[Git][security-tracker-team/security-tracker][master] Process some NFUs

Sat, 13 Nov 2021 00:29:07 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2761e697 by Salvatore Bonaccorso at 2021-11-13T09:28:18+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,9 +7,9 @@ CVE-2021-43613
 CVE-2021-43612
        RESERVED
 CVE-2021-43611 (Belledonne Belle-sip before 5.0.20 can crash applications such 
as Linp ...)
-       TODO: check
+       NOT-FOR-US: Belledonne Belle-sip
 CVE-2021-43610 (Belledonne Belle-sip before 5.0.20 can crash applications such 
as Linp ...)
-       TODO: check
+       NOT-FOR-US: Belledonne Belle-sip
 CVE-2021-43609
        RESERVED
 CVE-2021-43608
@@ -3451,7 +3451,7 @@ CVE-2021-42565 (myfactory.FMS before 7.1-912 allows XSS 
via the UID parameter. .
 CVE-2021-42564
        RESERVED
 CVE-2021-42563 (There is an Unquoted Service Path in NI Service Locator 
(nisvcloc.exe) ...)
-       TODO: check
+       NOT-FOR-US: NI Service Locator
 CVE-2021-3893
        RESERVED
 CVE-2021-42562
@@ -6433,7 +6433,7 @@ CVE-2021-41830 (It is possible for an attacker to 
manipulate signed documents an
 CVE-2021-3844
        RESERVED
 CVE-2021-3843 (A potential vulnerability in the SMI function to access EEPROM 
in some ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2021-3842
        RESERVED
 CVE-2021-3841
@@ -6538,7 +6538,7 @@ CVE-2021-41789
 CVE-2021-41788
        RESERVED
 CVE-2021-3840 (A dependency confusion vulnerability was reported in the 
Antilles open ...)
-       TODO: check
+       NOT-FOR-US: Antilles
 CVE-2021-41787
        RESERVED
 CVE-2021-41786
@@ -8792,21 +8792,21 @@ CVE-2021-40820
 CVE-2021-40819
        RESERVED
 CVE-2021-3793 (An improper access control vulnerability was reported in some 
Motorola ...)
-       TODO: check
+       NOT-FOR-US: Binatone
 CVE-2021-3792 (Some device communications in some Motorola-branded Binatone 
Hubble Ca ...)
-       TODO: check
+       NOT-FOR-US: Binatone
 CVE-2021-3791 (An information disclosure vulnerability was reported in some 
Motorola- ...)
-       TODO: check
+       NOT-FOR-US: Binatone
 CVE-2021-3790 (A buffer overflow was reported in the local web server of some 
Motorol ...)
-       TODO: check
+       NOT-FOR-US: Binatone
 CVE-2021-3789 (An information disclosure vulnerability was reported in some 
Motorola- ...)
-       TODO: check
+       NOT-FOR-US: Binatone
 CVE-2021-3788 (An exposed debug interface was reported in some 
Motorola-branded Binat ...)
-       TODO: check
+       NOT-FOR-US: Binatone
 CVE-2021-3787 (A vulnerability was reported in some Motorola-branded Binatone 
Hubble  ...)
-       TODO: check
+       NOT-FOR-US: Binatone
 CVE-2021-3786 (A potential vulnerability in the SMI callback function used in 
CSME co ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2021-3785 (yourls is vulnerable to Improper Neutralization of Input During 
Web Pa ...)
        NOT-FOR-US: yourls
 CVE-2021-3784
@@ -12384,11 +12384,11 @@ CVE-2021-3722
 CVE-2021-3721
        RESERVED
 CVE-2021-3720 (An information disclosure vulnerability was reported in the 
Time Weath ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2021-3719 (A potential vulnerability in the SMI callback function that 
saves and  ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2021-3718 (A denial of service vulnerability was reported in some ThinkPad 
models ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2021-39291 (Certain NetModule devices allow credentials via GET parameters 
to CLI- ...)
        NOT-FOR-US: NetModule devices
 CVE-2021-39290 (Certain NetModule devices allow Limited Session Fixation via 
PHPSESSID ...)
@@ -13849,7 +13849,7 @@ CVE-2021-38686
 CVE-2021-38685
        RESERVED
 CVE-2021-38684 (A stack buffer overflow vulnerability has been reported to 
affect QNAP ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2021-38683
        RESERVED
 CVE-2021-38682
@@ -19575,11 +19575,11 @@ CVE-2021-36327
 CVE-2021-36326
        RESERVED
 CVE-2021-36325 (Dell BIOS contains an improper input validation vulnerability. 
A local ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2021-36324 (Dell BIOS contains an improper input validation vulnerability. 
A local ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2021-36323 (Dell BIOS contains an improper input validation vulnerability. 
A local ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2021-36322
        RESERVED
 CVE-2021-36321
@@ -19615,7 +19615,7 @@ CVE-2021-36307
 CVE-2021-36306
        RESERVED
 CVE-2021-36305 (Dell PowerScale OneFS contains an Unsynchronized Access to 
Shared Data ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2021-36304
        RESERVED
 CVE-2021-36303
@@ -23470,7 +23470,7 @@ CVE-2021-3600
        NOTE: 
https://git.kernel.org/linus/e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90
        NOTE: https://www.openwall.com/lists/oss-security/2021/06/23/1
 CVE-2021-3599 (A potential vulnerability in the SMI callback function used to 
access  ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2021-34681
        RESERVED
 CVE-2021-34680
@@ -24240,7 +24240,7 @@ CVE-2021-34359
 CVE-2021-34358
        RESERVED
 CVE-2021-34357 (A cross-site scripting (XSS) vulnerability has been reported 
to affect ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2021-34356 (A cross-site scripting (XSS) vulnerability has been reported 
to affect ...)
        NOT-FOR-US: QNAP
 CVE-2021-34355 (A cross-site scripting (XSS) vulnerability has been reported 
to affect ...)
@@ -25494,7 +25494,7 @@ CVE-2021-33806 (The BDew BdLib library before 1.16.1.7 
for Minecraft allows remo
 CVE-2021-33805
        REJECTED
 CVE-2021-3577 (An unauthenticated remote code execution vulnerability was 
reported in ...)
-       TODO: check
+       NOT-FOR-US: Binatone
 CVE-2021-3576 (Execution with Unnecessary Privileges vulnerability in 
Bitdefender End ...)
        NOT-FOR-US: Bitdefender
 CVE-2021-3575 [heap-buffer-overflow in color.c may lead to DoS]
@@ -30519,7 +30519,7 @@ CVE-2021-31868 (Rapid7 Nexpose version 6.6.95 and 
earlier allows authenticated u
 CVE-2021-31867 (Pimcore Customer Data Framework version 3.0.0 and earlier 
suffers from ...)
        NOT-FOR-US: Pimcore
 CVE-2021-3519 (A vulnerability was reported in some Lenovo Desktop models that 
could  ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2021-31866 (Redmine before 4.0.9 and 4.1.x before 4.1.3 allows an attacker 
to lear ...)
        {DLA-2658-1}
        - redmine <unfixed> (bug #990792)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2761e697dd6ddc2f296e49eaf0e92722ae5c29db

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2761e697dd6ddc2f296e49eaf0e92722ae5c29db
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to