[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Salvatore Bonaccorso (@carnil) Fri, 01 Oct 2021 13:35:44 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
49fc4d91 by Salvatore Bonaccorso at 2021-10-01T22:35:04+02:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2020,13 +2020,13 @@ CVE-2021-40930
 CVE-2021-40929
        RESERVED
 CVE-2021-40928 (Cross-site scripting (XSS) vulnerability in index.php in 
FlexTV beta d ...)
-       TODO: check
+       NOT-FOR-US: FlexTV
 CVE-2021-40927 (Cross-site scripting (XSS) vulnerability in callback.php in 
Spotify-fo ...)
-       TODO: check
+       NOT-FOR-US: Spotify-for-Alfred
 CVE-2021-40926 (Cross-site scripting (XSS) vulnerability in 
demos/demo.mysqli.php in g ...)
        TODO: check
 CVE-2021-40925 (Cross-site scripting (XSS) vulnerability in 
dompdf/dompdf/www/demo.php ...)
-       TODO: check
+       NOT-FOR-US: infaveo-helpdesk
 CVE-2021-40924 (Cross-site scripting (XSS) vulnerability in install/index.php 
in bugs  ...)
        TODO: check
 CVE-2021-40923 (Cross-site scripting (XSS) vulnerability in install/index.php 
in bugs  ...)
@@ -2034,7 +2034,7 @@ CVE-2021-40923 (Cross-site scripting (XSS) vulnerability 
in install/index.php in
 CVE-2021-40922 (Cross-site scripting (XSS) vulnerability in install/index.php 
in bugs  ...)
        TODO: check
 CVE-2021-40921 (Cross-site scripting (XSS) vulnerability in 
_contactform.inc.php in De ...)
-       TODO: check
+       NOT-FOR-US: Detector
 CVE-2021-40920
        RESERVED
 CVE-2021-40919
@@ -8734,9 +8734,9 @@ CVE-2021-38106
 CVE-2021-38105
        RESERVED
 CVE-2021-38104 (IPPP72.FLT in Corel Presentations 2020 20.0.0.200 is affected 
by an Ou ...)
-       TODO: check
+       NOT-FOR-US: Corel Presentations
 CVE-2021-38103 (IBJPG2.FLT in Corel Presentations 2020 20.0.0.200 is affected 
by an Ou ...)
-       TODO: check
+       NOT-FOR-US: Corel Presentations
 CVE-2021-38102
        RESERVED
 CVE-2021-38101
@@ -8744,13 +8744,13 @@ CVE-2021-38101
 CVE-2021-38100
        RESERVED
 CVE-2021-38099 (CDRRip.dll in Corel PhotoPaint Standard 2020 22.0.0.474 is 
affected by ...)
-       TODO: check
+       NOT-FOR-US: Corel PhotoPaint Standard
 CVE-2021-38098
        RESERVED
 CVE-2021-38097 (Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: Corel PDF Fusion
 CVE-2021-38096 (Coreip.dll in Corel PDF Fusion 2.6.2.0 is affected by an 
Out-of-bounds ...)
-       TODO: check
+       NOT-FOR-US: Corel PDF Fusion
 CVE-2021-38095 (The REST API in Planview Spigit 4.5.3 allows remote 
unauthenticated at ...)
        NOT-FOR-US: Planview Spigit
 CVE-2021-38094 (Integer Overflow vulnerability in function filter_sobel in 
libavfilter ...)
@@ -15224,7 +15224,7 @@ CVE-2021-35299 (Incorrect Access Control in Zammad 
1.0.x up to 4.0.0 allows atta
 CVE-2021-35298 (Cross Site Scripting (XSS) in Zammad 1.0.x up to 4.0.0 allows 
remote a ...)
        - zammad <itp> (bug #841355)
 CVE-2021-35297 (Scalabium dBase Viewer version 2.6 (Build 5.751) is vulnerable 
to remo ...)
-       TODO: check
+       NOT-FOR-US: Scalabium dBase Viewer
 CVE-2021-35296
        RESERVED
 CVE-2021-35295
@@ -30784,11 +30784,11 @@ CVE-2021-29112
 CVE-2021-29111
        RESERVED
 CVE-2021-29110 (Stored cross-site scripting (XSS) issue in Esri Portal for 
ArcGIS may  ...)
-       TODO: check
+       NOT-FOR-US: Esri
 CVE-2021-29109 (A reflected XSS vulnerability in Esri Portal for ArcGIS 
version 10.9 a ...)
-       TODO: check
+       NOT-FOR-US: Esri
 CVE-2021-29108 (There is an privilege escalation vulnerability in 
organization-specifi ...)
-       TODO: check
+       NOT-FOR-US: Esri
 CVE-2021-29107 (A stored Cross Site Scripting (XXS) vulnerability in ArcGIS 
Server Man ...)
        NOT-FOR-US: ArcGIS Server Manager
 CVE-2021-29106 (A reflected Cross Site Scripting (XSS) vulnerability in Esri 
ArcGIS Se ...)
@@ -43424,7 +43424,7 @@ CVE-2021-23895 (Deserialization of untrusted data 
vulnerability in McAfee Databa
 CVE-2021-23894 (Deserialization of untrusted data vulnerability in McAfee 
Database Sec ...)
        NOT-FOR-US: McAfee
 CVE-2021-23893 (Privilege Escalation vulnerability in a Windows system driver 
of McAfe ...)
-       TODO: check
+       NOT-FOR-US: McAfee
 CVE-2021-23892 (By exploiting a time of check to time of use (TOCTOU) race 
condition d ...)
        NOT-FOR-US: McAfee
 CVE-2021-23891 (Privilege Escalation vulnerability in McAfee Total Protection 
(MTP) pr ...)
@@ -80717,11 +80717,11 @@ CVE-2020-21016
 CVE-2020-21015
        RESERVED
 CVE-2020-21014 (emlog v6.0.0 contains an arbitrary file deletion vulnerability 
in admi ...)
-       TODO: check
+       NOT-FOR-US: emlog
 CVE-2020-21013 (emlog v6.0.0 contains a SQL injection via /admin/comment.php. 
...)
-       TODO: check
+       NOT-FOR-US: emlog
 CVE-2020-21012 (Sourcecodester Hotel and Lodge Management System 2.0 is 
vulnerable to  ...)
-       TODO: check
+       NOT-FOR-US: Sourcecodester Hotel and Lodge Management System
 CVE-2020-21011
        RESERVED
 CVE-2020-21010



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49fc4d91f15a717471cf9725fd246bc1ddf9010a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49fc4d91f15a717471cf9725fd246bc1ddf9010a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Reply via email to