Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5d69d98a by Salvatore Bonaccorso at 2021-10-07T10:25:57+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,7 +11,7 @@ CVE-2021-42056
CVE-2021-42055
RESERVED
CVE-2021-42054 (ACCEL-PPP 1.12.0 has an out-of-bounds read in
triton_context_schedule ...)
- TODO: check
+ NOT-FOR-US: ACCEL-PPP
CVE-2021-42053 (The Unicorn framework through 0.35.3 for Django allows XSS via
compone ...)
TODO: check
CVE-2021-42052
@@ -683,7 +683,7 @@ CVE-2021-41772
CVE-2021-41771
RESERVED
CVE-2021-41770 (Ping Identity PingFederate before 10.3.1 mishandles
pre-parsing valida ...)
- TODO: check
+ NOT-FOR-US: Ping Identity PingFederate
CVE-2021-3838
RESERVED
CVE-2021-41769
@@ -16933,7 +16933,7 @@ CVE-2021-34790
CVE-2021-34789
RESERVED
CVE-2021-34788 (A vulnerability in the shared library loading mechanism of
Cisco AnyCo ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34787
RESERVED
CVE-2021-34786 (Multiple vulnerabilities in Cisco BroadWorks CommPilot
Application Sof ...)
@@ -16945,27 +16945,27 @@ CVE-2021-34784
CVE-2021-34783
RESERVED
CVE-2021-34782 (A vulnerability in the API endpoints for Cisco DNA Center
could allow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34781
RESERVED
CVE-2021-34780 (Multiple vulnerabilities exist in the Link Layer Discovery
Protocol (L ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34779 (Multiple vulnerabilities exist in the Link Layer Discovery
Protocol (L ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34778 (Multiple vulnerabilities exist in the Link Layer Discovery
Protocol (L ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34777 (Multiple vulnerabilities exist in the Link Layer Discovery
Protocol (L ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34776 (Multiple vulnerabilities exist in the Link Layer Discovery
Protocol (L ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34775 (Multiple vulnerabilities exist in the Link Layer Discovery
Protocol (L ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34774
RESERVED
CVE-2021-34773
RESERVED
CVE-2021-34772 (A vulnerability in the web-based management interface of Cisco
Orbital ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34771 (A vulnerability in the Cisco IOS XR Software CLI could allow
an authen ...)
NOT-FOR-US: Cisco
CVE-2021-34770 (A vulnerability in the Control and Provisioning of Wireless
Access Poi ...)
@@ -16977,7 +16977,7 @@ CVE-2021-34768 (Multiple vulnerabilities in the Control
and Provisioning of Wire
CVE-2021-34767 (A vulnerability in IPv6 traffic processing of Cisco IOS XE
Wireless Co ...)
NOT-FOR-US: Cisco
CVE-2021-34766 (A vulnerability in the web UI of Cisco Smart Software Manager
On-Prem ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34765 (A vulnerability in the web UI for Cisco Nexus Insights could
allow an ...)
NOT-FOR-US: Cisco
CVE-2021-34764
@@ -16993,9 +16993,9 @@ CVE-2021-34760
CVE-2021-34759 (A vulnerability in the web-based management interface of Cisco
Identit ...)
NOT-FOR-US: Cisco
CVE-2021-34758 (A vulnerability in the memory management of Cisco TelePresence
Collabo ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34757 (Multiple vulnerabilities in Cisco Business 220 Series Smart
Switches f ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34756
RESERVED
CVE-2021-34755
@@ -17013,7 +17013,7 @@ CVE-2021-34750
CVE-2021-34749 (A vulnerability in Server Name Identification (SNI) request
filtering ...)
NOT-FOR-US: Cisco
CVE-2021-34748 (A vulnerability in the web-based management interface of Cisco
Intersi ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34747
RESERVED
CVE-2021-34746 (A vulnerability in the TACACS+ authentication, authorization
and accou ...)
@@ -17021,11 +17021,11 @@ CVE-2021-34746 (A vulnerability in the TACACS+
authentication, authorization and
CVE-2021-34745 (A vulnerability in the AppDynamics .NET Agent for Windows
could allow ...)
NOT-FOR-US: .NET Agent for Windows
CVE-2021-34744 (Multiple vulnerabilities in Cisco Business 220 Series Smart
Switches f ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34743
RESERVED
CVE-2021-34742 (A vulnerability in the web-based management interface of Cisco
Vision ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34741
RESERVED
CVE-2021-34740 (A vulnerability in the WLAN Control Protocol (WCP)
implementation for ...)
@@ -17039,7 +17039,7 @@ CVE-2021-34737 (A vulnerability in the DHCP version 4
(DHCPv4) server feature of
CVE-2021-34736
RESERVED
CVE-2021-34735 (Multiple vulnerabilities in the Cisco ATA 190 Series Analog
Telephone ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34734 (A vulnerability in the Link Layer Discovery Protocol (LLDP)
implementa ...)
NOT-FOR-US: Cisco
CVE-2021-34733 (A vulnerability in the CLI of Cisco Prime Infrastructure and
Cisco Evo ...)
@@ -17087,9 +17087,9 @@ CVE-2021-34713 (A vulnerability in the Layer 2 punt
code of Cisco IOS XR Softwar
CVE-2021-34712 (A vulnerability in the web-based management interface of Cisco
SD-WAN ...)
NOT-FOR-US: Cisco
CVE-2021-34711 (A vulnerability in the debug shell of Cisco IP Phone software
could al ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34710 (Multiple vulnerabilities in the Cisco ATA 190 Series Analog
Telephone ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34709 (Multiple vulnerabilities in image verification checks of Cisco
Network ...)
NOT-FOR-US: Cisco
CVE-2021-34708 (Multiple vulnerabilities in image verification checks of Cisco
Network ...)
@@ -17097,7 +17097,7 @@ CVE-2021-34708 (Multiple vulnerabilities in image
verification checks of Cisco N
CVE-2021-34707 (A vulnerability in the REST API of Cisco Evolved Programmable
Network ...)
NOT-FOR-US: Cisco
CVE-2021-34706 (A vulnerability in the web-based management interface of Cisco
Identit ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34705 (A vulnerability in the Voice Telephony Service Provider (VTSP)
service ...)
NOT-FOR-US: Cisco
CVE-2021-34704
@@ -17105,7 +17105,7 @@ CVE-2021-34704
CVE-2021-34703 (A vulnerability in the Link Layer Discovery Protocol (LLDP)
message pa ...)
NOT-FOR-US: Cisco
CVE-2021-34702 (A vulnerability in the web-based management interface of Cisco
Identit ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34701
RESERVED
CVE-2021-34700 (A vulnerability in the CLI interface of Cisco SD-WAN vManage
Software ...)
@@ -17113,7 +17113,7 @@ CVE-2021-34700 (A vulnerability in the CLI interface of
Cisco SD-WAN vManage Sof
CVE-2021-34699 (A vulnerability in the TrustSec CLI parser of Cisco IOS and
Cisco IOS ...)
NOT-FOR-US: Cisco
CVE-2021-34698 (A vulnerability in the proxy service of Cisco AsyncOS for
Cisco Web Se ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34697 (A vulnerability in the Protection Against Distributed Denial
of Servic ...)
NOT-FOR-US: Cisco
CVE-2021-34696 (A vulnerability in the access control list (ACL) programming
of Cisco ...)
@@ -40356,21 +40356,21 @@ CVE-2021-25501
CVE-2021-25500
RESERVED
CVE-2021-25499 (Intent redirection vulnerability in
SamsungAccountSDKSigninActivity of ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25498 (A possible buffer overflow vulnerability in maetd_eco_cb_mode
of libSP ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25497 (A possible buffer overflow vulnerability in maetd_cpy_slice of
libSPen ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25496 (A possible buffer overflow vulnerability in maetd_dec_slice of
libSPen ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25495 (A possible heap buffer overflow vulnerability in libSPenBase
library o ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25494 (A possible buffer overflow vulnerability in libSPenBase
library of Sam ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25493 (Lack of boundary checking of a buffer in libSPenBase library
of Samsun ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25492 (Lack of boundary checking of a buffer in libSPenBase library
of Samsun ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2021-25491 (A vulnerability in mfc driver prior to SMR Oct-2021 Release 1
allows m ...)
TODO: check
CVE-2021-25490 (A keyblob downgrade attack in keymaster prior to SMR Oct-2021
Release ...)
@@ -40400,7 +40400,7 @@ CVE-2021-25479 (A possible heap-based buffer overflow
vulnerability in Exynos CP
CVE-2021-25478 (A possible stack-based buffer overflow vulnerability in Exynos
CP Chip ...)
TODO: check
CVE-2021-25477 (An improper error handling in Mediatek RRC Protocol stack
prior to SMR ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2021-25476 (An information disclosure vulnerability in Widevine TA log
prior to SM ...)
TODO: check
CVE-2021-25475 (A possible heap-based buffer overflow vulnerability in DSP
kernel driv ...)
@@ -43578,11 +43578,11 @@ CVE-2021-24023 (An improper input validation in
FortiAI v1.4.0 and earlier may a
CVE-2021-24022 (A buffer overflow vulnerability in FortiAnalyzer CLI 6.4.5 and
below, ...)
NOT-FOR-US: Fortiguard
CVE-2021-24021 (An improper neutralization of input vulnerability [CWE-79] in
FortiAna ...)
- TODO: check
+ NOT-FOR-US: Fortiguard
CVE-2021-24020 (A missing cryptographic step in the implementation of the hash
digest ...)
NOT-FOR-US: Fortiguard
CVE-2021-24019 (An insufficient session expiration vulnerability [CWE- 613] in
FortiCl ...)
- TODO: check
+ NOT-FOR-US: Fortiguard
CVE-2021-24018 (A buffer underwrite vulnerability in the firmware verification
routine ...)
NOT-FOR-US: FortiOS
CVE-2021-24017 (An improper authentication in Fortinet FortiManager version
6.4.3 and ...)
@@ -60482,7 +60482,7 @@ CVE-2021-1536 (A vulnerability in Cisco Webex Meetings
Desktop App for Windows,
CVE-2021-1535 (A vulnerability in the cluster management interface of Cisco
SD-WAN vM ...)
NOT-FOR-US: Cisco
CVE-2021-1534 (A vulnerability in the antispam protection mechanisms of Cisco
AsyncOS ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1533
RESERVED
CVE-2021-1532 (A vulnerability in the video endpoint API (xAPI) of Cisco
TelePresence ...)
@@ -79929,27 +79929,27 @@ CVE-2020-21660
CVE-2020-21659
RESERVED
CVE-2020-21658 (A Cross-Site Request Forgery (CSRF) in WDJA CMS v1.5.2 allows
attacker ...)
- TODO: check
+ NOT-FOR-US: WDJA CMS
CVE-2020-21657
RESERVED
CVE-2020-21656 (XYHCMS v3.6 contains a stored cross-site scripting (XSS)
vulnerability ...)
- TODO: check
+ NOT-FOR-US: XYHCMS
CVE-2020-21655
RESERVED
CVE-2020-21654 (emlog v6.0 contains a vulnerability in the component
admin\template.ph ...)
- TODO: check
+ NOT-FOR-US: emlog
CVE-2020-21653 (Myucms v2.2.1 contains a server-side request forgery (SSRF) in
the com ...)
- TODO: check
+ NOT-FOR-US: Myucms
CVE-2020-21652 (Myucms v2.2.1 contains a remote code execution (RCE)
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Myucms
CVE-2020-21651 (Myucms v2.2.1 contains a remote code execution (RCE)
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Myucms
CVE-2020-21650 (Myucms v2.2.1 contains a remote code execution (RCE)
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Myucms
CVE-2020-21649 (Myucms v2.2.1 contains a server-side request forgery (SSRF) in
the com ...)
- TODO: check
+ NOT-FOR-US: Myucms
CVE-2020-21648 (WDJA CMS v1.5.2 contains an arbitrary file deletion
vulnerability in t ...)
- TODO: check
+ NOT-FOR-US: WDJA CMS
CVE-2020-21647
RESERVED
CVE-2020-21646
@@ -92186,7 +92186,7 @@ CVE-2020-15943 (An issue was discovered in the
Gantt-Chart module before 5.5.4 f
CVE-2020-15942 (An information disclosure vulnerability in Web Vulnerability
Scan prof ...)
NOT-FOR-US: Fortinet
CVE-2020-15941 (A path traversal vulnerability [CWE-22] in FortiClientEMS
versions 6.4 ...)
- TODO: check
+ NOT-FOR-US: Fortiguard
CVE-2020-15940
RESERVED
CVE-2020-15939 (An improper access control vulnerability (CWE-284) in
FortiSandbox ver ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d69d98ae2e289a79dc0fbe926e3dce389c42477
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d69d98ae2e289a79dc0fbe926e3dce389c42477
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
