Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dc94b45f by Salvatore Bonaccorso at 2021-09-16T06:26:26+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -32676,7 +32676,7 @@ CVE-2021-27664
CVE-2021-27663 (A vulnerability in versions 10.1 through 10.5 of Johnson
Controls CEM ...)
NOT-FOR-US: Johnson Controls
CVE-2021-27662 (The KT-1 door controller is susceptible to replay or
man-in-the-middle ...)
- TODO: check
+ NOT-FOR-US: KT-1 door controller
CVE-2021-27661 (Successful exploitation of this vulnerability could give an
authentica ...)
NOT-FOR-US: Facility Explorer SNC Series Supervisory Controller
CVE-2021-27660 (An insecure client auto update feature in C-CURE 9000 can
allow remote ...)
@@ -35583,13 +35583,13 @@ CVE-2021-26439 (Microsoft Edge for Android
Information Disclosure Vulnerability
CVE-2021-26438
RESERVED
CVE-2021-26437 (Visual Studio Code Spoofing Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26436 (Microsoft Edge (Chromium-based) Elevation of Privilege
Vulnerability T ...)
NOT-FOR-US: Microsoft
CVE-2021-26435 (Windows Scripting Engine Memory Corruption Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26434 (Visual Studio Elevation of Privilege Vulnerability ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2021-26433 (Windows Services for NFS ONCRPC XDR Driver Information
Disclosure Vuln ...)
NOT-FOR-US: Microsoft
CVE-2021-26432 (Windows Services for NFS ONCRPC XDR Driver Remote Code
Execution Vulne ...)
@@ -46627,7 +46627,7 @@ CVE-2021-21800 (Cross-site scripting vulnerabilities
exist in the ssh_form.php s
CVE-2021-21799 (Cross-site scripting vulnerabilities exist in the
telnet_form.php scri ...)
NOT-FOR-US: Advantech R-SeeNet
CVE-2021-21798 (An exploitable return of stack variable address vulnerability
exists i ...)
- TODO: check
+ NOT-FOR-US: Nitro Pro PDF
CVE-2021-21797
RESERVED
CVE-2021-21796
@@ -53211,7 +53211,7 @@ CVE-2020-35342
CVE-2020-35341
RESERVED
CVE-2020-35340 (A local file inclusion vulnerability in ExpertPDF 9.5.0
through 14.1.0 ...)
- TODO: check
+ NOT-FOR-US: ExpertPDF
CVE-2020-35339 (In 74cms version 5.0.1, there is a remote code execution
vulnerability ...)
NOT-FOR-US: 74cms
CVE-2020-35338 (The Web Administrative Interface in Mobile Viewpoint Wireless
Multiple ...)
@@ -78683,19 +78683,19 @@ CVE-2020-21129
CVE-2020-21128
RESERVED
CVE-2020-21127 (MetInfo 7.0.0 contains a SQL injection vulnerability via
admin/?n=logs ...)
- TODO: check
+ NOT-FOR-US: MetInfo
CVE-2020-21126 (MetInfo 7.0.0 contains a Cross-Site Request Forgery (CSRF) via
admin/? ...)
- TODO: check
+ NOT-FOR-US: MetInfo
CVE-2020-21125 (An arbitrary file creation vulnerability in UReport 2.2.9
allows attac ...)
- TODO: check
+ NOT-FOR-US: UReport
CVE-2020-21124 (UReport 2.2.9 allows attackers to execute arbitrary code due
to a lack ...)
- TODO: check
+ NOT-FOR-US: UReport
CVE-2020-21123
RESERVED
CVE-2020-21122 (UReport v2.2.9 contains a Server-Side Request Forgery (SSRF)
in the de ...)
- TODO: check
+ NOT-FOR-US: UReport
CVE-2020-21121 (Pligg CMS 2.0.2 contains a time-based SQL injection
vulnerability via ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2020-21120
RESERVED
CVE-2020-21119
@@ -82738,33 +82738,33 @@ CVE-2020-19161
CVE-2020-19160
RESERVED
CVE-2020-19159 (Cross Site Request Forgery (CSRF) in LaikeTui v3 allows remote
attacke ...)
- TODO: check
+ NOT-FOR-US: LaikeTui
CVE-2020-19158 (Cross Site Scripting (XSS) in S-CMS build 20191014 and earlier
allows ...)
- TODO: check
+ NOT-FOR-US: S-CMS
CVE-2020-19157 (Cross Site Scripting (CSS) in Wenku CMS v3.4 allows remote
attackers t ...)
- TODO: check
+ NOT-FOR-US: Wenku CMS
CVE-2020-19156 (Cross Site Scripting (XSS) in Ari Adminer v1 allows remote
attackers t ...)
TODO: check
CVE-2020-19155 (Improper Access Control in Jfinal CMS v4.7.1 and earlier
allows remote ...)
- TODO: check
+ NOT-FOR-US: Jfinal CMS
CVE-2020-19154 (Improper Access Control in Jfinal CMS v4.7.1 and earlier
allows remote ...)
- TODO: check
+ NOT-FOR-US: Jfinal CMS
CVE-2020-19153
RESERVED
CVE-2020-19152
RESERVED
CVE-2020-19151 (Command Injection in Jfinal CMS v4.7.1 and earlier allows
remote attac ...)
- TODO: check
+ NOT-FOR-US: Jfinal CMS
CVE-2020-19150 (Improper Access Control in Jfinal CMS v4.7.1 and earlier
allows remote ...)
- TODO: check
+ NOT-FOR-US: Jfinal CMS
CVE-2020-19149
RESERVED
CVE-2020-19148 (Cross Site Scripting (XSS) in Jfinal CMS v4.7.1 and earlier
allows rem ...)
- TODO: check
+ NOT-FOR-US: Jfinal CMS
CVE-2020-19147 (Improper Access Control in Jfinal CMS v4.7.1 and earlier
allows remote ...)
- TODO: check
+ NOT-FOR-US: Jfinal CMS
CVE-2020-19146 (Improper Access Control in Jfinal CMS v4.7.1 and earlier
allows remote ...)
- TODO: check
+ NOT-FOR-US: Jfinal CMS
CVE-2020-19145
RESERVED
CVE-2020-19144 (Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a
denial ...)
@@ -122388,7 +122388,7 @@ CVE-2020-3962 (VMware ESXi (7.0 before
ESXi_7.0.0-1.20.16321839, 6.7 before ESXi
CVE-2020-3961 (VMware Horizon Client for Windows (prior to 5.4.3) contains a
privileg ...)
NOT-FOR-US: VMware
CVE-2020-3960 (VMware ESXi (6.7 before ESXi670-202006401-SG and 6.5 before
ESXi650-20 ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2020-3959 (VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before
ESXi650-20 ...)
NOT-FOR-US: VMware
CVE-2020-3958 (VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before
ESXi650-20 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dc94b45f80ada7b2dff2441f4549e9e5a8b244bf
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dc94b45f80ada7b2dff2441f4549e9e5a8b244bf
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
