Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4b4d70b9 by Salvatore Bonaccorso at 2021-10-12T22:19:40+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4390,17 +4390,17 @@ CVE-2021-40502
CVE-2021-40501
RESERVED
CVE-2021-40500 (SAP BusinessObjects Business Intelligence Platform (Crystal
Reports) - ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-40499 (Client-side printing services SAP Cloud Print Manager and
SAPSprint fo ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-40498 (A vulnerability has been identified in SAP SuccessFactors
Mobile Appli ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-40497 (SAP BusinessObjects Analysis (edition for OLAP) - versions
420, 430, a ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-40496 (SAP Internet Communication framework (ICM) - versions 700,
701, 702, 7 ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-40495 (There are multiple Denial-of Service vulnerabilities in SAP
NetWeaver ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-40494 (A Hardcoded JWT Secret Key in metadata.py in AdaptiveScale
LXDUI throu ...)
NOT-FOR-US: AdaptiveScale LXDUI
CVE-2021-40493
@@ -8125,7 +8125,7 @@ CVE-2021-38917
CVE-2021-38916
RESERVED
CVE-2021-38915 (IBM Data Risk Manager 2.0.6 stores user credentials in plain
clear tex ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-38914
RESERVED
CVE-2021-38913
@@ -8231,7 +8231,7 @@ CVE-2021-38864 (IBM Security Verify Bridge 1.0.5.0 could
allow a user to obtain
CVE-2021-38863 (IBM Security Verify Bridge 1.0.5.0 stores user credentials in
plain cl ...)
NOT-FOR-US: IBM
CVE-2021-38862 (IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected
cryptogra ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-38861
RESERVED
CVE-2021-38860
@@ -9875,17 +9875,17 @@ CVE-2021-38185 (GNU cpio through 2.13 allows attackers
to execute arbitrary code
CVE-2021-38184
RESERVED
CVE-2021-38183 (SAP NetWeaver - versions 700, 701, 702, 730, does not
sufficiently enc ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-38182
RESERVED
CVE-2021-38181 (SAP NetWeaver AS ABAP and ABAP Platform - versions 700, 701,
702, 730, ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-38180 (SAP Business One - version 10.0, allows an attacker to inject
formulas ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-38179 (Debug function of Admin UI of SAP Business One Integration is
enabled ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-38178 (The software logistics system of SAP NetWeaver AS ABAP and
ABAP Platfo ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-38177 (SAP CommonCryptoLib version 8.5.38 or lower is vulnerable to
null poin ...)
NOT-FOR-US: SAP
CVE-2021-38176 (Due to improper input sanitization, an authenticated user with
certain ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b4d70b9e46c6ac440099b223df47c0eaf8b2189
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b4d70b9e46c6ac440099b223df47c0eaf8b2189
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
