Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0ac16195 by Salvatore Bonaccorso at 2021-12-07T21:25:43+01:00
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -406,7 +406,7 @@ CVE-2021-41836
CVE-2021-4050
RESERVED
CVE-2021-4049 (livehelperchat is vulnerable to Cross-Site Request Forgery
(CSRF) ...)
- TODO: check
+ NOT-FOR-US: livehelperchat
CVE-2021-44539
RESERVED
CVE-2021-44538
@@ -432,7 +432,7 @@ CVE-2021-44529
CVE-2021-44528
RESERVED
CVE-2021-44527 (A vulnerability found in UniFi Switch firmware Version 5.43.35
and ear ...)
- TODO: check
+ NOT-FOR-US: UniFi Switch firmware
CVE-2021-44526
RESERVED
CVE-2021-44525
@@ -1365,11 +1365,11 @@ CVE-2021-44189
CVE-2021-44188
RESERVED
CVE-2021-44187 (Adobe Bridge versions 11.1.1 (and earlier) are affected by an
out-of-b ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-44186 (Adobe Bridge versions 11.1.1 (and earlier) are affected by an
out-of-b ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-44185 (Adobe Bridge versions 11.1.1 (and earlier) are affected by an
out-of-b ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-44184
RESERVED
CVE-2021-44183
@@ -2474,7 +2474,7 @@ CVE-2021-43807
CVE-2021-43806
RESERVED
CVE-2021-43805 (Solidus is a free, open-source ecommerce platform built on
Rails. Vers ...)
- TODO: check
+ NOT-FOR-US: Solidus
CVE-2021-43804
RESERVED
CVE-2021-43803
@@ -2506,7 +2506,7 @@ CVE-2021-43791 (Zulip is an open source group chat
application that combines rea
CVE-2021-43790 (Lucet is a native WebAssembly compiler and runtime. There is a
bug in ...)
NOT-FOR-US: Lucet
CVE-2021-43789 (PrestaShop is an Open Source e-commerce web application.
Versions of P ...)
- TODO: check
+ NOT-FOR-US: PrestaShop
CVE-2021-43788 (Nodebb is an open source Node.js based forum software. Prior
to v1.18. ...)
NOT-FOR-US: Nodebb
CVE-2021-43787 (Nodebb is an open source Node.js based forum software. In
affected ver ...)
@@ -9539,25 +9539,25 @@ CVE-2021-3875 (vim is vulnerable to Heap-based Buffer
Overflow ...)
NOTE: Search from cursor position introduced in:
https://github.com/vim/vim/commit/04db26b36000a4677b95403ec94bd11f6cc73975
(v8.2.3110)
NOTE: Fixed by:
https://github.com/vim/vim/commit/35a319b77f897744eec1155b736e9372c9c5575f
(v8.2.3489)
CVE-2021-42133 (An exposed dangerous function vulnerability exists in Ivanti
Avalanche ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2021-42132 (A command Injection vulnerability exists in Ivanti Avalanche
before 6. ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2021-42131 (A SQL Injection vulnerability exists in Ivanti Avalance before
6.3.3 a ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2021-42130 (A deserialization of untrusted data vulnerability exists in
Ivanti Ava ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2021-42129 (A command injection vulnerability exists in Ivanti Avalanche
before 6. ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2021-42128 (An exposed dangerous function vulnerability exists in Ivanti
Avalanche ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2021-42127 (A deserialization of untrusted data vulnerability exists in
Ivanti Ava ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2021-42126 (An improper authorization control vulnerability exists in
Ivanti Avala ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2021-42125 (An unrestricted file upload vulnerability exists in Ivanti
Avalanche b ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2021-42124 (An improper access control vulnerability exists in Ivanti
Avalanche be ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2021-42123 (Unrestricted File Upload in Web Applications operating on
Business-DNA ...)
NOT-FOR-US: Business-DNA Solutions
CVE-2021-42122 (Insufficient Input Validation in Web Applications operating on
Busines ...)
@@ -10619,7 +10619,7 @@ CVE-2021-41718
CVE-2021-41717
RESERVED
CVE-2021-41716 (Maharashtra State Electricity Board Mahavitara Android
Application 8.2 ...)
- TODO: check
+ NOT-FOR-US: Maharashtra State Electricity Board Mahavitara Android
Application
CVE-2021-41715
RESERVED
CVE-2021-41714
@@ -12632,7 +12632,7 @@ CVE-2021-40861
CVE-2021-40860
RESERVED
CVE-2021-40859 (Backdoors were discovered in Auerswald COMpact 5500R 7.8A and
8.0B dev ...)
- TODO: check
+ NOT-FOR-US: Auerswald
CVE-2021-40858
RESERVED
CVE-2021-40857
@@ -14502,15 +14502,15 @@ CVE-2021-40098 (An issue was discovered in Concrete
CMS through 8.5.5. Path Trav
CVE-2021-40097 (An issue was discovered in Concrete CMS through 8.5.5.
Authenticated p ...)
NOT-FOR-US: Concrete CMS
CVE-2021-40096 (A cross-site scripting (XSS) vulnerability in integration
configuratio ...)
- TODO: check
+ NOT-FOR-US: SquaredUp for SCOM
CVE-2021-40095 (An issue was discovered in SquaredUp for SCOM 5.2.1.6654. The
Download ...)
- TODO: check
+ NOT-FOR-US: SquaredUp for SCOM
CVE-2021-40094 (A DOM-based XSS vulnerability affects SquaredUp for SCOM
5.2.1.6654. I ...)
- TODO: check
+ NOT-FOR-US: SquaredUp for SCOM
CVE-2021-40093 (A cross-site scripting (XSS) vulnerability in integration
configuratio ...)
- TODO: check
+ NOT-FOR-US: SquaredUp for SCOM
CVE-2021-40092 (A cross-site scripting (XSS) vulnerability in Image Tile in
SquaredUp ...)
- TODO: check
+ NOT-FOR-US: SquaredUp for SCOM
CVE-2021-40091 (An SSRF issue was discovered in SquaredUp for SCOM 5.2.1.6654.
...)
NOT-FOR-US: SquaredUp for SCOM
CVE-2021-40090
@@ -21818,97 +21818,97 @@ CVE-2021-37102 (There is a command injection
vulnerability in CMA service module
CVE-2021-37101 (There is an improper authorization vulnerability in
AIS-BW50-00 9.0.6. ...)
NOT-FOR-US: Huawei
CVE-2021-37100 (There is a Improper Authentication vulnerability in Huawei
Smartphone. ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37099 (There is a Path Traversal vulnerability in Huawei
Smartphone.Successfu ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37098
RESERVED
CVE-2021-37097
RESERVED
CVE-2021-37096 (There is a Improper Input Validation vulnerability in Huawei
Smartphon ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37095 (There is a Integer Overflow or Wraparound vulnerability in
Huawei Smar ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37094 (There is a Improper Input Validation vulnerability in Huawei
Smartphon ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37093
RESERVED
CVE-2021-37092
RESERVED
CVE-2021-37091 (There is a Permissions,Privileges,and Access Controls
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37090 (There is a Out-of-bounds Read vulnerability in Huawei
Smartphone.Succe ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37089 (There is a Incomplete Cleanup vulnerability in Huawei
Smartphone.Succe ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37088 (There is a Path Traversal vulnerability in Huawei
Smartphone.Successfu ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37087 (There is a Path Traversal vulnerability in Huawei
Smartphone.Successfu ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37086 (There is a Improper Preservation of Permissions vulnerability
in Huawe ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37085 (There is a Encoding timing vulnerability in Huawei
Smartphone.Successf ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37084 (There is a Improper Input Validation vulnerability in Huawei
Smartphon ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37083 (There is a NULL Pointer Dereference vulnerability in Huawei
Smartphone ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37082 (There is a Race Condition vulnerability in Huawei
Smartphone.Successfu ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37081 (There is a Improper Input Validation vulnerability in Huawei
Smartphon ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37080 (There is a Incomplete Cleanup vulnerability in Huawei
Smartphone.Succe ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37079 (There is a Improper Input Validation vulnerability in Huawei
Smartphon ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37078 (There is a Uncaught Exception vulnerability in Huawei
Smartphone.Succe ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37077 (There is a NULL Pointer Dereference vulnerability in Huawei
Smartphone ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37076 (There is a Out-of-bounds Read vulnerability in Huawei
Smartphone.Succe ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37075
RESERVED
CVE-2021-37074
RESERVED
CVE-2021-37073 (There is a Race Condition vulnerability in Huawei
Smartphone.Successfu ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37072 (There is a Incorrect Calculation of Buffer Size vulnerability
in Huawe ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37071 (There is a Business Logic Errors vulnerability in Huawei
Smartphone.Su ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37070 (There is a Out-of-bounds Read vulnerability in Huawei
Smartphone.Succe ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37069
RESERVED
CVE-2021-37068 (There is a Resource Management Errors vulnerability in Huawei
Smartpho ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37067 (There is a Exposure of Sensitive Information to an
Unauthorized Actor ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37066 (There is a Out-of-bounds Read vulnerability in Huawei
Smartphone.Succe ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37065 (There is a Integer Overflow or Wraparound vulnerability in
Huawei Smar ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37064 (There is a Improper Limitation of a Pathname to a Restricted
Directory ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37063 (There is a Cryptographic Issues vulnerability in Huawei
Smartphone.Suc ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37062 (There is a Improper Validation of Array Index vulnerability in
Huawei ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37061 (There is a Uncontrolled Resource Consumption vulnerability in
Huawei S ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37060 (There is a Improper Input Validation vulnerability in Huawei
Smartphon ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37059 (There is a Weaknesses Introduced During Design ...)
TODO: check
CVE-2021-37058 (There is a Permissions,Privileges,and Access Controls
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37057 (There is a Improper Validation of Array Index vulnerability in
Huawei ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37056 (There is an Improper permission control vulnerability in
Huawei Smartp ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37055 (There is a Logic bypass vulnerability in Huawei
Smartphone.Successful ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37054
RESERVED
CVE-2021-37053
@@ -21922,27 +21922,27 @@ CVE-2021-37050
CVE-2021-37049
RESERVED
CVE-2021-37048 (There is a Improper Input Validation vulnerability in Huawei
Smartphon ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37047 (There is an Input verification vulnerability in Huawei
Smartphone.Succ ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37046 (There is a Memory leak vulnerability with the codec detection
module i ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37045
RESERVED
CVE-2021-37044
RESERVED
CVE-2021-37043 (There is a Stack-based Buffer Overflow vulnerability in Huawei
Smartph ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37042 (There is an Improper verification vulnerability in Huawei
Smartphone.S ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37041 (There is an Improper verification vulnerability in Huawei
Smartphone.S ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37040
RESERVED
CVE-2021-37039
RESERVED
CVE-2021-37038 (There is an Improper access control vulnerability in Huawei
Smartphone ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37037
RESERVED
CVE-2021-37036 (There is an information leakage vulnerability in FusionCompute
6.5.1, ...)
@@ -21976,9 +21976,9 @@ CVE-2021-37023 (There is a Improper Access Control
vulnerability in Huawei Smart
CVE-2021-37022 (There is a Heap-based Buffer Overflow vulnerability in Huawei
Smartpho ...)
NOT-FOR-US: Huawei
CVE-2021-37021 (There is a Stack-based Buffer Overflow vulnerability in Huawei
Smartph ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37020 (There is a Stack-based Buffer Overflow vulnerability in Huawei
Smartph ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37019 (There is a Improper Input Validation vulnerability in Huawei
Smartphon ...)
NOT-FOR-US: Huawei
CVE-2021-37018 (There is a Data Processing Errors vulnerability in Huawei
Smartphone.S ...)
@@ -21990,13 +21990,13 @@ CVE-2021-37016 (There is a Out-of-bounds Read
vulnerability in Huawei Smartphone
CVE-2021-37015 (There is a Out-of-bounds Read vulnerability in Huawei
Smartphone.Succe ...)
NOT-FOR-US: Huawei
CVE-2021-37014 (There is a Stack-based Buffer Overflow vulnerability in Huawei
Smartph ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37013 (There is a Improper Input Validation vulnerability in Huawei
Smartphon ...)
NOT-FOR-US: Huawei
CVE-2021-37012 (There is a Data Processing Errors vulnerability in Huawei
Smartphone.S ...)
NOT-FOR-US: Huawei
CVE-2021-37011 (There is a Stack-based Buffer Overflow vulnerability in Huawei
Smartph ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-37010 (There is a Exposure of Sensitive Information to an
Unauthorized Actor ...)
NOT-FOR-US: Huawei
CVE-2021-37009 (There is a Configuration vulnerability in Huawei
Smartphone.Successful ...)
@@ -41743,11 +41743,11 @@ CVE-2021-29118
CVE-2021-29117
RESERVED
CVE-2021-29116 (A stored Cross Site Scripting (XSS) vulnerability in Esri
ArcGIS Serve ...)
- TODO: check
+ NOT-FOR-US: Esri ArcGIS Server
CVE-2021-29115 (An information disclosure vulnerability in the ArcGIS Service
Director ...)
- TODO: check
+ NOT-FOR-US: Esri ArcGIS
CVE-2021-29114 (A SQL injection vulnerability in feature services provided by
Esri Arc ...)
- TODO: check
+ NOT-FOR-US: Esri ArcGIS
CVE-2021-29113 (A remote file inclusion vulnerability in the ArcGIS Server
help docume ...)
TODO: check
CVE-2021-29112
@@ -56522,9 +56522,9 @@ CVE-2021-22958 (A Server-Side Request Forgery
vulnerability was found in concret
CVE-2021-22957 (A Cross-Origin Resource Sharing (CORS) vulnerability found in
UniFi Pr ...)
NOT-FOR-US: UniFi Protect
CVE-2021-22956 (An uncontrolled resource consumption vulnerability exists in
Citrix AD ...)
- TODO: check
+ NOT-FOR-US: Citrix
CVE-2021-22955 (A unauthenticated denial of service vulnerability exists in
Citrix ADC ...)
- TODO: check
+ NOT-FOR-US: Citrix
CVE-2021-22954
RESERVED
CVE-2021-22953 (A CSRF in Concrete CMS version 8.5.5 and below allows an
attacker to c ...)
@@ -77471,7 +77471,7 @@ CVE-2020-27415
CVE-2020-27414 (Mahavitaran android application 7.50 and prior transmit
sensitive info ...)
NOT-FOR-US: Mahavitaran android application
CVE-2020-27413 (An issue was discovered in Mahavitaran android application
7.50 and be ...)
- TODO: check
+ NOT-FOR-US: Mahavitaran android application
CVE-2020-27412
RESERVED
CVE-2020-27411
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ac16195e687fc4bcde1eb87b51e1f987839d358
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ac16195e687fc4bcde1eb87b51e1f987839d358
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
