[Git][security-tracker-team/security-tracker][master] Process more NFUs

Salvatore Bonaccorso (@carnil) Wed, 20 Oct 2021 13:45:00 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f3885bb9 by Salvatore Bonaccorso at 2021-10-20T22:44:18+02:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -42053,15 +42053,15 @@ CVE-2021-25974
 CVE-2021-25973
        RESERVED
 CVE-2021-25972 (In Camaleon CMS, versions 2.1.2.0 to 2.6.0, are vulnerable to 
Server-S ...)
-       TODO: check
+       NOT-FOR-US: Camaleon CMS
 CVE-2021-25971 (In Camaleon CMS, versions 2.0.1 to 2.6.0 are vulnerable to an 
Uncaught ...)
-       TODO: check
+       NOT-FOR-US: Camaleon CMS
 CVE-2021-25970 (Camaleon CMS 0.1.7 to 2.6.0 doesn&#8217;t terminate the active 
session ...)
-       TODO: check
+       NOT-FOR-US: Camaleon CMS
 CVE-2021-25969 (In &#8220;Camaleon CMS&#8221; application, versions 0.0.1 to 
2.6.0 are ...)
-       TODO: check
+       NOT-FOR-US: Camaleon CMS
 CVE-2021-25968 (In &#8220;OpenCMS&#8221;, versions 10.5.0 to 11.0.2 are 
affected by a  ...)
-       TODO: check
+       NOT-FOR-US: OpenCMS
 CVE-2021-25967
        RESERVED
 CVE-2021-25966 (In &#8220;Orchard core CMS&#8221; application, versions 
1.0.0-beta1-33 ...)
@@ -52057,19 +52057,19 @@ CVE-2021-21751
 CVE-2021-21750
        RESERVED
 CVE-2021-21749 (ZTE MF971R product has two stack-based buffer overflow 
vulnerabilities ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2021-21748 (ZTE MF971R product has two stack-based buffer overflow 
vulnerabilities ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2021-21747 (ZTE MF971R product has reflective XSS vulnerability. An 
attacker could ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2021-21746 (ZTE MF971R product has reflective XSS vulnerability. An 
attacker could ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2021-21745 (ZTE MF971R product has a Referer authentication bypass 
vulnerability.  ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2021-21744 (ZTE MF971R product has a configuration file control 
vulnerability. An  ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2021-21743 (ZTE MF971R product has a CRLF injection vulnerability. An 
attacker cou ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2021-21742 (There is an information leak vulnerability in the message 
service app  ...)
        NOT-FOR-US: ZTE
 CVE-2021-21741 (A conference management system of ZTE is impacted by a command 
executi ...)
@@ -59070,29 +59070,29 @@ CVE-2020-29668 (Sympa before 6.2.59b.2 allows remote 
attackers to obtain full SO
        NOTE: https://github.com/sympa-community/sympa/issues/1041
        NOTE: https://github.com/sympa-community/sympa/pull/1044
 CVE-2021-2485 (Vulnerability in the Oracle Trade Management product of Oracle 
E-Busin ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2021-2484 (Vulnerability in the Oracle Operations Intelligence product of 
Oracle  ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2021-2483 (Vulnerability in the Oracle Content Manager product of Oracle 
E-Busine ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2021-2482 (Vulnerability in the Oracle Payables product of Oracle 
E-Business Suit ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2021-2481 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
        - mysql-8.0 <unfixed>
 CVE-2021-2480 (Vulnerability in the Oracle HTTP Server product of Oracle 
Fusion Middl ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2021-2479 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
        - mysql-8.0 <unfixed>
 CVE-2021-2478 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
        - mysql-8.0 <unfixed>
 CVE-2021-2477 (Vulnerability in the Oracle Applications Framework product of 
Oracle E ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2021-2476 (Vulnerability in the Oracle Transportation Management product 
of Oracl ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2021-2475 (Vulnerability in the Oracle VM VirtualBox product of Oracle 
Virtualiza ...)
        - virtualbox 6.1.28-dfsg-1
 CVE-2021-2474 (Vulnerability in the Oracle Web Analytics product of Oracle 
E-Business ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2021-2473
        RESERVED
 CVE-2021-2472
@@ -59118,7 +59118,7 @@ CVE-2021-2463 (Vulnerability in the Oracle Commerce 
Platform product of Oracle C
 CVE-2021-2462 (Vulnerability in the Oracle Commerce Service Center product of 
Oracle  ...)
        NOT-FOR-US: Oracle
 CVE-2021-2461 (Vulnerability in the Oracle Communications Interactive Session 
Recorde ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2021-2460 (Vulnerability in the Oracle Application Express Data Reporter 
componen ...)
        NOT-FOR-US: Oracle
 CVE-2021-2459
@@ -59209,11 +59209,11 @@ CVE-2021-2418 (Vulnerability in the MySQL Server 
product of Oracle MySQL (compon
 CVE-2021-2417 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
        - mysql-8.0 <unfixed>
 CVE-2021-2416 (Vulnerability in the Oracle Communications Session Border 
Controller p ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2021-2415 (Vulnerability in the Oracle Time and Labor product of Oracle 
E-Busines ...)
        NOT-FOR-US: Oracle
 CVE-2021-2414 (Vulnerability in the Oracle Communications Session Border 
Controller p ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2021-2413
        RESERVED
 CVE-2021-2412 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
@@ -59399,7 +59399,7 @@ CVE-2021-2334 (Vulnerability in the Oracle Database - 
Enterprise Edition Data Re
 CVE-2021-2333 (Vulnerability in the Oracle XML DB component of Oracle Database 
Server ...)
        NOT-FOR-US: Oracle
 CVE-2021-2332 (Vulnerability in the Oracle LogMiner component of Oracle 
Database Serv ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2021-2331
        RESERVED
 CVE-2021-2330 (Vulnerability in the Core RDBMS component of Oracle Database 
Server. T ...)
@@ -59824,7 +59824,7 @@ CVE-2021-2139
 CVE-2021-2138 (Vulnerability in the Oracle Cloud Infrastructure Data Science 
Notebook ...)
        NOT-FOR-US: Oracle
 CVE-2021-2137 (Vulnerability in the Enterprise Manager Base Platform product 
of Oracl ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2021-2136 (Vulnerability in the Oracle WebLogic Server product of Oracle 
Fusion M ...)
        NOT-FOR-US: Oracle
 CVE-2021-2135 (Vulnerability in the Oracle WebLogic Server product of Oracle 
Fusion M ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3885bb9aa3d54a37df335dacb9374d3b2e970e2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3885bb9aa3d54a37df335dacb9374d3b2e970e2
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process more NFUs

Reply via email to