[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 09 Nov 2021 12:52:57 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
9aa69d63 by Salvatore Bonaccorso at 2021-11-09T21:52:15+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9576,11 +9576,11 @@ CVE-2021-40368
 CVE-2021-40367
        RESERVED
 CVE-2021-40366 (A vulnerability has been identified in Climatix POL909 (AWM 
module) (A ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-40365
        RESERVED
 CVE-2021-40364 (A vulnerability has been identified in SIMATIC PCS 7 V8.2 and 
earlier  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-40363
        RESERVED
 CVE-2021-40362
@@ -9590,9 +9590,9 @@ CVE-2021-40361
 CVE-2021-40360
        RESERVED
 CVE-2021-40359 (A vulnerability has been identified in SIMATIC PCS 7 V8.2 and 
earlier  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-40358 (A vulnerability has been identified in SIMATIC PCS 7 V8.2 and 
earlier  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-40357 (A vulnerability has been identified in Teamcenter Active 
Workspace V4. ...)
        NOT-FOR-US: Siemens
 CVE-2021-40356 (A vulnerability has been identified in Teamcenter V12.4 (All 
versions  ...)
@@ -9859,9 +9859,9 @@ CVE-2021-40263
 CVE-2021-40262
        RESERVED
 CVE-2021-40261 (Multiple Cross Site Scripting (XSS) vulnerabilities exist in 
SourceCod ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2021-40260 (Multiple Cross Site Scripting (XSS) vulnerabilities exist in 
SourceCod ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2021-40259
        RESERVED
 CVE-2021-40258
@@ -17220,7 +17220,7 @@ CVE-2021-37209
 CVE-2021-37208
        RESERVED
 CVE-2021-37207 (A vulnerability has been identified in SENTRON powermanager V3 
(All ve ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-37206 (A vulnerability has been identified in SIPROTEC 5 relays with 
CPU vari ...)
        NOT-FOR-US: Siemens
 CVE-2021-37205
@@ -19065,7 +19065,7 @@ CVE-2021-36411
 CVE-2021-36410
        RESERVED
 CVE-2021-3641 (Improper Link Resolution Before File Access ('Link Following') 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: Bitdefender
 CVE-2021-36409
        RESERVED
 CVE-2021-36408
@@ -30069,25 +30069,25 @@ CVE-2021-31892 (A vulnerability has been identified 
in SINUMERIK Analyse MyCondi
 CVE-2021-31891 (A vulnerability has been identified in Desigo CC (All versions 
with OI ...)
        NOT-FOR-US: Siemens
 CVE-2021-31890 (A vulnerability has been identified in APOGEE MBC (PPC) 
(BACnet) (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-31889 (A vulnerability has been identified in APOGEE MBC (PPC) 
(BACnet) (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-31888 (A vulnerability has been identified in APOGEE MBC (PPC) 
(BACnet) (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-31887 (A vulnerability has been identified in APOGEE MBC (PPC) 
(BACnet) (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-31886 (A vulnerability has been identified in APOGEE MBC (PPC) 
(BACnet) (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-31885 (A vulnerability has been identified in APOGEE MBC (PPC) 
(BACnet) (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-31884 (A vulnerability has been identified in APOGEE MBC (PPC) 
(BACnet) (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-31883 (A vulnerability has been identified in APOGEE MBC (PPC) 
(BACnet) (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-31882 (A vulnerability has been identified in APOGEE MBC (PPC) 
(BACnet) (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-31881 (A vulnerability has been identified in APOGEE MBC (PPC) 
(BACnet) (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-31880
        RESERVED
 CVE-2021-31879 (GNU Wget through 1.21.1 does not omit the Authorization header 
upon a  ...)
@@ -31615,11 +31615,11 @@ CVE-2021-31347 (An issue was discovered in libezxml.a 
in ezXML 0.8.6. The functi
        [buster] - netcdf-parallel <no-dsa> (Minor issue)
        NOTE: https://sourceforge.net/p/ezxml/bugs/27/
 CVE-2021-31346 (A vulnerability has been identified in APOGEE MBC (PPC) 
(BACnet) (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-31345 (A vulnerability has been identified in APOGEE MBC (PPC) 
(BACnet) (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-31344 (A vulnerability has been identified in APOGEE MBC (PPC) 
(BACnet) (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-31343 (The jutil.dll library in all versions of Solid Edge SE2020 
before 2020 ...)
        NOT-FOR-US: Solid Edge
 CVE-2021-31342 (The ugeom2d.dll library in all versions of Solid Edge SE2020 
before 20 ...)
@@ -60772,7 +60772,7 @@ CVE-2021-20121 (The Telus Wi-Fi Hub (PRV65B444A-S-TS) 
with firmware version 3.00
 CVE-2021-20120 (The administration web interface for the Arris Surfboard 
SB8200 lacks  ...)
        NOT-FOR-US: Arris Surfboard SB8200
 CVE-2021-20119 (The password change utility for the Arris SurfBoard SB8200 can 
have sa ...)
-       TODO: check
+       NOT-FOR-US: Arris SurfBoard SB8200
 CVE-2021-20118 (Nessus Agent 8.3.0 and earlier was found to contain a local 
privilege  ...)
        NOT-FOR-US: Nessus Agent
 CVE-2021-20117 (Nessus Agent 8.3.0 and earlier was found to contain a local 
privilege  ...)
@@ -68152,7 +68152,7 @@ CVE-2020-28421 (CA Unified Infrastructure Management 
20.1 and earlier contains a
 CVE-2020-28420
        RESERVED
 CVE-2020-28419 (During installation with certain driver software or 
application packag ...)
-       TODO: check
+       NOT-FOR-US: HP
 CVE-2020-28418
        RESERVED
 CVE-2020-28417
@@ -82024,7 +82024,7 @@ CVE-2020-23574 (When uploading a file in Sysax Multi 
Server 6.90, an authenticat
 CVE-2020-23573
        RESERVED
 CVE-2020-23572 (BEESCMS v4.0 was discovered to contain an arbitrary file 
upload vulner ...)
-       TODO: check
+       NOT-FOR-US: BEESCMS
 CVE-2020-23571
        RESERVED
 CVE-2020-23570
@@ -115790,11 +115790,11 @@ CVE-2020-10056 (A vulnerability has been identified 
in License Management Utilit
 CVE-2020-10055 (A vulnerability has been identified in Desigo CC (V4.x), 
Desigo CC (V3 ...)
        NOT-FOR-US: Desigo
 CVE-2020-10054 (A vulnerability has been identified in SIMATIC RTLS Locating 
Manager ( ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2020-10053 (A vulnerability has been identified in SIMATIC RTLS Locating 
Manager ( ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2020-10052 (A vulnerability has been identified in SIMATIC RTLS Locating 
Manager ( ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2020-10051 (A vulnerability has been identified in SIMATIC RTLS Locating 
Manager ( ...)
        NOT-FOR-US: Siemens
 CVE-2020-10050 (A vulnerability has been identified in SIMATIC RTLS Locating 
Manager ( ...)
@@ -139738,15 +139738,15 @@ CVE-2019-18918
 CVE-2019-18917 (A potential security vulnerability has been identified for 
certain HP  ...)
        NOT-FOR-US: HP
 CVE-2019-18916 (A potential security vulnerability has been identified for HP 
LaserJet ...)
-       TODO: check
+       NOT-FOR-US: HP
 CVE-2019-18915 (A potential security vulnerability has been identified with 
certain ve ...)
        NOT-FOR-US: HP System Event Utility
 CVE-2019-18914 (A potential security vulnerability has been identified for 
certain HP  ...)
-       TODO: check
+       NOT-FOR-US: HP
 CVE-2019-18913 (A potential security vulnerability with pre-boot DMA may allow 
unautho ...)
        NOT-FOR-US: Generic UEFI hardware/software issue
 CVE-2019-18912 (A potential security vulnerability has been identified for 
certain HP  ...)
-       TODO: check
+       NOT-FOR-US: HP
 CVE-2019-18911
        RESERVED
 CVE-2019-18910 (The Citrix Receiver wrapper function does not safely handle 
user suppl ...)
@@ -150342,7 +150342,7 @@ CVE-2019-16242 (On TCL Alcatel Cingular Flip 2 
B9HUAH1 devices, there is an engi
 CVE-2019-16241 (On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, PIN 
authentication can ...)
        NOT-FOR-US: TCL Alcatel Cingular Flip 2 B9HUAH1 devices
 CVE-2019-16240 (A Buffer Overflow and Information Disclosure issue exists in 
HP Office ...)
-       TODO: check
+       NOT-FOR-US: HP
 CVE-2019-16239 (process_http_response in OpenConnect before 8.05 has a Buffer 
Overflow ...)
        {DSA-4607-1 DLA-1945-1}
        - openconnect 8.02-1.1 (bug #940871)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9aa69d635e963a5907b2089bcfa325b9c2c2e8a4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9aa69d635e963a5907b2089bcfa325b9c2c2e8a4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to