 @@ CVE-2021-36976 (libarchive 3.4.1 through 3.5.1 has a
use-after-free in copy_stri
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32375
NOTE:
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libarchive/OSV-2021-557.yaml
CVE-2021-36975 (Win32k Elevation of Privilege Vulnerability This CVE ID is
unique from ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36974 (Windows SMB Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36973 (Windows Redirected Drive Buffering System Elevation of
Privilege Vulne ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36972 (Windows SMB Information Disclosure Vulnerability This CVE ID
is unique ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36971
RESERVED
CVE-2021-36970
RESERVED
CVE-2021-36969 (Windows Redirected Drive Buffering SubSystem Driver
Information Disclo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36968 (Windows DNS Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36967 (Windows WLAN AutoConfig Service Elevation of Privilege
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36966 (Windows Subsystem for Linux Elevation of Privilege
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36965 (Windows WLAN AutoConfig Service Remote Code Execution
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36964 (Windows Event Tracing Elevation of Privilege Vulnerability
This CVE ID ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36963 (Windows Common Log File System Driver Elevation of Privilege
Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36962 (Windows Installer Information Disclosure Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36961 (Windows Installer Denial of Service Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36960 (Windows SMB Information Disclosure Vulnerability This CVE ID
is unique ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36959 (Windows Authenticode Spoofing Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36958 (Windows Print Spooler Remote Code Execution Vulnerability This
CVE ID ...)
NOT-FOR-US: Microsoft
CVE-2021-36957
RESERVED
CVE-2021-36956 (Azure Sphere Information Disclosure Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36955 (Windows Common Log File System Driver Elevation of Privilege
Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36954 (Windows Bind Filter Driver Elevation of Privilege
Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36953
RESERVED
CVE-2021-36952 (Visual Studio Remote Code Execution Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-36951
RESERVED
CVE-2021-36950 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting
Vulnerabilit ...)
@@ -34057,11 +34057,11 @@ CVE-2021-27048 (HEVC Video Extensions Remote Code
Execution Vulnerability This C
CVE-2021-27047 (HEVC Video Extensions Remote Code Execution Vulnerability This
CVE ID ...)
NOT-FOR-US: Microsoft
CVE-2021-27046 (A Memory Corruption vulnerability for PDF files in Autodesk
Navisworks ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2021-27045 (A maliciously crafted PDF file in Autodesk Navisworks 2019,
2020, 2021 ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2021-27044 (A Out-Of-Bounds Read/Write Vulnerability in Autodesk FBX
Review versio ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2021-27043 (An Arbitrary Address Write issue in the Autodesk DWG
application can a ...)
NOT-FOR-US: Autodesk
CVE-2021-27042 (A maliciously crafted DWG file can be used to write beyond the
allocat ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7ec1611fe20816c4761c6c6a4644c71566966d3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7ec1611fe20816c4761c6c6a4644c71566966d3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
